Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
{89eeeac4-e4d3-40a8-9048-e7cecfc98851}.xml

Overview

General Information

Sample name:{89eeeac4-e4d3-40a8-9048-e7cecfc98851}.xml
Analysis ID:1541101
MD5:2d3c508321b32b43ee4192d54bc0ed15
SHA1:e60a6dc0e6374c5adffce59e1b34635769e39767
SHA256:96003b2bc14e105d7649310c9f5f0cb1b71c809a17b07a6456be4e4841cba187
Infos:

Detection

Score:2
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Creates a process in suspended mode (likely to inject code)
IP address seen in connection with other malware
Potential browser exploit detected (process start blacklist hit)
Sigma detected: Use Short Name Path in Command Line

Classification

Process Tree

  • System is w10x64
  • MSOXMLED.EXE (PID: 7268 cmdline: "C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\user\Desktop\{89eeeac4-e4d3-40a8-9048-e7cecfc98851}.xml" MD5: A2E6E2A1C125973A4967540FD08C9AF0)
    • iexplore.exe (PID: 7348 cmdline: "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\user\Desktop\{89eeeac4-e4d3-40a8-9048-e7cecfc98851}.xml MD5: CFE2E6942AC1B72981B3105E22D3224E)
      • iexplore.exe (PID: 7408 cmdline: "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7348 CREDAT:17410 /prefetch:2 MD5: 6F0F06D6AB125A99E43335427066A4A1)
        • ie_to_edge_stub.exe (PID: 7468 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10492 MD5: 89CF8972D683795DAB6901BC9456675D)
          • msedge.exe (PID: 7560 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10492 MD5: 69222B8101B0601CC6663F8381E7E00F)
            • msedge.exe (PID: 7792 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=2044,i,16802615332830959518,16888877389882489269,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
        • ssvagent.exe (PID: 7544 cmdline: "C:\PROGRA~2\Java\jre-1.8\bin\ssvagent.exe" -new MD5: F9A898A606E7F5A1CD7CFFA8079253A0)
  • msedge.exe (PID: 7828 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10492 --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8160 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2228 --field-trial-handle=1996,i,865180387715092134,7946586055113773520,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8612 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6000 --field-trial-handle=1996,i,865180387715092134,7946586055113773520,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

Sigma detected: Use Short Name Path in Command Line
Source: Process startedAuthor: frack113, Nasreddine Bencherchali: Data: Command: "C:\PROGRA~2\Java\jre-1.8\bin\ssvagent.exe" -new, CommandLine: "C:\PROGRA~2\Java\jre-1.8\bin\ssvagent.exe" -new, CommandLine|base64offset|contains: w, Image: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exe, NewProcessName: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exe, OriginalFileName: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exe, ParentCommandLine: "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7348 CREDAT:17410 /prefetch:2, ParentImage: C:\Program Files (x86)\Internet Explorer\iexplore.exe, ParentProcessId: 7408, ParentProcessName: iexplore.exe, ProcessCommandLine: "C:\PROGRA~2\Java\jre-1.8\bin\ssvagent.exe" -new, ProcessId: 7544, ProcessName: ssvagent.exe
Sigma detected: Modification of IE Registry Settings
Source: Registry Key setAuthor: frack113: Data: Details: 1, EventID: 13, EventType: SetValue, Image: C:\Program Files\Internet Explorer\iexplore.exe, ProcessId: 7348, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\SecuritySafe

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exe
Source: Joe Sandbox ViewIP Address: 162.159.61.3 162.159.61.3
Source: Joe Sandbox ViewIP Address: 239.255.255.250 239.255.255.250
Source: Joe Sandbox ViewIP Address: 172.64.41.3 172.64.41.3
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.232.185
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.232.185
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.232.185
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.232.185
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.232.185
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.232.185
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.232.185
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.232.185
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.232.185
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.232.185
Source: unknownTCP traffic detected without corresponding DNS query: 23.218.232.185
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /crx/blobs/AYA8VyyVmiyWvldTRU0qGaR4RUSL6-YrG6uKRsMPsRWu4uzTWsENQ0Oe4TwjJlNxU5Vx3wW0XCsKQHAJ2XkWCO0eQ7UF3N9B6xg6w6N4ZQ_ezL5_s1EfR63s25vMOuhpdI4AxlKa5cntVqVuAOGwNK_pRVduNn5fPIzZ/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_83_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1730370312&P2=404&P3=2&P4=CRZF1LDXsqws7CBJZ6V7OUHNF7jy64ulhnPdvEkt51hRSvw%2baaHOaMlD29YRKeFdxjMIDLnGJlk%2bfIyzZUl6yw%3d%3d HTTP/1.1Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.comConnection: keep-aliveMS-CV: fYgkVLIQWmc10c8o/2zhxNSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: 000003.log.9.drString found in binary or memory: "www.facebook.com": "{\"Tier1\": [1103, 6061], \"Tier2\": [5445, 1780, 8220]}", equals www.facebook.com (Facebook)
Source: 000003.log.9.drString found in binary or memory: "www.linkedin.com": "{\"Tier1\": [1103, 214, 6061], \"Tier2\": [2771, 9515, 1780, 1303, 1099, 6081, 5581, 9396]}", equals www.linkedin.com (Linkedin)
Source: 000003.log.9.drString found in binary or memory: "www.youtube.com": "{\"Tier1\": [983, 6061, 1103], \"Tier2\": [2413, 8118, 1720, 5007]}", equals www.youtube.com (Youtube)
Source: msapplication.xml1.2.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0x144b3694,0x01db25ff</date><accdate>0x144d98c1,0x01db25ff</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Facebook.url"/></tile></msapplication></browserconfig> equals www.facebook.com (Facebook)
Source: msapplication.xml6.2.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0x14525df8,0x01db25ff</date><accdate>0x14525df8,0x01db25ff</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Twitter.url"/></tile></msapplication></browserconfig> equals www.twitter.com (Twitter)
Source: msapplication.xml8.2.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0x14525df8,0x01db25ff</date><accdate>0x14525df8,0x01db25ff</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Youtube.url"/></tile></msapplication></browserconfig> equals www.youtube.com (Youtube)
Source: global trafficDNS traffic detected: DNS query: clients2.googleusercontent.com
Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: unknownHTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message
Source: msapplication.xml.2.drString found in binary or memory: http://www.amazon.com/
Source: msapplication.xml2.2.drString found in binary or memory: http://www.google.com/
Source: msapplication.xml3.2.drString found in binary or memory: http://www.live.com/
Source: msapplication.xml4.2.drString found in binary or memory: http://www.nytimes.com/
Source: msapplication.xml5.2.drString found in binary or memory: http://www.reddit.com/
Source: msapplication.xml6.2.drString found in binary or memory: http://www.twitter.com/
Source: msapplication.xml7.2.drString found in binary or memory: http://www.wikipedia.com/
Source: msapplication.xml8.2.drString found in binary or memory: http://www.youtube.com/
Source: manifest.json0.9.drString found in binary or memory: https://chrome.google.com/webstore/
Source: manifest.json0.9.drString found in binary or memory: https://chromewebstore.google.com/
Source: ad01b382-c09e-4199-b5ca-ce545204d3e2.tmp.10.dr, c1a9dd93-23a1-4e5b-ad6c-e84ac4f2a7d5.tmp.10.drString found in binary or memory: https://clients2.google.com
Source: manifest.json.9.drString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: ad01b382-c09e-4199-b5ca-ce545204d3e2.tmp.10.dr, c1a9dd93-23a1-4e5b-ad6c-e84ac4f2a7d5.tmp.10.drString found in binary or memory: https://clients2.googleusercontent.com
Source: manifest.json.9.drString found in binary or memory: https://docs.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-autopush.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-daily-0.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-daily-1.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-daily-2.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-daily-3.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-daily-4.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-daily-5.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-daily-6.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-preprod.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-staging.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive.google.com/
Source: ad01b382-c09e-4199-b5ca-ce545204d3e2.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net
Source: 000003.log.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/addressbar_uu_files.en-gb/1.0.2/asset?sv=2017-07-29&sr
Source: 000003.log.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?assetgroup=Arbit
Source: 000003.log.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr
Source: 000003.log.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/signal_triggers/1.13.3/asset?sv=2017-07-29&sr=c&sig=Nt
Source: content_new.js.9.dr, content.js.9.drString found in binary or memory: https://www.google.com/chrome
Source: ad01b382-c09e-4199-b5ca-ce545204d3e2.tmp.10.drString found in binary or memory: https://www.googleapis.com
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: classification engineClassification label: clean2.winXML@49/219@8/5
Source: C:\Program Files\Internet Explorer\iexplore.exeFile created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\RecoveryJump to behavior
Source: C:\Program Files\Internet Explorer\iexplore.exeFile created: C:\Users\user\AppData\Local\Temp\~DFA8146A3F7DD53FBF.TMPJump to behavior
Source: C:\Program Files\Internet Explorer\iexplore.exeFile read: C:\Users\desktop.iniJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: unknownProcess created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXE "C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\user\Desktop\{89eeeac4-e4d3-40a8-9048-e7cecfc98851}.xml"
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXEProcess created: C:\Program Files\Internet Explorer\iexplore.exe "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\user\Desktop\{89eeeac4-e4d3-40a8-9048-e7cecfc98851}.xml
Source: C:\Program Files\Internet Explorer\iexplore.exeProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7348 CREDAT:17410 /prefetch:2
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10492
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeProcess created: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exe "C:\PROGRA~2\Java\jre-1.8\bin\ssvagent.exe" -new
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10492
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=2044,i,16802615332830959518,16888877389882489269,262144 /prefetch:3
Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10492 --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2228 --field-trial-handle=1996,i,865180387715092134,7946586055113773520,262144 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6000 --field-trial-handle=1996,i,865180387715092134,7946586055113773520,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXEProcess created: C:\Program Files\Internet Explorer\iexplore.exe "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\user\Desktop\{89eeeac4-e4d3-40a8-9048-e7cecfc98851}.xmlJump to behavior
Source: C:\Program Files\Internet Explorer\iexplore.exeProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7348 CREDAT:17410 /prefetch:2Jump to behavior
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10492Jump to behavior
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeProcess created: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exe "C:\PROGRA~2\Java\jre-1.8\bin\ssvagent.exe" -newJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10492Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=2044,i,16802615332830959518,16888877389882489269,262144 /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2228 --field-trial-handle=1996,i,865180387715092134,7946586055113773520,262144 /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6000 --field-trial-handle=1996,i,865180387715092134,7946586055113773520,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: apphelp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: appvisvsubsystems32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: vcruntime140.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: c2r32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: userenv.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: wininet.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: sspicli.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: iertutil.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: windows.storage.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: wldp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXESection loaded: profapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: wininet.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: netutils.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: wldp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: propsys.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: profapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: edputil.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: slc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: userenv.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: sppc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: vcruntime140.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: wininet.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: version.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: msvcp140.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: netutils.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXEKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32Jump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXEKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\CommonJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: Web Data.9.drBinary or memory string: Canara Transaction PasswordVMware20,11696428655x
Source: Web Data.9.drBinary or memory string: discord.comVMware20,11696428655f
Source: Web Data.9.drBinary or memory string: interactivebrokers.co.inVMware20,11696428655d
Source: Web Data.9.drBinary or memory string: Interactive Brokers - COM.HKVMware20,11696428655
Source: Web Data.9.drBinary or memory string: global block list test formVMware20,11696428655
Source: Web Data.9.drBinary or memory string: Canara Transaction PasswordVMware20,11696428655}
Source: Web Data.9.drBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696428655
Source: Web Data.9.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696428655^
Source: Web Data.9.drBinary or memory string: account.microsoft.com/profileVMware20,11696428655u
Source: Web Data.9.drBinary or memory string: secure.bankofamerica.comVMware20,11696428655|UE
Source: Web Data.9.drBinary or memory string: www.interactivebrokers.comVMware20,11696428655}
Source: Web Data.9.drBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696428655p
Source: Web Data.9.drBinary or memory string: Interactive Brokers - EU WestVMware20,11696428655n
Source: Web Data.9.drBinary or memory string: outlook.office365.comVMware20,11696428655t
Source: Web Data.9.drBinary or memory string: microsoft.visualstudio.comVMware20,11696428655x
Source: Web Data.9.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696428655
Source: Web Data.9.drBinary or memory string: outlook.office.comVMware20,11696428655s
Source: Web Data.9.drBinary or memory string: www.interactivebrokers.co.inVMware20,11696428655~
Source: Web Data.9.drBinary or memory string: ms.portal.azure.comVMware20,11696428655
Source: Web Data.9.drBinary or memory string: AMC password management pageVMware20,11696428655
Source: Web Data.9.drBinary or memory string: tasks.office.comVMware20,11696428655o
Source: Web Data.9.drBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696428655z
Source: Web Data.9.drBinary or memory string: turbotax.intuit.comVMware20,11696428655t
Source: Web Data.9.drBinary or memory string: interactivebrokers.comVMware20,11696428655
Source: Web Data.9.drBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696428655
Source: Web Data.9.drBinary or memory string: dev.azure.comVMware20,11696428655j
Source: Web Data.9.drBinary or memory string: netportal.hdfcbank.comVMware20,11696428655
Source: Web Data.9.drBinary or memory string: Interactive Brokers - HKVMware20,11696428655]
Source: ie_to_edge_stub.exe, 00000004.00000002.2073943203.0000027AD3045000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Prod_VMware_SATA_CD00#4&224f42ef&0&00000
Source: Web Data.9.drBinary or memory string: bankofamerica.comVMware20,11696428655x
Source: Web Data.9.drBinary or memory string: trackpan.utiitsl.comVMware20,11696428655h
Source: Web Data.9.drBinary or memory string: Test URL for global passwords blocklistVMware20,11696428655
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXEProcess created: C:\Program Files\Internet Explorer\iexplore.exe "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\user\Desktop\{89eeeac4-e4d3-40a8-9048-e7cecfc98851}.xmlJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10492Jump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
Exploitation for Client Execution		1
DLL Side-Loading		11
Process Injection		1
Masquerading		OS Credential Dumping1
Security Software Discovery		Remote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
DLL Side-Loading		11
Process Injection		LSASS Memory1
File and Directory Discovery		Remote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
DLL Side-Loading		Security Account Manager2
System Information Discovery		SMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1541101 Sample: {89eeeac4-e4d3-40a8-9048-e7... Startdate: 24/10/2024 Architecture: WINDOWS Score: 2 9 MSOXMLED.EXE 12 2->9         started        11 msedge.exe 24 349 2->11         started        dnsIp3 14 iexplore.exe 69 105 9->14         started        37 239.255.255.250 unknown Reserved 11->37 16 msedge.exe 11->16         started        19 msedge.exe 11->19         started        process4 dnsIp5 21 iexplore.exe 2 22 14->21         started        31 23.218.232.185, 443, 49780 RAYA-ASEG United States 16->31 33 googlehosted.l.googleusercontent.com 142.250.185.225, 443, 49712 GOOGLEUS United States 16->33 35 5 other IPs or domains 16->35 process6 process7 23 ie_to_edge_stub.exe 1 21->23         started        25 ssvagent.exe 501 21->25         started        process8 27 msedge.exe 10 23->27         started        process9 29 msedge.exe 27->29         started       

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://chrome.cloudflare-dns.com/dns-query0%URL Reputationsafe
https://chromewebstore.google.com/0%URL Reputationsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
chrome.cloudflare-dns.com
172.64.41.3
truefalse
    		unknown
    googlehosted.l.googleusercontent.com
    		142.250.185.225
    		truefalse
      		unknown
      sni1gl.wpc.nucdn.net
      		152.199.21.175
      		truefalse
        		unknown
        clients2.googleusercontent.com
        		unknown
        		unknownfalse
          		unknown

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          https://chrome.cloudflare-dns.com/dns-queryfalse
          • URL Reputation: safe
          		unknown
          https://clients2.googleusercontent.com/crx/blobs/AYA8VyyVmiyWvldTRU0qGaR4RUSL6-YrG6uKRsMPsRWu4uzTWsENQ0Oe4TwjJlNxU5Vx3wW0XCsKQHAJ2XkWCO0eQ7UF3N9B6xg6w6N4ZQ_ezL5_s1EfR63s25vMOuhpdI4AxlKa5cntVqVuAOGwNK_pRVduNn5fPIzZ/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_83_1_0.crxfalse
            		unknown

            URLs from Memory and Binaries

            NameSourceMaliciousAntivirus DetectionReputation
            http://www.nytimes.com/msapplication.xml4.2.drfalse
              		unknown
              https://drive-daily-2.corp.google.com/manifest.json.9.drfalse
                		unknown
                https://drive-autopush.corp.google.com/manifest.json.9.drfalse
                  		unknown
                  https://drive-daily-4.corp.google.com/manifest.json.9.drfalse
                    		unknown
                    http://www.amazon.com/msapplication.xml.2.drfalse
                      		unknown
                      http://www.twitter.com/msapplication.xml6.2.drfalse
                        		unknown
                        https://drive-daily-1.corp.google.com/manifest.json.9.drfalse
                          		unknown
                          https://drive-daily-5.corp.google.com/manifest.json.9.drfalse
                            		unknown
                            https://docs.google.com/manifest.json.9.drfalse
                              		unknown
                              https://drive-staging.corp.google.com/manifest.json.9.drfalse
                                		unknown
                                https://www.google.com/chromecontent_new.js.9.dr, content.js.9.drfalse
                                  		unknown
                                  https://drive-daily-6.corp.google.com/manifest.json.9.drfalse
                                    		unknown
                                    https://drive.google.com/manifest.json.9.drfalse
                                      		unknown
                                      https://drive-daily-0.corp.google.com/manifest.json.9.drfalse
                                        		unknown
                                        http://www.youtube.com/msapplication.xml8.2.drfalse
                                          		unknown
                                          https://chromewebstore.google.com/manifest.json0.9.drfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://www.wikipedia.com/msapplication.xml7.2.drfalse
                                            		unknown
                                            https://drive-preprod.corp.google.com/manifest.json.9.drfalse
                                              		unknown
                                              https://clients2.googleusercontent.comad01b382-c09e-4199-b5ca-ce545204d3e2.tmp.10.dr, c1a9dd93-23a1-4e5b-ad6c-e84ac4f2a7d5.tmp.10.drfalse
                                                		unknown
                                                http://www.live.com/msapplication.xml3.2.drfalse
                                                  		unknown
                                                  https://chrome.google.com/webstore/manifest.json0.9.drfalse
                                                    		unknown
                                                    http://www.reddit.com/msapplication.xml5.2.drfalse
                                                      		unknown
                                                      http://www.google.com/msapplication.xml2.2.drfalse
                                                        		unknown
                                                        https://drive-daily-3.corp.google.com/manifest.json.9.drfalse
                                                          		unknown

                                                          World Map of Contacted IPs

                                                          • No. of IPs < 25%
                                                          • 25% < No. of IPs < 50%
                                                          • 50% < No. of IPs < 75%
                                                          • 75% < No. of IPs

                                                          Public IPs

                                                          IPDomainCountryFlagASNASN NameMalicious
                                                          162.159.61.3
                                                          		unknownUnited States
                                                          		13335CLOUDFLARENETUSfalse
                                                          239.255.255.250
                                                          		unknownReserved
                                                          		unknownunknownfalse
                                                          23.218.232.185
                                                          		unknownUnited States
                                                          		24835RAYA-ASEGfalse
                                                          172.64.41.3
                                                          		chrome.cloudflare-dns.comUnited States
                                                          		13335CLOUDFLARENETUSfalse
                                                          142.250.185.225
                                                          		googlehosted.l.googleusercontent.comUnited States
                                                          		15169GOOGLEUSfalse

                                                          General Information

                                                          Joe Sandbox version:41.0.0 Charoite
                                                          Analysis ID:1541101
                                                          Start date and time:2024-10-24 12:24:12 +02:00
                                                          Joe Sandbox product:CloudBasic
                                                          Overall analysis duration:0h 4m 48s
                                                          Hypervisor based Inspection enabled:false
                                                          Report type:full
                                                          Cookbook file name:default.jbs
                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                          Number of analysed new started processes analysed:16
                                                          Number of new started drivers analysed:0
                                                          Number of existing processes analysed:0
                                                          Number of existing drivers analysed:0
                                                          Number of injected processes analysed:0
                                                          Technologies:
                                                          • EGA enabled
                                                          • AMSI enabled
                                                          Analysis Mode:default
                                                          Analysis stop reason:Timeout
                                                          Sample name:{89eeeac4-e4d3-40a8-9048-e7cecfc98851}.xml
                                                          Detection:CLEAN
                                                          Classification:clean2.winXML@49/219@8/5
                                                          Cookbook Comments:
                                                          • Found application associated with file extension: .xml

                                                          Warnings

                                                          • Exclude process from analysis (whitelisted): dllhost.exe, RuntimeBroker.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, svchost.exe
                                                          • Excluded IPs from analysis (whitelisted): 184.28.89.167, 13.107.42.16, 142.250.186.78, 13.107.21.239, 204.79.197.239, 2.23.209.142, 2.23.209.154, 2.23.209.156, 2.23.209.143, 2.23.209.150, 2.23.209.158, 2.23.209.141, 2.23.209.149, 2.23.209.144, 2.19.126.157, 2.19.126.151, 204.79.197.200, 142.251.116.94, 142.250.113.94
                                                          • Excluded domains from analysis (whitelisted): cdp-f-ssl-tlu-net.trafficmanager.net, config.edge.skype.com.trafficmanager.net, slscr.update.microsoft.com, star.sf.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com, e11290.dspg.akamaiedge.net, go.microsoft.com, clients2.google.com, e86303.dscx.akamaiedge.net, ocsp.digicert.com, www.bing.com.edgekey.net, config-edge-skype.l-0007.l-msedge.net, msedge.b.tlu.dl.delivery.mp.microsoft.com, www.gstatic.com, l-0007.l-msedge.net, ieonline.microsoft.com, config.edge.skype.com, www.bing.com, edge-microsoft-com.dual-a-0036.a-msedge.net, fs.microsoft.com, otelrules.azureedge.net, wildcardtlu-ssl.ec.azureedge.net, star.sb.tlu.dl.delivery.mp.microsoft.com.edgesuite.net, ctldl.windowsupdate.com, www-www.bing.com.trafficmanager.net, edge.microsoft.com, fe3cr.delivery.mp.microsoft.com, wildcardtlu-ssl.azureedge.net, any.edge.bing.com, l-0007.config.skype.com, go.microsoft.com.edgekey.net, a2033.dscd.akamai.net, clients.l.google.com, msedgeextensions.sf.tlu.dl.delivery.mp.mi
                                                          • Not all processes where analyzed, report is missing behavior information
                                                          • Report size exceeded maximum capacity and may have missing behavior information.
                                                          • Report size getting too big, too many NtCreateKey calls found.
                                                          • Report size getting too big, too many NtOpenFile calls found.
                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                          • Report size getting too big, too many NtQueryValueKey calls found.
                                                          • Report size getting too big, too many NtSetValueKey calls found.
                                                          • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                          • VT rate limit hit for: {89eeeac4-e4d3-40a8-9048-e7cecfc98851}.xml

                                                          Simulations

                                                          Behavior and APIs

                                                          No simulations

                                                          Joe Sandbox View / Context

                                                          IPs

                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                          162.159.61.3http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.comGet hashmaliciousUnknownBrowse
                                                            Demande de proposition du CPE Les Coquins.pdfGet hashmaliciousUnknownBrowse
                                                              Demande de proposition du CPE Les Coquins.pdfGet hashmaliciousUnknownBrowse
                                                                roquette October.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                  https://careers.adobe.com/us/en/apply?jobSeqNo=ADOBUSR147673EXTERNALENUSGet hashmaliciousUnknownBrowse
                                                                    Scan copy of document .pdfGet hashmaliciousUnknownBrowse
                                                                      fedcap.67173a0a3d25d0.95038392.pdfGet hashmaliciousUnknownBrowse
                                                                        MDE_File_Sample_1a8e4ebbcc2e3f76efb2a55bb6179417263ebf3d.zipGet hashmaliciousUnknownBrowse
                                                                          [EXTERNAL] Redbrick Communications Request For Proposal .emlGet hashmaliciousUnknownBrowse
                                                                            http://google.comGet hashmaliciousUnknownBrowse
                                                                              239.255.255.250PO 635614 635613_CQDM.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                https://railrent-railrent.powerappsportals.com/Get hashmaliciousUnknownBrowse
                                                                                  http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.comGet hashmaliciousUnknownBrowse
                                                                                    https://landsmith.ae/continue.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                      https://is.gd/6NgVrQGet hashmaliciousHTMLPhisherBrowse
                                                                                        https://www.yola.com/es/zendesk-sso?return_to=http://york.iwill.app.br/Get hashmaliciousUnknownBrowse
                                                                                          https://www.yola.com/es/zendesk-sso?return_to=http://york.iwill.app.br/Get hashmaliciousUnknownBrowse
                                                                                            SecuriteInfo.com.W32.MSIL_Kryptik.KMZ.gen.Eldorado.27390.3879.exeGet hashmaliciousRemcosBrowse
                                                                                              https://tarah.com.sa/reeeGet hashmaliciousUnknownBrowse
                                                                                                https://www.yola.com/es/zendesk-sso?return_to=http://york.iwill.app.br/Get hashmaliciousUnknownBrowse
                                                                                                  172.64.41.3http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.comGet hashmaliciousUnknownBrowse
                                                                                                    https://t.ly/2jKWOGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                      https://t.ly/2jKWOGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                        KERR SURVEYING LLC EE RFI#1.pdfGet hashmaliciousUnknownBrowse
                                                                                                          roquette October.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                                                            https://www.filemail.com/t/cFCAI9C4Get hashmaliciousHtmlDropperBrowse
                                                                                                              https://careers.adobe.com/us/en/apply?jobSeqNo=ADOBUSR147673EXTERNALENUSGet hashmaliciousUnknownBrowse
                                                                                                                roba.txtGet hashmaliciousMeterpreter, ReflectiveLoaderBrowse
                                                                                                                  MDE_File_Sample_1a8e4ebbcc2e3f76efb2a55bb6179417263ebf3d.zipGet hashmaliciousUnknownBrowse
                                                                                                                    (No subject) (90).emlGet hashmaliciousUnknownBrowse

                                                                                                                      Domains

                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                      chrome.cloudflare-dns.comhttp://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.comGet hashmaliciousUnknownBrowse
                                                                                                                      • 162.159.61.3
                                                                                                                      https://t.ly/2jKWOGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                                      • 172.64.41.3
                                                                                                                      https://t.ly/2jKWOGet hashmaliciousHTMLPhisher, Mamba2FABrowse
                                                                                                                      • 172.64.41.3
                                                                                                                      https://www.filemail.com/t/cFCAI9C4Get hashmaliciousHtmlDropperBrowse
                                                                                                                      • 172.64.41.3
                                                                                                                      https://careers.adobe.com/us/en/apply?jobSeqNo=ADOBUSR147673EXTERNALENUSGet hashmaliciousUnknownBrowse
                                                                                                                      • 172.64.41.3
                                                                                                                      MDE_File_Sample_1a8e4ebbcc2e3f76efb2a55bb6179417263ebf3d.zipGet hashmaliciousUnknownBrowse
                                                                                                                      • 162.159.61.3
                                                                                                                      (No subject) (90).emlGet hashmaliciousUnknownBrowse
                                                                                                                      • 172.64.41.3
                                                                                                                      http://google.comGet hashmaliciousUnknownBrowse
                                                                                                                      • 162.159.61.3
                                                                                                                      SecuriteInfo.com.Trojan-PSW.Win32.Stealer.cjar.14389.14563.exeGet hashmaliciousUnknownBrowse
                                                                                                                      • 162.159.61.3
                                                                                                                      SecuriteInfo.com.Trojan-PSW.Win32.Stealer.cjar.14389.14563.exeGet hashmaliciousUnknownBrowse
                                                                                                                      • 172.64.41.3
                                                                                                                      sni1gl.wpc.nucdn.nethttps://careers.adobe.com/us/en/apply?jobSeqNo=ADOBUSR147673EXTERNALENUSGet hashmaliciousUnknownBrowse
                                                                                                                      • 152.199.21.175
                                                                                                                      MDE_File_Sample_1a8e4ebbcc2e3f76efb2a55bb6179417263ebf3d.zipGet hashmaliciousUnknownBrowse
                                                                                                                      • 152.199.21.175
                                                                                                                      (No subject) (90).emlGet hashmaliciousUnknownBrowse
                                                                                                                      • 152.199.21.175
                                                                                                                      http://google.comGet hashmaliciousUnknownBrowse
                                                                                                                      • 152.199.21.175
                                                                                                                      Update.exeGet hashmaliciousNasoBrowse
                                                                                                                      • 152.195.19.97
                                                                                                                      SecuriteInfo.com.FileRepPup.24407.3577.exeGet hashmaliciousUnknownBrowse
                                                                                                                      • 152.199.21.175
                                                                                                                      SecuriteInfo.com.FileRepPup.24407.3577.exeGet hashmaliciousUnknownBrowse
                                                                                                                      • 152.199.21.175
                                                                                                                      36.msiGet hashmaliciousNumandoBrowse
                                                                                                                      • 152.199.21.175
                                                                                                                      33.msiGet hashmaliciousNumandoBrowse
                                                                                                                      • 152.199.21.175
                                                                                                                      QbAwyjyAk3.lnkGet hashmaliciousNumandoBrowse
                                                                                                                      • 152.199.21.175

                                                                                                                      ASNs

                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                      RAYA-ASEGatH4SE3Oi6.elfGet hashmaliciousMiraiBrowse
                                                                                                                      • 62.68.231.170
                                                                                                                      o2YUBeMZW6.elfGet hashmaliciousMiraiBrowse
                                                                                                                      • 62.68.231.163
                                                                                                                      gppc.elfGet hashmaliciousMiraiBrowse
                                                                                                                      • 41.68.176.234
                                                                                                                      jade.x86.elfGet hashmaliciousMiraiBrowse
                                                                                                                      • 41.69.118.201
                                                                                                                      nsharm.elfGet hashmaliciousMiraiBrowse
                                                                                                                      • 197.132.199.75
                                                                                                                      garm5.elfGet hashmaliciousMiraiBrowse
                                                                                                                      • 41.70.6.181
                                                                                                                      nrsh4.elfGet hashmaliciousMiraiBrowse
                                                                                                                      • 41.69.166.155
                                                                                                                      nsharm5.elfGet hashmaliciousMiraiBrowse
                                                                                                                      • 41.69.118.209
                                                                                                                      gmips.elfGet hashmaliciousMiraiBrowse
                                                                                                                      • 197.132.199.64
                                                                                                                      nsharm7.elfGet hashmaliciousMiraiBrowse
                                                                                                                      • 197.132.217.113
                                                                                                                      CLOUDFLARENETUSHalkbank_Ekstre_20241022_081224_563756.exeGet hashmaliciousMassLogger RAT, PureLog StealerBrowse
                                                                                                                      • 188.114.96.3
                                                                                                                      REVISED INVOICE.exeGet hashmaliciousGuLoader, Snake KeyloggerBrowse
                                                                                                                      • 188.114.96.3
                                                                                                                      SIPARIS-290124.PDF.exeGet hashmaliciousPureLog Stealer, Snake KeyloggerBrowse
                                                                                                                      • 188.114.97.3
                                                                                                                      PO 635614 635613_CQDM.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                      • 104.21.68.211
                                                                                                                      https://railrent-railrent.powerappsportals.com/Get hashmaliciousUnknownBrowse
                                                                                                                      • 172.67.140.116
                                                                                                                      http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.comGet hashmaliciousUnknownBrowse
                                                                                                                      • 172.64.41.3
                                                                                                                      https://landsmith.ae/continue.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                      • 104.17.25.14
                                                                                                                      mm.exeGet hashmaliciousUnknownBrowse
                                                                                                                      • 172.67.177.220
                                                                                                                      https://is.gd/6NgVrQGet hashmaliciousHTMLPhisherBrowse
                                                                                                                      • 104.17.25.14
                                                                                                                      file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                                                                      • 104.21.53.8
                                                                                                                      CLOUDFLARENETUSHalkbank_Ekstre_20241022_081224_563756.exeGet hashmaliciousMassLogger RAT, PureLog StealerBrowse
                                                                                                                      • 188.114.96.3
                                                                                                                      REVISED INVOICE.exeGet hashmaliciousGuLoader, Snake KeyloggerBrowse
                                                                                                                      • 188.114.96.3
                                                                                                                      SIPARIS-290124.PDF.exeGet hashmaliciousPureLog Stealer, Snake KeyloggerBrowse
                                                                                                                      • 188.114.97.3
                                                                                                                      PO 635614 635613_CQDM.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                      • 104.21.68.211
                                                                                                                      https://railrent-railrent.powerappsportals.com/Get hashmaliciousUnknownBrowse
                                                                                                                      • 172.67.140.116
                                                                                                                      http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.comGet hashmaliciousUnknownBrowse
                                                                                                                      • 172.64.41.3
                                                                                                                      https://landsmith.ae/continue.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                      • 104.17.25.14
                                                                                                                      mm.exeGet hashmaliciousUnknownBrowse
                                                                                                                      • 172.67.177.220
                                                                                                                      https://is.gd/6NgVrQGet hashmaliciousHTMLPhisherBrowse
                                                                                                                      • 104.17.25.14
                                                                                                                      file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                                                                      • 104.21.53.8

                                                                                                                      JA3 Fingerprints

                                                                                                                      No context

                                                                                                                      Dropped Files

                                                                                                                      No context

                                                                                                                      Created / dropped Files

                                                                                                                      C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                      File Type:MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):4286
                                                                                                                      Entropy (8bit):3.8046022951415335
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:suZOWcCXPRS4QAUs/KBy3TYI42Apvl6wheXpktCH2Yn4KgISQggggFpz1k9PAYHu:HBRh+sCBykteatiBn4KWi1+Ne
                                                                                                                      MD5:DA597791BE3B6E732F0BC8B20E38EE62
                                                                                                                      SHA1:1125C45D285C360542027D7554A5C442288974DE
                                                                                                                      SHA-256:5B2C34B3C4E8DD898B664DBA6C3786E2FF9869EFF55D673AA48361F11325ED07
                                                                                                                      SHA-512:D8DC8358727590A1ED74DC70356AEDC0499552C2DC0CD4F7A01853DD85CEB3AEAD5FBDC7C75D7DA36DB6AF2448CE5ABDFF64CEBDCA3533ECAD953C061A9B338E
                                                                                                                      Malicious:false
                                                                                                                      Reputation:moderate, very likely benign file
                                                                                                                      Preview:...... .... .........(... ...@..... ...................................................................................................................................................................................................N...Sz..R...R...P...N..L..H..DG..........................................................................................R6..U...U...S...R...P...N..L..I..F..B...7...............................................................................S6..V...V...U...S...R...P...N..L..I..F..C...?..:z......................................................................O...W...V...V...U...S...R...P...N..L..I..E..C...?...;..{7..q2$..............................................................T..D..]...S)..p6..J...R...P...N..L..I..E..B..>..;..z7..p2..f,X.........................................................A..O#..N!..N!..N!..P$..q:...P...N..K..I..E..A..=..9..x5..n0..e,...5...................................................Ea.Z,..T$..T$..T

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\241bc438-98be-4899-b095-f8e10fa6c69b.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):44137
                                                                                                                      Entropy (8bit):6.090687589008711
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMwwuF9hDO6vP6O+jtbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6Gtbz8hu3VlXr4CRo1
                                                                                                                      MD5:A8BE530200ABAFEF555CFADCF8822737
                                                                                                                      SHA1:B96D7F700B53AB6AE2EC75ACA373A4BC4A1FDF9D
                                                                                                                      SHA-256:4AAF54B5CD5A68445E2FAA267B26D3408D7EE6A9C815562A48C5D334A074903B
                                                                                                                      SHA-512:7F264760ED280F9289A65EECD5BE086B76D6C95DF3146ED6BCC33EE5383B20B65D40AC2011D83C8468AB6B674670AEE5432D86E35D538CE41B22BA96C397BC0D
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\34c09d58-27eb-4d54-b042-25490a88fa10.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):45003
                                                                                                                      Entropy (8bit):6.0847183959895474
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:OMkbJrT8IeQcrQgxkoKFuXhDO6vP6Oq1tCz9K8dCDWzS+BrkCAoQGoup1Xl3jVzx:OMk1rT8HRzE6YtCzPS+BrkRoQhu3VlXh
                                                                                                                      MD5:D79885A1C674F97B2490695E9CFEF344
                                                                                                                      SHA1:EB660A452370DB6F5311B3EB6594F41FFC6FE5FA
                                                                                                                      SHA-256:74332194010DA00C4C6B827CB24632D263613E44E4A2C6857561070F2B721A3B
                                                                                                                      SHA-512:14223ED5BE6073B0E06FF8C119B3FB5104EF0ABFB8AD6A4C5C6F1FB01C0742AA97E0D85E1F0F6BC61C6324FD2C9708A499D644F7F8F97DC4044D315DB9B5A2EB
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg8mcY6CmCjTJCmtsWFOcUf5vj04cw0e1yZe2WAl8svFn5IC43jfc+dLnGrEyDwAicHCxNdhlrVa5LEtTgt5u2lAK02pd198r5dr5VYgHj55vViEOsF96z3F4ONrN2yeYHGQlo5wvtB8h5moYSz3q4XkgOLF68CtN9

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\71233bd7-47cb-432e-a0f8-d91c45d98eaa.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):45003
                                                                                                                      Entropy (8bit):6.084722734729599
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:OMkbJrT8IeQcrQgxPoKFuXhDO6vP6Oq1tCz9K8dCDWzS+BrkCAoQGoup1Xl3jVzx:OMk1rT8HRwE6YtCzPS+BrkRoQhu3VlXh
                                                                                                                      MD5:7551879FB14F39933DF495B8D2D268F4
                                                                                                                      SHA1:23167FF4792A9DFD10D29CBE59DC2DD7487E2362
                                                                                                                      SHA-256:C060411F32E3635E0C15BE41EB7C22E2AD71C3869DC3D8937F19933378A18064
                                                                                                                      SHA-512:38B4EA01862B441CBA6DA9E60F3449FFC39D80E073F6C49C2DBB719015FC24BA0BC0FF2EFCCDDFC9359A53AB0C6E7B928B88951970A617972D334C54A52DCCAE
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg8mcY6CmCjTJCmtsWFOcUf5vj04cw0e1yZe2WAl8svFn5IC43jfc+dLnGrEyDwAicHCxNdhlrVa5LEtTgt5u2lAK02pd198r5dr5VYgHj55vViEOsF96z3F4ONrN2yeYHGQlo5wvtB8h5moYSz3q4XkgOLF68CtN9

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\790f7aad-91e7-4e41-899b-efabfb18abd4.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):45250
                                                                                                                      Entropy (8bit):6.089952327371861
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:OMkbJrT8IeQcrQgxkoKFuXhDO6vP6OmzP44Qbi8dCDt1zS+BrkCAoQGoup1Xl3jD:OMk1rT8HRzE6GkaZS+BrkRoQhu3VlXrV
                                                                                                                      MD5:21B702CF1AEAA17D4611EA8C77AED16C
                                                                                                                      SHA1:F33FA585D0FB056D5D5BF68956A40F91213E4D98
                                                                                                                      SHA-256:C250E7ED165BA46BE5E80614E9BA9527A26375B991DEDAC8A54A6FB96D9661B6
                                                                                                                      SHA-512:BA38E1C9B0716FB8BA25DD38760221D8EA1403FFFCD7B36BF80520964E319116AED7617F91700D17528BC5A731958A132665241671B9B232644AD0AE3DBBD388
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg8mcY6CmCjTJCmtsWFOcUf5vj04cw0e1yZe2WAl8svFn5IC43jfc+dLnGrEyDwAicHCxNdhlrVa5LEtTgt5u2lAK02pd198r5dr5VYgHj55vViEOsF96z3F4ONrN2yeYHGQlo5wvtB8h5moYSz3q4XkgOLF68CtN9

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\85a9c916-8626-4f7b-a0e6-af6273649bbd.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):45003
                                                                                                                      Entropy (8bit):6.084685417040977
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:OMkbJrT8IeQcrQgxkoKFuXhDO6vP6Ou1tCz9K8dCDWzS+BrkCAoQGoup1Xl3jVzx:OMk1rT8HRzE60tCzPS+BrkRoQhu3VlXh
                                                                                                                      MD5:ACB473AA08A2B3975F1B2DED9001CC61
                                                                                                                      SHA1:D21FEBB1D3F6F48ACBBD8ADC9AF9E054369ECEA2
                                                                                                                      SHA-256:60201E8444B3F67079DBF08193BDDD50172C6D7636F75C78CDD83F22D5DAAD95
                                                                                                                      SHA-512:32F6E50259995B0CB01013CC75A4678EDCBEFB400A3336477A13F18EAA993A426BF672D3A70CDF4ED2424056191AD5660C689D1A8CC61CE8CD0785A5368EE36C
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg8mcY6CmCjTJCmtsWFOcUf5vj04cw0e1yZe2WAl8svFn5IC43jfc+dLnGrEyDwAicHCxNdhlrVa5LEtTgt5u2lAK02pd198r5dr5VYgHj55vViEOsF96z3F4ONrN2yeYHGQlo5wvtB8h5moYSz3q4XkgOLF68CtN9

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\9a10793f-082d-465a-945b-56d9ace90c1c.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):44676
                                                                                                                      Entropy (8bit):6.096100405517274
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4xkBKwuXhDO6vP6OmzP44Qbi8dCDtcGoup1Xl3jVzXr2:z/Ps+wsI7yOEd6Gkachu3VlXr4CRo1
                                                                                                                      MD5:B59DA62DE0AD5404E67AB84F3855DC95
                                                                                                                      SHA1:8DED5365565C7AACF854515F73426E83635285AA
                                                                                                                      SHA-256:56D02F776495623EDDDA7CFE2D3C4CF3EDE273EC9D516AA3A1B18DFF39BD14B1
                                                                                                                      SHA-512:846658D02E4929E5AF9D66F10781338021E58E5B20661C03407CD70EF38AED8B4039F36A1075FAF47C1A86C12E9AB9CC958BDDFEA4AC529C01DDF61CAE9AAB42
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\087ea2d9-b7bc-4c00-b8d8-8fc5e6eabf4e.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):107893
                                                                                                                      Entropy (8bit):4.640135461872496
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7x:fwUQC5VwBIiElEd2K57P7x
                                                                                                                      MD5:19DB9AF7D3FDB56FDD8CB17DB154752C
                                                                                                                      SHA1:FC38FEED3175DB5F9C8C17DA55B594B7875D0F92
                                                                                                                      SHA-256:9033818BAA03976518D89725A48837BDB1B8876927163DAE2ED48A2226AA6ABE
                                                                                                                      SHA-512:5A32D07505128BF3DB8A1D2E51F43B502C7270CC3F656126981597DB2676C3DA465C34D1A2DDB965C6F79C9F809824DCA794014D77B53EDB948602DEB8575D6C
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):107893
                                                                                                                      Entropy (8bit):4.640135461872496
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7x:fwUQC5VwBIiElEd2K57P7x
                                                                                                                      MD5:19DB9AF7D3FDB56FDD8CB17DB154752C
                                                                                                                      SHA1:FC38FEED3175DB5F9C8C17DA55B594B7875D0F92
                                                                                                                      SHA-256:9033818BAA03976518D89725A48837BDB1B8876927163DAE2ED48A2226AA6ABE
                                                                                                                      SHA-512:5A32D07505128BF3DB8A1D2E51F43B502C7270CC3F656126981597DB2676C3DA465C34D1A2DDB965C6F79C9F809824DCA794014D77B53EDB948602DEB8575D6C
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):4194304
                                                                                                                      Entropy (8bit):0.0
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3::
                                                                                                                      MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                      SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                      SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                      SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                      Malicious:false
                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):4194304
                                                                                                                      Entropy (8bit):0.0
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3::
                                                                                                                      MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                      SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                      SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                      SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                      Malicious:false
                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-671A2083-1E94.pma

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):4194304
                                                                                                                      Entropy (8bit):0.36427242445283814
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3072:+8Ak58auS684MaaGjXp8aVJQDiBNbrLsZgRk8gnqVorEM9fvI/prBMpQyb2uMWmJ:kJae0GnbrLqqFMeJaHKpikJEa
                                                                                                                      MD5:DBF6AA7E66D93650D91197EC95C65D96
                                                                                                                      SHA1:4EF20B6F72956D713ABDCBC2B5BC6F2F06CBE1C9
                                                                                                                      SHA-256:55B77BE39EA2CBB94B8855C083F4B375F42CF951BCD5E6F09CAD359B9B3F785D
                                                                                                                      SHA-512:8A98F7DDA331A763CD17143334CBF2FC8D3883EA80E1678E9E301E53EB3431123F0F304517456DBDA926F3BCC04C183AED30E1BEE2A65AA1EE5B95E2418AECE7
                                                                                                                      Malicious:false
                                                                                                                      Preview:...@..@...@.....C.].....@...................................`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452....x86_64..?........".yfqrvp20,1(.0..8..B....(.....10.0.19041.5462.Google Inc. (Google):bANGLE (Google, Vulkan 1.3.0 (SwiftShader Device (Subzero) (0x0000C0DE)), SwiftShader driver-5.0.0)M..BU..Be...?j...GenuineIntel... .. ..............x86_64...J../T...^o..J...Y...^o..J..w....^o..J..A....^o..J..1H...^o..J....c..^o..J...c=..^o..J....J..^o..J..3.(..^o..J.......^o..J...b.J.^o..J...#...^o..J....k..^o..J..?....^o..J..S..O.^o..J..l.zL.^o..J..@."..^o..J..?U...^o..J..!..h.^o..J..z{...^o..J..n....^o..J..0....^o..J....%.^o..J...I.r.^o..J.......^o..J..ZK...^o..J.....^o..J.......^o..J...'x#.^o..J......^o..J....\.^o..J.......^o.

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):280
                                                                                                                      Entropy (8bit):4.132041621771752
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:FiWWltlApdeXKeQwFMYLAfJrAazlYBVP/Sh/JzvPWVcRVEVg3WWD5x1:o1ApdeaEqYsMazlYBVsJDu2ziy5
                                                                                                                      MD5:845CFA59D6B52BD2E8C24AC83A335C66
                                                                                                                      SHA1:6882BB1CE71EB14CEF73413EFC591ACF84C63C75
                                                                                                                      SHA-256:29645C274865D963D30413284B36CC13D7472E3CD2250152DEE468EC9DA3586F
                                                                                                                      SHA-512:8E0E7E8CCDC8340F68DB31F519E1006FA7B99593A0C1A2425571DAF71807FBBD4527A211030162C9CE9E0584C8C418B5346C2888BEDC43950BF651FD1D40575E
                                                                                                                      Malicious:false
                                                                                                                      Preview:sdPC......................X..<EE..r/y..."pZLhTaJ23hN5uQxwzu0K2CYes/dvJuE93VbIVV/LnRA="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................fdb35e9f-12f5-40d5-8d50-87a9333d43a4............

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\16a328b1-73d5-42d9-a26c-a0ab0bed68d6.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):7690
                                                                                                                      Entropy (8bit):5.0951793988497025
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:192:stNb+s4hCZihnkYsY8bV+FiA66WbNaFIMY3PLMJ:stNSs4hxhsbGix6WbNaTYc
                                                                                                                      MD5:C869CF2008A0DF4903243151C9F43D9F
                                                                                                                      SHA1:53EDC2EF56E0D3D4C561743E2950B6EFF73127E7
                                                                                                                      SHA-256:E7D6A4D572F73EB9CC040D45068C964F325165F7D1EA75FCF933C119C830AC26
                                                                                                                      SHA-512:E86A99D157785BA6160F7E37D9A1679BDA1C004B735A908E42F8DE6ABB97F7B240BD2AE6D9FA78D272F9DA66306E77923F2B226964F35157F2717AA4F5641A7E
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374239108443929","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13374239108433884"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_enterprise_data":false,"sitelist_location":"","sitelist_source":0,"sitelist_version":""},"edge":{

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\1bfa29c4-782e-48b6-b7e1-608c2fdb9610.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):30210
                                                                                                                      Entropy (8bit):5.5650658497512175
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:auKbyw7pLGLpcdWPQ2f2E8F1+UoAYDCx9Tuqh0VfUC9xbog/OV0cCEX+arwDNprG:auKby8cpcdWPQ2f2Eu1ja5cCg+fDXt0
                                                                                                                      MD5:2FC5AA804A5A66856FCB58E61E2F19F0
                                                                                                                      SHA1:63B852F0E84BC61B050FE67C3DBADE49D76ED29C
                                                                                                                      SHA-256:BF2C1491C7D0D1B17F9A21E6A3744B892DA04CFE094F6C5AEE7998854DF36A5E
                                                                                                                      SHA-512:BFE765927C701409D9C3A09CA1EB9C6F08855DAE92C93DFE1ECCB54A8E1E5CB4D77C8D71C52503FAF0F6D899282C8FE0F0CCE5F636D0DB439F7D0D82A04373A2
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13374239108039347","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13374239108039347","location":5,"ma

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\376e365d-86ab-40dc-9270-0a406bb40ba9.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:very short file (no magic)
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1
                                                                                                                      Entropy (8bit):0.0
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:L:L
                                                                                                                      MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                      SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                      SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                      SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                      Malicious:false
                                                                                                                      Preview:.

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\50d3b331-0ac4-4811-a39e-cd3e0170345f.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):8448
                                                                                                                      Entropy (8bit):5.212313097573603
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:192:stNb+s4hCZihdYZEkYsY8bV+FiA66WczlaFIMY3PLMJ:stNSs4hxhdYZhbGix6WczlaTYc
                                                                                                                      MD5:5EFC605148AEF020DC6D65DD6B303A23
                                                                                                                      SHA1:15D3D452E0E4746854761340000030E92DA92161
                                                                                                                      SHA-256:4B0638CEA31A465CA79C0BBA000425E6019E97E9008D678955709DB39FFF7680
                                                                                                                      SHA-512:2C0E231AB8FC12254F00630081A594D34E0B2005246E8A009138ABE5532996E5E85902E7185BCDE2ED45C6746ED2AF70846527B75B085F988B27980125D6371B
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374239108443929","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13374239108433884"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_enterprise_data":false,"sitelist_location":"","sitelist_source":0,"sitelist_version":""},"edge":{

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\807e27bf-640c-4ff0-8b8e-e53c34ac083d.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):28366
                                                                                                                      Entropy (8bit):5.557219084963889
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:auKbyw7pLGLpcdWPQ2fpE8F1+UoAYDCx9Tuqh0VfUC9xbog/OV1EX+arwD3prtuZ:auKby8cpcdWPQ2fpEu1ja8g+fDptm
                                                                                                                      MD5:D3378A029CFBAD5481B8DCA367CAC5DA
                                                                                                                      SHA1:C8588CEF6923B1B1F3EB29EDE22E3AB2ADE20487
                                                                                                                      SHA-256:CD8F8A059DDD8E933D5ACA21F4987871F275E87CF84567871A04434339FCC89E
                                                                                                                      SHA-512:1AD6134DEF5446759A7D0E9EF52D0064035027F8B8D587EF605431D7F37AE63C970D27A967A47C3C498EC8C331BB183BA260335703CBB1EE816BF9EFEF2A76AE
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13374239108039347","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13374239108039347","location":5,"ma

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\89907110-f0e6-4c85-a5fd-3e7bb8cca7b7.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:very short file (no magic)
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1
                                                                                                                      Entropy (8bit):0.0
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:L:L
                                                                                                                      MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                      SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                      SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                      SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                      Malicious:false
                                                                                                                      Preview:.

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\9b36828c-7942-4c46-8c7c-92e2fcfbbc56.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):8283
                                                                                                                      Entropy (8bit):5.215450126233261
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:192:stNb+s4hCZihdYZEkYsY8bV+FiA66WcNaFIMY3PLMJ:stNSs4hxhdYZhbGix6WcNaTYc
                                                                                                                      MD5:CEE9FCD745FBB833100A1E4343C8C547
                                                                                                                      SHA1:EB5C4BFA82DCA14C465ED0A816F2504338D96A9B
                                                                                                                      SHA-256:F299EA2B2107889DD5E74F0E4D9B12ED24CF448E0467D409E3623664D7128002
                                                                                                                      SHA-512:DA39F79990559C5AB1DFB5591DACCA05626F88F26D79F4B271C51D1EE3E4715E277CB4D49B2E652DF18E3C39E2378E2AFB091F8EF250FAC398E63C78C3C918A8
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374239108443929","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13374239108433884"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_enterprise_data":false,"sitelist_location":"","sitelist_source":0,"sitelist_version":""},"edge":{

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:modified
                                                                                                                      Size (bytes):480588
                                                                                                                      Entropy (8bit):5.393533692884095
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3072:v+477TZyhJOGiMlbOFbXG/KFd2X13p8S15tndAYDI11csxJ:v+4zZoOG1eLG/KKp8cdAYDI11csz
                                                                                                                      MD5:F7E71DE71BFE4796B5037F9E9A67A482
                                                                                                                      SHA1:068C7FA2D673111064943436610F14DBF4459F3B
                                                                                                                      SHA-256:EA56065E3CA2A13AF0AA0781B057099A0D339240E18B8E41AF166A8B6DE7C430
                                                                                                                      SHA-512:E9D6A8AE841DC51E8E0DBD9AC5AC143251D9DAB49467696307BE7673310651159566A388F11D6A0F5B948DC93231439979C95A98276A5299C3107A43B65DCC1B
                                                                                                                      Malicious:false
                                                                                                                      Preview:...m.................DB_VERSION.1.l.i.................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13340900604462938.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{. "configVersion": 32,. "PrivilegedExperiences": [. "ShorelinePrivilegedExperienceID",. "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",. "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",. "SHOPPING_AUTO_SHOW_BING_SEARCH",. "SHOPPING_AUTO_SHOW_REBATES",. "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",. "SHOPPING_AUTO_SHOW_REBATES_DEACTI

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):336
                                                                                                                      Entropy (8bit):5.128704803312279
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+o2pQ+q2P923oH+Tcwt9Eh1tIFUt8toShSgZmw+touDQVkwO923oH+Tcwt9Eh15d:lx+v4Yeb9Eh16FUt8+ShX/++JV5LYebY
                                                                                                                      MD5:1433909B4B2DD132FBCC6C2AE12C301E
                                                                                                                      SHA1:50532644E179C69C80828B20F6B33EB22CEEBA16
                                                                                                                      SHA-256:894AE9D8ABA36E4335F8C6BEE9B3B9E80A06BD05C6835EA29E62154B85A23231
                                                                                                                      SHA-512:806A596D2930694617EC29E053FABF6262A5557D81EAA04CC446A2D6B511B08F4D4B61F11544E079A51C984725F9087616485544358BB6C57E074412FCA484D9
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:12.309 21dc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/10/24-06:25:12.348 21dc Recovering log #3.2024/10/24-06:25:12.389 21dc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):336
                                                                                                                      Entropy (8bit):5.128704803312279
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+o2pQ+q2P923oH+Tcwt9Eh1tIFUt8toShSgZmw+touDQVkwO923oH+Tcwt9Eh15d:lx+v4Yeb9Eh16FUt8+ShX/++JV5LYebY
                                                                                                                      MD5:1433909B4B2DD132FBCC6C2AE12C301E
                                                                                                                      SHA1:50532644E179C69C80828B20F6B33EB22CEEBA16
                                                                                                                      SHA-256:894AE9D8ABA36E4335F8C6BEE9B3B9E80A06BD05C6835EA29E62154B85A23231
                                                                                                                      SHA-512:806A596D2930694617EC29E053FABF6262A5557D81EAA04CC446A2D6B511B08F4D4B61F11544E079A51C984725F9087616485544358BB6C57E074412FCA484D9
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:12.309 21dc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/10/24-06:25:12.348 21dc Recovering log #3.2024/10/24-06:25:12.389 21dc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):348
                                                                                                                      Entropy (8bit):5.176787836318405
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+o3/MM+q2P923oH+TcwtnG2tMsIFUt8to3/ZZmw+towMVkwO923oH+TcwtnG2tM2:l3/N+v4Yebn9GFUt8+3/Z/++5V5LYebB
                                                                                                                      MD5:70BA242423E3424C2AC98425D0D58D65
                                                                                                                      SHA1:7FFCA0C9D0C594DF277A6B7E2C1ABC46C128CD8E
                                                                                                                      SHA-256:EDDE598D10AF410CD3F86078355F33F1D394688B8AE6D7D84767C18EBE6BBF16
                                                                                                                      SHA-512:41EA51123DEC66C36142E424AF2F8E6D92E87B2B4CFBA758005305A3CC5E6CF784D4AD21470633B796652C34951D952C3045EFC0226AC69CEF594E23D23B10F4
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.039 1fac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/10/24-06:25:08.039 1fac Recovering log #3.2024/10/24-06:25:08.040 1fac Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):348
                                                                                                                      Entropy (8bit):5.176787836318405
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+o3/MM+q2P923oH+TcwtnG2tMsIFUt8to3/ZZmw+towMVkwO923oH+TcwtnG2tM2:l3/N+v4Yebn9GFUt8+3/Z/++5V5LYebB
                                                                                                                      MD5:70BA242423E3424C2AC98425D0D58D65
                                                                                                                      SHA1:7FFCA0C9D0C594DF277A6B7E2C1ABC46C128CD8E
                                                                                                                      SHA-256:EDDE598D10AF410CD3F86078355F33F1D394688B8AE6D7D84767C18EBE6BBF16
                                                                                                                      SHA-512:41EA51123DEC66C36142E424AF2F8E6D92E87B2B4CFBA758005305A3CC5E6CF784D4AD21470633B796652C34951D952C3045EFC0226AC69CEF594E23D23B10F4
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.039 1fac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/10/24-06:25:08.039 1fac Recovering log #3.2024/10/24-06:25:08.040 1fac Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):418
                                                                                                                      Entropy (8bit):1.8784775129881184
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                      MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                      SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                      SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                      SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                      Malicious:false
                                                                                                                      Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):324
                                                                                                                      Entropy (8bit):5.116058739323152
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+oVDdMM+q2P923oH+Tcwt8aPrqIFUt8toVDdZZmw+toVDdMMVkwO923oH+Tcwt8h:lVL+v4YebL3FUt8+V7/++VLV5LYebQJ
                                                                                                                      MD5:38A66D37BC0C9D47DA620AB8C5FDD40B
                                                                                                                      SHA1:8C008EE1A20AA07EE8009C137155DE42CA25DDE1
                                                                                                                      SHA-256:D6F371E77028FEC6468DB9ED56B862BEDA8AD93FA6264771FE6F755139BCAF25
                                                                                                                      SHA-512:9C55FA92CEAA90AC9F131956DDAE533D42D13435168598D80F17258F51CA65C895BC5FAE5059D02F115C9C53DBACC388273987FB00C0C434A6B73DDD747AB80A
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.044 1fac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/10/24-06:25:08.044 1fac Recovering log #3.2024/10/24-06:25:08.044 1fac Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):324
                                                                                                                      Entropy (8bit):5.116058739323152
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+oVDdMM+q2P923oH+Tcwt8aPrqIFUt8toVDdZZmw+toVDdMMVkwO923oH+Tcwt8h:lVL+v4YebL3FUt8+V7/++VLV5LYebQJ
                                                                                                                      MD5:38A66D37BC0C9D47DA620AB8C5FDD40B
                                                                                                                      SHA1:8C008EE1A20AA07EE8009C137155DE42CA25DDE1
                                                                                                                      SHA-256:D6F371E77028FEC6468DB9ED56B862BEDA8AD93FA6264771FE6F755139BCAF25
                                                                                                                      SHA-512:9C55FA92CEAA90AC9F131956DDAE533D42D13435168598D80F17258F51CA65C895BC5FAE5059D02F115C9C53DBACC388273987FB00C0C434A6B73DDD747AB80A
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.044 1fac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/10/24-06:25:08.044 1fac Recovering log #3.2024/10/24-06:25:08.044 1fac Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):418
                                                                                                                      Entropy (8bit):1.8784775129881184
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                      MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                      SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                      SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                      SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                      Malicious:false
                                                                                                                      Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):328
                                                                                                                      Entropy (8bit):5.17831468113077
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+oKMdMM+q2P923oH+Tcwt865IFUt8toKMdZZmw+toQ+qMVkwO923oH+Tcwt86+Ud:lKUN+v4Yeb/WFUt8+KUZ/++QqV5LYebD
                                                                                                                      MD5:F67EFFCE49A15AC4D0E6AD9604000C1F
                                                                                                                      SHA1:98CA4EE5264891CECE368E7503B12E2053975615
                                                                                                                      SHA-256:6393A6F48B714B79DB62096196307156F0CFD4BBE51EBEE1EED632A2388952EF
                                                                                                                      SHA-512:2EB9A3FA51C318594E59775F397E605CC21D1033182EA1269F705539D127B8F5FA058D72E657C5B891540170C031E776475A816273BC15835AC6B86A14CD1FFA
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.169 1fac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/10/24-06:25:08.169 1fac Recovering log #3.2024/10/24-06:25:08.170 1fac Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):328
                                                                                                                      Entropy (8bit):5.17831468113077
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+oKMdMM+q2P923oH+Tcwt865IFUt8toKMdZZmw+toQ+qMVkwO923oH+Tcwt86+Ud:lKUN+v4Yeb/WFUt8+KUZ/++QqV5LYebD
                                                                                                                      MD5:F67EFFCE49A15AC4D0E6AD9604000C1F
                                                                                                                      SHA1:98CA4EE5264891CECE368E7503B12E2053975615
                                                                                                                      SHA-256:6393A6F48B714B79DB62096196307156F0CFD4BBE51EBEE1EED632A2388952EF
                                                                                                                      SHA-512:2EB9A3FA51C318594E59775F397E605CC21D1033182EA1269F705539D127B8F5FA058D72E657C5B891540170C031E776475A816273BC15835AC6B86A14CD1FFA
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.169 1fac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/10/24-06:25:08.169 1fac Recovering log #3.2024/10/24-06:25:08.170 1fac Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1254
                                                                                                                      Entropy (8bit):1.8784775129881184
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWA:
                                                                                                                      MD5:826B4C0003ABB7604485322423C5212A
                                                                                                                      SHA1:6B8EF07391CD0301C58BB06E8DEDCA502D59BCB4
                                                                                                                      SHA-256:C56783C3A6F28D9F7043D2FB31B8A956369F25E6CE6441EB7C03480334341A63
                                                                                                                      SHA-512:0474165157921EA84062102743EE5A6AFE500F1F87DE2E87DBFE36C32CFE2636A0AE43D8946342740A843D5C2502EA4932623C609B930FE8511FE7356D4BAA9C
                                                                                                                      Malicious:false
                                                                                                                      Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):324
                                                                                                                      Entropy (8bit):5.126872821343263
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+o8k4q2P923oH+Tcwt8NIFUt8to8kJZmw+to8kDkwO923oH+Tcwt8+eLJ:lF4v4YebpFUt8+FJ/++FD5LYebqJ
                                                                                                                      MD5:E1278EFC91FAD8F694982699433A0BF3
                                                                                                                      SHA1:050EFCB0EBD4000E03682BE7778F36851A788530
                                                                                                                      SHA-256:280D87F3297987FDEC4A9D7598785D6E33721A85425C258A54B5B2B3639B0E82
                                                                                                                      SHA-512:57F25A0937ED5F305A2B252710125FB7D33167A550785DC3F2462ABF2ADF7990E7FD02BA7B87F61B3CC8F5ADDCCB8C25327047616FDCD84CEF822B817A42B50B
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.512 1f60 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/10/24-06:25:08.512 1f60 Recovering log #3.2024/10/24-06:25:08.512 1f60 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):324
                                                                                                                      Entropy (8bit):5.126872821343263
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+o8k4q2P923oH+Tcwt8NIFUt8to8kJZmw+to8kDkwO923oH+Tcwt8+eLJ:lF4v4YebpFUt8+FJ/++FD5LYebqJ
                                                                                                                      MD5:E1278EFC91FAD8F694982699433A0BF3
                                                                                                                      SHA1:050EFCB0EBD4000E03682BE7778F36851A788530
                                                                                                                      SHA-256:280D87F3297987FDEC4A9D7598785D6E33721A85425C258A54B5B2B3639B0E82
                                                                                                                      SHA-512:57F25A0937ED5F305A2B252710125FB7D33167A550785DC3F2462ABF2ADF7990E7FD02BA7B87F61B3CC8F5ADDCCB8C25327047616FDCD84CEF822B817A42B50B
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.512 1f60 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/10/24-06:25:08.512 1f60 Recovering log #3.2024/10/24-06:25:08.512 1f60 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):429
                                                                                                                      Entropy (8bit):5.809210454117189
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:Y8U0vEjrAWT0VAUD9lpMXO4SrqiweVHUSENjrAWT0HQQ9/LZyVMQ3xqiweVHlrSQ:Y8U5j0pqCjJA7tNj0pHx/LZ4hcdQ
                                                                                                                      MD5:5D1D9020CCEFD76CA661902E0C229087
                                                                                                                      SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                                                                                                                      SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                                                                                                                      SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):8720
                                                                                                                      Entropy (8bit):0.21810997314429553
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:AtFlljq7A/mhWJFuQ3yy7IOWUQWdweytllrE9SFcTp4AGbNCV9RUI/n:z75fOaWd0Xi99pEYtn
                                                                                                                      MD5:9D4FA0F2675929ED44E4C8762C5D9231
                                                                                                                      SHA1:0FB3A07827694B2B8C088D531C1E46992E08C795
                                                                                                                      SHA-256:99D9FA8B6F617CE12106B1378A3C8781364B2F6A3726945AB1C56F97FCE0EB48
                                                                                                                      SHA-512:EF1D8D8CD33B06C443EBDAF800B08D6BCEEC24B66CF656E99BE0E85A43157654ABE01BD01D3DC0F03823BB70F6441492BADA885503D663EA2097C24DDAEFA156
                                                                                                                      Malicious:false
                                                                                                                      Preview:.............a:....&....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):408
                                                                                                                      Entropy (8bit):5.2373583969293795
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:li4v4Yeb8rcHEZrELFUt8+VHJ/++VHD5LYeb8rcHEZrEZSJ:j4Yeb8nZrExg8cLYeb8nZrEZe
                                                                                                                      MD5:37DEA52F50A0E581A9D1B52FAAF0B063
                                                                                                                      SHA1:22BF7BEE353899FF6983D40B789E8599835C2CC8
                                                                                                                      SHA-256:65CD4899F6B398771F2131BBDAC31C41E08B12EFA0D1FB4915EE2046C4AC3ADA
                                                                                                                      SHA-512:DECAD3A476C0F175C9CED74398C6717AE577DBDB1C3764CE6B29ACF8FFE68DE8E613F5DA06E23CB6D15C57E9F0A427937AB4D0DCC3215AAF8233B1CB43218E92
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:10.266 1f60 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/10/24-06:25:10.267 1f60 Recovering log #3.2024/10/24-06:25:10.267 1f60 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):408
                                                                                                                      Entropy (8bit):5.2373583969293795
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:li4v4Yeb8rcHEZrELFUt8+VHJ/++VHD5LYeb8rcHEZrEZSJ:j4Yeb8nZrExg8cLYeb8nZrEZe
                                                                                                                      MD5:37DEA52F50A0E581A9D1B52FAAF0B063
                                                                                                                      SHA1:22BF7BEE353899FF6983D40B789E8599835C2CC8
                                                                                                                      SHA-256:65CD4899F6B398771F2131BBDAC31C41E08B12EFA0D1FB4915EE2046C4AC3ADA
                                                                                                                      SHA-512:DECAD3A476C0F175C9CED74398C6717AE577DBDB1C3764CE6B29ACF8FFE68DE8E613F5DA06E23CB6D15C57E9F0A427937AB4D0DCC3215AAF8233B1CB43218E92
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:10.266 1f60 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/10/24-06:25:10.267 1f60 Recovering log #3.2024/10/24-06:25:10.267 1f60 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):336
                                                                                                                      Entropy (8bit):5.165049856605991
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+otuAHN+q2P923oH+Tcwt8a2jMGIFUt8toTZmw+toVVkwO923oH+Tcwt8a2jMmLJ:lkAov4Yeb8EFUt8+T/++b5LYeb8bJ
                                                                                                                      MD5:A726D6E7DB09651FD14AFA1B5FAC8379
                                                                                                                      SHA1:8BECCDA2E81FFAA7C84795EA74E63F17E053F228
                                                                                                                      SHA-256:C83F2D356D6A3C596C8AF3C41B482A1103D6E0E48097B198DCBCD50C7B005EB4
                                                                                                                      SHA-512:E2C7F46F42B4F842C081E67E63F44D737ECC700ED9147548CF5548F48FB799C0B633DE23E715CA95B796F8228D93C1FF28EC0F40D476E43EA6F46E7374C5253F
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.639 19e8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/10/24-06:25:08.640 19e8 Recovering log #3.2024/10/24-06:25:08.642 19e8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):336
                                                                                                                      Entropy (8bit):5.165049856605991
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+otuAHN+q2P923oH+Tcwt8a2jMGIFUt8toTZmw+toVVkwO923oH+Tcwt8a2jMmLJ:lkAov4Yeb8EFUt8+T/++b5LYeb8bJ
                                                                                                                      MD5:A726D6E7DB09651FD14AFA1B5FAC8379
                                                                                                                      SHA1:8BECCDA2E81FFAA7C84795EA74E63F17E053F228
                                                                                                                      SHA-256:C83F2D356D6A3C596C8AF3C41B482A1103D6E0E48097B198DCBCD50C7B005EB4
                                                                                                                      SHA-512:E2C7F46F42B4F842C081E67E63F44D737ECC700ED9147548CF5548F48FB799C0B633DE23E715CA95B796F8228D93C1FF28EC0F40D476E43EA6F46E7374C5253F
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.639 19e8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/10/24-06:25:08.640 19e8 Recovering log #3.2024/10/24-06:25:08.642 19e8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\0a0a45db-a533-4f7b-99f5-62a9119585dc.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2
                                                                                                                      Entropy (8bit):1.0
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:H:H
                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                      Malicious:false
                                                                                                                      Preview:[]

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\493babe9-6de0-4f82-932b-fae61b278d46.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2
                                                                                                                      Entropy (8bit):1.0
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:H:H
                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                      Malicious:false
                                                                                                                      Preview:[]

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\739a4fad-38e8-4a4f-bcdf-f4d549382e2c.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):40
                                                                                                                      Entropy (8bit):4.1275671571169275
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                      MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                      SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                      SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                      SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\80f0fec4-a256-4ee8-9764-af54e789a112.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2
                                                                                                                      Entropy (8bit):1.0
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:H:H
                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                      Malicious:false
                                                                                                                      Preview:[]

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1419
                                                                                                                      Entropy (8bit):5.336110615415376
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:YXsJZVMdmRdsBjZFRudFGRw6ma3yeesRds1yZFGJ/I3w6C1E6maPsQYhbxP7np+:YXs/tsbfc7leeEscgCgakhYhbx9+
                                                                                                                      MD5:7D870539B6C4EE40FA5CFD87A3D4BFEC
                                                                                                                      SHA1:F45BE07A3A05615856688219AFE6713EBABBAC2C
                                                                                                                      SHA-256:73513F7A38830E47624257EF04A4F73BF174FD1FEBAC172AA416BF6470930F90
                                                                                                                      SHA-512:90EABCE74F8CBB5FF1F96566E1293887BB3DB36C9E32F6C619D1EC7C9AAE504221CDEC2DD1468915A0A06A65E472C5446731838C89E665EBD9FA114F12261327
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492604479295","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492605127283","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492606741506","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"anonymizatio

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF44ff1.TMP (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1419
                                                                                                                      Entropy (8bit):5.336110615415376
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:YXsJZVMdmRdsBjZFRudFGRw6ma3yeesRds1yZFGJ/I3w6C1E6maPsQYhbxP7np+:YXs/tsbfc7leeEscgCgakhYhbx9+
                                                                                                                      MD5:7D870539B6C4EE40FA5CFD87A3D4BFEC
                                                                                                                      SHA1:F45BE07A3A05615856688219AFE6713EBABBAC2C
                                                                                                                      SHA-256:73513F7A38830E47624257EF04A4F73BF174FD1FEBAC172AA416BF6470930F90
                                                                                                                      SHA-512:90EABCE74F8CBB5FF1F96566E1293887BB3DB36C9E32F6C619D1EC7C9AAE504221CDEC2DD1468915A0A06A65E472C5446731838C89E665EBD9FA114F12261327
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492604479295","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492605127283","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492606741506","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"anonymizatio

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2
                                                                                                                      Entropy (8bit):1.0
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:H:H
                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                      Malicious:false
                                                                                                                      Preview:[]

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF33edf.TMP (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2
                                                                                                                      Entropy (8bit):1.0
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:H:H
                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                      Malicious:false
                                                                                                                      Preview:[]

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF34845.TMP (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2
                                                                                                                      Entropy (8bit):1.0
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:H:H
                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                      Malicious:false
                                                                                                                      Preview:[]

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):40
                                                                                                                      Entropy (8bit):4.1275671571169275
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                      MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                      SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                      SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                      SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\ad01b382-c09e-4199-b5ca-ce545204d3e2.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:modified
                                                                                                                      Size (bytes):1419
                                                                                                                      Entropy (8bit):5.335382811021307
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:YcFGJ/I3w6C1VdsONyZVMdmRdsJbZFRudFGRRdsxKZ6ma3yeesw6maPsQYhbxP7c:YcgCgRsOEtsJVfcKsxuleeBkhYhbx9+
                                                                                                                      MD5:9007D398C739CAAB3CF9B2DABECE4DE5
                                                                                                                      SHA1:EB99DD6A75C538A75C53B8F705139C2A771B7692
                                                                                                                      SHA-256:8FE7E167DF04BD48C49EBFE022F8AFA00C4466E5E8CF5E3D2FEBD9199EB0C869
                                                                                                                      SHA-512:93BC94DD409648C4AB1417BF4F1AAE23EFA710DA38C147853516CB047DBAE3E894C3E4C3BC8D0AC830612BFD8924EBC93803D8736D12568CEF7E825AE626D0AD
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL2F6dXJlZWRnZS5uZXQAAAA=",false],"server":"https://edgeassetservice.azureedge.net","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13376831110881316","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13376831112183379","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13374332731562387","port":443,"protocol_str":"quic"}],"anonymization":["HAAAABUAAABodHRwc

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\c1a9dd93-23a1-4e5b-ad6c-e84ac4f2a7d5.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1419
                                                                                                                      Entropy (8bit):5.336110615415376
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:YXsJZVMdmRdsBjZFRudFGRw6ma3yeesRds1yZFGJ/I3w6C1E6maPsQYhbxP7np+:YXs/tsbfc7leeEscgCgakhYhbx9+
                                                                                                                      MD5:7D870539B6C4EE40FA5CFD87A3D4BFEC
                                                                                                                      SHA1:F45BE07A3A05615856688219AFE6713EBABBAC2C
                                                                                                                      SHA-256:73513F7A38830E47624257EF04A4F73BF174FD1FEBAC172AA416BF6470930F90
                                                                                                                      SHA-512:90EABCE74F8CBB5FF1F96566E1293887BB3DB36C9E32F6C619D1EC7C9AAE504221CDEC2DD1468915A0A06A65E472C5446731838C89E665EBD9FA114F12261327
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492604479295","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492605127283","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492606741506","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"anonymizatio

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):7690
                                                                                                                      Entropy (8bit):5.0951793988497025
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:192:stNb+s4hCZihnkYsY8bV+FiA66WbNaFIMY3PLMJ:stNSs4hxhsbGix6WbNaTYc
                                                                                                                      MD5:C869CF2008A0DF4903243151C9F43D9F
                                                                                                                      SHA1:53EDC2EF56E0D3D4C561743E2950B6EFF73127E7
                                                                                                                      SHA-256:E7D6A4D572F73EB9CC040D45068C964F325165F7D1EA75FCF933C119C830AC26
                                                                                                                      SHA-512:E86A99D157785BA6160F7E37D9A1679BDA1C004B735A908E42F8DE6ABB97F7B240BD2AE6D9FA78D272F9DA66306E77923F2B226964F35157F2717AA4F5641A7E
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374239108443929","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13374239108433884"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_enterprise_data":false,"sitelist_location":"","sitelist_source":0,"sitelist_version":""},"edge":{

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3b632.TMP (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):7690
                                                                                                                      Entropy (8bit):5.0951793988497025
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:192:stNb+s4hCZihnkYsY8bV+FiA66WbNaFIMY3PLMJ:stNSs4hxhsbGix6WbNaTYc
                                                                                                                      MD5:C869CF2008A0DF4903243151C9F43D9F
                                                                                                                      SHA1:53EDC2EF56E0D3D4C561743E2950B6EFF73127E7
                                                                                                                      SHA-256:E7D6A4D572F73EB9CC040D45068C964F325165F7D1EA75FCF933C119C830AC26
                                                                                                                      SHA-512:E86A99D157785BA6160F7E37D9A1679BDA1C004B735A908E42F8DE6ABB97F7B240BD2AE6D9FA78D272F9DA66306E77923F2B226964F35157F2717AA4F5641A7E
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374239108443929","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13374239108433884"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_enterprise_data":false,"sitelist_location":"","sitelist_source":0,"sitelist_version":""},"edge":{

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3ddaf.TMP (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):7690
                                                                                                                      Entropy (8bit):5.0951793988497025
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:192:stNb+s4hCZihnkYsY8bV+FiA66WbNaFIMY3PLMJ:stNSs4hxhsbGix6WbNaTYc
                                                                                                                      MD5:C869CF2008A0DF4903243151C9F43D9F
                                                                                                                      SHA1:53EDC2EF56E0D3D4C561743E2950B6EFF73127E7
                                                                                                                      SHA-256:E7D6A4D572F73EB9CC040D45068C964F325165F7D1EA75FCF933C119C830AC26
                                                                                                                      SHA-512:E86A99D157785BA6160F7E37D9A1679BDA1C004B735A908E42F8DE6ABB97F7B240BD2AE6D9FA78D272F9DA66306E77923F2B226964F35157F2717AA4F5641A7E
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374239108443929","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13374239108433884"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_enterprise_data":false,"sitelist_location":"","sitelist_source":0,"sitelist_version":""},"edge":{

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF43ef9.TMP (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):7690
                                                                                                                      Entropy (8bit):5.0951793988497025
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:192:stNb+s4hCZihnkYsY8bV+FiA66WbNaFIMY3PLMJ:stNSs4hxhsbGix6WbNaTYc
                                                                                                                      MD5:C869CF2008A0DF4903243151C9F43D9F
                                                                                                                      SHA1:53EDC2EF56E0D3D4C561743E2950B6EFF73127E7
                                                                                                                      SHA-256:E7D6A4D572F73EB9CC040D45068C964F325165F7D1EA75FCF933C119C830AC26
                                                                                                                      SHA-512:E86A99D157785BA6160F7E37D9A1679BDA1C004B735A908E42F8DE6ABB97F7B240BD2AE6D9FA78D272F9DA66306E77923F2B226964F35157F2717AA4F5641A7E
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374239108443929","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13374239108433884"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_enterprise_data":false,"sitelist_location":"","sitelist_source":0,"sitelist_version":""},"edge":{

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):28366
                                                                                                                      Entropy (8bit):5.557219084963889
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:auKbyw7pLGLpcdWPQ2fpE8F1+UoAYDCx9Tuqh0VfUC9xbog/OV1EX+arwD3prtuZ:auKby8cpcdWPQ2fpEu1ja8g+fDptm
                                                                                                                      MD5:D3378A029CFBAD5481B8DCA367CAC5DA
                                                                                                                      SHA1:C8588CEF6923B1B1F3EB29EDE22E3AB2ADE20487
                                                                                                                      SHA-256:CD8F8A059DDD8E933D5ACA21F4987871F275E87CF84567871A04434339FCC89E
                                                                                                                      SHA-512:1AD6134DEF5446759A7D0E9EF52D0064035027F8B8D587EF605431D7F37AE63C970D27A967A47C3C498EC8C331BB183BA260335703CBB1EE816BF9EFEF2A76AE
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13374239108039347","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13374239108039347","location":5,"ma

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF39740.TMP (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):28366
                                                                                                                      Entropy (8bit):5.557219084963889
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:auKbyw7pLGLpcdWPQ2fpE8F1+UoAYDCx9Tuqh0VfUC9xbog/OV1EX+arwD3prtuZ:auKby8cpcdWPQ2fpEu1ja8g+fDptm
                                                                                                                      MD5:D3378A029CFBAD5481B8DCA367CAC5DA
                                                                                                                      SHA1:C8588CEF6923B1B1F3EB29EDE22E3AB2ADE20487
                                                                                                                      SHA-256:CD8F8A059DDD8E933D5ACA21F4987871F275E87CF84567871A04434339FCC89E
                                                                                                                      SHA-512:1AD6134DEF5446759A7D0E9EF52D0064035027F8B8D587EF605431D7F37AE63C970D27A967A47C3C498EC8C331BB183BA260335703CBB1EE816BF9EFEF2A76AE
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13374239108039347","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13374239108039347","location":5,"ma

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):194
                                                                                                                      Entropy (8bit):2.8096948641228403
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:S8ltHlS+QUl1ASEGhTFljljljljljljljl:S85aEFljljljljljljljl
                                                                                                                      MD5:D7D9437445AA960DCEA52FFE772822DC
                                                                                                                      SHA1:C2BBF4AC0732D905D998C4F645FD60F95A675D02
                                                                                                                      SHA-256:4FF49903BEC1197017A35995D5C5FC703CAF9D496467345D783F754B723D21C1
                                                                                                                      SHA-512:335EB1BA85670550ED1E1E4E14EA4B5D14F8306125BF147A42DE4DEF5E5F75F14C422B014414030CF30378C04F748AC875CF056ADDA196511A0B057B3598FE9A
                                                                                                                      Malicious:false
                                                                                                                      Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f...............

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):324
                                                                                                                      Entropy (8bit):5.151996279160569
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+oucqAt+q2P923oH+TcwtrQMxIFUt8touc4ZZmw+toucSVkwO923oH+TcwtrQMFd:luXv4YebCFUt8+uFZ/++ub5LYebtJ
                                                                                                                      MD5:5E5FBE4F9C45293FCCBA624BB7AAB34E
                                                                                                                      SHA1:D6166BB3B847FF791FC5F37A516FC22A1D8354E9
                                                                                                                      SHA-256:60A7BD298B10A68D67E7256D02EFAD4AA2A03E1F7B2325429D51A09096B9FFFE
                                                                                                                      SHA-512:2D9253AD0C29CC7D9B127476EF899D46B8603C0EA1516C863C2429396E3002AD92E7873248C77F11D98C1FFC01DC113940350DA6D21EA7FEFEF439E13E9F504B
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:24.895 19e8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/10/24-06:25:24.896 19e8 Recovering log #3.2024/10/24-06:25:24.898 19e8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):324
                                                                                                                      Entropy (8bit):5.151996279160569
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+oucqAt+q2P923oH+TcwtrQMxIFUt8touc4ZZmw+toucSVkwO923oH+TcwtrQMFd:luXv4YebCFUt8+uFZ/++ub5LYebtJ
                                                                                                                      MD5:5E5FBE4F9C45293FCCBA624BB7AAB34E
                                                                                                                      SHA1:D6166BB3B847FF791FC5F37A516FC22A1D8354E9
                                                                                                                      SHA-256:60A7BD298B10A68D67E7256D02EFAD4AA2A03E1F7B2325429D51A09096B9FFFE
                                                                                                                      SHA-512:2D9253AD0C29CC7D9B127476EF899D46B8603C0EA1516C863C2429396E3002AD92E7873248C77F11D98C1FFC01DC113940350DA6D21EA7FEFEF439E13E9F504B
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:24.895 19e8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/10/24-06:25:24.896 19e8 Recovering log #3.2024/10/24-06:25:24.898 19e8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):352
                                                                                                                      Entropy (8bit):5.130110382734068
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+o3Xq2P923oH+Tcwt7Uh2ghZIFUt8to7ZXZmw+to7ZFkwO923oH+Tcwt7Uh2gnLJ:l3Xv4YebIhHh2FUt8+7ZX/++7ZF5LYeQ
                                                                                                                      MD5:01D96A0AF5EE4ABB22870E0B9553E837
                                                                                                                      SHA1:36AD9C0923233FC39BDEAC0BE210ED6CF90E463A
                                                                                                                      SHA-256:64249A1F11F9B23EA81CAB94BF187527D14C4D8F058E539A7C42A4C8324F4D08
                                                                                                                      SHA-512:B5B1DAF48C20C5DDA52BAD8003CDD6CAEA97C295F29EB8B113F43C6E4ECDEE128D4B8F060A19F53F49B8D9CE0B91D37EC065A02E8D543A80AF9482B6F47C10A7
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.033 1f70 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/10/24-06:25:08.223 1f70 Recovering log #3.2024/10/24-06:25:08.223 1f70 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):352
                                                                                                                      Entropy (8bit):5.130110382734068
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+o3Xq2P923oH+Tcwt7Uh2ghZIFUt8to7ZXZmw+to7ZFkwO923oH+Tcwt7Uh2gnLJ:l3Xv4YebIhHh2FUt8+7ZX/++7ZF5LYeQ
                                                                                                                      MD5:01D96A0AF5EE4ABB22870E0B9553E837
                                                                                                                      SHA1:36AD9C0923233FC39BDEAC0BE210ED6CF90E463A
                                                                                                                      SHA-256:64249A1F11F9B23EA81CAB94BF187527D14C4D8F058E539A7C42A4C8324F4D08
                                                                                                                      SHA-512:B5B1DAF48C20C5DDA52BAD8003CDD6CAEA97C295F29EB8B113F43C6E4ECDEE128D4B8F060A19F53F49B8D9CE0B91D37EC065A02E8D543A80AF9482B6F47C10A7
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.033 1f70 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/10/24-06:25:08.223 1f70 Recovering log #3.2024/10/24-06:25:08.223 1f70 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):270336
                                                                                                                      Entropy (8bit):0.0012471779557650352
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                      MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                      SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                      SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                      SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                      Malicious:false
                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):270336
                                                                                                                      Entropy (8bit):0.0012471779557650352
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                      MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                      SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                      SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                      SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                      Malicious:false
                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):434
                                                                                                                      Entropy (8bit):5.240511612476645
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:lrrv4YebvqBQFUt8+rXI/++rQF05LYebvqBvJ:F4YebvZg8wULYebvk
                                                                                                                      MD5:895724EB51A19F4B2B9FAF4DF41D1416
                                                                                                                      SHA1:0546FFA8BF3697DBC7877E899D074681D2C0D401
                                                                                                                      SHA-256:DD7F1E4C0E25C639AC79C656B0CE5A9876C0A69C3B5182EE1954A74A8FE0F6E3
                                                                                                                      SHA-512:561E9A7124D8C99E690F2DEC29B092D23A88DB960A51CD4EA9E050B4F7B933C12711A654E58E56B8729C9CDA05D4FB84F465C88C8C1DDDBBE766DF8E57F4609B
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.650 19e8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/10/24-06:25:08.652 19e8 Recovering log #3.2024/10/24-06:25:08.655 19e8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):434
                                                                                                                      Entropy (8bit):5.240511612476645
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:lrrv4YebvqBQFUt8+rXI/++rQF05LYebvqBvJ:F4YebvZg8wULYebvk
                                                                                                                      MD5:895724EB51A19F4B2B9FAF4DF41D1416
                                                                                                                      SHA1:0546FFA8BF3697DBC7877E899D074681D2C0D401
                                                                                                                      SHA-256:DD7F1E4C0E25C639AC79C656B0CE5A9876C0A69C3B5182EE1954A74A8FE0F6E3
                                                                                                                      SHA-512:561E9A7124D8C99E690F2DEC29B092D23A88DB960A51CD4EA9E050B4F7B933C12711A654E58E56B8729C9CDA05D4FB84F465C88C8C1DDDBBE766DF8E57F4609B
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.650 19e8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/10/24-06:25:08.652 19e8 Recovering log #3.2024/10/24-06:25:08.655 19e8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):144
                                                                                                                      Entropy (8bit):4.842082263530856
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKqkomn1KKyRY:YHpoeS7PMVKJTnMRKXkh1KF+
                                                                                                                      MD5:ABE81C38891A875B52127ACE9C314105
                                                                                                                      SHA1:8EDEBDDAD493CF02D3986A664A4AD1C71CCEBB5F
                                                                                                                      SHA-256:6D398F9EB5969D487B57E1C3E1EDDE58660545A7CE404F6DA40C8738B56B6177
                                                                                                                      SHA-512:B90DC0E50262ECB05FE1989FA3797C51DF92C83BE94F28FE020994ED6F0E1365EB5B9A0ADA68FCFD46DADEDB6F08FA0E57FF91AA12ED88C3D9AE112FF74329F2
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G","CAYSABiAgICA+P////8B":"Offline"}}}

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2
                                                                                                                      Entropy (8bit):1.0
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:H:H
                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                      Malicious:false
                                                                                                                      Preview:[]

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF34845.TMP (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2
                                                                                                                      Entropy (8bit):1.0
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:H:H
                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                      Malicious:false
                                                                                                                      Preview:[]

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):40
                                                                                                                      Entropy (8bit):4.1275671571169275
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                      MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                      SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                      SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                      SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):36864
                                                                                                                      Entropy (8bit):0.3886039372934488
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:TLqEeWOT/kIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:T2EeWOT/nDtX5nDOvyKDhU1cSB
                                                                                                                      MD5:DEA619BA33775B1BAEEC7B32110CB3BD
                                                                                                                      SHA1:949B8246021D004B2E772742D34B2FC8863E1AAA
                                                                                                                      SHA-256:3669D76771207A121594B439280A67E3A6B1CBAE8CE67A42C8312D33BA18854B
                                                                                                                      SHA-512:7B9741E0339B30D73FACD4670A9898147BE62B8F063A59736AFDDC83D3F03B61349828F2AE88F682D42C177AE37E18349FD41654AEBA50DDF10CD6DC70FA5879
                                                                                                                      Malicious:false
                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j..........g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\c4be81e0-8b50-4388-8ad3-fc8dd33eb9e4.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):144
                                                                                                                      Entropy (8bit):4.842082263530856
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKqkomn1KKyRY:YHpoeS7PMVKJTnMRKXkh1KF+
                                                                                                                      MD5:ABE81C38891A875B52127ACE9C314105
                                                                                                                      SHA1:8EDEBDDAD493CF02D3986A664A4AD1C71CCEBB5F
                                                                                                                      SHA-256:6D398F9EB5969D487B57E1C3E1EDDE58660545A7CE404F6DA40C8738B56B6177
                                                                                                                      SHA-512:B90DC0E50262ECB05FE1989FA3797C51DF92C83BE94F28FE020994ED6F0E1365EB5B9A0ADA68FCFD46DADEDB6F08FA0E57FF91AA12ED88C3D9AE112FF74329F2
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G","CAYSABiAgICA+P////8B":"Offline"}}}

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\cb7e2ba7-de6c-4ee1-9f5d-6d4a49f9cb20.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2
                                                                                                                      Entropy (8bit):1.0
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:H:H
                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                      Malicious:false
                                                                                                                      Preview:[]

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\f2606958-bc46-4dcd-b5a3-8c9e36c62348.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):40
                                                                                                                      Entropy (8bit):4.1275671571169275
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                      MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                      SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                      SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                      SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\ff47707f-b9f2-4f9d-9dfe-588e19a17257.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2
                                                                                                                      Entropy (8bit):1.0
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:H:H
                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                      Malicious:false
                                                                                                                      Preview:[]

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):80
                                                                                                                      Entropy (8bit):3.4921535629071894
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:S8ltHlS+QUl1ASEGhTFljl:S85aEFljl
                                                                                                                      MD5:69449520FD9C139C534E2970342C6BD8
                                                                                                                      SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                                                                                                                      SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                                                                                                                      SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                                                                                                                      Malicious:false
                                                                                                                      Preview:*...#................version.1..namespace-..&f.................&f...............

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):422
                                                                                                                      Entropy (8bit):5.230189529352589
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+oqU+q2P923oH+TcwtzjqEKj0QMxIFUt8toKZmw+to+bVkwO923oH+TcwtzjqEKG:lUv4YebvqBZFUt8+K/+++B5LYebvqBaJ
                                                                                                                      MD5:5D0B14766D55745D18D76172360ADE4F
                                                                                                                      SHA1:A08E7561FF1EBDF8D0DD1ACC5155B88FDD0691E7
                                                                                                                      SHA-256:7DF35CC05AE4C4107221CD565C5F0AAA00E81927B143A1CC9B9F26D1783B5A1B
                                                                                                                      SHA-512:79D5B739BE007CA0623E4FE2119F8F5AA1E426C0B3ABBF8E5ED9E98DD0B167FAF6E9B5BE2EE8053BF0E85B048EC18899A512C4D763516050EAD50413B0698380
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:25.102 19e8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/10/24-06:25:25.103 19e8 Recovering log #3.2024/10/24-06:25:25.105 19e8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):422
                                                                                                                      Entropy (8bit):5.230189529352589
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+oqU+q2P923oH+TcwtzjqEKj0QMxIFUt8toKZmw+to+bVkwO923oH+TcwtzjqEKG:lUv4YebvqBZFUt8+K/+++B5LYebvqBaJ
                                                                                                                      MD5:5D0B14766D55745D18D76172360ADE4F
                                                                                                                      SHA1:A08E7561FF1EBDF8D0DD1ACC5155B88FDD0691E7
                                                                                                                      SHA-256:7DF35CC05AE4C4107221CD565C5F0AAA00E81927B143A1CC9B9F26D1783B5A1B
                                                                                                                      SHA-512:79D5B739BE007CA0623E4FE2119F8F5AA1E426C0B3ABBF8E5ED9E98DD0B167FAF6E9B5BE2EE8053BF0E85B048EC18899A512C4D763516050EAD50413B0698380
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:25.102 19e8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/10/24-06:25:25.103 19e8 Recovering log #3.2024/10/24-06:25:25.105 19e8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):328
                                                                                                                      Entropy (8bit):5.194923433452953
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+o/+q2P923oH+TcwtpIFUt8to/Zmw+toDVkwO923oH+Tcwta/WLJ:lGv4YebmFUt8+//++J5LYebaUJ
                                                                                                                      MD5:5BD2AECE0A7F945C15C94C8227B50960
                                                                                                                      SHA1:8FB2C06B8D67B3D8BC19FA363756D528F70587C8
                                                                                                                      SHA-256:DA9C48563A009E02AB8648B314644BC07631512D438F28C68BE55B7941329466
                                                                                                                      SHA-512:079DA3E1B3B3F022A9F637FBAD34598DE1B159C54E1375A44ED211DD313AC539E76053B9EF8B571BF54B9AD4F15C38F00587E432FA5A15E1712A7B28A156C1D9
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.159 1fa8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/10/24-06:25:08.159 1fa8 Recovering log #3.2024/10/24-06:25:08.160 1fa8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):328
                                                                                                                      Entropy (8bit):5.194923433452953
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+o/+q2P923oH+TcwtpIFUt8to/Zmw+toDVkwO923oH+Tcwta/WLJ:lGv4YebmFUt8+//++J5LYebaUJ
                                                                                                                      MD5:5BD2AECE0A7F945C15C94C8227B50960
                                                                                                                      SHA1:8FB2C06B8D67B3D8BC19FA363756D528F70587C8
                                                                                                                      SHA-256:DA9C48563A009E02AB8648B314644BC07631512D438F28C68BE55B7941329466
                                                                                                                      SHA-512:079DA3E1B3B3F022A9F637FBAD34598DE1B159C54E1375A44ED211DD313AC539E76053B9EF8B571BF54B9AD4F15C38F00587E432FA5A15E1712A7B28A156C1D9
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.159 1fa8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/10/24-06:25:08.159 1fa8 Recovering log #3.2024/10/24-06:25:08.160 1fa8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 9, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 9
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):196608
                                                                                                                      Entropy (8bit):1.1220971847498096
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:384:KdM2qOB1nxCkjSAELyKOMq+8yC8F/YfU5m+OlT:Kvq+n049ELyKOMq+8y9/Ow
                                                                                                                      MD5:28F5DAB9AD9881750A83771B3B8564B9
                                                                                                                      SHA1:C6EE9E25F84A49CE428A4C5A86C2B192EDC3260D
                                                                                                                      SHA-256:CC90EE1C051CBCE548DCED9B21D640913C5ACF6034ECAA8D961E3DFE4FD80362
                                                                                                                      SHA-512:96740776F0D81E484789AE0829DCAD738753D7FFCB7807CC64F9BB127040D8B00FD41D33A4D8DFB3D2BC1B57A1CEC8E948A03FEB50E3D5629F4E19532800415A
                                                                                                                      Malicious:false
                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\a5c3d402-2058-4b1e-a33d-d6d4fc5e3083.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):8448
                                                                                                                      Entropy (8bit):5.212274418273846
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:192:stNb+s4hCZihdYZEkYsY8bV+FiA66WBzlaFIMY3PLMJ:stNSs4hxhdYZhbGix6WBzlaTYc
                                                                                                                      MD5:FC0315D7B528F00877019BD775FCAADE
                                                                                                                      SHA1:5D586BBB1797D845B2BB8F77C7BA665EE11946B9
                                                                                                                      SHA-256:258AC53469611AABE9373B32992117C6B05D0F13D194705AC9E7AFDD4FC53360
                                                                                                                      SHA-512:E40881092FEB3EBE1696FC48255F1861A28C6166480F2AAB9C00EB43FA2381BED4925507450570FF013FF5DC32F3B1014A8F8B4F69A33FB85608200C74E1D717
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374239108443929","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"domain_diversity":{"last_reporting_timestamp":"13374239108433884"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sitelist_has_consumer_data":false,"sitelist_has_enterprise_data":false,"sitelist_location":"","sitelist_source":0,"sitelist_version":""},"edge":{

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):11755
                                                                                                                      Entropy (8bit):5.190465908239046
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:192:hH4vrmqRBB4W4PoiUDNaxvR5FCHFcoaSbqGEDI:hH4vrmUB6W4jR3GaSbqGEDI
                                                                                                                      MD5:07301A857C41B5854E6F84CA00B81EA0
                                                                                                                      SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                                                                                                                      SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                                                                                                                      SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):32768
                                                                                                                      Entropy (8bit):0.04936279064293761
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:Gd0JAmu8jH0JAmu8jL9XCChslotGLNl0ml/XoQDeX:zJXsJXxpEjVl/XoQ
                                                                                                                      MD5:5D0C04F0027C10D96C0F276FD4A780EE
                                                                                                                      SHA1:A62A3492B8C288E37F84959DBA4F0DCC4558DE90
                                                                                                                      SHA-256:0A027CAECA735B56DE709403BD4EFDAAFFC1DB195F2E32E885FC373C19DC0772
                                                                                                                      SHA-512:52749897993A5AFE9012208ACCCFD30F02E343C9AB33F8C4E49417AA01C66939D0F19A328921C644892C67C7494C05DD7568C43AC526826044F69606B5DB9529
                                                                                                                      Malicious:false
                                                                                                                      Preview:..-.....................:Db.W.v..4..}..tT...l...-.....................:Db.W.v..4..}..tT...l.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:modified
                                                                                                                      Size (bytes):2020
                                                                                                                      Entropy (8bit):5.309768117440653
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:iDH8hSBSeQtPAHRHmxUIYjIY2z2qkzMYjMYeqy1AlkfAlkb3y:aJ0eQqIYjIY2z2bzMYjMYetYcYO3
                                                                                                                      MD5:273249BC8A4A3D3B77287F660C1FC034
                                                                                                                      SHA1:81606101AF2FB2B5F326FF56AA29E3678CCC1DCD
                                                                                                                      SHA-256:03649CAE14D2A3E11314ABFC298B3A9C7384A8B4D833B8B7681EBC8CE5D371FF
                                                                                                                      SHA-512:E332972611CAF4E8DC06161A0EC20E4C6E4BAA41E5A89B06C82D1811506C78DC2F4A8C61995EEC0C2AD9DE7D82D5482FEDC6A97DEE9C3B217BBED5D393DBF35E
                                                                                                                      Malicious:false
                                                                                                                      Preview:A..r.................20_1_1...1.,U.................20_1_1...1..}0................39_config..........6.....n ....1u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............$....................4_IPH_CompanionSidePanel...IPH_CompanionSidePanel.....$4_IPH_CompanionSidePanelRegionSearch(."IPH_CompanionSidePanelRegionSearch......4_IPH_DownloadToolbarButton...IPH_DownloadToolbarButton.....&4_IPH_FocusHelpBubbleScreenReaderPromo*.$IPH_FocusHelpBubbleScreenReaderPromo......4_IPH_GMCCastStartStop...IPH_GMCCastStartStop......4_IPH_HighEfficiencyMode...IPH_HighEfficiencyMode......4_IPH_LiveCaption...IPH_LiveCaption......4_IPH_PasswordsAcco

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):324
                                                                                                                      Entropy (8bit):5.199831186128048
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+o8GqM+q2P923oH+TcwtfrK+IFUt8to8GXZmw+to8GqMVkwO923oH+TcwtfrUeLJ:l8G3+v4Yeb23FUt8+8GX/++8G3V5LYet
                                                                                                                      MD5:BFFD7FA128E23D7ECE2E178CDAFCA301
                                                                                                                      SHA1:F9FA757D8BBA56D1395F5A3A3A4AB6C568AF5445
                                                                                                                      SHA-256:8ADAAB6EA77562876F14CAA7A4F96162DC1F693C0F29AC379C2D218731B575BB
                                                                                                                      SHA-512:594374D476CA973F105D994AC6568BFDD7EB54C1CBA387B69A8E2084764D8CA8A44DDF27F0E0CCE71343F15D67A89646DEC018F51A10B0506ED46F537DE78572
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.468 1fac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/10/24-06:25:08.468 1fac Recovering log #3.2024/10/24-06:25:08.468 1fac Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):324
                                                                                                                      Entropy (8bit):5.199831186128048
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+o8GqM+q2P923oH+TcwtfrK+IFUt8to8GXZmw+to8GqMVkwO923oH+TcwtfrUeLJ:l8G3+v4Yeb23FUt8+8GX/++8G3V5LYet
                                                                                                                      MD5:BFFD7FA128E23D7ECE2E178CDAFCA301
                                                                                                                      SHA1:F9FA757D8BBA56D1395F5A3A3A4AB6C568AF5445
                                                                                                                      SHA-256:8ADAAB6EA77562876F14CAA7A4F96162DC1F693C0F29AC379C2D218731B575BB
                                                                                                                      SHA-512:594374D476CA973F105D994AC6568BFDD7EB54C1CBA387B69A8E2084764D8CA8A44DDF27F0E0CCE71343F15D67A89646DEC018F51A10B0506ED46F537DE78572
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.468 1fac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/10/24-06:25:08.468 1fac Recovering log #3.2024/10/24-06:25:08.468 1fac Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):899
                                                                                                                      Entropy (8bit):4.089449943493988
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:G0nYUtypD3RUovhC+lvBOL+t3IvB8f12/6:LYUtyp1vxdBllIp8f0i
                                                                                                                      MD5:A4FF1AD5DDD86E2FFEC54C60EA640FF0
                                                                                                                      SHA1:89C5183277541E50B3760CB1CF96E51D8763C619
                                                                                                                      SHA-256:6566C59DB938C176645FC47EE7A229FE0A679DA8185265FDAFC176DC69F6CD64
                                                                                                                      SHA-512:7018BDEE309E9AA38094F25DA4DD0063AE3C61B6CBF85BCDCA837F0B255DAF88560A76535B91F4FBC6799AF91C2D041E8F6F777D6B65B77E3CB230DE1051E0A5
                                                                                                                      Malicious:false
                                                                                                                      Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....,.1..................19_.....QL.s.................18_.....<.J|.................37_...... .A.................38_..........................39_........].................20_.....Owa..................20_.....`..N.................19_.....D8.X.................18_......`...................37_..........................38_......\e..................39_.....dz.|.................9_.....'\c..................9_.......f-.................__global... .|.&R.................__global... ./....................__global... ..T...................__global... ...G..................__global... ....P.................3_......C...................4_.......:S.................3_.....!sN..................4_.....

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):342
                                                                                                                      Entropy (8bit):5.182237978319927
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+oLdMM+q2P923oH+TcwtfrzAdIFUt8toG7Zmw+toGWMVkwO923oH+TcwtfrzILJ:lj+v4Yeb9FUt8+G7/++GLV5LYeb2J
                                                                                                                      MD5:46301AA3A063CB1D092499FE15ED04AF
                                                                                                                      SHA1:C511D83AA2D9566EC9B2CEEC3CE87448849CD9EC
                                                                                                                      SHA-256:013FCFB41D575A64A2ED03CD69051D012A48BB11066FDA9B69995B2541EC38F2
                                                                                                                      SHA-512:9864BDC6EE006C127719C4D0F955A47B00B0BD74611D08A45FF26B4C8F76602752DC79D224F90E853502F661BE17CFF9A59789246AD0B1E431CB7E795FA3274F
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.464 1fac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/10/24-06:25:08.465 1fac Recovering log #3.2024/10/24-06:25:08.465 1fac Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):342
                                                                                                                      Entropy (8bit):5.182237978319927
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:+oLdMM+q2P923oH+TcwtfrzAdIFUt8toG7Zmw+toGWMVkwO923oH+TcwtfrzILJ:lj+v4Yeb9FUt8+G7/++GLV5LYeb2J
                                                                                                                      MD5:46301AA3A063CB1D092499FE15ED04AF
                                                                                                                      SHA1:C511D83AA2D9566EC9B2CEEC3CE87448849CD9EC
                                                                                                                      SHA-256:013FCFB41D575A64A2ED03CD69051D012A48BB11066FDA9B69995B2541EC38F2
                                                                                                                      SHA-512:9864BDC6EE006C127719C4D0F955A47B00B0BD74611D08A45FF26B4C8F76602752DC79D224F90E853502F661BE17CFF9A59789246AD0B1E431CB7E795FA3274F
                                                                                                                      Malicious:false
                                                                                                                      Preview:2024/10/24-06:25:08.464 1fac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/10/24-06:25:08.465 1fac Recovering log #3.2024/10/24-06:25:08.465 1fac Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):120
                                                                                                                      Entropy (8bit):3.32524464792714
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl
                                                                                                                      MD5:A397E5983D4A1619E36143B4D804B870
                                                                                                                      SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                                                                                                      SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                                                                                                      SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                                                                                                      Malicious:false
                                                                                                                      Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):13
                                                                                                                      Entropy (8bit):2.7192945256669794
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:NYLFRQI:ap2I
                                                                                                                      MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                                                                                                                      SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                                                                                                                      SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                                                                                                                      SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                                                                                                                      Malicious:false
                                                                                                                      Preview:117.0.2045.47

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):44137
                                                                                                                      Entropy (8bit):6.090687589008711
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMwwuF9hDO6vP6O+jtbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6Gtbz8hu3VlXr4CRo1
                                                                                                                      MD5:A8BE530200ABAFEF555CFADCF8822737
                                                                                                                      SHA1:B96D7F700B53AB6AE2EC75ACA373A4BC4A1FDF9D
                                                                                                                      SHA-256:4AAF54B5CD5A68445E2FAA267B26D3408D7EE6A9C815562A48C5D334A074903B
                                                                                                                      SHA-512:7F264760ED280F9289A65EECD5BE086B76D6C95DF3146ED6BCC33EE5383B20B65D40AC2011D83C8468AB6B674670AEE5432D86E35D538CE41B22BA96C397BC0D
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF32b57.TMP (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):44137
                                                                                                                      Entropy (8bit):6.090687589008711
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMwwuF9hDO6vP6O+jtbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6Gtbz8hu3VlXr4CRo1
                                                                                                                      MD5:A8BE530200ABAFEF555CFADCF8822737
                                                                                                                      SHA1:B96D7F700B53AB6AE2EC75ACA373A4BC4A1FDF9D
                                                                                                                      SHA-256:4AAF54B5CD5A68445E2FAA267B26D3408D7EE6A9C815562A48C5D334A074903B
                                                                                                                      SHA-512:7F264760ED280F9289A65EECD5BE086B76D6C95DF3146ED6BCC33EE5383B20B65D40AC2011D83C8468AB6B674670AEE5432D86E35D538CE41B22BA96C397BC0D
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF32b76.TMP (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):44137
                                                                                                                      Entropy (8bit):6.090687589008711
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMwwuF9hDO6vP6O+jtbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6Gtbz8hu3VlXr4CRo1
                                                                                                                      MD5:A8BE530200ABAFEF555CFADCF8822737
                                                                                                                      SHA1:B96D7F700B53AB6AE2EC75ACA373A4BC4A1FDF9D
                                                                                                                      SHA-256:4AAF54B5CD5A68445E2FAA267B26D3408D7EE6A9C815562A48C5D334A074903B
                                                                                                                      SHA-512:7F264760ED280F9289A65EECD5BE086B76D6C95DF3146ED6BCC33EE5383B20B65D40AC2011D83C8468AB6B674670AEE5432D86E35D538CE41B22BA96C397BC0D
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF32de7.TMP (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):44137
                                                                                                                      Entropy (8bit):6.090687589008711
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMwwuF9hDO6vP6O+jtbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6Gtbz8hu3VlXr4CRo1
                                                                                                                      MD5:A8BE530200ABAFEF555CFADCF8822737
                                                                                                                      SHA1:B96D7F700B53AB6AE2EC75ACA373A4BC4A1FDF9D
                                                                                                                      SHA-256:4AAF54B5CD5A68445E2FAA267B26D3408D7EE6A9C815562A48C5D334A074903B
                                                                                                                      SHA-512:7F264760ED280F9289A65EECD5BE086B76D6C95DF3146ED6BCC33EE5383B20B65D40AC2011D83C8468AB6B674670AEE5432D86E35D538CE41B22BA96C397BC0D
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF35499.TMP (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):44137
                                                                                                                      Entropy (8bit):6.090687589008711
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMwwuF9hDO6vP6O+jtbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6Gtbz8hu3VlXr4CRo1
                                                                                                                      MD5:A8BE530200ABAFEF555CFADCF8822737
                                                                                                                      SHA1:B96D7F700B53AB6AE2EC75ACA373A4BC4A1FDF9D
                                                                                                                      SHA-256:4AAF54B5CD5A68445E2FAA267B26D3408D7EE6A9C815562A48C5D334A074903B
                                                                                                                      SHA-512:7F264760ED280F9289A65EECD5BE086B76D6C95DF3146ED6BCC33EE5383B20B65D40AC2011D83C8468AB6B674670AEE5432D86E35D538CE41B22BA96C397BC0D
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF417ca.TMP (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):44137
                                                                                                                      Entropy (8bit):6.090687589008711
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMwwuF9hDO6vP6O+jtbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6Gtbz8hu3VlXr4CRo1
                                                                                                                      MD5:A8BE530200ABAFEF555CFADCF8822737
                                                                                                                      SHA1:B96D7F700B53AB6AE2EC75ACA373A4BC4A1FDF9D
                                                                                                                      SHA-256:4AAF54B5CD5A68445E2FAA267B26D3408D7EE6A9C815562A48C5D334A074903B
                                                                                                                      SHA-512:7F264760ED280F9289A65EECD5BE086B76D6C95DF3146ED6BCC33EE5383B20B65D40AC2011D83C8468AB6B674670AEE5432D86E35D538CE41B22BA96C397BC0D
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF43eea.TMP (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):44137
                                                                                                                      Entropy (8bit):6.090687589008711
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMwwuF9hDO6vP6O+jtbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6Gtbz8hu3VlXr4CRo1
                                                                                                                      MD5:A8BE530200ABAFEF555CFADCF8822737
                                                                                                                      SHA1:B96D7F700B53AB6AE2EC75ACA373A4BC4A1FDF9D
                                                                                                                      SHA-256:4AAF54B5CD5A68445E2FAA267B26D3408D7EE6A9C815562A48C5D334A074903B
                                                                                                                      SHA-512:7F264760ED280F9289A65EECD5BE086B76D6C95DF3146ED6BCC33EE5383B20B65D40AC2011D83C8468AB6B674670AEE5432D86E35D538CE41B22BA96C397BC0D
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF49b71.TMP (copy)

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):44137
                                                                                                                      Entropy (8bit):6.090687589008711
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMwwuF9hDO6vP6O+jtbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEC6Gtbz8hu3VlXr4CRo1
                                                                                                                      MD5:A8BE530200ABAFEF555CFADCF8822737
                                                                                                                      SHA1:B96D7F700B53AB6AE2EC75ACA373A4BC4A1FDF9D
                                                                                                                      SHA-256:4AAF54B5CD5A68445E2FAA267B26D3408D7EE6A9C815562A48C5D334A074903B
                                                                                                                      SHA-512:7F264760ED280F9289A65EECD5BE086B76D6C95DF3146ED6BCC33EE5383B20B65D40AC2011D83C8468AB6B674670AEE5432D86E35D538CE41B22BA96C397BC0D
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):86
                                                                                                                      Entropy (8bit):4.3751917412896075
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:YQ3JYq9xSs0dMEJAELJ2rjozQw:YQ3Kq9X0dMgAEwj2
                                                                                                                      MD5:16B7586B9EBA5296EA04B791FC3D675E
                                                                                                                      SHA1:8890767DD7EB4D1BEAB829324BA8B9599051F0B0
                                                                                                                      SHA-256:474D668707F1CB929FEF1E3798B71B632E50675BD1A9DCEAAB90C9587F72F680
                                                                                                                      SHA-512:58668D0C28B63548A1F13D2C2DFA19BCC14C0B7406833AD8E72DFC07F46D8DF6DED46265D74A042D07FBC88F78A59CB32389EF384EC78A55976DFC2737868771
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"user_experience_metrics.stability.exited_cleanly":false,"variations_crash_streak":2}

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ecc031cf-6840-4e45-a489-dd19e124c691.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:modified
                                                                                                                      Size (bytes):44600
                                                                                                                      Entropy (8bit):6.0964579393162
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBdwuXhDO6vP6OmzP4cIbvjFSRcGoup1Xl3jVzXr4z:z/Ps+wsI7ynE46Gk0chu3VlXr4CRo1
                                                                                                                      MD5:A526CFF84210781E8CB81560E80137A2
                                                                                                                      SHA1:27C1401A8D43ECA9EB0F31E55B079C1F969C7348
                                                                                                                      SHA-256:1E652721E9D53F592FA3F14B2633A9D779F1CCA1FC26D5D041D49EE472550B9E
                                                                                                                      SHA-512:043B9A8CEFC2EDF0679E29D37ED92FF3CA362315944BD58AAEB0B6ADA886516A2686A264DEFE1C4E2BE36FAD4C6DD0BCB019A6F5733BE39EAFDFA499AA87AF6D
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\f192f6bc-fbcd-4eb5-a5d0-3d944ca5056e.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):44600
                                                                                                                      Entropy (8bit):6.0964579393162
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBdwuXhDO6vP6OmzP4cIbvjFSRcGoup1Xl3jVzXr4z:z/Ps+wsI7ynE46Gk0chu3VlXr4CRo1
                                                                                                                      MD5:A526CFF84210781E8CB81560E80137A2
                                                                                                                      SHA1:27C1401A8D43ECA9EB0F31E55B079C1F969C7348
                                                                                                                      SHA-256:1E652721E9D53F592FA3F14B2633A9D779F1CCA1FC26D5D041D49EE472550B9E
                                                                                                                      SHA-512:043B9A8CEFC2EDF0679E29D37ED92FF3CA362315944BD58AAEB0B6ADA886516A2686A264DEFE1C4E2BE36FAD4C6DD0BCB019A6F5733BE39EAFDFA499AA87AF6D
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{3BC62B24-91F2-11EF-8C2C-ECF4BB570DC9}.dat

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                      File Type:Composite Document File V2 Document, Cannot read section info
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):5632
                                                                                                                      Entropy (8bit):2.042478741065575
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:rCGo/Q13wYLGW/B3wXa3w8ga3w69lW8yiK9lW8P:rCGo413XLGWZ3r3z93i8yI8P
                                                                                                                      MD5:88DE878C97974D4E97BBBDEAFC14BEFD
                                                                                                                      SHA1:42FC1097494D17E86D51AC2ADC938BB6FAFA9BDB
                                                                                                                      SHA-256:68615E430FA70E232243292EE4A0C2F4A195DAF1B6092FB90C11A3FE7169F1E3
                                                                                                                      SHA-512:82C09A9613403C8FC6B5B08A7CEB5126800201F10D9AFAE385049187B84D8D2EB1B8BFD52381A35495E97D1BF0DB2CE087DD82047B2BC224B958709172D65575
                                                                                                                      Malicious:false
                                                                                                                      Preview:......................>.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.........................................................................................0.X..%................K.j.j.a.q.f.a.j.N.2.c.0.u.z.g.v.1.l.4.q.y.5.n.f.W.e...........8...............................................................F.r.a.m.e.L.i.s.t.......................................................................................................0.......O._.T.S.J.S.v.G.O.#.K.R.7.x.G.M.L.O.z.0.u.1.c.N.y.Q.=.=.........:.......................................

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3BC62B26-91F2-11EF-8C2C-ECF4BB570DC9}.dat

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                      File Type:Composite Document File V2 Document, Cannot read section info
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):4096
                                                                                                                      Entropy (8bit):2.0533716677560045
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:rIHG46lTGg09l2x8OzASWLFs62Aywu9leZkgD8DUa62AyY5j:rIHG4OTGgpx8OsSQPZki8OL5j
                                                                                                                      MD5:FACF5F73BFAC04326706D309EC57668E
                                                                                                                      SHA1:548066F4DDE3875317D5EBD0B16E300E979A13F8
                                                                                                                      SHA-256:221ED8FE273A543B41B17A6DB7A3BD1D0D7E9534008EDF76D2DCD4475E2B9ADD
                                                                                                                      SHA-512:516ED3F106E6CF95572F12531DA33133AB3C6D0ED3B7B6B1F14FB6246A48227918544B3CF3B1E3DBBC8C158B1FCBE62AFC2A54EBDB322C9F28AB5F607436CA49
                                                                                                                      Malicious:false
                                                                                                                      Preview:......................>.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y...........................................................................................V..%................K.j.j.a.q.f.a.j.N.2.c.0.u.z.g.v.1.l.4.q.y.5.n.f.W.e...........8.......................................................\.......T.r.a.v.e.l.L.o.g.......................................................................................................................................................................................................................

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                      File Type:XML 1.0 document, ASCII text, with very long lines (314), with CRLF line terminators
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):356
                                                                                                                      Entropy (8bit):5.115970031955826
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:TMVBdc9EMdLD5Ltqc41EBIZRCTD90/QL3WIZK0QhPPFVDHkEtMjwu:TMHdNMNxOEBIZRCnWimI00ONVbkEtMb
                                                                                                                      MD5:EDF3CBF7D8B5111EC64ACCA6CFD2F14B
                                                                                                                      SHA1:ADB5C69EE09FBFCDCFDAD52E765FE0AB2D0A0BCF
                                                                                                                      SHA-256:F7617D64908F4B95370B57CD3989B5EF8911779D177BAED99FF1F20ED947C0B0
                                                                                                                      SHA-512:DD7B6521EE75BE3D8B474ABBF481203F8E8B50205526C9672282170E283239D7238B4A5014D9B5AF0552A88B29180DA22D41ED77B2C4AA2112D0CB43ED1EEDEF
                                                                                                                      Malicious:false
                                                                                                                      Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0x14525df8,0x01db25ff</date><accdate>0x14525df8,0x01db25ff</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Twitter.url"/></tile></msapplication></browserconfig>..

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                      File Type:XML 1.0 document, ASCII text, with very long lines (312), with CRLF line terminators
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):354
                                                                                                                      Entropy (8bit):5.179468587869131
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:TMVBdc9EMdLD5Ltqc4fLGTkW3+yQtUBcRCTD90/QL3WIZK0QhPPFkI5kU5EtMjwu:TMHdNMNxe2kWIUBcRCnWimI00ONkak6t
                                                                                                                      MD5:5F7B2F1A40B12E98CD16216D2BF133C1
                                                                                                                      SHA1:E9F0B933A5C68C7A842ACC1920E8E8B01439C269
                                                                                                                      SHA-256:C6ADF1DD74966B8B4B025C14F7EC9E9BCD9143F9C6D9C741C5B532CEE7F662B1
                                                                                                                      SHA-512:790245C45B3D31CDAAEA918F2244D1B40C22E6222667FC35DA4D560B2CFC0A972D34C70AD90ACEF1ED3583BB7CC9E91B1EB2A5CB1C89DA2A117AE9377750E5FD
                                                                                                                      Malicious:false
                                                                                                                      Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.amazon.com/"/><date>0x1448d409,0x01db25ff</date><accdate>0x144b3694,0x01db25ff</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Amazon.url"/></tile></msapplication></browserconfig>..

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                      File Type:XML 1.0 document, ASCII text, with very long lines (318), with CRLF line terminators
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):360
                                                                                                                      Entropy (8bit):5.137418579529159
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:TMVBdc9EMdLD5Ltqc4GLBIZRCTD90/QL3WIZK0QhPPFyhBcEEtMjwu:TMHdNMNxvLBIZRCnWimI00ONmZEtMb
                                                                                                                      MD5:7FDE882B44FE421565F82E85830A79B3
                                                                                                                      SHA1:E0C4C99ED7EA9C50049342BEF215A9AE6B5DA1D0
                                                                                                                      SHA-256:26F793718C458B9AB36016FD426678FABC98D407F9FEE82FF85F6BDCE3A88D1F
                                                                                                                      SHA-512:AB57E2AB938363B1A3B1C88F75CED77FE7C5F7255251362FF23783F0D2A9BAF331497542738C8F334244223048C16043B85133B7AE37CD0224644AB50CAECD04
                                                                                                                      Malicious:false
                                                                                                                      Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.wikipedia.com/"/><date>0x14525df8,0x01db25ff</date><accdate>0x14525df8,0x01db25ff</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Wikipedia.url"/></tile></msapplication></browserconfig>..

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xml

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                      File Type:XML 1.0 document, ASCII text, with very long lines (335), with CRLF line terminators
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):377
                                                                                                                      Entropy (8bit):5.216884334027476
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:TMVBdc9EMdLD5Ltq08eDPOOKaihMnQtUByQtUBcRCTD90/QL3WIZK0QhPPFcE5Es:TMHdNMNxtDPOOKaYUBzUBcRCnWimI00A
                                                                                                                      MD5:E133A96AE6F8E99983733812321A2FE9
                                                                                                                      SHA1:1A3473FCBE5DB22C460AEE24B4140BF0CE06506D
                                                                                                                      SHA-256:BFEE656AB4E567C3AC38C9B37A589367578AE2FEDCB41B4085EBF0DA0768CB77
                                                                                                                      SHA-512:9B62E34CE1ECDB1EF3E3CDE3ED0F85344973AA7C8ECFA8F93C04E6702F80819F187D547AF97C043CEF9DC7B7C6639D000345071791318B6C5C2BB04BD75753E3
                                                                                                                      Malicious:false
                                                                                                                      Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://go.microsoft.com/fwlink/p/?LinkId=255142"/><date>0x144b3694,0x01db25ff</date><accdate>0x144b3694,0x01db25ff</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Bing.url"/></tile></msapplication></browserconfig>..

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                      File Type:XML 1.0 document, ASCII text, with very long lines (308), with CRLF line terminators
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):350
                                                                                                                      Entropy (8bit):5.138403204823147
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:TMVBdc9EMdLD5Ltqc4JABHRbocRCTD90/QL3WIZK0QhPPFgE5EtMjwu:TMHdNMNxi4NocRCnWimI00ONd5EtMb
                                                                                                                      MD5:315127CFAE310ECE800446435BBBFA9A
                                                                                                                      SHA1:898AC7FCC8409D79A0E3995F40627C9C1D02CD82
                                                                                                                      SHA-256:75F4CC62D1B31E482B671188F39C6804786FA0D09E0B5765480E0B7C08D1EB2F
                                                                                                                      SHA-512:F1FBA0AE325B6B80D95A6213473AAF1C0ADD2F2255FE55E546DB1656777F616B128D219226E612C6B88B3D3197FE520C63D7487079B3362D615D188FA8D65B33
                                                                                                                      Malicious:false
                                                                                                                      Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.live.com/"/><date>0x144d98c1,0x01db25ff</date><accdate>0x144ffb54,0x01db25ff</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Live.url"/></tile></msapplication></browserconfig>..

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                      File Type:XML 1.0 document, ASCII text, with very long lines (314), with CRLF line terminators
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):356
                                                                                                                      Entropy (8bit):5.148493716390534
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:TMVBdc9EMdLD5Ltqc4UxGwBIZRCTD90/QL3WIZK0QhPPF8K0QU5EtMjwu:TMHdNMNxhGwBIZRCnWimI00ON8K075Es
                                                                                                                      MD5:DA0C08BAC9635060FF52A64FF56ED2EC
                                                                                                                      SHA1:D85BB7F58B1A1E6CBFC33F61E437DFF002A90E5D
                                                                                                                      SHA-256:5DE41F4372723800FD6451846F6F67FAD89538E818BDDFA8C773E41D7FE99F59
                                                                                                                      SHA-512:129B220B208F984CEE224DF36D55AC6DB747B4CCB9F6B2519B7805B8D63C46B4FAC9B992815E5176E79FFE968EEA3A8E787A647C6989C2451FA0EE7E92120696
                                                                                                                      Malicious:false
                                                                                                                      Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0x14525df8,0x01db25ff</date><accdate>0x14525df8,0x01db25ff</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Youtube.url"/></tile></msapplication></browserconfig>..

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                      File Type:XML 1.0 document, ASCII text, with very long lines (312), with CRLF line terminators
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):354
                                                                                                                      Entropy (8bit):5.111404243710288
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:TMVBdc9EMdLD5Ltqc4QunCRbocRbocRCTD90/QL3WIZK0QhPPFAkEtMjwu:TMHdNMNx0nCNocNocRCnWimI00ONxEty
                                                                                                                      MD5:95FB1AFD964F3D22D331D3093E9AE3BE
                                                                                                                      SHA1:A89376B3A479627D7BB2CBACC44FDD22AB4DF905
                                                                                                                      SHA-256:D313000A342E79FE66CA68CE1EBC42F3B64E57EDBA0F898DAA13ACC0799D1DDA
                                                                                                                      SHA-512:2F72A92E1D4F32417511B3DC206E4A61F283B9AFBD074FF5B851E73E068C45CCF59204636B08905C4A4D72BF1F21B9F44113B4A6D1B909A74BCBB63053142935
                                                                                                                      Malicious:false
                                                                                                                      Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.reddit.com/"/><date>0x144ffb54,0x01db25ff</date><accdate>0x144ffb54,0x01db25ff</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Reddit.url"/></tile></msapplication></browserconfig>..

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                      File Type:XML 1.0 document, ASCII text, with very long lines (314), with CRLF line terminators
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):356
                                                                                                                      Entropy (8bit):5.15684834175264
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:TMVBdc9EMdLD5Ltqc4oTCRbocRbocRCTD90/QL3WIZK0QhPPF6Kq5EtMjwu:TMHdNMNxxCNocNocRCnWimI00ON6Kq5t
                                                                                                                      MD5:631D34818F165F5A444CCF60E695A167
                                                                                                                      SHA1:04C5EA95BADED86F1ACE2114D0A726A3E3A7D1B8
                                                                                                                      SHA-256:2BBCA321FD24FFD57DF90EC8C305E4AC4D8C89AA5D20B25ECF87FA9DB355581B
                                                                                                                      SHA-512:DF5A1B18BD0E27D25907597D8C2164A15E8F9660AFF9F44B369E8022666069560A012C67477BA39ABC0387B99390939E106A22266C1812DAFEBB0CE4E0DDC624
                                                                                                                      Malicious:false
                                                                                                                      Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.nytimes.com/"/><date>0x144ffb54,0x01db25ff</date><accdate>0x144ffb54,0x01db25ff</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\NYTimes.url"/></tile></msapplication></browserconfig>..

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                      File Type:XML 1.0 document, ASCII text, with very long lines (316), with CRLF line terminators
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):358
                                                                                                                      Entropy (8bit):5.156837754623348
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:TMVBdc9EMdLD5Ltqc4YX2nsQtUBeB/RCTD90/QL3WIZK0QhPPF02CqEtMjwu:TMHdNMNxclUBCRCnWimI00ONVEtMb
                                                                                                                      MD5:02584DB0C81568A8CF2B92AC05151489
                                                                                                                      SHA1:FB565304559D6A23E343FEBDEAC8BB7B67E110B5
                                                                                                                      SHA-256:DC711C635D2551E4E9E7B5DCC8DB3DA3225E90C6F250ADA2FE24B919F6317513
                                                                                                                      SHA-512:DCFE702C6AEF7FE177E1E1DFA878F023B04C77951FD2141892F85ACDDB11D53F62D3834F673F3156153AD2B906C431A660419949519061D343AF1ED8A271E4B8
                                                                                                                      Malicious:false
                                                                                                                      Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0x144b3694,0x01db25ff</date><accdate>0x144d98c1,0x01db25ff</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Facebook.url"/></tile></msapplication></browserconfig>..

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                      File Type:XML 1.0 document, ASCII text, with very long lines (312), with CRLF line terminators
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):354
                                                                                                                      Entropy (8bit):5.124811646225019
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:TMVBdc9EMdLD5Ltqc4InAB9B/RCTD90/QL3WIZK0QhPPFiwE5EtMjwu:TMHdNMNxfn+RCnWimI00ONe5EtMb
                                                                                                                      MD5:E270102634C6133CA3587C4B35CC784D
                                                                                                                      SHA1:C9F7535B8D8A00A65AE27BF81D15A4FACE519013
                                                                                                                      SHA-256:F9E980DA188343EB64AF492100D699B3118C02F5A4FDE96C419E5DC185038132
                                                                                                                      SHA-512:E6D00E74A56C9C7B134940723B1ABB6C51ADBCD2A4EDBA49856CA70FB0E643738B5916F48020638E0F3DFD177746EDEF540D7DC1A7A919DF43C915E05DACCBCA
                                                                                                                      Malicious:false
                                                                                                                      Preview:<?xml version="1.0" encoding="utf-8"?>..<browserconfig><msapplication><config><site src="http://www.google.com/"/><date>0x144d98c1,0x01db25ff</date><accdate>0x144d98c1,0x01db25ff</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Google.url"/></tile></msapplication></browserconfig>..

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2278
                                                                                                                      Entropy (8bit):3.8411916258082583
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:uiTrlKxrgxaUxl9Il8uC5tBJ2jadE4qOoQzWcCf7klPcQ6d1rc:m3oYa7J5dRqOoQaf7klPf
                                                                                                                      MD5:1823C1D60878475CEE6731E22962F90A
                                                                                                                      SHA1:CD93EE0C42B75936746FAD1D9647BE703870154F
                                                                                                                      SHA-256:CED409BDF10A1F6993DE2F232563062A026D22087ED5E9CEAE3AFCC0A16CC3E5
                                                                                                                      SHA-512:FDA195BFBC54E1EE93DDBCB6DA6E6A34FC6AE62D4D06F44F1FCFC238E23660B1DD060C5278A16DFD00C1FE383AE643F7EB4F2CAC8C443CCED5E1AA92CF82CA6A
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.K.+.x.Y.g.c.m.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.p.j.l.C.8.J.

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):4622
                                                                                                                      Entropy (8bit):4.000040073944659
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:96:lJYa0poJhqTqFwYbXI7P0EuYufzNEoIMl27c6gqaHwWZjy:78oJ4owYDk0oM47hIbty
                                                                                                                      MD5:D44F27AE31D95F3EC4F2764B19BD5B00
                                                                                                                      SHA1:373D1B7FB6E3F23D65B536589B53B86278C23080
                                                                                                                      SHA-256:045409C69D651F3166D310144700B732C67720A8B8BBA4799E15AA2728619EE1
                                                                                                                      SHA-512:0606DE8BA612DADC76E54C6E63A41DC0F132CF3321392B9AAE8E5280EB3B96D1626C44C2FD152B64CE986A132E6F4881E037EC15936CF2DEBF05B1EDB564FEEB
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".J.z.H.v.S.P.8.l.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.p.j.l.C.8.J.

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2684
                                                                                                                      Entropy (8bit):3.908225003780099
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:uiTrlKx68Wa7xoxl9Il8uC5l0UYMqyqEUTOMNLxo8Ska+HSDWAGo4Zsd/vc:aKYal0U5qRVpNy8SkjoWAL4b
                                                                                                                      MD5:DC49119DE2AB51371B0752C052C34D5B
                                                                                                                      SHA1:0AEC0168E34C450475DF675C2675DF5241F71E6B
                                                                                                                      SHA-256:F1F2B8F565DFF4787099D2006ED8841599F4E65DF7D484E16DDECD0514022185
                                                                                                                      SHA-512:8BB1B0BC32AB035429725E453F32B1B1968F8E50180ABE033393214E836582A46286BB0FD720043030A355001F2CC6BF27C0DC17BA621C2C413B6BFD3857D2B7
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".6.N.3.U.y.9.n.A.U.E.q.s.5.u.9.6.E./.o.g.0.E./.V.J.A.g.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".H.D.r.Q.e.d.B.E.3.A.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.p.j.l.C.8.J.

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\favicon[1].ico

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                      File Type:MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):4286
                                                                                                                      Entropy (8bit):3.8046022951415335
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:suZOWcCXPRS4QAUs/KBy3TYI42Apvl6wheXpktCH2Yn4KgISQggggFpz1k9PAYHu:HBRh+sCBykteatiBn4KWi1+Ne
                                                                                                                      MD5:DA597791BE3B6E732F0BC8B20E38EE62
                                                                                                                      SHA1:1125C45D285C360542027D7554A5C442288974DE
                                                                                                                      SHA-256:5B2C34B3C4E8DD898B664DBA6C3786E2FF9869EFF55D673AA48361F11325ED07
                                                                                                                      SHA-512:D8DC8358727590A1ED74DC70356AEDC0499552C2DC0CD4F7A01853DD85CEB3AEAD5FBDC7C75D7DA36DB6AF2448CE5ABDFF64CEBDCA3533ECAD953C061A9B338E
                                                                                                                      Malicious:false
                                                                                                                      Preview:...... .... .........(... ...@..... ...................................................................................................................................................................................................N...Sz..R...R...P...N..L..H..DG..........................................................................................R6..U...U...S...R...P...N..L..I..F..B...7...............................................................................S6..V...V...U...S...R...P...N..L..I..F..C...?..:z......................................................................O...W...V...V...U...S...R...P...N..L..I..E..C...?...;..{7..q2$..............................................................T..D..]...S)..p6..J...R...P...N..L..I..E..B..>..;..z7..p2..f,X.........................................................A..O#..N!..N!..N!..P$..q:...P...N..K..I..E..A..=..9..x5..n0..e,...5...................................................Ea.Z,..T$..T$..T

                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\xmltreeview[1]

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                      File Type:ASCII text, with CRLF line terminators
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):17524
                                                                                                                      Entropy (8bit):4.340063035506032
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:192:wiuFhk5un5EpDdblzKaz+OJGbiIBJofNbr5/dn82/jqmo3qAi:rq25unWZd9dvJGiIBJoh387oAi
                                                                                                                      MD5:03710426AB25AD1280E197F61249F9DE
                                                                                                                      SHA1:F5E7A6FD42503AE4758BC36C8DD78D98EFB35047
                                                                                                                      SHA-256:21E63F7C77896ED2B5F115957F2448E0A9E2DD738D7D487E471217421F6A93E1
                                                                                                                      SHA-512:213CB55B8573335D1384AE704FF4267F224376056F71548660F9B2FDAA1203D8ABDDB787900AAF5D1E0AC6E5BE261F713BDBEFB67643D08E8D3672512A1AF588
                                                                                                                      Malicious:false
                                                                                                                      Preview:(function()..{.. var XHTML = "http://www.w3.org/1999/xhtml";.. .. // Time slicing constants.. var LIMIT = 10; // Maximum number of nodes to process before checking time.. var DURATION = 200; // Maximum amount of time (ms) to process before unblocking UI.. var DELAY = 15; // Amount of time (ms) to unblock UI.... // Tree building state.. var iterator;.. var nextNode;.. var root;.. var rootFirstChild;.. var time;.. .. // Template References.. var attrTemplate, attrName, attrValue;.. var elmStartTemplate, elmStartName;.. var elmEndTemplate, elmEndName;.. var cdataTemplate, cdataValue;.. var commentTemplate, commentValue;.. var style; .. .. // Only invoke this script if it was injected by our parser. Test for a condition that is.. // impossible for a markup to create - two direct children of the document... var secondRootElement = document.documentElement.nextElementSibling;.. if (secondRootElement == null

                                                                                                                      C:\Users\user\AppData\Local\Temp\5685491c-4ea9-4743-a433-ae066c236b9e.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:very short file (no magic)
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1
                                                                                                                      Entropy (8bit):0.0
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:L:L
                                                                                                                      MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                      SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                      SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                      SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                      Malicious:false
                                                                                                                      Preview:.

                                                                                                                      C:\Users\user\AppData\Local\Temp\597751ac-6958-4d1d-91f0-472716ca1451.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:Google Chrome extension, version 3
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):135771
                                                                                                                      Entropy (8bit):7.802585890890899
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3072:LtlntxI0jRnnf4pTz8IayMaCRABlauflM+u0F/oWRW:pl4+hf4pTky1EABYufNFS4W
                                                                                                                      MD5:DA75BB05D10ACC967EECAAC040D3D733
                                                                                                                      SHA1:95C08E067DF713AF8992DB113F7E9AEC84F17181
                                                                                                                      SHA-256:33AE9B8F06DC777BB1A65A6BA6C3F2A01B25CD1AFC291426B46D1DF27EA6E7E2
                                                                                                                      SHA-512:56533DE53872F023809A20D1EA8532CDC2260D40B05C5A7012C8E61576FF092F006A197F759C92C6B8C429EEEC4BB542073B491DDCFD5B22CD4ECBE1A8A7C6EF
                                                                                                                      Malicious:false
                                                                                                                      Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[...........=.B.../EYp....i:........ua....w...\H.j....b....4...l.b.:u.%1z....}L.A.F.IZ.2^.j...!F.&@;L..z...02..`:J_@....m....qcQ.|sD.r`vC.#.8lm...R.8.~A...."~)".[.M...o.a.H.$..(.d/.K.6......c........#.$..>.#..3..-...n4J.$-....N...s.G...3..q.e..(.B?*."...9M......[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...H0F.!..w./B..$<......r-.'..xp.H..Q...8.!..R^...%..W0....q....g.D..~.".%............mo.:......<#a..e...Chp...x4z....!.!.a...qgo....p8.T.6...Z....?..CV...<..K...?....k..........q=....Y^........!..K...G...m.n..Y.Y.......u.Wf...TO".?.......U/Rd..Y....j....H..Q...{.....x.OQ.~+}...L.9_.:.,E.....q.0&...I;b..H...>...9.}.B

                                                                                                                      C:\Users\user\AppData\Local\Temp\66806389-07a6-4ba5-96e5-1852856c4296.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 276634
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):242356
                                                                                                                      Entropy (8bit):7.991210403664034
                                                                                                                      Encrypted:true
                                                                                                                      SSDEEP:6144:nvRDe2ei//LiBCNBs4vIVeMRhzb6d0X7ayNC:nde2edcbveZRFW0X2yk
                                                                                                                      MD5:B73A9C52EF76DD9F575BDCF919B05902
                                                                                                                      SHA1:A7ED2E7B5F85D6E502B538FDEBD91343D811E55A
                                                                                                                      SHA-256:EF05EE3FA07D46FDDD88DA7760509F7BA658D3A9A5696004404F5A128349B323
                                                                                                                      SHA-512:01EB2E462F3EDE544A66C0EEABA9172B668B6EA20D2FEF5A3DD2217E60ED42F70523F194B8901A48CDA3E55E1F65A14BAB2FBE3B34D2CB410B1939B9BB7B4CBC
                                                                                                                      Malicious:false
                                                                                                                      Preview:...........}.w..._..W.2...W.N&....I..k..'@..Y...c...~K..3vB....#.K.........R.Q.%.4......+.r.M?.\....l....q......Xo\..6.u..q.i.[V_...u..M0...LK......)KcyM.<#....q.$..n<..f5.'..V3oY.v.....k....f.kul...F..4.^..^.(r}.k..[...?.....Y..K.9.VZ..r.c.m..wL.n....L+7.fnY..j.r..v..;P..Xz....~..;....yO3.P.`.]H2u...]...zV....[..m...v;...6.....8.._.l...;NK..W.4...G.....4...>..F.xl.Z..B?.zAcZO.....VI.(}f..j.k..)._...z.72-h.Fj....o.WB..~.gO..5-da+PW....H..n......q......W..5.C.+m..u.~.<.....E.uf?.?...3.......$@+......Z..6..4...&..Mz..W..~...V-}@'.w....t..nx..,.....0b.:QR'..W|#2b.....3}....wP.5.n..j.&...8q-H#O4.{/..G.....%.@(.&...M.5X,3(.d.L3~[.Yp.^.m../4...OB..u .=.7...:.N.k.m......... T..6!8......._. ..?..<...v...X.F.....<,....01.+...H.'....<...E......O..%P..-HH[M.......1[.7@H....eBJw.|....x.....i.....i.&.B.A.L.l..T...6..z....4).Y.F.%.>.o.a6{vw.=..F....e..e|.i.4.n.O-.1.FK.Z+..x@..$...?..C.....t....>...O...n.mN{.R .@.uNG...p.TT......9#=.z.j.....Oa..S.a;.

                                                                                                                      C:\Users\user\AppData\Local\Temp\b7577419-0b04-4d0a-b7a3-10bed6d62375.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:very short file (no magic)
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1
                                                                                                                      Entropy (8bit):0.0
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:L:L
                                                                                                                      MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                      SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                      SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                      SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                      Malicious:false
                                                                                                                      Preview:.

                                                                                                                      C:\Users\user\AppData\Local\Temp\cv_debug.log

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2110
                                                                                                                      Entropy (8bit):5.404984202207283
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:Yzj57SnaJ57H57Uv5W1Sj5W175zuR5z+5zn071eDJk5c1903bj5jJp0gcU854RrD:8e2Fa116uCntc5toYiq95KM
                                                                                                                      MD5:C95C36E0326548A25BF958A9EB32581A
                                                                                                                      SHA1:3CF336BEB915D2F0313B18F2BB967BB6B5E7BECE
                                                                                                                      SHA-256:650F6D45A0DB0E312593E46C66B454FF55B60433212A9E6D507068541DFE9CC9
                                                                                                                      SHA-512:1915897AA728EEFC015BC180920D09A3E129FC1CB49C996CE394855E8DAA98C429D6F739833E986476EA7551C3BFB73EA4D26A7D067CC4A96F9456ED3A83B17B
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"logTime": "1004/133448", "correlationVector":"vYS73lRT+EoO2Owh9jsc+Y","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"n/KhuHPhHmYXokB31+JZz7","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"fclQx26bUZO07waFEDe6Fn","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"0757l0tkKt37vNrdCKAm8w","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133449", "correlationVector":"uTRRkmbbqkgK/wPBCS4fct","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133449", "correlationVector":"2DrXipL1ngF91RN7IemK0e","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"d0GyjEgnW85fvDIojHVIXI","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"PvfzGWRutB/kmuXUK+c8XA","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"29CB75FBC4C942E0817A1F7A0E2CF647

                                                                                                                      C:\Users\user\AppData\Local\Temp\d491cdca-1b4c-43e9-a001-d139391629d3.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:Google Chrome extension, version 3
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):11185
                                                                                                                      Entropy (8bit):7.951995436832936
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                      MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                      SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                      SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                      SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                      Malicious:false
                                                                                                                      Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\597751ac-6958-4d1d-91f0-472716ca1451.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:Google Chrome extension, version 3
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):135771
                                                                                                                      Entropy (8bit):7.802585890890899
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3072:LtlntxI0jRnnf4pTz8IayMaCRABlauflM+u0F/oWRW:pl4+hf4pTky1EABYufNFS4W
                                                                                                                      MD5:DA75BB05D10ACC967EECAAC040D3D733
                                                                                                                      SHA1:95C08E067DF713AF8992DB113F7E9AEC84F17181
                                                                                                                      SHA-256:33AE9B8F06DC777BB1A65A6BA6C3F2A01B25CD1AFC291426B46D1DF27EA6E7E2
                                                                                                                      SHA-512:56533DE53872F023809A20D1EA8532CDC2260D40B05C5A7012C8E61576FF092F006A197F759C92C6B8C429EEEC4BB542073B491DDCFD5B22CD4ECBE1A8A7C6EF
                                                                                                                      Malicious:false
                                                                                                                      Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[...........=.B.../EYp....i:........ua....w...\H.j....b....4...l.b.:u.%1z....}L.A.F.IZ.2^.j...!F.&@;L..z...02..`:J_@....m....qcQ.|sD.r`vC.#.8lm...R.8.~A...."~)".[.M...o.a.H.$..(.d/.K.6......c........#.$..>.#..3..-...n4J.$-....N...s.G...3..q.e..(.B?*."...9M......[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...H0F.!..w./B..$<......r-.'..xp.H..Q...8.!..R^...%..W0....q....g.D..~.".%............mo.:......<#a..e...Chp...x4z....!.!.a...qgo....p8.T.6...Z....?..CV...<..K...?....k..........q=....Y^........!..K...G...m.n..Y.Y.......u.Wf...TO".?.......U/Rd..Y....j....H..Q...{.....x.OQ.~+}...L.9_.:.,E.....q.0&...I;b..H...>...9.}.B

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\128.png

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):4982
                                                                                                                      Entropy (8bit):7.929761711048726
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:96:L7Rf7U1ylWb3KfyEfOXE+PIcvBirQFiAql1ZwKREkXCSAk:pTvWqfD+gl0sAql1u7kySAk
                                                                                                                      MD5:913064ADAAA4C4FA2A9D011B66B33183
                                                                                                                      SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                                                                                                                      SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                                                                                                                      SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                                                                                                                      Malicious:false
                                                                                                                      Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\af\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):908
                                                                                                                      Entropy (8bit):4.512512697156616
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvgMTCBxNB+kCIww3v+BBJ/wjsV8lCBxeBeRiGTCSU8biHULaBg/4srCBhUJJ:1HAkkJ+kCIwEg/wwbw0PXa22QLWmSDg
                                                                                                                      MD5:12403EBCCE3AE8287A9E823C0256D205
                                                                                                                      SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                                                                                                                      SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                                                                                                                      SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\am\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1285
                                                                                                                      Entropy (8bit):4.702209356847184
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAn6bfEpxtmqMI91ivWjm/6GcCIoToCZzlgkX/Mj:W6bMt3MITFjm/Pcd4oCZhg6k
                                                                                                                      MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                                                                                                                      SHA1:58979859B28513608626B563138097DC19236F1F
                                                                                                                      SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                                                                                                                      SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\ar\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1244
                                                                                                                      Entropy (8bit):4.5533961615623735
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvgPCBxNhieFTr9ogjIxurIyJCCBxeh6wAZKn7uCSUhStuysUm+WCBhSueW1Y:1HAgJzoaC6VEn7Css8yoXzzd
                                                                                                                      MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                                                                                                                      SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                                                                                                                      SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                                                                                                                      SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\az\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):977
                                                                                                                      Entropy (8bit):4.867640976960053
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAWNjbwlmyuAoW32Md+80cVLdUSERHtRo3SjX:J3wlzs42m+8TV+S4H0CjX
                                                                                                                      MD5:9A798FD298008074E59ECC253E2F2933
                                                                                                                      SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                                                                                                                      SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                                                                                                                      SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\be\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):3107
                                                                                                                      Entropy (8bit):3.535189746470889
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:YOWdTQ0QRk+QyJQAy6Qg4QWSe+QECTQLHQlQIfyQ0fnWQjQDrTQik+QvkZTQ+89b:GdTbyRvwgbCTEHQhyVues9oOT3rOCkV
                                                                                                                      MD5:68884DFDA320B85F9FC5244C2DD00568
                                                                                                                      SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                                                                                                                      SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                                                                                                                      SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\bg\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1389
                                                                                                                      Entropy (8bit):4.561317517930672
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAp1DQqUfZ+Yann08VOeadclUZbyMzZzsYvwUNn7nOyRK8/nn08V7:g1UTfZ+Ya08Uey3tflCRE08h
                                                                                                                      MD5:2E6423F38E148AC5A5A041B1D5989CC0
                                                                                                                      SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                                                                                                                      SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                                                                                                                      SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\bn\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1763
                                                                                                                      Entropy (8bit):4.25392954144533
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HABGtNOtIyHmVd+q+3X2AFl2DhrR7FAWS9+SMzI8QVAEq8yB0XtfOyvU7D:oshmm/+H2Ml2DrFPS9+S99EzBd7D
                                                                                                                      MD5:651375C6AF22E2BCD228347A45E3C2C9
                                                                                                                      SHA1:109AC3A912326171D77869854D7300385F6E628C
                                                                                                                      SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                                                                                                                      SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\ca\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):930
                                                                                                                      Entropy (8bit):4.569672473374877
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvggoSCBxNFT0sXuqgEHQ2fTq9blUJYUJaw9CBxejZFPLOjCSUuE44pMiiDat:1HAtqs+BEHGpURxSp1iUPWCAXtRKe
                                                                                                                      MD5:D177261FFE5F8AB4B3796D26835F8331
                                                                                                                      SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                                                                                                                      SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                                                                                                                      SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\cs\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):913
                                                                                                                      Entropy (8bit):4.947221919047
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvgdsbCBxNBmobXP15Dxoo60n40h6qCBxeBeGG/9jZCSUKFPDLZ2B2hCBhPLm:1HApJmoZ5e50nzQhwAd7dvYB2kDSGGKs
                                                                                                                      MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                                                                                                                      SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                                                                                                                      SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                                                                                                                      SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\cy\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):806
                                                                                                                      Entropy (8bit):4.815663786215102
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:YGo35xMxy6gLr4Dn1eBVa1xzxyn1VFQB6FDVgdAJex9QH7uy+XJEjENK32J21j:Y735+yoeeRG54uDmdXx9Q7u3r83Xj
                                                                                                                      MD5:A86407C6F20818972B80B9384ACFBBED
                                                                                                                      SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                                                                                                                      SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                                                                                                                      SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\da\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):883
                                                                                                                      Entropy (8bit):4.5096240460083905
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HA4EFkQdUULMnf1yo+9qgpukAXW9bGJTvDyqdr:zEFkegfw9qwAXWNs/yu
                                                                                                                      MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                                                                                                                      SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                                                                                                                      SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                                                                                                                      SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\de\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1031
                                                                                                                      Entropy (8bit):4.621865814402898
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HA6sZnqWd77ykJzCkhRhoe1HMNaAJPwG/p98HKpy2kX/R:WZqWxykJzthRhoQma+tpyHX2O/R
                                                                                                                      MD5:D116453277CC860D196887CEC6432FFE
                                                                                                                      SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                                                                                                                      SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                                                                                                                      SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\el\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1613
                                                                                                                      Entropy (8bit):4.618182455684241
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAJKan4EITDZGoziRAc2Z8eEfkTJfLhGX7b0UBNoAcGpVyhxefSmuq:SKzTD0IK85JlwsGOUyaSk
                                                                                                                      MD5:9ABA4337C670C6349BA38FDDC27C2106
                                                                                                                      SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                                                                                                                      SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                                                                                                                      SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\en\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):851
                                                                                                                      Entropy (8bit):4.4858053753176526
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                      MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                      SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                      SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                      SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\en_CA\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):851
                                                                                                                      Entropy (8bit):4.4858053753176526
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                      MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                      SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                      SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                      SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\en_GB\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):848
                                                                                                                      Entropy (8bit):4.494568170878587
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvgg4eCBxNdN3vRyc1NzXW6iFrSCBxesJGceKCSUuvlvOgwCBhUufz1tnaXrQ:1HA3djfR3NzXviFrJj4sJXJ+bA6RM
                                                                                                                      MD5:3734D498FB377CF5E4E2508B8131C0FA
                                                                                                                      SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                                                                                                                      SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                                                                                                                      SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\en_US\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1425
                                                                                                                      Entropy (8bit):4.461560329690825
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HA6Krbbds5Kna/BNzXviFrpsCxKU4irpNQ0+qWK5yOJAaCB7MAa6:BKrbBs5Kna/BNzXvi3sCxKZirA0jWK5m
                                                                                                                      MD5:578215FBB8C12CB7E6CD73FBD16EC994
                                                                                                                      SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                                                                                                                      SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                                                                                                                      SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\es\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):961
                                                                                                                      Entropy (8bit):4.537633413451255
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvggeCBxNFxcw2CVcfamedatqWCCBxeFxCF/m+rWAaFQbCSUuExqIQdO06stp:1HAqn0gcfa9dc/5mCpmIWck02USfWmk
                                                                                                                      MD5:F61916A206AC0E971CDCB63B29E580E3
                                                                                                                      SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                                                                                                                      SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                                                                                                                      SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\es_419\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):959
                                                                                                                      Entropy (8bit):4.570019855018913
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HARn05cfa9dcDmQOTtSprj0zaGUSjSGZ:+n0CfMcDmQOTQprj4qpC
                                                                                                                      MD5:535331F8FB98894877811B14994FEA9D
                                                                                                                      SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                                                                                                                      SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                                                                                                                      SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\et\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):968
                                                                                                                      Entropy (8bit):4.633956349931516
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HA5WG6t306+9sihHvMfdJLjUk4NJPNczGr:mWGY0cOUdJODPmzs
                                                                                                                      MD5:64204786E7A7C1ED9C241F1C59B81007
                                                                                                                      SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                                                                                                                      SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                                                                                                                      SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\eu\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):838
                                                                                                                      Entropy (8bit):4.4975520913636595
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:YnmjggqTWngosqYQqE1kjO39m7OddC0vjWQMmWgqwgQ8KLcxOb:Ynmsgqyngosq9qxTOs0vjWQMbgqchb
                                                                                                                      MD5:29A1DA4ACB4C9D04F080BB101E204E93
                                                                                                                      SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                                                                                                                      SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                                                                                                                      SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\fa\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1305
                                                                                                                      Entropy (8bit):4.673517697192589
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAX9yM7oiI99Rwx4xyQakJbfAEJhmq/RlBu92P7FbNcgYVJ0:JM7ovex4xyQaKjAEyq/p7taX0
                                                                                                                      MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                                                                                                                      SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                                                                                                                      SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                                                                                                                      SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\fi\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):911
                                                                                                                      Entropy (8bit):4.6294343834070935
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvguCBxNMME2BESA7gPQk36xCBxeMMcXYBt+CSU1pfazCBhUunV1tLaX5GI2N:1HAVioESAsPf36O3Xst/p3J8JeEY
                                                                                                                      MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                                                                                                                      SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                                                                                                                      SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                                                                                                                      SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\fil\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):939
                                                                                                                      Entropy (8bit):4.451724169062555
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAXbH2eZXn6sjLITdRSJpGL/gWFJ3sqixO:ubHfZqsHIT/FLL3qO
                                                                                                                      MD5:FCEA43D62605860FFF41BE26BAD80169
                                                                                                                      SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                                                                                                                      SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                                                                                                                      SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\fr\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):977
                                                                                                                      Entropy (8bit):4.622066056638277
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAdy42ArMdsH50Jd6Z1PCBolXAJ+GgNHp0X16M1J1:EyfArMS2Jd6Z1PCBolX2+vNmX16Y1
                                                                                                                      MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                                                                                                                      SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                                                                                                                      SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                                                                                                                      SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\fr_CA\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):972
                                                                                                                      Entropy (8bit):4.621319511196614
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAdyg2pwbv1V8Cd61PC/vT2fg3YHDyM1J1:EyHpwbpd61C/72Y3YOY1
                                                                                                                      MD5:6CAC04BDCC09034981B4AB567B00C296
                                                                                                                      SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                                                                                                                      SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                                                                                                                      SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\gl\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):990
                                                                                                                      Entropy (8bit):4.497202347098541
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvggECBxNbWVqMjlMgaPLqXPhTth0CBxebWbMRCSUCjAKFCSIj0tR7tCBhP1l:1HACzWsMlajIhJhHKWbFKFC0tR8oNK5
                                                                                                                      MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                                                                                                                      SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                                                                                                                      SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                                                                                                                      SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\gu\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1658
                                                                                                                      Entropy (8bit):4.294833932445159
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HA3k3FzEVeXWuvLujNzAK11RiqRC2sA0O3cEiZ7dPRFFOPtZdK0A41yG3BczKT3:Q4pE4rCjNjw6/0y+5j8ZHA4PBSKr
                                                                                                                      MD5:BC7E1D09028B085B74CB4E04D8A90814
                                                                                                                      SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                                                                                                                      SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                                                                                                                      SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\hi\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1672
                                                                                                                      Entropy (8bit):4.314484457325167
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:46G2+ymELbLNzGVx/hXdDtxSRhqv7Qm6/7Lm:4GbxzGVzXdDtx+qzU/7C
                                                                                                                      MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                                                                                                                      SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                                                                                                                      SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                                                                                                                      SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "... .....".. },.. "explanationofflinedisabled": {.. "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... .....".. },.. "explanationofflineenabled": {.. "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ....".. },.. "extdesc": {.. "message": ".... .... ....... ...... ..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\hr\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):935
                                                                                                                      Entropy (8bit):4.6369398601609735
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HA7sR5k/I+UX/hrcySxG1fIZ3tp/S/d6Gpb+D:YsE/I+UX/hVSxQ03f/Sj+D
                                                                                                                      MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                                                                                                                      SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                                                                                                                      SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                                                                                                                      SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "IZRADI NOVI".. },.. "explanationofflinedisabled": {.. "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom.".. },.. "explanationofflineenabled": {.. "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove.".. },.. "extdesc": {.. "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu.".. },.. "extname": {.. "message": "Google dokumenti izvanmre.no".. },.. "learnmore": {.. "message": "Saznajte vi.e".. },.. "popuphelptext": {.. "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\hu\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1065
                                                                                                                      Entropy (8bit):4.816501737523951
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HA6J54gEYwFFMxv4gvyB9FzmxlsN147g/zJcYwJgrus4QY2jom:NJ54gEYwUmgKHFzmsG7izJcYOgKgYjm
                                                                                                                      MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                                                                                                                      SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                                                                                                                      SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                                                                                                                      SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": ".J L.TREHOZ.SA".. },.. "explanationofflinedisabled": {.. "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st.".. },.. "explanationofflineenabled": {.. "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat.".. },.. "extdesc": {.. "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is.".. },.. "extname": {.. "message": "Google Dokumentumok Offline".. },.. "learnmore": {.. "message": "Tov.bbi inform.ci.".. },.. "popuphelptext": {.. "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\hy\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2771
                                                                                                                      Entropy (8bit):3.7629875118570055
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:Y0Fx+eiYZBZ7K1ZZ/5QQxTuDLoFZaIZSK7lq0iC0mlMO6M3ih1oAgC:lF2BTz6N/
                                                                                                                      MD5:55DE859AD778E0AA9D950EF505B29DA9
                                                                                                                      SHA1:4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2
                                                                                                                      SHA-256:0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
                                                                                                                      SHA-512:EDAB2FCC14CABB6D116E9C2907B42CFBC34F1D9035F43E454F1F4D1F3774C100CBADF6B4C81B025810ED90FA91C22F1AEFE83056E4543D92527E4FE81C7889A8
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"createnew":{"message":"\u054d\u054f\u0535\u0542\u053e\u0535\u053c \u0546\u0548\u0550"},"explanationofflinedisabled":{"message":"Google \u0553\u0561\u057d\u057f\u0561\u0569\u0572\u0569\u0565\u0580\u0568 \u0576\u0561\u0587 \u0561\u0576\u0581\u0561\u0576\u0581 \u057c\u0565\u056a\u056b\u0574\u0578\u0582\u0574 \u0585\u0563\u057f\u0561\u0563\u0578\u0580\u056e\u0565\u056c\u0578\u0582 \u0570\u0561\u0574\u0561\u0580 \u0574\u056b\u0561\u0581\u0565\u0584 \u0570\u0561\u0574\u0561\u0581\u0561\u0576\u0581\u056b\u0576, \u0562\u0561\u0581\u0565\u0584 \u056e\u0561\u057c\u0561\u0575\u0578\u0582\u0569\u0575\u0561\u0576 \u0563\u056c\u056d\u0561\u057e\u0578\u0580 \u0567\u057b\u0568, \u0561\u0576\u0581\u0565\u0584 \u056f\u0561\u0580\u0563\u0561\u057e\u0578\u0580\u0578\u0582\u0574\u0576\u0565\u0580 \u0587 \u0574\u056b\u0561\u0581\u0580\u0565\u0584 \u0561\u0576\u0581\u0561\u0576\u0581 \u0570\u0561\u0574\u0561\u056a\u0561\u0574\u0561\u0581\u0578\u0582\u0574\u0568:"},"explanationofflineenabled":{"message":"\u

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\id\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):858
                                                                                                                      Entropy (8bit):4.474411340525479
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvgJX4CBxNpXemNOAJRFqjRpCBxedIdjTi92OvbCSUuoi01uRwCBhUuvz1thK:1HARXzhXemNOQWGcEoeH1eXJNvT2
                                                                                                                      MD5:34D6EE258AF9429465AE6A078C2FB1F5
                                                                                                                      SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                                                                                                                      SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                                                                                                                      SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "BUAT BARU".. },.. "explanationofflinedisabled": {.. "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet.".. },.. "explanationofflineenabled": {.. "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru.".. },.. "extdesc": {.. "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet.".. },.. "extname": {.. "message": "Google Dokumen Offline".. },.. "learnmore": {.. "message": "Pelajari Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\is\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):954
                                                                                                                      Entropy (8bit):4.6457079159286545
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:YGXU2rOcxGe+J97M9TP2DBX9tMfxqbTMvOfWWgdraqlifVpm0Ekf95Mw89KkJ+je:YwBrD2g2DBLMfFuWvdpY94viDO+uh
                                                                                                                      MD5:CAEB37F451B5B5E9F5EB2E7E7F46E2D7
                                                                                                                      SHA1:F917F9EAE268A385A10DB3E19E3CC3ACED56D02E
                                                                                                                      SHA-256:943E61988C859BB088F548889F0449885525DD660626A89BA67B2C94CFBFBB1B
                                                                                                                      SHA-512:A55DEC2404E1D7FA5A05475284CBECC2A6208730F09A227D75FDD4AC82CE50F3751C89DC687C14B91950F9AA85503BD6BF705113F2F1D478E728DF64D476A9EE
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"createnew":{"message":"B\u00daA TIL N\u00ddTT"},"explanationofflinedisabled":{"message":"\u00de\u00fa ert \u00e1n nettengingar. Til a\u00f0 nota Google-skj\u00f6l \u00e1n nettengingar skaltu opna stillingarnar \u00e1 heimas\u00ed\u00f0u Google skjala og virkja samstillingu \u00e1n nettengingar n\u00e6st \u00feegar \u00fe\u00fa tengist netinu."},"explanationofflineenabled":{"message":"Engin nettenging. \u00de\u00fa getur samt sem \u00e1\u00f0ur breytt tilt\u00e6kum skr\u00e1m e\u00f0a b\u00fai\u00f0 til n\u00fdjar."},"extdesc":{"message":"Breyttu, b\u00fa\u00f0u til og sko\u00f0a\u00f0u skj\u00f6lin \u00fe\u00edn, t\u00f6flureikna og kynningar \u2014 allt \u00e1n nettengingar."},"extname":{"message":"Google-skj\u00f6l \u00e1n nettengingar"},"learnmore":{"message":"Frekari uppl\u00fdsingar"},"popuphelptext":{"message":"Skrifa\u00f0u, breyttu og starfa\u00f0u me\u00f0 \u00f6\u00f0rum hvort sem nettenging er til sta\u00f0ar e\u00f0a ekki."}}.

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\it\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):899
                                                                                                                      Entropy (8bit):4.474743599345443
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvggrCBxNp8WJOJJrJ3WytVCBxep3bjP5CSUCjV8AgJJm2CBhr+z1tWgjqEOW:1HANXJOTBFtKa8Agju4NB3j
                                                                                                                      MD5:0D82B734EF045D5FE7AA680B6A12E711
                                                                                                                      SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                                                                                                                      SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                                                                                                                      SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "CREA NUOVO".. },.. "explanationofflinedisabled": {.. "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet.".. },.. "explanationofflineenabled": {.. "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi.".. },.. "extdesc": {.. "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet.".. },.. "extname": {.. "message": "Documenti Google offline".. },.. "learnmore": {.. "message": "Ulteriori informazioni".. },.. "popuphelptext": {.. "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\iw\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2230
                                                                                                                      Entropy (8bit):3.8239097369647634
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:YIiTVLrLD1MEzMEH82LBLjO5YaQEqLytLLBm3dnA5LcqLWAU75yxFLcx+UxWRJLI:YfTFf589rZNgNA12Qzt4/zRz2vc
                                                                                                                      MD5:26B1533C0852EE4661EC1A27BD87D6BF
                                                                                                                      SHA1:18234E3ABAF702DF9330552780C2F33B83A1188A
                                                                                                                      SHA-256:BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
                                                                                                                      SHA-512:450BFAF0E8159A4FAE309737EA69CA8DD91CAAFD27EF662087C4E7716B2DCAD3172555898E75814D6F11487F4F254DE8625EF0CFEA8DF0133FC49E18EC7FD5D2
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"createnew":{"message":"\u05d9\u05e6\u05d9\u05e8\u05ea \u05d7\u05d3\u05e9"},"explanationofflinedisabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8. \u05db\u05d3\u05d9 \u05dc\u05d4\u05e9\u05ea\u05de\u05e9 \u05d1-Google Docs \u05dc\u05dc\u05d0 \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d1\u05d4\u05ea\u05d7\u05d1\u05e8\u05d5\u05ea \u05d4\u05d1\u05d0\u05d4 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d9\u05e9 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05dc\u05e7\u05d8\u05e2 \u05d4\u05d4\u05d2\u05d3\u05e8\u05d5\u05ea \u05d1\u05d3\u05e3 \u05d4\u05d1\u05d9\u05ea \u05e9\u05dc Google Docs \u05d5\u05dc\u05d4\u05e4\u05e2\u05d9\u05dc \u05e1\u05e0\u05db\u05e8\u05d5\u05df \u05d1\u05de\u05e6\u05d1 \u05d0\u05d5\u05e4\u05dc\u05d9\u05d9\u05df."},"explanationofflineenabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\ja\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1160
                                                                                                                      Entropy (8bit):5.292894989863142
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAoc3IiRF1viQ1RF3CMP3rnicCCAFrr1Oo0Y5ReXCCQkb:Dc3zF7F3CMTnOCAFVLHXCFb
                                                                                                                      MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                                                                                                                      SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                                                                                                                      SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                                                                                                                      SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "....".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ............................... Google .............. [..] .......[.......] ...........".. },.. "explanationofflineenabled": {.. "message": ".............................................".. },.. "extdesc": {.. "message": ".........................................................".. },.. "extname": {.. "message": "Google ..... ......".. },.. "learnmore": {.. "message": "..".. },.. "popuphelp

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\ka\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):3264
                                                                                                                      Entropy (8bit):3.586016059431306
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:YGFbhVhVn0nM/XGbQTvxnItVJW/476CFdqaxWNlR:HFbhV/n0MfGbw875FkaANlR
                                                                                                                      MD5:83F81D30913DC4344573D7A58BD20D85
                                                                                                                      SHA1:5AD0E91EA18045232A8F9DF1627007FE506A70E0
                                                                                                                      SHA-256:30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
                                                                                                                      SHA-512:85F97F12AD4482B5D9A6166BB2AE3C4458A582CF575190C71C1D8E0FB87C58482F8C0EFEAD56E3A70EDD42BED945816DB5E07732AD27B8FFC93F4093710DD58F
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"createnew":{"message":"\u10d0\u10ee\u10da\u10d8\u10e1 \u10e8\u10d4\u10e5\u10db\u10dc\u10d0"},"explanationofflinedisabled":{"message":"\u10d7\u10e5\u10d5\u10d4\u10dc \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10ee\u10d0\u10e0\u10d7. Google Docs-\u10d8\u10e1 \u10d8\u10dc\u10e2\u10d4\u10e0\u10dc\u10d4\u10e2\u10d7\u10d0\u10dc \u10d9\u10d0\u10d5\u10e8\u10d8\u10e0\u10d8\u10e1 \u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10d2\u10d0\u10db\u10dd\u10e1\u10d0\u10e7\u10d4\u10dc\u10d4\u10d1\u10da\u10d0\u10d3 \u10d2\u10d0\u10d3\u10d0\u10d3\u10d8\u10d7 \u10de\u10d0\u10e0\u10d0\u10db\u10d4\u10e2\u10e0\u10d4\u10d1\u10d6\u10d4 Google Docs-\u10d8\u10e1 \u10db\u10d7\u10d0\u10d5\u10d0\u10e0 \u10d2\u10d5\u10d4\u10e0\u10d3\u10d6\u10d4 \u10d3\u10d0 \u10e9\u10d0\u10e0\u10d7\u10d4\u10d7 \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10e1\u10d8\u10dc\u10e5\u10e0\u10dd\u10dc\u10d8\u10d6\u10d0\u10ea\u10d8\u10d0, \u10e0\u10dd\u10d3\u10d4\u10e1\u10d0\u10ea \u10e8\u10d4\u10db\u10d3\u10d2\u10dd\u10

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\kk\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):3235
                                                                                                                      Entropy (8bit):3.6081439490236464
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:96:H3E+6rOEAbeHTln2EQ77Uayg45RjhCSj+OyRdM7AE9qdV:HXcR/nQXUayYV
                                                                                                                      MD5:2D94A58795F7B1E6E43C9656A147AD3C
                                                                                                                      SHA1:E377DB505C6924B6BFC9D73DC7C02610062F674E
                                                                                                                      SHA-256:548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
                                                                                                                      SHA-512:F51CC857E4CF2D4545C76A2DCE7D837381CE59016E250319BF8D39718BE79F9F6EE74EA5A56DE0E8759E4E586D93430D51651FC902376D8A5698628E54A0F2D8
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"createnew":{"message":"\u0416\u0410\u04a2\u0410\u0421\u042b\u041d \u0416\u0410\u0421\u0410\u0423"},"explanationofflinedisabled":{"message":"\u0421\u0456\u0437 \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u043d\u0434\u0435\u0441\u0456\u0437. Google Docs \u049b\u043e\u043b\u0434\u0430\u043d\u0431\u0430\u0441\u044b\u043d \u0436\u0435\u043b\u0456 \u0431\u0430\u0439\u043b\u0430\u043d\u044b\u0441\u044b\u043d\u0441\u044b\u0437 \u049b\u043e\u043b\u0434\u0430\u043d\u0443 \u04af\u0448\u0456\u043d, \u043a\u0435\u043b\u0435\u0441\u0456 \u0436\u043e\u043b\u044b \u0436\u0435\u043b\u0456\u0433\u0435 \u049b\u043e\u0441\u044b\u043b\u0493\u0430\u043d\u0434\u0430, Google Docs \u043d\u0435\u0433\u0456\u0437\u0433\u0456 \u0431\u0435\u0442\u0456\u043d\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043b\u0435\u0440 \u0431\u04e9\u043b\u0456\u043c\u0456\u043d \u043a\u0456\u0440\u0456\u043f, \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\km\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):3122
                                                                                                                      Entropy (8bit):3.891443295908904
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:96:/OOrssRU6Bg7VSdL+zsCfoZiWssriWqo2gx7RRCos2sEeBkS7Zesg:H5GRZlXsGdo
                                                                                                                      MD5:B3699C20A94776A5C2F90AEF6EB0DAD9
                                                                                                                      SHA1:1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA
                                                                                                                      SHA-256:A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
                                                                                                                      SHA-512:1E8D15B8BFF1D289434A244172F9ED42B4BB6BCB6372C1F300B01ACEA5A88167E97FEDABA0A7AE3BEB5E24763D1B09046AE8E30745B80E2E2FE785C94DF362F6
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"createnew":{"message":"\u1794\u1784\u17d2\u1780\u17be\u178f\u200b\u1790\u17d2\u1798\u17b8"},"explanationofflinedisabled":{"message":"\u17a2\u17d2\u1793\u1780\u200b\u1782\u17d2\u1798\u17b6\u1793\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f\u17d4 \u178a\u17be\u1798\u17d2\u1794\u17b8\u200b\u1794\u17d2\u179a\u17be Google \u17af\u1780\u179f\u17b6\u179a\u200b\u1794\u17b6\u1793\u200b\u200b\u178a\u17c4\u1799\u200b\u200b\u1798\u17b7\u1793\u1798\u17b6\u1793\u200b\u200b\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f \u179f\u17bc\u1798\u200b\u200b\u1791\u17c5\u200b\u1780\u17b6\u1793\u17cb\u200b\u1780\u17b6\u179a\u200b\u1780\u17c6\u178e\u178f\u17cb\u200b\u1793\u17c5\u200b\u179b\u17be\u200b\u1782\u17c1\u17a0\u1791\u17c6\u1796\u17d0\u179a Google \u17af\u1780\u179f\u17b6\u179a \u1793\u17b7\u1784\u200b\u1794\u17be\u1780\u200b\u1780\u17b6\u179a\u1792\u17d2\u179c\u17be\u200b\u179f\u1798\u1780\u17b6\u179b\u1780\u1798\u17d2\u1798\u200b\u200b\u200b\u1782\u17d2\u1798\u17b6\u1793

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\kn\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1895
                                                                                                                      Entropy (8bit):4.28990403715536
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:SHYGuEETiuF6OX5tCYFZt5GurMRRevsY4tVZIGnZRxlKT6/U0WG:yYG8iuF6yTCYFH5GjLPtVZVZRxOZ0J
                                                                                                                      MD5:38BE0974108FC1CC30F13D8230EE5C40
                                                                                                                      SHA1:ACF44889DD07DB97D26D534AD5AFA1BC1A827BAD
                                                                                                                      SHA-256:30078EF35A76E02A400F03B3698708A0145D9B57241CC4009E010696895CF3A1
                                                                                                                      SHA-512:7BDB2BADE4680801FC3B33E82C8AA4FAC648F45C795B4BACE4669D6E907A578FF181C093464884C0E00C9762E8DB75586A253D55CD10A7777D281B4BFFAFE302
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "........ .....".. },.. "explanationofflinedisabled": {.. "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... .....".. },.. "explanationofflineenabled": {.. "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ .........."..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\ko\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1042
                                                                                                                      Entropy (8bit):5.3945675025513955
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAWYsF4dqNfBQH49Hk8YfIhYzTJ+6WJBtl/u4s+6:ZF4wNfvm87mX4LF6
                                                                                                                      MD5:F3E59EEEB007144EA26306C20E04C292
                                                                                                                      SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                                                                                                                      SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                                                                                                                      SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": ".. ...".. },.. "explanationofflinedisabled": {.. "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......".. },.. "explanationofflineenabled": {.. "message": ".... ...... ... .. ... ... ..... ... ... .. . .....".. },.. "extdesc": {.. "message": ".... .... ... .., ...... . ....... .., .., ......".. },.. "extname": {.. "message": "Google Docs ....".. },.. "learnmore": {.. "message": "... ....".. },.. "popuphelptext": {.. "message": "... .. ... .... ..... .... .... .....

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\lo\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2535
                                                                                                                      Entropy (8bit):3.8479764584971368
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:YRcHe/4raK1EIlZt1wg62FIOg+xGaF8guI5EP9I2yC:+cs4raK1xlZtOgviOfGaF8RI5EP95b
                                                                                                                      MD5:E20D6C27840B406555E2F5091B118FC5
                                                                                                                      SHA1:0DCECC1A58CEB4936E255A64A2830956BFA6EC14
                                                                                                                      SHA-256:89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
                                                                                                                      SHA-512:AD53FC0B153005F47F9F4344DF6C4804049FAC94932D895FD02EEBE75222CFE77EEDD9CD3FDC4C88376D18C5972055B00190507AA896488499D64E884F84F093
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"createnew":{"message":"\u0eaa\u0ec9\u0eb2\u0e87\u0ec3\u0edd\u0ec8"},"explanationofflinedisabled":{"message":"\u0e97\u0ec8\u0eb2\u0e99\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ea2\u0eb9\u0ec8. \u0ec0\u0e9e\u0eb7\u0ec8\u0ead\u0ec3\u0e8a\u0ec9 Google Docs \u0ec2\u0e94\u0e8d\u0e9a\u0ecd\u0ec8\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94, \u0ec3\u0eab\u0ec9\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e81\u0eb2\u0e99\u0e95\u0eb1\u0ec9\u0e87\u0e84\u0ec8\u0eb2\u0ec3\u0e99\u0edc\u0ec9\u0eb2 Google Docs \u0ec1\u0ea5\u0ec9\u0ea7\u0ec0\u0e9b\u0eb5\u0e94\u0ec3\u0e8a\u0ec9\u0e81\u0eb2\u0e99\u0e8a\u0eb4\u0ec9\u0e87\u0ec1\u0e9a\u0e9a\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ec3\u0e99\u0ec0\u0e97\u0eb7\u0ec8\u0ead\u0e95\u0ecd\u0ec8\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e97\u0ec8\u0eb2\u0e99\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94."},"explanationofflineenabled":{"message":"\u0e97\u0ec

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\lt\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1028
                                                                                                                      Entropy (8bit):4.797571191712988
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAivZZaJ3Rje394+k7IKgpAJjUpSkiQjuRBMd:fZZahBeu7IKgqeMg
                                                                                                                      MD5:970544AB4622701FFDF66DC556847652
                                                                                                                      SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                                                                                                                      SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                                                                                                                      SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "SUKURTI NAUJ.".. },.. "explanationofflinedisabled": {.. "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto.".. },.. "explanationofflineenabled": {.. "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj..".. },.. "extdesc": {.. "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto.".. },.. "extname": {.. "message": ".Google. dokumentai neprisijungus".. },.. "learnmore": {.. "message": "Su.inoti daugiau".. },.. "popuphelptext": {.. "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\lv\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):994
                                                                                                                      Entropy (8bit):4.700308832360794
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAaJ7a/uNpoB/Y4vPnswSPkDzLKFQHpp//BpPDB:7J7a/uzQ/Y4vvswhDzDr/LDB
                                                                                                                      MD5:A568A58817375590007D1B8ABCAEBF82
                                                                                                                      SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                                                                                                                      SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                                                                                                                      SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "IZVEIDOT JAUNU".. },.. "explanationofflinedisabled": {.. "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist..".. },.. "explanationofflineenabled": {.. "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus.".. },.. "extdesc": {.. "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu.".. },.. "extname": {.. "message": "Google dokumenti bezsaist.".. },.. "learnmore": {.. "message": "Uzziniet vair.k".. },.. "popuphelptext": {.. "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\ml\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2091
                                                                                                                      Entropy (8bit):4.358252286391144
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAnHdGc4LtGxVY6IuVzJkeNL5kP13a67wNcYP8j5PIaSTIjPU4ELFPCWJjMupV/:idGcyYPVtkAUl7wqziBsg9DbpN6XoN/
                                                                                                                      MD5:4717EFE4651F94EFF6ACB6653E868D1A
                                                                                                                      SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                                                                                                                      SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                                                                                                                      SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "....... ............".. },.. "explanationofflinedisabled": {.. "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' .........".. },.. "explanationofflineenabled": {.. "message": "................., .......... ......... ....... ...... ..............

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\mn\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2778
                                                                                                                      Entropy (8bit):3.595196082412897
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:Y943BFU1LQ4HwQLQ4LQhlmVQL3QUm6H6ZgFIcwn6Rs2ShpQ3IwjGLQSJ/PYoEQj8:I43BCymz8XNcfuQDXYN2sum
                                                                                                                      MD5:83E7A14B7FC60D4C66BF313C8A2BEF0B
                                                                                                                      SHA1:1CCF1D79CDED5D65439266DB58480089CC110B18
                                                                                                                      SHA-256:613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
                                                                                                                      SHA-512:3742E24FFC4B5283E6EE496813C1BDC6835630D006E8647D427C3DE8B8E7BF814201ADF9A27BFAB3ABD130B6FEC64EBB102AC0EB8DEDFE7B63D82D3E1233305D
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"createnew":{"message":"\u0428\u0418\u041d\u0418\u0419\u0413 \u04ae\u04ae\u0421\u0413\u042d\u0425"},"explanationofflinedisabled":{"message":"\u0422\u0430 \u043e\u0444\u043b\u0430\u0439\u043d \u0431\u0430\u0439\u043d\u0430. Google \u0414\u043e\u043a\u044b\u0433 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u0433\u04af\u0439\u0433\u044d\u044d\u0440 \u0430\u0448\u0438\u0433\u043b\u0430\u0445\u044b\u043d \u0442\u0443\u043b\u0434 \u0434\u0430\u0440\u0430\u0430\u0433\u0438\u0439\u043d \u0443\u0434\u0430\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u044d\u0434 \u0445\u043e\u043b\u0431\u043e\u0433\u0434\u043e\u0445\u0434\u043e\u043e Google \u0414\u043e\u043a\u044b\u043d \u043d\u04af\u04af\u0440 \u0445\u0443\u0443\u0434\u0430\u0441\u043d\u0430\u0430\u0441 \u0442\u043e\u0445\u0438\u0440\u0433\u043e\u043e \u0434\u043e\u0442\u043e\u0440\u0445 \u043e\u0444\u043b\u0430\u0439\u043d \u0441\u0438\u043d\u043a\u0438\u0439\u0433 \u0438\u0434\u044d\u0432\u0445\u0436\u04af\u04af\u043b\u043d\u0

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\mr\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1719
                                                                                                                      Entropy (8bit):4.287702203591075
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:65/5EKaDMw6pEf4I5+jSksOTJqQyrFO8C:65/5EKaAw6pEf4I5+vsOVqQyFO8C
                                                                                                                      MD5:3B98C4ED8874A160C3789FEAD5553CFA
                                                                                                                      SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                                                                                                                      SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                                                                                                                      SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": ".... .... ...".. },.. "explanationofflinedisabled": {.. "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ....".. },.. "explanationofflineenabled": {.. "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... .....".. },.. "extdesc": {.. "message": "..... ..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\ms\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):936
                                                                                                                      Entropy (8bit):4.457879437756106
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HARXIqhmemNKsE27rhdfNLChtyo2JJ/YgTgin:iIqFC7lrDfNLCIBRzn
                                                                                                                      MD5:7D273824B1E22426C033FF5D8D7162B7
                                                                                                                      SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                                                                                                                      SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                                                                                                                      SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "BUAT BAHARU".. },.. "explanationofflinedisabled": {.. "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini.".. },.. "explanationofflineenabled": {.. "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu.".. },.. "extdesc": {.. "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet.".. },.. "extname": {.. "message": "Google Docs Luar Talian".. },.. "learnmore": {.. "message": "Ketahui Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\my\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):3830
                                                                                                                      Entropy (8bit):3.5483353063347587
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:Ya+Ivxy6ur1+j3P7Xgr5ELkpeCgygyOxONHO3pj6H57ODyOXOVp6:8Uspsj3P3ty2a66xl09
                                                                                                                      MD5:342335A22F1886B8BC92008597326B24
                                                                                                                      SHA1:2CB04F892E430DCD7705C02BF0A8619354515513
                                                                                                                      SHA-256:243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
                                                                                                                      SHA-512:CD344D060E30242E5A4705547E807CE3CE2231EE983BB9A8AD22B3E7598A7EC87399094B04A80245AD51D039370F09D74FE54C0B0738583884A73F0C7E888AD8
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"createnew":{"message":"\u1021\u101e\u1005\u103a \u1015\u103c\u102f\u101c\u102f\u1015\u103a\u101b\u1014\u103a"},"explanationofflinedisabled":{"message":"\u101e\u1004\u103a \u1021\u1031\u102c\u1037\u1016\u103a\u101c\u102d\u102f\u1004\u103a\u1038\u1016\u103c\u1005\u103a\u1014\u1031\u1015\u102b\u101e\u100a\u103a\u104b \u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u1019\u103e\u102f \u1019\u101b\u103e\u102d\u1018\u1032 Google Docs \u1000\u102d\u102f \u1021\u101e\u102f\u1036\u1038\u1015\u103c\u102f\u101b\u1014\u103a \u1014\u1031\u102c\u1000\u103a\u1010\u1005\u103a\u1000\u103c\u102d\u1019\u103a \u101e\u1004\u103a\u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u101e\u100a\u1037\u103a\u1021\u1001\u102b Google Docs \u1015\u1004\u103a\u1019\u1005\u102c\u1019\u103b\u1000\u103a\u1014\u103e\u102c\u101b\u103e\u102d \u1006\u1000\u103a\u1010\u1004\u103a\u1019\u103b\u102c\u1038\u101e\u102d\u102f\u1037\u1

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\ne\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1898
                                                                                                                      Entropy (8bit):4.187050294267571
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAmQ6ZSWfAx6fLMr48tE/cAbJtUZJScSIQoAfboFMiQ9pdvz48YgqG:TQ6W6MbkcAltUJxQdfbqQ9pp0gqG
                                                                                                                      MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                                                                                                                      SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                                                                                                                      SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                                                                                                                      SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": ".... ....... .........".. },.. "explanationofflinedisabled": {.. "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. ..........".. },.. "explanationofflineenabled": {.. "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\nl\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):914
                                                                                                                      Entropy (8bit):4.513485418448461
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvgFARCBxNBv52/fXjOXl6W6ICBxeBvMzU1CSUJAO6SFAIVIbCBhZHdb1tvz+:1HABJx4X6QDwEzlm2uGvYzKU
                                                                                                                      MD5:32DF72F14BE59A9BC9777113A8B21DE6
                                                                                                                      SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                                                                                                                      SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                                                                                                                      SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "NIEUW MAKEN".. },.. "explanationofflinedisabled": {.. "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan.".. },.. "explanationofflineenabled": {.. "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken.".. },.. "extdesc": {.. "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang.".. },.. "extname": {.. "message": "Offline Documenten".. },.. "learnmore": {.. "message": "Meer informatie".. },.. "popuphelptext": {.. "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\no\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):878
                                                                                                                      Entropy (8bit):4.4541485835627475
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAqwwrJ6wky68uk+NILxRGJwBvDyrj9V:nwwQwky6W+NwswVyT
                                                                                                                      MD5:A1744B0F53CCF889955B95108367F9C8
                                                                                                                      SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                                                                                                                      SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                                                                                                                      SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "OPPRETT NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett.".. },.. "explanationofflineenabled": {.. "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye.".. },.. "extdesc": {.. "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang.".. },.. "extname": {.. "message": "Google Dokumenter uten nett".. },.. "learnmore": {.. "message": "Finn ut mer".. },.. "popuphelptext": {.. "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\pa\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2766
                                                                                                                      Entropy (8bit):3.839730779948262
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:YEH6/o0iZbNCbDMUcipdkNtQjsGKIhO9aBjj/nxt9o5nDAj3:p6wbZbEbvJ8jQkIhO9aBjb/90Ab
                                                                                                                      MD5:97F769F51B83D35C260D1F8CFD7990AF
                                                                                                                      SHA1:0D59A76564B0AEE31D0A074305905472F740CECA
                                                                                                                      SHA-256:BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
                                                                                                                      SHA-512:D91F5E2D22FC2D7F73C1F1C4AF79DB98FCFD1C7804069AE9B2348CBC729A6D2DFF7FB6F44D152B0BDABA6E0D05DFF54987E8472C081C4D39315CEC2CBC593816
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"createnew":{"message":"\u0a28\u0a35\u0a3e\u0a02 \u0a2c\u0a23\u0a3e\u0a13"},"explanationofflinedisabled":{"message":"\u0a24\u0a41\u0a38\u0a40\u0a02 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a39\u0a4b\u0964 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a15\u0a28\u0a48\u0a15\u0a36\u0a28 \u0a26\u0a47 \u0a2c\u0a3f\u0a28\u0a3e\u0a02 Google Docs \u0a28\u0a42\u0a70 \u0a35\u0a30\u0a24\u0a23 \u0a32\u0a08, \u0a05\u0a17\u0a32\u0a40 \u0a35\u0a3e\u0a30 \u0a1c\u0a26\u0a4b\u0a02 \u0a24\u0a41\u0a38\u0a40\u0a02 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a26\u0a47 \u0a28\u0a3e\u0a32 \u0a15\u0a28\u0a48\u0a15\u0a1f \u0a39\u0a4b\u0a35\u0a4b \u0a24\u0a3e\u0a02 Google Docs \u0a2e\u0a41\u0a71\u0a16 \u0a2a\u0a70\u0a28\u0a47 '\u0a24\u0a47 \u0a38\u0a48\u0a1f\u0a3f\u0a70\u0a17\u0a3e\u0a02 \u0a35\u0a3f\u0a71\u0a1a \u0a1c\u0a3e\u0a13 \u0a05\u0a24\u0a47 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a38\u0a3f\u0a70\u0a15 \u0a28\u0a42\u0a70 \u0a1a\u0a3e\u0a32\u0a42 \u0a15\u0a30\u0a4b\u0964"},"expla

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\pl\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):978
                                                                                                                      Entropy (8bit):4.879137540019932
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HApiJiRelvm3wi8QAYcbm24sK+tFJaSDD:FJMx3whxYcbNp
                                                                                                                      MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                                                                                                                      SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                                                                                                                      SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                                                                                                                      SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "UTW.RZ NOWY".. },.. "explanationofflinedisabled": {.. "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu.".. },.. "explanationofflineenabled": {.. "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe.".. },.. "extdesc": {.. "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Wi.cej informacji".. },.. "popuphelptext": {.. "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\pt_BR\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):907
                                                                                                                      Entropy (8bit):4.599411354657937
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvgU30CBxNd6GwXOK1styCJ02OK9+4KbCBxed6X4LBAt4rXgUCSUuYDHIIQka:1HAcXlyCJ5+Tsz4LY4rXSw/Q+ftkC
                                                                                                                      MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                                                                                                                      SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                                                                                                                      SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                                                                                                                      SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line.".. },.. "explanationofflineenabled": {.. "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos.".. },.. "extdesc": {.. "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet.".. },.. "extname": {.. "message": "Documentos Google off-line".. },.. "learnmore": {.. "message": "Saiba mais".. },.. "popuphelptext": {.. "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\pt_PT\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):914
                                                                                                                      Entropy (8bit):4.604761241355716
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAcXzw8M+N0STDIjxX+qxCjKw5BKriEQFMJXkETs:zXzw0pKXbxqKw5BKri3aNY
                                                                                                                      MD5:0963F2F3641A62A78B02825F6FA3941C
                                                                                                                      SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                                                                                                                      SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                                                                                                                      SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet.".. },.. "explanationofflineenabled": {.. "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros.".. },.. "extdesc": {.. "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet.".. },.. "extname": {.. "message": "Google Docs offline".. },.. "learnmore": {.. "message": "Saber mais".. },.. "popuphelptext": {.. "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\ro\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):937
                                                                                                                      Entropy (8bit):4.686555713975264
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HA8dC6e6w+uFPHf2TFMMlecFpweWV4RE:pC6KvHf4plVweCx
                                                                                                                      MD5:BED8332AB788098D276B448EC2B33351
                                                                                                                      SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                                                                                                                      SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                                                                                                                      SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "CREEAZ. UN DOCUMENT".. },.. "explanationofflinedisabled": {.. "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet.".. },.. "explanationofflineenabled": {.. "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele.".. },.. "extdesc": {.. "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet.".. },.. "extname": {.. "message": "Documente Google Offline".. },.. "learnmore": {.. "message": "Afl. mai multe".. },.. "popuphelptext": {.. "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\ru\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1337
                                                                                                                      Entropy (8bit):4.69531415794894
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HABEapHTEmxUomjsfDVs8THjqBK8/hHUg41v+Lph5eFTHQ:I/VdxUomjsre8Kh4Riph5eFU
                                                                                                                      MD5:51D34FE303D0C90EE409A2397FCA437D
                                                                                                                      SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                                                                                                                      SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                                                                                                                      SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": ".......".. },.. "explanationofflinedisabled": {.. "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... .........".. },.. "explanationofflineenabled": {.. "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-.......".. },.. "extdesc": {.. "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . ..........".. },.. "extname": {.. "message": "Google.......... ......".. },.. "learnmore": {.

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\si\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2846
                                                                                                                      Entropy (8bit):3.7416822879702547
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:YWi+htQTKEQb3aXQYJLSWy7sTQThQTnQtQTrEmQ6kiLsegQSJFwsQGaiPn779I+S:zhiTK5b3tUGVjTGTnQiTryOLpyaxYf/S
                                                                                                                      MD5:B8A4FD612534A171A9A03C1984BB4BDD
                                                                                                                      SHA1:F513F7300827FE352E8ECB5BD4BB1729F3A0E22A
                                                                                                                      SHA-256:54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
                                                                                                                      SHA-512:C03E35BFDE546AEB3245024EF721E7E606327581EFE9EAF8C5B11989D9033BDB58437041A5CB6D567BAA05466B6AAF054C47F976FD940EEEDF69FDF80D79095B
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"createnew":{"message":"\u0db1\u0dc0 \u0dbd\u0dda\u0d9b\u0db1\u0dba\u0d9a\u0dca \u0dc3\u0dcf\u0daf\u0db1\u0dca\u0db1"},"explanationofflinedisabled":{"message":"\u0d94\u0db6 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2\u0dba. \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd \u0dc3\u0db8\u0dca\u0db6\u0db1\u0dca\u0db0\u0dad\u0dcf\u0dc0\u0d9a\u0dca \u0db1\u0ddc\u0db8\u0dd0\u0dad\u0dd2\u0dc0 Google Docs \u0db7\u0dcf\u0dc0\u0dd2\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8\u0da7, Google Docs \u0db8\u0dd4\u0dbd\u0dca \u0db4\u0dd2\u0da7\u0dd4\u0dc0 \u0db8\u0dad \u0dc3\u0dd0\u0d9a\u0dc3\u0dd3\u0db8\u0dca \u0dc0\u0dd9\u0dad \u0d9c\u0ddc\u0dc3\u0dca \u0d94\u0db6 \u0d8a\u0dc5\u0d9f \u0d85\u0dc0\u0dc3\u0dca\u0dae\u0dcf\u0dc0\u0dda \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd\u0dba\u0da7 \u0dc3\u0db6\u0dd0\u0db3\u0dd2 \u0dc0\u0dd2\u0da7 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2 \u0dc3\u0db8\u0db8\u0dd4\u0dc4\u0dd4\u0dbb\u0dca\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8 \u0d9a\u0dca\u200d\u0dbb\u0dd2\u0dba\u0dc

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\sk\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):934
                                                                                                                      Entropy (8bit):4.882122893545996
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAF8pMv1RS4LXL22IUjdh8uJwpPqLDEtxKLhSS:hyv1RS4LXx38u36QsS
                                                                                                                      MD5:8E55817BF7A87052F11FE554A61C52D5
                                                                                                                      SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                                                                                                                      SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                                                                                                                      SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "VYTVORI. NOV.".. },.. "explanationofflinedisabled": {.. "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu.".. },.. "explanationofflineenabled": {.. "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov..".. },.. "extdesc": {.. "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet.".. },.. "extname": {.. "message": "Dokumenty Google v re.ime offline".. },.. "learnmore": {.. "message": ".al.ie inform.cie".. },.. "popuphelptext": {.. "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\sl\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):963
                                                                                                                      Entropy (8bit):4.6041913416245
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvgfECBxNFCEuKXowwJrpvPwNgEcPJJJEfWOCBxeFCJuGuU4KYXCSUXKDxX4A:1HAXMKYw8VYNLcaeDmKYLdX2zJBG5
                                                                                                                      MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                                                                                                                      SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                                                                                                                      SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                                                                                                                      SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "USTVARI NOVO".. },.. "explanationofflinedisabled": {.. "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo.".. },.. "explanationofflineenabled": {.. "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove.".. },.. "extdesc": {.. "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa.".. },.. "extname": {.. "message": "Google Dokumenti brez povezave".. },.. "learnmore": {.. "message": "Ve. o tem".. },.. "popuphelptext": {.. "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\sr\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1320
                                                                                                                      Entropy (8bit):4.569671329405572
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HArg/fjQg2JwrfZtUWTrw1P4epMnRGi5TBmuPDRxZQ/XtiCw/Rwh/Q9EVz:ogUg2JwDZe6rwKI8VTP9xK1CwhI94
                                                                                                                      MD5:7F5F8933D2D078618496C67526A2B066
                                                                                                                      SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                                                                                                                      SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                                                                                                                      SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "....... ....".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ...........".. },.. "explanationofflineenabled": {.. "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... .....".. },.. "extdesc": {.. "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ .........".. },.. "extname": {.. "message

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\sv\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):884
                                                                                                                      Entropy (8bit):4.627108704340797
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HA0NOYT/6McbnX/yzklyOIPRQrJlvDymvBd:vNOcyHnX/yg0P4Bymn
                                                                                                                      MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                                                                                                                      SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                                                                                                                      SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                                                                                                                      SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "SKAPA NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet.".. },.. "explanationofflineenabled": {.. "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya.".. },.. "extdesc": {.. "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst.".. },.. "extname": {.. "message": "Google Dokument Offline".. },.. "learnmore": {.. "message": "L.s mer".. },.. "popuphelptext": {.. "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\sw\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):980
                                                                                                                      Entropy (8bit):4.50673686618174
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvgNHCBxNx1HMHyMhybK7QGU78oCuafIvfCBxex6EYPE5E1pOCSUJqONtCBh8:1HAGDQ3y0Q/Kjp/zhDoKMkeAT6dBaX
                                                                                                                      MD5:D0579209686889E079D87C23817EDDD5
                                                                                                                      SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                                                                                                                      SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                                                                                                                      SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "FUNGUA MPYA".. },.. "explanationofflinedisabled": {.. "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao.".. },.. "explanationofflineenabled": {.. "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya.".. },.. "extdesc": {.. "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti.".. },.. "extname": {.. "message": "Hati za Google Nje ya Mtandao".. },.. "learnmore": {.. "message": "Pata Maelezo Zaidi".. },.. "popuphelptext": {.. "message": "Andika hati, zibadilishe na ushirikiane na wengine popote ulipo, iwe una muunganisho wa intaneti au huna.".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\ta\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1941
                                                                                                                      Entropy (8bit):4.132139619026436
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAoTZwEj3YfVLiANpx96zjlXTwB4uNJDZwq3CP1B2xIZiIH1CYFIZ03SoFyxrph:JCEjWiAD0ZXkyYFyPND1L/I
                                                                                                                      MD5:DCC0D1725AEAEAAF1690EF8053529601
                                                                                                                      SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                                                                                                                      SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                                                                                                                      SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "..... ....... .........".. },.. "explanationofflinedisabled": {.. "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... ..........".. },.. "explanationofflineenabled": {.. "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\te\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1969
                                                                                                                      Entropy (8bit):4.327258153043599
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:R7jQrEONienBcFNBNieCyOBw0/kCcj+sEf24l+Q+u1LU4ljCj55ONipR41ssrNix:RjQJN1nBcFNBNlCyGcj+RXl+Q+u1LU4s
                                                                                                                      MD5:385E65EF723F1C4018EEE6E4E56BC03F
                                                                                                                      SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                                                                                                                      SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                                                                                                                      SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "..... ...... ........ ......".. },.. "explanationofflinedisabled": {.. "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... .......".. },.. "explanationofflineenabled": {.. "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\th\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1674
                                                                                                                      Entropy (8bit):4.343724179386811
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:fcGjnU3UnGKD1GeU3pktOggV1tL2ggG7Q:f3jnDG1eUk0g6RLE
                                                                                                                      MD5:64077E3D186E585A8BEA86FF415AA19D
                                                                                                                      SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                                                                                                                      SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                                                                                                                      SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": ".............. ............. Google .................................... ............................... Google ...... .................................................................".. },.. "explanationofflineenabled": {.. "message": "................................................................".. },.. "extdesc": {.. "message": "..... ..... ........

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\tr\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1063
                                                                                                                      Entropy (8bit):4.853399816115876
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAowYuBPgoMC4AGehrgGm7tJ3ckwFrXnRs5m:GYsPgrCtGehkGc3cvXr
                                                                                                                      MD5:76B59AAACC7B469792694CF3855D3F4C
                                                                                                                      SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                                                                                                                      SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                                                                                                                      SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "YEN. OLU.TUR".. },.. "explanationofflinedisabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin.".. },.. "explanationofflineenabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz.".. },.. "extdesc": {.. "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz.".. },.. "extname": {.. "message": "Google Dok.manlar .evrimd...".. },.. "learnmore": {.. "message": "Daha Fazla Bilgi".. },.. "popuphelptext": {.. "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\uk\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1333
                                                                                                                      Entropy (8bit):4.686760246306605
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAk9oxkm6H4KyGGB9GeGoxPEYMQhpARezTtHUN97zlwpEH7:VKU1GB9GeBc/OARETt+9/WCb
                                                                                                                      MD5:970963C25C2CEF16BB6F60952E103105
                                                                                                                      SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                                                                                                                      SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                                                                                                                      SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "........".. },.. "explanationofflinedisabled": {.. "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . .......".. },.. "explanationofflineenabled": {.. "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... .....".. },.. "extdesc": {.. "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. ..........".. },.. "extname": {.. "message": "Goo

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\ur\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1263
                                                                                                                      Entropy (8bit):4.861856182762435
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAl3zNEUhN3mNjkSIkmdNpInuUVsqNtOJDhY8Dvp/IkLzx:e3uUhQKvkmd+s11Lp1F
                                                                                                                      MD5:8B4DF6A9281333341C939C244DDB7648
                                                                                                                      SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                                                                                                                      SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                                                                                                                      SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "... ......".. },.. "explanationofflinedisabled": {.. "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. .....".. },.. "explanationofflineenabled": {.. "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ....".. },.. "extdesc": {.. "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... .......".. },.. "extname": {.. "message": "Google Docs .. ....".. },.. "learnmore": {..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\vi\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1074
                                                                                                                      Entropy (8bit):5.062722522759407
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HAhBBLEBOVUSUfE+eDFmj4BLErQ7e2CIer32KIxqJ/HtNiE5nIGeU+KCVT:qHCDheDFmjDQgX32/S/hI9jh
                                                                                                                      MD5:773A3B9E708D052D6CBAA6D55C8A5438
                                                                                                                      SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                                                                                                                      SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                                                                                                                      SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "T.O M.I".. },.. "explanationofflinedisabled": {.. "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet.".. },.. "explanationofflineenabled": {.. "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i.".. },.. "extdesc": {.. "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet.".. },.. "extname": {.. "message": "Google T.i li.u ngo.i tuy.n".. },.. "learnmore": {.. "message": "Ti.m hi..u th.m".. },.. "popuphelptext": {.. "message": "Vi.t, ch.nh s.a v. c.ng t.c

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\zh_CN\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):879
                                                                                                                      Entropy (8bit):5.7905809868505544
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvgteHCBxNtSBXuetOrgIkA2OrWjMOCBxetSBXK01fg/SOiCSUEQ27e1CBhUj:1HAFsHtrIkA2jqldI/727eggcLk9pf
                                                                                                                      MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                                                                                                                      SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                                                                                                                      SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                                                                                                                      SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": "..".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ................ Google ....................".. },.. "explanationofflineenabled": {.. "message": ".............................".. },.. "extdesc": {.. "message": "...................... - ........".. },.. "extname": {.. "message": "Google .......".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "...............................".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\zh_HK\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1205
                                                                                                                      Entropy (8bit):4.50367724745418
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:YWvqB0f7Cr591AhI9Ah8U1F4rw4wtB9G976d6BY9scKUrPoAhNehIrI/uIXS1:YWvl7Cr5JHrw7k7u6BY9trW+rHR
                                                                                                                      MD5:524E1B2A370D0E71342D05DDE3D3E774
                                                                                                                      SHA1:60D1F59714F9E8F90EF34138D33FBFF6DD39E85A
                                                                                                                      SHA-256:30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
                                                                                                                      SHA-512:D2225CF2FA94B01A7B0F70A933E1FDCF69CDF92F76C424CE4F9FCC86510C481C9A87A7B71F907C836CBB1CA41A8BEBBD08F68DBC90710984CA738D293F905272
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"createnew":{"message":"\u5efa\u7acb\u65b0\u9805\u76ee"},"explanationofflinedisabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\u3002\u5982\u8981\u5728\u6c92\u6709\u4e92\u806f\u7db2\u9023\u7dda\u7684\u60c5\u6cc1\u4e0b\u4f7f\u7528\u300cGoogle \u6587\u4ef6\u300d\uff0c\u8acb\u524d\u5f80\u300cGoogle \u6587\u4ef6\u300d\u9996\u9801\u7684\u8a2d\u5b9a\uff0c\u4e26\u5728\u4e0b\u6b21\u9023\u63a5\u4e92\u806f\u7db2\u6642\u958b\u555f\u96e2\u7dda\u540c\u6b65\u529f\u80fd\u3002"},"explanationofflineenabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\uff0c\u4f46\u60a8\u4ecd\u53ef\u4ee5\u7de8\u8f2f\u53ef\u7528\u6a94\u6848\u6216\u5efa\u7acb\u65b0\u6a94\u6848\u3002"},"extdesc":{"message":"\u7de8\u8f2f\u3001\u5efa\u7acb\u53ca\u67e5\u770b\u60a8\u7684\u6587\u4ef6\u3001\u8a66\u7b97\u8868\u548c\u7c21\u5831\uff0c\u5b8c\u5168\u4e0d\u9700\u4f7f\u7528\u4e92\u806f\u7db2\u3002"},"extname":{"message":"\u300cGoogle \u6587\u4ef6\u300d\u96e2\u7dda\u7248"},"learnmore":{"message":"\u77ad\u89e3\u8a

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\zh_TW\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):843
                                                                                                                      Entropy (8bit):5.76581227215314
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:1HASvgmaCBxNtBtA24ZOuAeOEHGOCBxetBtMHQIJECSUnLRNocPNy6CBhU5OGg1O:1HAEfQkekYyLvRmcPGgzcL2kx5U
                                                                                                                      MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                                                                                                                      SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                                                                                                                      SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                                                                                                                      SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "createnew": {.. "message": ".....".. },.. "explanationofflinedisabled": {.. "message": ".................. Google ................ Google .................".. },.. "explanationofflineenabled": {.. "message": ".........................".. },.. "extdesc": {.. "message": ".............................".. },.. "extname": {.. "message": "Google .....".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "................................".. }..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_locales\zu\messages.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):912
                                                                                                                      Entropy (8bit):4.65963951143349
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:YlMBKqLnI7EgBLWFQbTQIF+j4h3OadMJzLWnCieqgwLeOvKrCRPE:YlMBKqjI7EQOQb0Pj4heOWqeyaBrMPE
                                                                                                                      MD5:71F916A64F98B6D1B5D1F62D297FDEC1
                                                                                                                      SHA1:9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA
                                                                                                                      SHA-256:EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
                                                                                                                      SHA-512:30FA4E02120AF1BE6E7CC7DBB15FAE5D50825BD6B3CF28EF21D2F2E217B14AF5B76CFCC165685C3EDC1D09536BFCB10CA07E1E2CC0DA891CEC05E19394AD7144
                                                                                                                      Malicious:false
                                                                                                                      Preview:{"createnew":{"message":"DALA ENTSHA"},"explanationofflinedisabled":{"message":"Awuxhunyiwe ku-inthanethi. Ukuze usebenzise i-Google Amadokhumenti ngaphandle koxhumano lwe-inthanethi, iya kokuthi izilungiselelo ekhasini lasekhaya le-Google Amadokhumenti bese uvula ukuvumelanisa okungaxhunyiwe ku-inthanethi ngesikhathi esilandelayo lapho uxhunywe ku-inthanethi."},"explanationofflineenabled":{"message":"Awuxhunyiwe ku-inthanethi, kodwa usangakwazi ukuhlela amafayela atholakalayo noma udale amasha."},"extdesc":{"message":"Hlela, dala, futhi ubuke amadokhumenti akho, amaspredishithi, namaphrezentheshini \u2014 konke ngaphandle kokufinyelela kwe-inthanethi."},"extname":{"message":"I-Google Amadokhumenti engaxhumekile ku-intanethi"},"learnmore":{"message":"Funda kabanzi"},"popuphelptext":{"message":"Bhala, hlela, futhi hlanganyela noma yikuphi lapho okhona, unalo noma ungenalo uxhumano lwe-inthanethi."}}.

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):11280
                                                                                                                      Entropy (8bit):5.752941882424501
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:192:RBG1G1UPkUj/86Op//Ier/2nsNLJtwg+K8HNnswuHEIIMuuqd7CKqvVpfcNLFev:m8IEI4u8ROxev
                                                                                                                      MD5:F897300492E3AB467E56883D23D02D77
                                                                                                                      SHA1:DECD6DC9E70ECCF9B45983147680614C019B99EA
                                                                                                                      SHA-256:F9B3A5747DEDCB5AED58FCFC0F4FD3BD2F2E903F2CCEF90A92A73DBC0F8C3DBD
                                                                                                                      SHA-512:B8AC574E24814BAF04A264E7F3F00B4285CD7B66104DFC77897440A898FCA5230775300EC7DEF723678975A04C2CD1BC73A44F77DA26262E8704029930990C62
                                                                                                                      Malicious:false
                                                                                                                      Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsicGF0aCI6Il9sb2NhbGVzL2FmL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJxaElnV3hDSFVNLWZvSmVFWWFiWWlCNU9nTm9ncUViWUpOcEFhZG5KR0VjIn0seyJwYXRoIjoiX2xvY2FsZXMvYW0vbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IlpPQWJ3cEs2THFGcGxYYjh4RVUyY0VkU0R1aVY0cERNN2lEQ1RKTTIyTzgifSx7InBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsicGF0aCI6Il9sb2NhbGVzL2F6L21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJZVVJ3Mmp4UU5Lem1TZkY0YS1xcTBzbFBSSFc4eUlXRGtMY2g4Ry0zdjJRIn0seyJwYXRoIjoiX2xvY2FsZXMvYmUvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IjNmRm9XYUZmUHJNelRXSkJsMXlqbUlyRDZ2dzlsa1VxdzZTdjAyUk1oVkEifSx7InBhdGgiOiJfbG9jYWxlcy9iZy9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiSXJ3M3RIem9xREx6bHdGa0hjTllOWFoyNmI0WWVwT2t4ZFN

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\dasherSettingSchema.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):854
                                                                                                                      Entropy (8bit):4.284628987131403
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:ont+QByTwnnGNcMbyWM+Q9TZldnnnGGxlF/S0WOtUL0M0r:vOrGe4dDCVGOjWJ0nr
                                                                                                                      MD5:4EC1DF2DA46182103D2FFC3B92D20CA5
                                                                                                                      SHA1:FB9D1BA3710CF31A87165317C6EDC110E98994CE
                                                                                                                      SHA-256:6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
                                                                                                                      SHA-512:939D81E6A82B10FF73A35C931052D8D53D42D915E526665079EEB4820DF4D70F1C6AEBAB70B59519A0014A48514833FEFD687D5A3ED1B06482223A168292105D
                                                                                                                      Malicious:false
                                                                                                                      Preview:{. "type": "object",. "properties": {. "allowedDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Allow users to enable Docs offline for the specified managed domains.",. "description": "Users on managed devices will be able to enable docs offline if they are part of the specified managed domains.". },. "autoEnabledDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Auto enable Docs offline for the specified managed domains in certain eligible situations.",. "description": "Users on managed devices, in certain eligible situations, will be able to automatically access and edit recent files offline for the managed domains set in this property. They can still disable it from Drive settings.". }. }.}.

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\manifest.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):2525
                                                                                                                      Entropy (8bit):5.417781191647272
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1HEZ4WPoolELb/KxktGw3VwELb/4iL2QDkUpvdz1xxy/Atj1H9yiVvQe:WdP5aLTKQGwlTLT4oRvvxs/APHgiVb
                                                                                                                      MD5:35068E2550395A8A3E74558F2F4658DA
                                                                                                                      SHA1:BD6620054059BFB7A27A4FFF86B9966727F2C2B9
                                                                                                                      SHA-256:E2F418C816895E830541F48C0406B9398805E88B61A4EC816244154CD793743C
                                                                                                                      SHA-512:4BCB971D7353648ABF25ACA7A4A4771F62BBB76F8FC13BDE886F29826D9314F5101942492004FC719493604D317958B63A95CF5173F8180214F27D6BEA303F97
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "author": {.. "email": "docs-hosted-app-own@google.com".. },.. "background": {.. "service_worker": "service_worker_bin_prod.js".. },.. "content_capabilities": {.. "matches": [ "https://docs.google.com/*", "https://drive.google.com/*", "https://drive-autopush.corp.google.com/*", "https://drive-daily-0.corp.google.com/*", "https://drive-daily-1.corp.google.com/*", "https://drive-daily-2.corp.google.com/*", "https://drive-daily-3.corp.google.com/*", "https://drive-daily-4.corp.google.com/*", "https://drive-daily-5.corp.google.com/*", "https://drive-daily-6.corp.google.com/*", "https://drive-preprod.corp.google.com/*", "https://drive-staging.corp.google.com/*" ],.. "permissions": [ "clipboardRead", "clipboardWrite", "unlimitedStorage" ].. },.. "content_security_policy": {.. "extension_pages": "script-src 'self'; object-src 'self'".. },.. "default_locale": "en_US",.. "description": "__MSG_extDesc__",.. "externally_connectable": {.. "ma

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\offscreendocument.html

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:HTML document, ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):97
                                                                                                                      Entropy (8bit):4.862433271815736
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:PouV7uJL5XL/oGLvLAAJR90bZNGXIL0Hac4NGb:hxuJL5XsOv0EmNV4HX4Qb
                                                                                                                      MD5:B747B5922A0BC74BBF0A9BC59DF7685F
                                                                                                                      SHA1:7BF124B0BE8EE2CFCD2506C1C6FFC74D1650108C
                                                                                                                      SHA-256:B9FA2D52A4FFABB438B56184131B893B04655B01F336066415D4FE839EFE64E7
                                                                                                                      SHA-512:7567761BE4054FCB31885E16D119CD4E419A423FFB83C3B3ED80BFBF64E78A73C2E97AAE4E24AB25486CD1E43877842DB0836DB58FBFBCEF495BC53F9B2A20EC
                                                                                                                      Malicious:false
                                                                                                                      Preview:<!DOCTYPE html>.<html>.<body>. <script src="offscreendocument_main.js"></script>.</body>.</html>

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\offscreendocument_main.js

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text, with very long lines (3700)
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):95606
                                                                                                                      Entropy (8bit):5.405749379350638
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:1536:rFTnpa+88KmEfryTdXPVy0d8RZZ0Qk4CWbsnf29Gmyj9tIRRduRnCrl:almPXPVCFCWbsnDVQRwF0l
                                                                                                                      MD5:9D0EF4F7CB0306DCB7A7CDCD6DC2CCC7
                                                                                                                      SHA1:88D7F0A88C5807BFE00F13B612CC0522EEBE514A
                                                                                                                      SHA-256:E5E4392B21A21ECAFD27707BF70F95961B2656735A20B40BA54479D40EAB063C
                                                                                                                      SHA-512:34CD9AF9199DE606A531E98DB82BEAA5552E59BCCB2AB2BF49F82D6FA05425EB6936BC5F03BFC421AB6980B91395D9FDC5F0776882E1D49B3217CD35641FF906
                                                                                                                      Malicious:false
                                                                                                                      Preview:'use strict';function aa(){return function(a){return a}}function ba(){return function(){}}function l(a){return function(){return this[a]}}function ca(a){return function(){return a}}var n;function da(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ea=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function fa(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var q=fa(this);function r(a,b){if(b)a:{var c=q;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ea(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new Ty

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\page_embed_script.js

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):291
                                                                                                                      Entropy (8bit):4.65176400421739
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:6:2LGX86tj66rU8j6D3bWq2un/XBtzHrH9Mnj63LK603:2Q8KVqb2u/Rt3Onj1
                                                                                                                      MD5:3AB0CD0F493B1B185B42AD38AE2DD572
                                                                                                                      SHA1:079B79C2ED6F67B5A5BD9BC8C85801F96B1B0F4B
                                                                                                                      SHA-256:73E3888CCBC8E0425C3D2F8D1E6A7211F7910800EEDE7B1E23AD43D3B21173F7
                                                                                                                      SHA-512:32F9DB54654F29F39D49F7A24A1FC800DBC0D4A8A1BAB2369C6F9799BC6ADE54962EFF6010EF6D6419AE51D5B53EC4B26B6E2CDD98DEF7CC0D2ADC3A865F37D3
                                                                                                                      Malicious:false
                                                                                                                      Preview:(function(){window._docs_chrome_extension_exists=!0;window._docs_chrome_extension_features_version=2;window._docs_chrome_extension_permissions="alarms clipboardRead clipboardWrite storage unlimitedStorage offscreen".split(" ");window._docs_chrome_extension_manifest_version=3;}).call(this);.

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_1881420141\CRX_INSTALL\service_worker_bin_prod.js

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:ASCII text, with very long lines (3705)
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):104595
                                                                                                                      Entropy (8bit):5.385879258644142
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:1536:CvBfoqPByzpq7Wj3X5GtH2n4JvHDxwKMpFs0vuFfkR/2oTnHu96Iny0Kj2ThzfS:BlXQtoZrs0vskDTHu9rhTS
                                                                                                                      MD5:4E0C47897BF98DEAC56F800942E150C4
                                                                                                                      SHA1:7903D30E0ACEE273724BDAA67446D9FD4E8460A5
                                                                                                                      SHA-256:FE76EA0C2F81E6140F38F4143B40BE85014B93FF80737600CFB39AEB5C8C6537
                                                                                                                      SHA-512:8B31463FC683439BAB5D4AEFE2BE0F6A9F5B695C2D95AFF3F842BFC74B10AE3D386D288121161506F74A08FB86D25C1096DA4177B768254BF84E83983982640F
                                                                                                                      Malicious:false
                                                                                                                      Preview:'use strict';function aa(){return function(){}}function k(a){return function(){return this[a]}}function ba(a){return function(){return a}}var n;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ea(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var q=ea(this);function r(a,b){if(b)a:{var c=q;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new TypeError("Symbol is not a constructor");retu

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_2011385404\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):1753
                                                                                                                      Entropy (8bit):5.8889033066924155
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:48:Pxpr7Xka2NXDpfsBJODI19Kg1JqcJW9O//JE3ZBDcpu/x:L3XgNSz9/4kIO3u3Xgpq
                                                                                                                      MD5:738E757B92939B24CDBBD0EFC2601315
                                                                                                                      SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                                                                                                                      SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                                                                                                                      SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                                                                                                                      Malicious:false
                                                                                                                      Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_2011385404\CRX_INSTALL\content.js

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):9815
                                                                                                                      Entropy (8bit):6.1716321262973315
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3zEScQZBMX:+ThBVq3npozftROQIyVfjRZGB365Ey97
                                                                                                                      MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                                                                                                                      SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                                                                                                                      SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                                                                                                                      SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                                                                                                                      Malicious:false
                                                                                                                      Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_2011385404\CRX_INSTALL\content_new.js

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):10388
                                                                                                                      Entropy (8bit):6.174387413738973
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3EbmE1F4fn:+ThBVq3npozftROQIyVfjRZGB365Ey9+
                                                                                                                      MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                                                                                                                      SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                                                                                                                      SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                                                                                                                      SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                                                                                                                      Malicious:false
                                                                                                                      Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_2011385404\CRX_INSTALL\manifest.json

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:JSON data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):962
                                                                                                                      Entropy (8bit):5.698567446030411
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:24:1Hg9+D3DRnbuF2+sUrzUu+Y9VwE+Fg41T1O:NBqY+6E+F7JO
                                                                                                                      MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                                                                                                                      SHA1:2356F60884130C86A45D4B232A26062C7830E622
                                                                                                                      SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                                                                                                                      SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                                                                                                                      Malicious:false
                                                                                                                      Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir7828_2011385404\d491cdca-1b4c-43e9-a001-d139391629d3.tmp

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      File Type:Google Chrome extension, version 3
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):11185
                                                                                                                      Entropy (8bit):7.951995436832936
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                      MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                      SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                      SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                      SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                      Malicious:false
                                                                                                                      Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                      C:\Users\user\AppData\Local\Temp\~DF046BB3C0F9D0D683.TMP

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):16384
                                                                                                                      Entropy (8bit):0.12229482450962537
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:12:i9l2NaxA0tWGkYYjMsKtgWFJnFs6ibAyzESM:i9l2x8OzASWLFs62Ayw
                                                                                                                      MD5:F78FB994E8C549FCB73BAC1982C556A6
                                                                                                                      SHA1:5D5EF6A9E3575BC012E13EE681E8A2BCF7D04573
                                                                                                                      SHA-256:ECE049128EE4795CBBBAC0E13C4C9344C5CB037435336B3A579F74256DFD338A
                                                                                                                      SHA-512:0629B23266684D9C27CEDB4B10D610BB183C39FEBB5E962578CEB69ECD84F648451E4B9C1070CF646A981CF2AE56DADA678DF273C92292E1A34EF90E27F43217
                                                                                                                      Malicious:false
                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                      C:\Users\user\AppData\Local\Temp\~DFA8146A3F7DD53FBF.TMP

                                                                                                                      Download File
                                                                                                                      Process:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                      File Type:data
                                                                                                                      Category:dropped
                                                                                                                      Size (bytes):16384
                                                                                                                      Entropy (8bit):0.08194472632536304
                                                                                                                      Encrypted:false
                                                                                                                      SSDEEP:3:r0YnVclVS0YnVLbcglclllv/nt+lybltll1lRsltFll2/lslljYnV4b0nVT:NePsdogUFAl3+ts0TN
                                                                                                                      MD5:06ED35A5EDD6FB96AC0F5869390B08B8
                                                                                                                      SHA1:5E598678E1468D81E6E4F8D28F94B0DA031FBE8D
                                                                                                                      SHA-256:1C42B54AFF58C22C302FF66E73152F0C1C4AEF4E5415C13E3F6CF2528C4933F6
                                                                                                                      SHA-512:6E9FADAB03705EB46C5B38B82E80944CB8E4AD5DFBA789D1E4EDAB83B887C935DE2113D3E10BE8F63E1E21734991E297D14B5075B2E47B6F4A2942F26365037F
                                                                                                                      Malicious:false
                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                      Static File Info

                                                                                                                      General

                                                                                                                      File type:ASCII text, with very long lines (7659)
                                                                                                                      Entropy (8bit):5.522441795360108
                                                                                                                      TrID:
                                                                                                                        File name:{89eeeac4-e4d3-40a8-9048-e7cecfc98851}.xml
                                                                                                                        File size:14'624 bytes
                                                                                                                        MD5:2d3c508321b32b43ee4192d54bc0ed15
                                                                                                                        SHA1:e60a6dc0e6374c5adffce59e1b34635769e39767
                                                                                                                        SHA256:96003b2bc14e105d7649310c9f5f0cb1b71c809a17b07a6456be4e4841cba187
                                                                                                                        SHA512:20849045a89755f5af8db4509fded733e1316de204824aab92405f70b40cb968bce77feb56c83836041b5e16b0ce9ed1d727fa1b4635d14025fadd42a02e203a
                                                                                                                        SSDEEP:384:aFtKQeiPufhsvLOci37nOV7HZ1bAKT9mfCKq:GDGGvLBiLnM7HZ1bAKT9mfCKq
                                                                                                                        TLSH:E56295FD600D0EE2A1B38DADE9C0FD4C14299D6F6ED5A578D4C6973A28EC2646D31C32
                                                                                                                        File Content Preview:<Invoice xmlns="urn:oasis:names:specification:ubl:schema:xsd:Invoice-2" xmlns:cac="urn:oasis:names:specification:ubl:schema:xsd:CommonAggregateComponents-2" xmlns:cbc="urn:oasis:names:specification:ubl:schema:xsd:CommonBasicComponents-2" xmlns:ccts="urn:u

                                                                                                                        File Icon

                                                                                                                        Icon Hash:74f0e4e4e4e4e0e4

                                                                                                                        Network Behavior

                                                                                                                        Network Port Distribution

                                                                                                                        TCP Packets

                                                                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                                                                        Oct 24, 2024 12:25:11.558068037 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:11.558096886 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:11.558151960 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:11.558347940 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:11.558357954 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.427495956 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.428236008 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.428261042 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.428637028 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.428656101 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.428694010 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.428700924 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.428730011 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.428746939 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.429292917 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.434489965 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.434536934 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.434698105 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.434703112 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.576082945 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.680710077 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.680752039 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.680982113 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.680996895 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.685082912 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.685137987 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.685142040 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.693856955 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.693950891 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.693964005 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.702541113 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.702649117 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.702661991 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.763833046 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.763869047 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.799819946 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.799881935 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.799900055 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.804444075 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.804532051 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.804544926 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.812973022 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.813034058 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.813047886 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.821552038 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.821611881 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.821624994 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.873914957 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.873935938 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.919128895 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.919382095 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.919404030 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.923372030 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.923432112 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.923446894 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.932862997 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.932933092 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.932946920 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.933900118 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.933968067 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.933983088 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.940695047 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.940756083 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.940769911 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.994561911 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:12.994627953 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:12.994642973 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.038150072 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.038336039 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.038367033 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.042535067 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.042640924 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.042660952 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.051218033 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.051301003 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.051318884 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.059973955 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.060031891 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.060045004 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.064146996 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.064208984 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.064229012 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.113944054 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.114032030 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.114053011 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.159387112 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.159445047 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.159461021 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.161679029 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.161763906 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.161782026 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.170711994 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.170834064 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.170861006 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.179363012 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.179456949 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.179491997 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.179655075 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.179728985 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.179744005 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.233187914 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.233290911 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.233330965 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.283240080 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.283397913 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.283476114 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.283515930 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.283570051 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.283607006 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.289793015 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.290333033 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.290349007 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.298629045 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.298712015 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.298779011 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.298794031 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.298851013 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.299429893 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.352102995 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.352185965 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.352225065 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.401932001 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.402010918 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.402107000 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.402127028 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.402173042 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.402179956 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.402240992 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.406183004 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.406193018 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.409610033 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.410032988 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.410043001 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.417924881 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.418979883 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.419008017 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.459727049 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.459796906 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.459830046 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.471206903 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.471263885 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.471280098 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.521230936 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.521264076 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.521301031 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.521317959 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.521353006 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.521358013 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.528913975 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.529052019 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.529062033 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.536752939 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.536798954 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.536807060 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.578687906 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.578754902 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.578768969 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.590259075 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.590302944 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.590368986 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.590378046 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.590411901 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.640539885 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.640615940 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.640640974 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.640666008 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.640687943 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.640702009 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.640710115 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.640753031 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.640774965 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.640788078 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.640791893 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.641422033 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:13.641474009 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.641608953 CEST49712443192.168.2.5142.250.185.225
                                                                                                                        Oct 24, 2024 12:25:13.641622066 CEST44349712142.250.185.225192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:14.825364113 CEST49720443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:14.825467110 CEST44349720172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:14.825634003 CEST49720443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:14.825686932 CEST49721443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:14.825736046 CEST44349721162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:14.825916052 CEST49720443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:14.825948000 CEST44349720172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:14.825949907 CEST49721443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:14.826097012 CEST49721443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:14.826133966 CEST44349721162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:14.900772095 CEST49722443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:14.900876999 CEST44349722172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:14.901025057 CEST49722443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:14.901627064 CEST49722443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:14.901669025 CEST44349722172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.457496881 CEST44349721162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.457771063 CEST49721443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:15.457782030 CEST44349721162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.458352089 CEST44349720172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.458739996 CEST49720443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:15.458770990 CEST44349720172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.458820105 CEST44349721162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.458905935 CEST49721443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:15.460046053 CEST49721443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:15.460103989 CEST44349721162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.460244894 CEST49721443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:15.460253000 CEST44349721162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.460306883 CEST44349720172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.460381985 CEST49720443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:15.461292028 CEST49720443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:15.461364031 CEST44349720172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.461402893 CEST49720443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:15.507328987 CEST44349720172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.511735916 CEST44349722172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.512186050 CEST49722443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:15.512259007 CEST44349722172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.514046907 CEST44349722172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.514153957 CEST49722443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:15.515535116 CEST49722443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:15.515626907 CEST44349722172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.515711069 CEST49722443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:15.515732050 CEST44349722172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.562691927 CEST49721443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:15.592665911 CEST49720443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:15.592665911 CEST49722443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:15.592739105 CEST44349720172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.595007896 CEST44349721162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.595195055 CEST44349721162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.595249891 CEST49721443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:15.596242905 CEST49721443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:15.596260071 CEST44349721162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.599210978 CEST44349720172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.599292994 CEST49720443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:15.599678993 CEST49720443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:15.599708080 CEST44349720172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.647358894 CEST44349722172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.647566080 CEST44349722172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:15.647625923 CEST49722443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:15.647911072 CEST49722443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:15.647927999 CEST44349722172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:30.873946905 CEST49777443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:30.873986006 CEST44349777162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:30.874048948 CEST49777443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:30.874691963 CEST49778443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:30.874744892 CEST44349778162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:30.874804974 CEST49778443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:30.875024080 CEST49777443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:30.875041962 CEST44349777162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:30.875231028 CEST49778443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:30.875262022 CEST44349778162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.316930056 CEST49780443192.168.2.523.218.232.185
                                                                                                                        Oct 24, 2024 12:25:31.316976070 CEST4434978023.218.232.185192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.317063093 CEST49780443192.168.2.523.218.232.185
                                                                                                                        Oct 24, 2024 12:25:31.317226887 CEST49780443192.168.2.523.218.232.185
                                                                                                                        Oct 24, 2024 12:25:31.317243099 CEST4434978023.218.232.185192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.484920025 CEST44349777162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.485253096 CEST49777443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:31.485266924 CEST44349777162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.485732079 CEST44349777162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.486088037 CEST49777443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:31.486181021 CEST44349777162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.487833977 CEST44349778162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.488066912 CEST49778443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:31.488085985 CEST44349778162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.489183903 CEST44349778162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.489496946 CEST49778443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:31.489677906 CEST44349778162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.527384043 CEST49777443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:31.543008089 CEST49778443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:31.920567989 CEST4434978023.218.232.185192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.920913935 CEST49780443192.168.2.523.218.232.185
                                                                                                                        Oct 24, 2024 12:25:31.920927048 CEST4434978023.218.232.185192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.921928883 CEST4434978023.218.232.185192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.922008991 CEST49780443192.168.2.523.218.232.185
                                                                                                                        Oct 24, 2024 12:25:31.923146963 CEST49780443192.168.2.523.218.232.185
                                                                                                                        Oct 24, 2024 12:25:31.923208952 CEST4434978023.218.232.185192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.923358917 CEST49780443192.168.2.523.218.232.185
                                                                                                                        Oct 24, 2024 12:25:31.923365116 CEST4434978023.218.232.185192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.963151932 CEST49780443192.168.2.523.218.232.185
                                                                                                                        Oct 24, 2024 12:25:32.056782961 CEST4434978023.218.232.185192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.060573101 CEST4434978023.218.232.185192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.060581923 CEST4434978023.218.232.185192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.060619116 CEST4434978023.218.232.185192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.060636044 CEST4434978023.218.232.185192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.060652018 CEST49780443192.168.2.523.218.232.185
                                                                                                                        Oct 24, 2024 12:25:32.060713053 CEST49780443192.168.2.523.218.232.185
                                                                                                                        Oct 24, 2024 12:25:32.062577963 CEST49780443192.168.2.523.218.232.185
                                                                                                                        Oct 24, 2024 12:25:32.062587976 CEST4434978023.218.232.185192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.345654964 CEST49786443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:32.345714092 CEST44349786172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.345788002 CEST49786443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:32.345971107 CEST49787443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:32.346000910 CEST44349787172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.346055984 CEST49787443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:32.346199989 CEST49786443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:32.346231937 CEST44349786172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.346343040 CEST49787443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:32.346354008 CEST44349787172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.945781946 CEST44349786172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.945997953 CEST49786443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:32.946027994 CEST44349786172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.946501970 CEST44349786172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.946758986 CEST49786443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:32.946847916 CEST44349786172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.951145887 CEST44349787172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.951338053 CEST49787443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:32.951359034 CEST44349787172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.951643944 CEST44349787172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.951992035 CEST49787443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:32.952050924 CEST44349787172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.996289015 CEST49787443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:32.996299028 CEST49786443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:46.363795042 CEST44349777162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:46.363940001 CEST44349777162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:46.364008904 CEST49777443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:46.364829063 CEST44349778162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:46.364978075 CEST44349778162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:46.365077972 CEST49778443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:47.827490091 CEST44349786172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:47.827614069 CEST44349786172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:47.827685118 CEST49786443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:47.832592010 CEST44349787172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:47.832664013 CEST44349787172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:47.832715034 CEST49787443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:26:08.939400911 CEST49786443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:26:08.939474106 CEST44349786172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:26:08.939537048 CEST49787443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:26:08.939558029 CEST44349787172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:26:31.373176098 CEST49777443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:26:31.373186111 CEST49778443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:26:31.373224020 CEST44349777162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:26:31.373243093 CEST44349778162.159.61.3192.168.2.5

                                                                                                                        UDP Packets

                                                                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                                                                        Oct 24, 2024 12:25:11.549570084 CEST5669753192.168.2.51.1.1.1
                                                                                                                        Oct 24, 2024 12:25:11.549745083 CEST6260653192.168.2.51.1.1.1
                                                                                                                        Oct 24, 2024 12:25:11.557322025 CEST53626061.1.1.1192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:11.557622910 CEST53566971.1.1.1192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:14.814855099 CEST5969253192.168.2.51.1.1.1
                                                                                                                        Oct 24, 2024 12:25:14.815006971 CEST5908453192.168.2.51.1.1.1
                                                                                                                        Oct 24, 2024 12:25:14.815785885 CEST5065553192.168.2.51.1.1.1
                                                                                                                        Oct 24, 2024 12:25:14.815993071 CEST5013053192.168.2.51.1.1.1
                                                                                                                        Oct 24, 2024 12:25:14.824197054 CEST53590841.1.1.1192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:14.824230909 CEST53501301.1.1.1192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:14.824259996 CEST53596921.1.1.1192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:14.824287891 CEST53506551.1.1.1192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:14.888551950 CEST6336353192.168.2.51.1.1.1
                                                                                                                        Oct 24, 2024 12:25:14.888669968 CEST6448053192.168.2.51.1.1.1
                                                                                                                        Oct 24, 2024 12:25:14.895958900 CEST53633631.1.1.1192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:14.899857998 CEST53644801.1.1.1192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:30.563256979 CEST54442443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:30.873496056 CEST54442443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:31.171108007 CEST44354442162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.171190023 CEST44354442162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.171202898 CEST44354442162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.171256065 CEST44354442162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.172249079 CEST54442443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:31.173655033 CEST54442443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:31.173851967 CEST54442443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:31.174334049 CEST54442443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:31.185832024 CEST54442443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:31.300545931 CEST44354442162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.300558090 CEST44354442162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.300806046 CEST44354442162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.300815105 CEST44354442162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.301007032 CEST44354442162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.301112890 CEST54442443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:31.301218987 CEST54442443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:31.304310083 CEST44354442162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.314661980 CEST44354442162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.316227913 CEST44354442162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.316437960 CEST54442443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:31.428489923 CEST44354442162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:31.465421915 CEST54442443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:32.343132973 CEST54442443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:32.343663931 CEST54442443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:32.345098019 CEST59995443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:32.471930981 CEST44354442162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.473005056 CEST44354442162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.473164082 CEST44354442162.159.61.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.473505974 CEST54442443192.168.2.5162.159.61.3
                                                                                                                        Oct 24, 2024 12:25:32.657582998 CEST59995443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:32.942186117 CEST44359995172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.942230940 CEST44359995172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.942248106 CEST44359995172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.942308903 CEST44359995172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:32.943828106 CEST59995443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:32.944091082 CEST59995443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:32.944171906 CEST59995443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:32.944623947 CEST59995443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:32.946857929 CEST59995443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:33.070312977 CEST44359995172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:33.070328951 CEST44359995172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:33.070341110 CEST44359995172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:33.070353031 CEST44359995172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:33.070745945 CEST59995443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:33.070745945 CEST59995443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:33.071233034 CEST44359995172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:33.072310925 CEST44359995172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:33.073246002 CEST44359995172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:33.074107885 CEST44359995172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:33.074572086 CEST59995443192.168.2.5172.64.41.3
                                                                                                                        Oct 24, 2024 12:25:33.197308064 CEST44359995172.64.41.3192.168.2.5
                                                                                                                        Oct 24, 2024 12:25:33.235148907 CEST59995443192.168.2.5172.64.41.3

                                                                                                                        DNS Queries

                                                                                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                        Oct 24, 2024 12:25:11.549570084 CEST192.168.2.51.1.1.10x8294Standard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:11.549745083 CEST192.168.2.51.1.1.10x60deStandard query (0)clients2.googleusercontent.com65IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.814855099 CEST192.168.2.51.1.1.10xfb9aStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.815006971 CEST192.168.2.51.1.1.10xae60Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.815785885 CEST192.168.2.51.1.1.10x2bbdStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.815993071 CEST192.168.2.51.1.1.10x9469Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.888551950 CEST192.168.2.51.1.1.10x3d24Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.888669968 CEST192.168.2.51.1.1.10xcb9Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false

                                                                                                                        DNS Answers

                                                                                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                        Oct 24, 2024 12:25:09.975552082 CEST1.1.1.1192.168.2.50x4407No error (0)svc.ha-teams.office.comsvc.ms-acdc-teams.office.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:11.557322025 CEST1.1.1.1192.168.2.50x60deNo error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:11.557622910 CEST1.1.1.1192.168.2.50x8294No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:11.557622910 CEST1.1.1.1192.168.2.50x8294No error (0)googlehosted.l.googleusercontent.com142.250.185.225A (IP address)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:13.672379017 CEST1.1.1.1192.168.2.50x4bdNo error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.689022064 CEST1.1.1.1192.168.2.50x95ecNo error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.689022064 CEST1.1.1.1192.168.2.50x95ecNo error (0)sni1gl.wpc.nucdn.net152.199.21.175A (IP address)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.696007013 CEST1.1.1.1192.168.2.50xd5f1No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.824197054 CEST1.1.1.1192.168.2.50xae60No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.824230909 CEST1.1.1.1192.168.2.50x9469No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.824259996 CEST1.1.1.1192.168.2.50xfb9aNo error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.824259996 CEST1.1.1.1192.168.2.50xfb9aNo error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.824287891 CEST1.1.1.1192.168.2.50x2bbdNo error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.824287891 CEST1.1.1.1192.168.2.50x2bbdNo error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.895958900 CEST1.1.1.1192.168.2.50x3d24No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.895958900 CEST1.1.1.1192.168.2.50x3d24No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                        Oct 24, 2024 12:25:14.899857998 CEST1.1.1.1192.168.2.50xcb9No error (0)chrome.cloudflare-dns.com65IN (0x0001)false

                                                                                                                        HTTP Request Dependency Graph

                                                                                                                        • clients2.googleusercontent.com
                                                                                                                        • chrome.cloudflare-dns.com
                                                                                                                        • msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com

                                                                                                                        HTTPS Proxied Packets

                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                        0192.168.2.549712142.250.185.2254438160C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                        2024-10-24 10:25:12 UTC594OUTGET /crx/blobs/AYA8VyyVmiyWvldTRU0qGaR4RUSL6-YrG6uKRsMPsRWu4uzTWsENQ0Oe4TwjJlNxU5Vx3wW0XCsKQHAJ2XkWCO0eQ7UF3N9B6xg6w6N4ZQ_ezL5_s1EfR63s25vMOuhpdI4AxlKa5cntVqVuAOGwNK_pRVduNn5fPIzZ/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_83_1_0.crx HTTP/1.1
                                                                                                                        Host: clients2.googleusercontent.com
                                                                                                                        Connection: keep-alive
                                                                                                                        Sec-Fetch-Site: none
                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                        Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                        2024-10-24 10:25:12 UTC566INHTTP/1.1 200 OK
                                                                                                                        Accept-Ranges: bytes
                                                                                                                        Content-Length: 135771
                                                                                                                        X-GUploader-UploadID: AHmUCY1OjvJsv1_ZAn_4YhvX1G8sQQ0biKcULAzL0oAt9QSZfBdNxyDptw7MTNEj0vs6xLUkUzA
                                                                                                                        X-Goog-Hash: crc32c=5YFIVw==
                                                                                                                        Server: UploadServer
                                                                                                                        Date: Wed, 23 Oct 2024 20:33:29 GMT
                                                                                                                        Expires: Thu, 23 Oct 2025 20:33:29 GMT
                                                                                                                        Cache-Control: public, max-age=31536000
                                                                                                                        Age: 49903
                                                                                                                        Last-Modified: Tue, 22 Oct 2024 20:33:19 GMT
                                                                                                                        ETag: a1239f8c_b608f476_b1045d58_830b10c8_3ed9cb2d
                                                                                                                        Content-Type: application/x-chrome-extension
                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                        Connection: close
                                                                                                                        2024-10-24 10:25:12 UTC812INData Raw: 43 72 32 34 03 00 00 00 e2 15 00 00 12 ac 04 0a a6 02 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 9c 5e d1 18 b0 31 22 89 f4 fd 77 8d 67 83 0b 74 fd c3 32 4a 0e 47 31 00 29 58 34 b1 bf 3d 26 90 3f 5b 6a 2c 4c 7a fd d5 6a b0 75 cf 65 5b 49 85 71 2a 42 61 2f 58 dd ee dc 50 c1 68 fc cd 84 4c 04 88 b9 99 dc 32 25 33 5f 6f f4 ae b5 ad 19 0d d4 b8 48 f7 29 27 b9 3d d6 95 65 f8 ac c8 9c 3f 15 e6 ef 1f 08 ab 11 6a e1 a9 c8 33 55 48 fd 7c bf 58 8c 4d 06 e3 97 75 cc c2 9c 73 5b a6 2a f2 ea 3f 24 f3 9c db 8a 05 9f 46 25 11 1d 18 b4 49 08 19 94 80 29 08 f2 2c 2d c0 2f 90 65 35 29 a6 66 83 e7 4f e4 b2 71 14 5e ff 90 92 01 8d d3 bf ca a0 d0 39 a0 08 28 e3 d2 5f d5 70 68 32 fe 10 5e d5 59 42 50 58 66 5f 38 cc 0b 08
                                                                                                                        Data Ascii: Cr240"0*H0^1"wgt2JG1)X4=&?[j,Lzjue[Iq*Ba/XPhL2%3_oH)'=e?j3UH|XMus[*?$F%I),-/e5)fOq^9(_ph2^YBPXf_8
                                                                                                                        2024-10-24 10:25:12 UTC1378INData Raw: 5a f7 ba 97 f1 3f fe f5 43 56 d7 f2 f3 3c 8c e7 4b ff e3 ef 3f c6 cf aa aa f3 6b fd 97 a1 fa fc cb e9 ac aa 1f 7f fd 71 3d bf f7 95 fc 59 5e fa b1 ea c7 1f 7f ff d7 8f 21 7f a8 4b 2e f5 e7 ab 47 d8 14 a6 6d 08 6e 1b a9 59 d7 a5 59 ab f2 b1 7f e2 d6 f5 9c 75 d3 57 66 8e a7 d2 54 4f 22 d9 3f a1 dd 8b 8d ce f7 b3 f0 55 2f 52 64 ec 9b cb 59 7f be 8e 1a 6a ee bf ff de a9 ab 48 a3 f3 51 8d bf ec 7b b7 96 fe fb f9 78 de 4f 51 f3 7e 2b 7d bb ff fe 4c d9 39 5f 12 3a 97 2c 45 97 ef ef 0b 13 71 f1 30 26 ce df 1f 49 3b 62 c4 e0 48 bb b1 11 3e ea f2 8e 02 39 b3 7d 09 42 84 80 d8 92 2e 7c e4 41 b8 a9 7c 61 8b 47 e8 1c 82 eb b9 f4 a1 91 6f f7 4f 7b e5 5c 0b 13 d5 85 cf e6 83 09 bb 83 09 54 69 a1 5a 98 fa ba 1b e6 c2 dc 9c 0f db f0 51 98 ce ef f3 fc 7e b6 70 ca 3d d5 33
                                                                                                                        Data Ascii: Z?CV<K?kq=Y^!K.GmnYYuWfTO"?U/RdYjHQ{xOQ~+}L9_:,Eq0&I;bH>9}B.|A|aGoO{\TiZQ~p=3
                                                                                                                        2024-10-24 10:25:12 UTC1378INData Raw: d1 78 a4 43 22 82 21 af 78 ed e5 3b 17 31 63 f2 12 16 6f 58 13 8a ac 6b 1f 08 96 b6 8e 59 b4 c8 5e 7b ff 95 e3 e3 6c 66 93 48 75 bd 57 d8 44 86 61 51 06 73 e9 21 bf d8 c1 38 0f 10 8e 94 67 c9 ae de 62 0f 6a 0d 08 71 f9 00 01 36 e4 d7 e2 f8 fd 7e ad e7 de 90 39 1c a3 5e 29 61 4c ee 81 a2 7b 44 c7 8e 2a b9 2d 76 d2 4b 76 32 2c a9 88 31 c0 6e d9 6b 8d a6 5a 8f 18 9d a2 60 79 ed cb ff 87 06 97 0d 1e 32 a3 56 32 10 9f b9 a9 d2 c4 8b 46 12 b8 5e dc 88 5e 98 61 86 3b 1d 0a 96 7b 16 9e c8 68 27 de 4a 05 5d 6c ca cd 72 ee c9 b5 fc 47 ed 73 37 d8 17 1e 9a eb 56 7a a1 49 00 ec 50 20 44 6e 0c 07 32 6b 0d f0 31 8f 82 17 33 36 ef 77 16 e0 38 a3 78 57 75 ef f7 45 fe d6 da dc 1b 3c a4 60 9b 5a c3 ab 54 de 7c 84 75 4b 00 a2 d8 aa 43 dd 63 24 a2 05 b3 ee 75 a8 ae 07 7e 6c
                                                                                                                        Data Ascii: xC"!x;1coXkY^{lfHuWDaQs!8gbjq6~9^)aL{D*-vKv2,1nkZ`y2V2F^^a;{h'J]lrGs7VzIP Dn2k136w8xWuE<`ZT|uKCc$u~l
                                                                                                                        2024-10-24 10:25:12 UTC1378INData Raw: f6 8f 48 d5 27 4c 9d 21 67 cf 13 d5 fd 28 ef 16 fb ab 5b b1 72 6f 45 f7 8a 4f da b3 e7 94 c8 03 e1 ba 8f ea 98 8d ad 70 5b 75 d3 db 31 31 1e 65 20 3f 73 03 a7 8c c0 5d 02 07 98 cf a2 15 9d ee 3b 96 d8 5b 6e bd d6 e7 1c e9 c6 a6 3c ec 04 df 03 02 d8 07 6a 07 4f 70 bb e6 0d 44 84 8e 31 f6 ed 1b e9 6a c5 3d 68 26 0c d9 55 07 3f b0 8e cd 25 f6 a5 bf 92 bd 1a 68 de 40 51 36 ee b9 e4 ce 81 50 6c c6 16 de 88 4e bc 66 c4 fd 22 da f5 e3 d6 a9 11 77 1e cc c8 00 69 9f 41 62 95 20 df bd 2c b1 bf 6b be 5b ba 52 77 ca c0 9b 04 7c b7 44 3b 68 e6 61 cf 76 78 4c 3a 74 24 9e d6 21 da de bf f7 1b 89 3f 5c 33 4b 7c e7 5f 9b f5 e1 23 f2 f7 8f ff 83 bf 91 02 97 ae 8d 7f 06 9c bd 4c 5d 83 7b e3 6b 6c 38 41 a1 10 8f 67 d6 26 30 9e 29 6c 6d ce c7 a7 68 e7 66 09 91 a0 a4 e8 82 d5
                                                                                                                        Data Ascii: H'L!g([roEOp[u11e ?s];[n<jOpD1j=h&U?%h@Q6PlNf"wiAb ,k[Rw|D;havxL:t$!?\3K|_#L]{kl8Ag&0)lmhf
                                                                                                                        2024-10-24 10:25:12 UTC1378INData Raw: bd 21 33 d5 4d 7a 30 92 e6 a0 73 01 69 4f 6c e7 64 e7 06 c4 1f cd ca 43 29 99 d5 a9 e4 d2 27 1d 24 47 c6 70 b9 db 83 b8 ff e3 7b 43 fd 1c bd 60 8e 2a b8 9e 3b 74 be 19 0c 65 10 ff b7 71 9b 03 75 c2 bc 05 66 42 30 d4 bd 44 4c 1f e0 98 f8 e0 5e 51 d6 09 16 ee 62 8a 41 64 da 7a 3d 5a 33 a2 f1 1d 19 2a c9 80 f3 07 8d 29 4d f6 90 9d 6a f4 d8 56 61 85 9f 3a ce 4e 59 a7 6e a9 e5 ea 31 ff db f8 7b 43 fb aa 2b b5 c2 4c a8 10 57 3e 9d 12 73 e0 51 5f ef a3 40 64 48 ab 09 6b 6a 14 35 a1 2f 83 cb 26 d1 e4 cb 9d b8 cb 6e d2 3d 1d 90 fa 7e 9d 1e 6b cc d2 f8 7b 2e c6 37 f3 df 63 e9 ba ef fe 7d de f2 f4 a7 e7 2c 7f fb ee 20 7d 36 a6 a6 6a 7f 3b 2b 59 eb 18 b5 6f b9 8e 0b c1 c7 7b c1 1d 95 99 f6 ad e8 d4 b5 e8 6c ed 3f a7 af c2 af 3f 73 bf 3d ff ef 77 2d 1d cf 3d 1a be 73
                                                                                                                        Data Ascii: !3Mz0siOldC)'$Gp{C`*;tequfB0DL^QbAdz=Z3*)MjVa:NYn1{C+LW>sQ_@dHkj5/&n=~k{.7c}, }6j;+Yo{l??s=w-=s
                                                                                                                        2024-10-24 10:25:12 UTC1378INData Raw: 00 00 00 21 00 00 00 00 00 00 00 00 00 00 00 00 00 19 00 2d 00 5f 6c 6f 63 61 6c 65 73 2f 73 76 2f 6d 65 73 73 61 67 65 73 2e 6a 73 6f 6e 55 54 05 00 01 50 03 fc 66 0a 00 20 00 00 00 00 00 01 00 18 00 00 08 b1 f4 0b 14 db 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8d 52 3d 6f dc 30 0c dd fb 2b 08 cf 46 70 fd 1c b2 05 08 d0 a1 45 53 a4 59 02 64 61 4e b4 23 48 a6 04 8a 72 72 08 f2 df 4b 9d 7d 08 ce e8 d0 45 03 45 be f7 f8 1e 5f bb bd 10 2a 31 3d 77 97 af dd 44 a5 e0 48 dd 65 f7 e7 c7 d5 ef 2b f8 75 7f 77 d7 bd f5 1d bd e4 88 8c ea 13 a7 61 88 9e c9 f9 82 8f 91 dc f9 d4 75 85 87 ba db d1 17 81 b5 ef 02 6e 26 70 15 66 1f 23 20 cf cb 37 3b 84 ef 29 8d 91 e0 3a 85 3a 11 2b 54 45 06 cf 4a c2 a4 35 e7 90 72 36 84 b1 3f 42 0e df 72 66 b4 ff a2 0b 44 8c 6c
                                                                                                                        Data Ascii: !-_locales/sv/messages.jsonUTPf R=o0+FpESYdaN#HrrK}EE_*1=wDHe+uwaun&pf# 7;)::+TEJ5r6?BrfDl
                                                                                                                        2024-10-24 10:25:12 UTC1378INData Raw: 4c 28 b9 28 68 15 81 3d 3a d0 47 7f 87 f5 aa c5 a0 2c 48 96 b4 9f 93 24 bf 74 ca 3b a4 a0 f9 6a e6 a1 cc 40 81 91 19 30 5d a1 39 7e 39 01 48 39 a0 4f 22 d8 2a e1 e0 08 be e7 cf 6d 6c b8 0b be c9 03 07 28 7d 6a dc e2 3f 42 98 78 2d d6 a1 b1 19 12 f8 68 b4 04 85 9d 97 35 1c 1b 0c 16 5f 55 b4 c5 fe ea 43 28 83 0e 40 08 bf 0d 79 16 7a c3 cf 26 b0 46 00 0e 4b 9e 50 f8 ed 3b 0e 8c 5d 3c 0b 64 ca 72 2e 90 41 1f b1 d4 e7 ed 22 33 dd 46 8d 4d 1a 99 c7 e4 99 3c 21 86 b1 e4 d2 54 27 cf df ef 91 4e 01 0d 30 81 96 55 96 37 4e 3d d0 01 5c b2 ca 55 80 04 ec aa e2 2a 73 90 6b ac 51 58 5b 6a 0a 34 8b b4 b7 4f b0 0d b9 c6 2c a1 85 38 3d c9 71 2f 07 ef 6d df 60 8f b9 82 8c 87 80 43 e8 d4 88 fe 62 9f b4 94 b9 d7 66 ac 7c 82 88 1d 51 d1 f9 61 37 fe 39 d8 0a 53 59 ae f5 66 32
                                                                                                                        Data Ascii: L((h=:G,H$t;j@0]9~9H9O"*ml(}j?Bx-h5_UC(@yz&FKP;]<dr.A"3FM<!T'N0U7N=\U*skQX[j4O,8=q/m`Cbf|Qa79SYf2
                                                                                                                        2024-10-24 10:25:12 UTC1378INData Raw: 5b 7b 7a c3 30 ec 7c ed 63 70 f3 2d c2 2b 61 1b 8f d7 00 1b e0 cd 2b ef 78 f7 a3 67 c0 39 32 a9 1f 80 6c 66 17 97 d6 80 80 69 32 ab bf c3 f0 d2 d1 02 c6 d1 d1 ca 7f 28 f3 d3 05 cf d7 e6 67 96 67 73 39 3b dd 9e 5f c5 2e 08 52 5b 60 e6 23 e4 24 80 17 de cf 8c 32 61 22 26 18 40 81 51 37 1a 3d e4 69 36 45 18 6c 38 96 b1 f8 bc 04 25 63 8c 69 6f 0b 8e 93 22 11 da 2b e2 2e dd 3c 66 df 7d 3c c4 05 36 71 e2 c9 b8 a6 7e 66 b3 9b 73 21 3a a7 95 67 38 d4 83 89 c3 d7 91 64 de c5 5b 01 f5 ff a5 13 58 78 d8 a8 54 25 22 24 d8 16 40 cd 81 70 5e c5 3b d8 dd 55 72 b8 9e d6 48 15 06 41 57 68 5b e8 27 30 b1 82 0f e8 09 d8 f8 24 0d ae 73 05 91 20 6f 32 84 0d f0 82 95 ca 25 80 50 f5 46 fa 49 1e 46 5e 38 4e d2 28 ef db ce 9f 18 54 a7 c3 53 4b c7 26 a2 ba e4 21 00 dd 3a a8 e3 88
                                                                                                                        Data Ascii: [{z0|cp-+a+xg92lfi2(ggs9;_.R[`#$2a"&@Q7=i6El8%cio"+.<f}<6q~fs!:g8d[XxT%"$@p^;UrHAWh['0$s o2%PFIF^8N(TSK&!:
                                                                                                                        2024-10-24 10:25:12 UTC1378INData Raw: a8 15 a1 54 1e 5a 8d 72 3d e2 47 40 31 01 b6 e2 e3 20 ba 53 87 b9 64 39 96 a9 1f 50 8d c3 df 89 4f 3c 44 83 14 ce e2 33 f3 a3 46 d1 e2 45 58 a7 2c f7 48 0a 04 81 50 14 d0 11 86 4d 66 e7 ff be d5 aa ce 18 47 ec d9 2c f8 22 13 e5 35 27 b7 b0 97 2a bf 2c 0b d7 07 48 d7 30 c9 86 93 1f b0 17 3e b8 b1 bc a7 01 17 51 9c 66 55 50 9a b0 bb 80 25 f5 6f 33 e1 cf d4 9d 1c 93 ba 54 72 a7 e2 f6 75 97 90 fe 6f d2 46 10 67 11 75 4c 7e d0 94 af e3 4d 5d b4 38 17 ad 83 c4 09 26 df 24 fb 10 6d 5d e5 56 f8 11 0d 2d bb f3 2c 35 9d 43 aa d3 dc cc 21 ae 95 db 49 63 90 e8 bb b5 a2 31 68 28 4f c1 46 84 c4 ae 85 65 77 6e 1d 5c 72 28 c5 cb d9 9f 0c 82 36 6a 85 c3 0c cb 86 67 50 98 fd a8 5e 6f c5 03 8b 54 f3 c2 30 f0 94 72 6d 96 45 e2 75 68 b3 3c 02 83 6b 79 2f ae 25 09 87 d3 41 99
                                                                                                                        Data Ascii: TZr=G@1 Sd9PO<D3FEX,HPMfG,"5'*,H0>QfUP%o3TruoFguL~M]8&$m]V-,5C!Ic1h(OFewn\r(6jgP^oT0rmEuh<ky/%A
                                                                                                                        2024-10-24 10:25:12 UTC1378INData Raw: 02 18 e4 0f c3 f4 76 5f 5c be dd ce 6f 88 69 ac e4 50 fa ee 07 ab c8 a0 8b 52 e9 bb 55 6b fa 9f c6 22 3c 29 b7 da 31 d5 9e ae 5a b0 94 e9 7c 5c e7 66 a1 94 56 e8 81 c0 57 d2 a5 5b 41 6a 0e 92 60 dd 9b c4 c3 77 12 c5 dc 29 96 c5 76 0c 56 10 bf 85 d3 7f df 78 05 8d e2 78 fc 2e d0 e2 68 c5 5e ba e2 78 a2 f7 ae 74 a2 c9 5d 23 c5 a1 dd 77 87 05 87 09 52 cb 31 68 27 3d 4b 9d 65 b2 de 77 fd b1 ff 96 4d 3f 5e 60 b9 1e 38 a4 9e c8 b0 ea d5 db 24 51 55 05 52 b6 f2 27 f0 e4 fd 6c 75 91 a7 7f 43 1e 77 ee c0 54 0b 56 cd 31 4f 5e ee ea 9b de 9a b3 38 11 b7 da d9 f9 e5 0f 50 4b 07 08 fd 45 55 f9 17 02 00 00 f3 0a 00 00 50 4b 03 04 14 00 08 08 08 00 00 00 21 00 00 00 00 00 00 00 00 00 00 00 00 00 19 00 2d 00 5f 6c 6f 63 61 6c 65 73 2f 6d 6e 2f 6d 65 73 73 61 67 65 73 2e
                                                                                                                        Data Ascii: v_\oiPRUk"<)1Z|\fVW[Aj`w)vVxx.h^xt]#wR1h'=KewM?^`8$QUR'luCwTV1O^8PKEUPK!-_locales/mn/messages.


                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                        1192.168.2.549721162.159.61.34438160C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                        2024-10-24 10:25:15 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                        Host: chrome.cloudflare-dns.com
                                                                                                                        Connection: keep-alive
                                                                                                                        Content-Length: 128
                                                                                                                        Accept: application/dns-message
                                                                                                                        Accept-Language: *
                                                                                                                        User-Agent: Chrome
                                                                                                                        Accept-Encoding: identity
                                                                                                                        Content-Type: application/dns-message
                                                                                                                        2024-10-24 10:25:15 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                        Data Ascii: wwwgstaticcom)TP
                                                                                                                        2024-10-24 10:25:15 UTC247INHTTP/1.1 200 OK
                                                                                                                        Server: cloudflare
                                                                                                                        Date: Thu, 24 Oct 2024 10:25:15 GMT
                                                                                                                        Content-Type: application/dns-message
                                                                                                                        Connection: close
                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                        Content-Length: 468
                                                                                                                        CF-RAY: 8d7943080c854766-DFW
                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                        2024-10-24 10:25:15 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 14 00 04 8e fb 74 5e 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                        Data Ascii: wwwgstaticcomt^)


                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                        2192.168.2.549720172.64.41.34438160C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                        2024-10-24 10:25:15 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                        Host: chrome.cloudflare-dns.com
                                                                                                                        Connection: keep-alive
                                                                                                                        Content-Length: 128
                                                                                                                        Accept: application/dns-message
                                                                                                                        Accept-Language: *
                                                                                                                        User-Agent: Chrome
                                                                                                                        Accept-Encoding: identity
                                                                                                                        Content-Type: application/dns-message
                                                                                                                        2024-10-24 10:25:15 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                        Data Ascii: wwwgstaticcom)TP
                                                                                                                        2024-10-24 10:25:15 UTC247INHTTP/1.1 200 OK
                                                                                                                        Server: cloudflare
                                                                                                                        Date: Thu, 24 Oct 2024 10:25:15 GMT
                                                                                                                        Content-Type: application/dns-message
                                                                                                                        Connection: close
                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                        Content-Length: 468
                                                                                                                        CF-RAY: 8d79430809d1e595-DFW
                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                        2024-10-24 10:25:15 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 42 00 04 8e fb 74 5e 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                        Data Ascii: wwwgstaticcomBt^)


                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                        3192.168.2.549722172.64.41.34438160C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                        2024-10-24 10:25:15 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                        Host: chrome.cloudflare-dns.com
                                                                                                                        Connection: keep-alive
                                                                                                                        Content-Length: 128
                                                                                                                        Accept: application/dns-message
                                                                                                                        Accept-Language: *
                                                                                                                        User-Agent: Chrome
                                                                                                                        Accept-Encoding: identity
                                                                                                                        Content-Type: application/dns-message
                                                                                                                        2024-10-24 10:25:15 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                        Data Ascii: wwwgstaticcom)TP
                                                                                                                        2024-10-24 10:25:15 UTC247INHTTP/1.1 200 OK
                                                                                                                        Server: cloudflare
                                                                                                                        Date: Thu, 24 Oct 2024 10:25:15 GMT
                                                                                                                        Content-Type: application/dns-message
                                                                                                                        Connection: close
                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                        Content-Length: 468
                                                                                                                        CF-RAY: 8d7943085f8f6c0d-DFW
                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                        2024-10-24 10:25:15 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 c7 00 04 8e fa 71 5e 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                        Data Ascii: wwwgstaticcomq^)


                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                        4192.168.2.54978023.218.232.1854438160C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                        2024-10-24 10:25:31 UTC616OUTGET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1730370312&P2=404&P3=2&P4=CRZF1LDXsqws7CBJZ6V7OUHNF7jy64ulhnPdvEkt51hRSvw%2baaHOaMlD29YRKeFdxjMIDLnGJlk%2bfIyzZUl6yw%3d%3d HTTP/1.1
                                                                                                                        Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com
                                                                                                                        Connection: keep-alive
                                                                                                                        MS-CV: fYgkVLIQWmc10c8o/2zhxN
                                                                                                                        Sec-Fetch-Site: none
                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                        Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                        2024-10-24 10:25:32 UTC1247INHTTP/1.1 200 OK
                                                                                                                        Content-Type: application/x-chrome-extension
                                                                                                                        Last-Modified: Wed, 24 Jan 2024 00:25:37 GMT
                                                                                                                        Accept-Ranges: bytes
                                                                                                                        ETag: "Gv3jDkaZdFLRHkoq2781zOehQE8="
                                                                                                                        Server: Microsoft-IIS/10.0
                                                                                                                        X-AspNetMvc-Version: 5.3
                                                                                                                        MS-CorrelationId: a30792a1-e43d-4521-b9ea-ac3d7d819e62
                                                                                                                        MS-RequestId: 6d154753-539f-49b2-a179-9526d5f4ced0
                                                                                                                        MS-CV: rnL77OnQ5ScZk1HlJ5L1Z/.0
                                                                                                                        X-AspNet-Version: 4.0.30319
                                                                                                                        X-Powered-By: ASP.NET
                                                                                                                        X-Powered-By: ARR/3.0
                                                                                                                        X-Powered-By: ASP.NET
                                                                                                                        Content-Length: 11185
                                                                                                                        Cache-Control: public, max-age=86364
                                                                                                                        Date: Thu, 24 Oct 2024 10:25:31 GMT
                                                                                                                        Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
                                                                                                                        Connection: close
                                                                                                                        Akamai-Request-BC: [a=23.193.38.57,b=1534215315,c=g,n=US_TX_IRVING,o=20940],[c=c,n=US_TX_DALLAS,o=20940]
                                                                                                                        MSREGION:
                                                                                                                        X-CCC:
                                                                                                                        X-CID: 3
                                                                                                                        Akamai-GRN: 0.3926c117.1729765531.5b724493
                                                                                                                        Access-Control-Max-Age: 86400
                                                                                                                        Access-Control-Allow-Credentials: true
                                                                                                                        Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
                                                                                                                        Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
                                                                                                                        Access-Control-Allow-Methods: GET,POST,OPTIONS
                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                        2024-10-24 10:25:32 UTC11185INData Raw: 43 72 32 34 03 00 00 00 1d 05 00 00 12 ac 04 0a a6 02 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 bb 4e a9 d8 c8 e8 cb ac 89 0d 45 23 09 ef 07 9e ab ed 9a 39 65 ef 75 ea 71 bc a5 c4 56 59 59 ef 8c 08 40 04 2b ed 43 d0 dc 6b a7 4f 88 b9 62 4b d3 60 94 de 36 ee 47 92 ab 25 8a 1e cc 0d fa 33 5a 12 19 8e 65 20 5f fd 36 15 d6 13 1e 46 ae 8b 31 70 18 f1 a8 4b 1d 5a ff de 0e 83 8e 11 b2 2f 20 ed 33 88 cb fb 4f 54 94 9e 60 00 d3 bc 30 ab c0 d7 59 8b b0 96 46 54 fc f0 34 33 1c 74 68 d6 79 f9 0c 8c 7d 8a 91 98 ca 70 c6 4c 0f 1b c8 32 53 b9 26 69 cc 60 09 8d 6f ec f9 a6 66 8d 6f 48 81 0e 05 8a f1 97 4e b8 c3 94 3a b3 f7 69 6a 54 89 33 da 9e 46 7b d1 30 bb 2c cc 66 3f 27 66 e3 43 51 74 3b 62 5f 22 50 63 08 e5 20
                                                                                                                        Data Ascii: Cr240"0*H0NE#9euqVYY@+CkObK`6G%3Ze _6F1pKZ/ 3OT`0YFT43thy}pL2S&i`ofoHN:ijT3F{0,f?'fCQt;b_"Pc


                                                                                                                        Statistics

                                                                                                                        CPU Usage

                                                                                                                        Click to jump to process

                                                                                                                        Memory Usage

                                                                                                                        Click to jump to process

                                                                                                                        High Level Behavior Distribution

                                                                                                                        Click to dive into process behavior distribution

                                                                                                                        Behavior

                                                                                                                        Click to jump to process

                                                                                                                        System Behavior

                                                                                                                        General

                                                                                                                        Target ID:0
                                                                                                                        Start time:06:25:04
                                                                                                                        Start date:24/10/2024
                                                                                                                        Path:C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXE
                                                                                                                        Wow64 process (32bit):true
                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\user\Desktop\{89eeeac4-e4d3-40a8-9048-e7cecfc98851}.xml"
                                                                                                                        Imagebase:0x230000
                                                                                                                        File size:225'176 bytes
                                                                                                                        MD5 hash:A2E6E2A1C125973A4967540FD08C9AF0
                                                                                                                        Has elevated privileges:true
                                                                                                                        Has administrator privileges:true
                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                        Reputation:moderate
                                                                                                                        Has exited:true

                                                                                                                        General

                                                                                                                        Target ID:2
                                                                                                                        Start time:06:25:05
                                                                                                                        Start date:24/10/2024
                                                                                                                        Path:C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                        Wow64 process (32bit):false
                                                                                                                        Commandline:"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\user\Desktop\{89eeeac4-e4d3-40a8-9048-e7cecfc98851}.xml
                                                                                                                        Imagebase:0x7ff6da5d0000
                                                                                                                        File size:834'512 bytes
                                                                                                                        MD5 hash:CFE2E6942AC1B72981B3105E22D3224E
                                                                                                                        Has elevated privileges:true
                                                                                                                        Has administrator privileges:true
                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                        Reputation:moderate
                                                                                                                        Has exited:false

                                                                                                                        General

                                                                                                                        Target ID:3
                                                                                                                        Start time:06:25:05
                                                                                                                        Start date:24/10/2024
                                                                                                                        Path:C:\Program Files (x86)\Internet Explorer\iexplore.exe
                                                                                                                        Wow64 process (32bit):true
                                                                                                                        Commandline:"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7348 CREDAT:17410 /prefetch:2
                                                                                                                        Imagebase:0x4f0000
                                                                                                                        File size:828'368 bytes
                                                                                                                        MD5 hash:6F0F06D6AB125A99E43335427066A4A1
                                                                                                                        Has elevated privileges:true
                                                                                                                        Has administrator privileges:true
                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                        Reputation:moderate
                                                                                                                        Has exited:false

                                                                                                                        General

                                                                                                                        Target ID:4
                                                                                                                        Start time:06:25:05
                                                                                                                        Start date:24/10/2024
                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exe
                                                                                                                        Wow64 process (32bit):false
                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\BHO\ie_to_edge_stub.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10492
                                                                                                                        Imagebase:0x7ff758cf0000
                                                                                                                        File size:540'712 bytes
                                                                                                                        MD5 hash:89CF8972D683795DAB6901BC9456675D
                                                                                                                        Has elevated privileges:true
                                                                                                                        Has administrator privileges:true
                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                        Reputation:moderate
                                                                                                                        Has exited:true

                                                                                                                        General

                                                                                                                        Target ID:5
                                                                                                                        Start time:06:25:06
                                                                                                                        Start date:24/10/2024
                                                                                                                        Path:C:\Program Files (x86)\Java\jre-1.8\bin\ssvagent.exe
                                                                                                                        Wow64 process (32bit):true
                                                                                                                        Commandline:"C:\PROGRA~2\Java\jre-1.8\bin\ssvagent.exe" -new
                                                                                                                        Imagebase:0x4d0000
                                                                                                                        File size:85'632 bytes
                                                                                                                        MD5 hash:F9A898A606E7F5A1CD7CFFA8079253A0
                                                                                                                        Has elevated privileges:true
                                                                                                                        Has administrator privileges:true
                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                        Reputation:moderate
                                                                                                                        Has exited:true

                                                                                                                        General

                                                                                                                        Target ID:6
                                                                                                                        Start time:06:25:06
                                                                                                                        Start date:24/10/2024
                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        Wow64 process (32bit):false
                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10492
                                                                                                                        Imagebase:0x7ff6c1cf0000
                                                                                                                        File size:4'210'216 bytes
                                                                                                                        MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                        Has elevated privileges:true
                                                                                                                        Has administrator privileges:true
                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                        Reputation:high
                                                                                                                        Has exited:true

                                                                                                                        General

                                                                                                                        Target ID:8
                                                                                                                        Start time:06:25:07
                                                                                                                        Start date:24/10/2024
                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        Wow64 process (32bit):false
                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=2044,i,16802615332830959518,16888877389882489269,262144 /prefetch:3
                                                                                                                        Imagebase:0x7ff6c1cf0000
                                                                                                                        File size:4'210'216 bytes
                                                                                                                        MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                        Has elevated privileges:true
                                                                                                                        Has administrator privileges:true
                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                        Reputation:high
                                                                                                                        Has exited:true

                                                                                                                        General

                                                                                                                        Target ID:9
                                                                                                                        Start time:06:25:07
                                                                                                                        Start date:24/10/2024
                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        Wow64 process (32bit):false
                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-ie-to-edge=3 --ie-frame-hwnd=10492 --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
                                                                                                                        Imagebase:0x7ff6c1cf0000
                                                                                                                        File size:4'210'216 bytes
                                                                                                                        MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                        Has elevated privileges:false
                                                                                                                        Has administrator privileges:false
                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                        Reputation:high
                                                                                                                        Has exited:false

                                                                                                                        General

                                                                                                                        Target ID:10
                                                                                                                        Start time:06:25:08
                                                                                                                        Start date:24/10/2024
                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        Wow64 process (32bit):false
                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2228 --field-trial-handle=1996,i,865180387715092134,7946586055113773520,262144 /prefetch:3
                                                                                                                        Imagebase:0x7ff6c1cf0000
                                                                                                                        File size:4'210'216 bytes
                                                                                                                        MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                        Has elevated privileges:false
                                                                                                                        Has administrator privileges:false
                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                        Reputation:high
                                                                                                                        Has exited:false

                                                                                                                        General

                                                                                                                        Target ID:13
                                                                                                                        Start time:06:25:11
                                                                                                                        Start date:24/10/2024
                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        Wow64 process (32bit):false
                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6000 --field-trial-handle=1996,i,865180387715092134,7946586055113773520,262144 /prefetch:8
                                                                                                                        Imagebase:0x7ff6c1cf0000
                                                                                                                        File size:4'210'216 bytes
                                                                                                                        MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                        Has elevated privileges:false
                                                                                                                        Has administrator privileges:false
                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                        Reputation:high
                                                                                                                        Has exited:true

                                                                                                                        Disassembly

                                                                                                                        No disassembly