Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Archive.zip

Overview

General Information

Sample name:Archive.zip
Analysis ID:1541170
MD5:4dfe9e36193114f33d8bd68433b1c27f
SHA1:ca76c1931c64bf2f9252c7ef53d05600d387247c
SHA256:fe2418fb7d72832e350dc521027c933e31cff060de1f1359fcc89b30937a63ec
Infos:

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Found strings related to Crypto-Mining
Sigma detected: Potential Persistence Via App Paths Default Property
Creates a process in suspended mode (likely to inject code)
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
Queries keyboard layouts
Queries the volume information (name, serial number etc) of a device
Sigma detected: Classes Autorun Keys Modification
Stores files to the Windows start menu directory
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

Process Tree

  • System is w10x64_ra
  • rundll32.exe (PID: 6952 cmdline: C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding MD5: EF3179D498793BF4234F708D3BE28633)
  • WinRAR.exe (PID: 6588 cmdline: "C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe" MD5: 0D76233931DFA993FD9B546BD5229976)
    • WinRAR.exe (PID: 6668 cmdline: "C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe" -isetup_integration MD5: 0D76233931DFA993FD9B546BD5229976)
    • msedgewebview2.exe (PID: 5724 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=6588.548.7445727294754826910 MD5: 9909D978B39FB7369F511D8506C17CA0)
      • msedgewebview2.exe (PID: 5744 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7ffa2c0c8e88,0x7ffa2c0c8e98,0x7ffa2c0c8ea8 MD5: 9909D978B39FB7369F511D8506C17CA0)
      • msedgewebview2.exe (PID: 6788 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1728 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:2 MD5: 9909D978B39FB7369F511D8506C17CA0)
      • msedgewebview2.exe (PID: 6852 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2196 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:3 MD5: 9909D978B39FB7369F511D8506C17CA0)
      • msedgewebview2.exe (PID: 504 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2460 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:8 MD5: 9909D978B39FB7369F511D8506C17CA0)
      • msedgewebview2.exe (PID: 6548 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1729768802568476 --launch-time-ticks=4567489855 --mojo-platform-channel-handle=3452 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:1 MD5: 9909D978B39FB7369F511D8506C17CA0)
  • WinRAR.exe (PID: 7004 cmdline: "C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe" MD5: 0D76233931DFA993FD9B546BD5229976)
  • WinRAR.exe (PID: 2132 cmdline: "C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe" MD5: 0D76233931DFA993FD9B546BD5229976)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

System Summary

barindex
Sigma detected: Potential Persistence Via App Paths Default Property
Source: Registry Key setAuthor: Nasreddine Bencherchali (Nextron Systems): Data: Details: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe, ProcessId: 6668, TargetObject: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WinRAR.exe\(Default)
Sigma detected: Classes Autorun Keys Modification
Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: , EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe, ProcessId: 6668, TargetObject: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR\shellex\PropertySheetHandlers\{B41DB860-8EE4-11D2-9906-E49FADC173CA}\(Default)

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Bitcoin Miner

barindex
Found strings related to Crypto-Mining
Source: msedgewebview2.exe, 0000000C.00000002.1255813502.00003F1000AEC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: jsecoin.com
Source: msedgewebview2.exe, 0000000C.00000002.1256138225.00003F1000B2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "coinhive.com
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeRegistry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiverJump to behavior
Source: Binary string: D:\Projects\WinRAR\build\winrar64\Release\WinRAR.pdb source: WinRAR.exe
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile opened: C:\Users\user\AppData\LocalJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile opened: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zipJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile opened: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile opened: C:\Users\user\AppDataJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile opened: C:\Users\userJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile opened: C:\Users\user\AppData\Local\TempJump to behavior
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/* equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129fy.ie.chalai.net
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://360kjedge.dh.softby.cn
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://360kjedge.xrccp.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://430360cs.yc.anhuang.net
Source: msedgewebview2.exe, 0000000C.00000002.1252339897.00003F10005E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://511sllqdkj.yc.anhuang.net
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://511zdqdkj.yc.anhuang.net
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://608hyestn.yc.ceg29.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://625mressw.yc.ceg29.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://803hyescs.30bz.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://aldkj207.dh.softby.cn
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://aldkj827.xrccp.com
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208490016.000047E400150000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/1423136
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/1423136qqq
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2162
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2162ocu
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2517
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2517ng
Source: msedgewebview2.exe, 0000000C.00000002.1255977854.00003F1000B0C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2970
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3078
Source: msedgewebview2.exe, 0000000C.00000002.1243835973.00003F1000020000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400169000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3205
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3206
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/32061
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3452
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3502
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3502KA
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208751226.000047E400185000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3577
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3584
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1253763106.00003F1000930000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400169000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3586
Source: msedgewebview2.exe, 0000000C.00000002.1255813502.00003F1000AEC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1237455648.000047E4000A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3623
Source: msedgewebview2.exe, 0000000C.00000002.1255813502.00003F1000AEC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1237455648.000047E4000A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3624
Source: msedgewebview2.exe, 0000000C.00000002.1255813502.00003F1000AEC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1237455648.000047E4000A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3625
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3832
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3862
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3965
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1253763106.00003F1000930000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208751226.000047E400185000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3970
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3970%
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4384
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4384m
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4405
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4428
Source: msedgewebview2.exe, 0000000C.00000002.1255977854.00003F1000B0C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4551
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4633
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4633iew
Source: msedgewebview2.exe, 0000000C.00000002.1255977854.00003F1000B0C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400169000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4722
Source: msedgewebview2.exe, 0000000C.00000002.1255977854.00003F1000B0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4722x#
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208751226.000047E400185000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4836
Source: msedgewebview2.exe, 0000000C.00000002.1252569197.00003F1000838000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1255977854.00003F1000B0C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400169000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4901
Source: msedgewebview2.exe, 0000000C.00000002.1255977854.00003F1000B0C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4937
Source: msedgewebview2.exe, 0000000C.00000002.1255977854.00003F1000B0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4937tus
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208490016.000047E400150000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5007
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5055
Source: msedgewebview2.exe, 0000000C.00000003.1211345215.00003F1000EEC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5061
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5061iew
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5281
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5371
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5375
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208751226.000047E400185000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5421
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5430
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5430iew
Source: msedgewebview2.exe, 0000000C.00000002.1252569197.00003F1000838000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400169000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5535
Source: msedgewebview2.exe, 0000000C.00000002.1252569197.00003F1000838000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5535?
Source: msedgewebview2.exe, 0000000C.00000002.1249356962.00003F10003EA000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000003.1213020106.00003F10003D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5658
Source: msedgewebview2.exe, 0000000C.00000002.1249356962.00003F10003EA000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000003.1213020106.00003F10003D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5658?
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5750
Source: msedgewebview2.exe, 0000000C.00000003.1211345215.00003F1000EEC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5881
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5881z
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5901
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5901.
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208751226.000047E400185000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5906
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5906?
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5906l
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6041
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6041k
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6048
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6141
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6248
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6439
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6651
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6692
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6860
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6876
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6878
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6929
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6953
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7047
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7172
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7279
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7406
Source: msedgewebview2.exe, 0000000C.00000003.1211345215.00003F1000EEC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7488
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7553
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7556
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7556i
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208490016.000047E400150000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7760
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8162
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8215
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8215S
Source: msedgewebview2.exe, 0000000C.00000002.1255977854.00003F1000B0C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8229
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8280
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8280?
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://bd.gy912.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cdmg.yuchiweb.icu
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://click.dotmap.co.kr/?pf_code=
Source: msedgewebview2.exe, 0000000C.00000002.1252339897.00003F10005E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://df.edge.bdkj.bailiana.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://df.edge.qhkj.baicana.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://df.edge.zdkj.ker58.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://df.zm.zdkj.ker58.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1252339897.00003F10005E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://dongtaiwang.com/loc/phome.php?v=
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://dongtaiwang.com/loc/phome.php?v=odo
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://game.whwuyan.cn
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://hao123.di178.com/?
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://hao123.di178.com/?r916
Source: msedgewebview2.exe, 0000000C.00000002.1252339897.00003F10005E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://hao123kjedge.dh.softby.cn
Source: msedgewebview2.exe, 0000000C.00000002.1257106654.00003F1000C5F000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1238188478.000047E400104000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1238621005.000047E40014C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://issuetracker.google.com/200067929
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://jg.wangamela.com/tg
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mini.yyrtv.com/?from=
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://navi.anhuiyunci.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://navi.programmea.com
Source: msedgewebview2.exe, 0000000C.00000002.1251549891.00003F1000538000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://playinfo.gomlab.com/ending_browser.gom?product=GOMPLAYER
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r.emsoso.cn
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r.jgxqebp.cn
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://service.whchenxiang.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://sgcs.edge.ker58.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://sgkjedge.47gs.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tx.edge.ker58.com
Source: msedgewebview2.exe, 0000000C.00000002.1257855460.00003F1000D24000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://unisolated.invalid/
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://vi.liveen.vn/p/home.html
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://web.113989.com/?
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://web.503188.com/?
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.4399.com/flash/32979.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.4399.com/flash/48399.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.4399.com/flash/seer.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252745212.00003F1000858000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.chambersign.org1
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.dinoklafbzor.org
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.hao123.com.11818wz.com/?e
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://xt.tiantianbannixue.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1246271003.00003F10001B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://zn728.tdg68.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://123.sogou.com/?
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://17roco.qq.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://360.qrfq25sg.xyz
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1246271003.00003F10001B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://656a.com
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4830
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4966
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/5845
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/6574
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7161
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7162
Source: msedgewebview2.exe, 0000000C.00000002.1255977854.00003F1000B0C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7246
Source: msedgewebview2.exe, 0000000C.00000002.1255977854.00003F1000B0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7246?
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7308
Source: msedgewebview2.exe, 0000000C.00000002.1255977854.00003F1000B0C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400169000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7319
Source: msedgewebview2.exe, 0000000C.00000002.1255977854.00003F1000B0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7319?
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7320
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7369
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7369rds
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7369w
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7382
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7489
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7604
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7714
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7847
Source: msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7899
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ausu.lol
Source: msedgewebview2.exe, 0000000C.00000002.1249828145.00003F100040C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://baduk.hangame.com/?utm_source=baduk&utm_medium=icon&utm_campaign=shortcut
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://browser.360.cn/saas/index.html
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://browser.cloud.huawei.com.cn/pc
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://code.51.com
Source: msedgewebview2.exe, 0000000C.00000002.1246130915.00003F1000194000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1246701910.00003F100021C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000F.00000002.1218576261.000023F0000AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://config.edge.skype.com/config/v1/Edge/117.0.2045.47?clientId=3733501457320386937&agents=EdgeC
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://daohang.96zxue.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://de.withtls.net
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://dev.tg.wan.360.cn/?
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1252339897.00003F10005E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://discovery.lenovo.com.cn/home
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://discovery.lenovo.com.cn/home062291
Source: msedgewebview2.exe, 0000000C.00000002.1250257317.00003F1000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://easyauth.edgebrowser.microsoft-falcon.io/
Source: msedgewebview2.exe, 0000000C.00000002.1250257317.00003F1000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://easyauth.edgebrowser.microsoft-staging-falcon.io/
Source: msedgewebview2.exe, 0000000C.00000002.1250257317.00003F1000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://easyauth.edgebrowser.microsoft-testing-falcon.io/
Source: msedgewebview2.exe, 0000000C.00000002.1246271003.00003F10001B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://edge.ilive.cn
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gamebox.160.com/static
Source: msedgewebview2.exe, 0000000C.00000002.1246612619.00003F100020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/
Source: msedgewebview2.exe, 0000000C.00000002.1246612619.00003F100020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/or
Source: msedgewebview2.exe, 0000000C.00000002.1251549891.00003F1000538000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gostop.hangame.com/index.nhn?gameId=msduelgo&utm_source=msduelgo&utm_medium=icon&utm_campaig
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://h5.mcetab.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.cn/?a1004
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?360safe
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?a1004
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?a1111
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?h_lnk
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?installer
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?src=jsqth
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?src=lm&ls=
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?wd_xp1
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?y1001
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?y1002
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.360.com/?y1013
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.lenovo.ilive.cn
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.qq.com/?unc=
Source: msedgewebview2.exe, 0000000C.00000002.1252339897.00003F10005E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.qq.com/?unc=Af31026&s=o400493_1
Source: msedgewebview2.exe, 0000000C.00000002.1252339897.00003F10005E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.qq.com/?unc=Af31026&s=o400493_1?
Source: msedgewebview2.exe, 0000000C.00000002.1251549891.00003F1000538000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao123-static.cdn.bcebos.com/manual-res/jump_index.html
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hk.eynbm.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hlj04.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hlj04.com(
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ilive.lenovo.com.cn/?f=
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://int.msn.cn/
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://int.msn.com/
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://int1.msn.cn/
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://int1.msn.com/
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://internet-start.net/?
Source: msedgewebview2.exe, 0000000C.00000002.1256428373.00003F1000B64000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236741973.000047E400028000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/issues/166475273
Source: msedgewebview2.exe, 0000000C.00000002.1256428373.00003F1000B64000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/issues/166475273x
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://jg.awaliwa.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://jianjie.2345.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://kf.07073.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lenovo.ilive.cn
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lenovo.ilive.cn/?f=
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://localhost.msn.com/
Source: msedgewebview2.exe, 0000000C.00000002.1241564696.00000219A1202000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1241348563.000002199DF54000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com
Source: msedgewebview2.exe, 0000000C.00000002.1241564696.00000219A1202000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/
Source: msedgewebview2.exe, 0000000C.00000002.1241348563.000002199DF54000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com0
Source: msedgewebview2.exe, 0000000C.00000002.1239574212.000002199C0C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.windows.local
Source: msedgewebview2.exe, 0000000C.00000002.1239574212.000002199C0C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.windows.local/
Source: msedgewebview2.exe, 0000000C.00000002.1241564696.00000219A1202000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.windows.localLL
Source: msedgewebview2.exe, 0000000C.00000002.1241564696.00000219A1202000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.windows.net
Source: msedgewebview2.exe, 0000000C.00000002.1240781040.000002199DF02000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.windows.net0
Source: msedgewebview2.exe, 0000000C.00000002.1244357181.00003F1000070000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lx.pub
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lx.pub/
Source: msedgewebview2.exe, 0000000C.00000002.1239045953.000002199C06D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://malaysia.smar
Source: msedgewebview2.exe, 0000000C.00000002.1239045953.000002199C06D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://malaysia.smarscreen.PZ
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://microsoftstart.msn.cn/
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://microsoftstart.msn.com/
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1252339897.00003F10005E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mini.eastday.com/?qid=04433&rfstyle=qt
Source: msedgewebview2.exe, 0000000C.00000002.1246612619.00003F100020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.cn/
Source: msedgewebview2.exe, 0000000C.00000002.1246612619.00003F100020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.com/
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://my.4399.com/yxmsdzls/
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://news.4399.com/aoqi/
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://news.4399.com/aoyazhiguang/
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://news.4399.com/hxjy/
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://news.4399.com/pikatang/
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://news.4399.com/qiu/
Source: WinRAR.exe, 00000007.00000002.1232642690.00007FF713E60000.00000004.00000001.01000000.00000004.sdmp, WinRAR.exe, 00000018.00000002.1382670289.00007FF695AAF000.00000004.00000001.01000000.00000012.sdmp, WinRAR.exe, 0000001B.00000002.2123184792.00007FF630CCF000.00000004.00000001.01000000.00000012.sdmpString found in binary or memory: https://notifier.rarlab.com/?language=$L&source=RARLAB&landingpage=first&version=$V&architecture=$A
Source: WinRAR.exe, 00000007.00000002.1232642690.00007FF713E60000.00000004.00000001.01000000.00000004.sdmp, WinRAR.exe, 00000018.00000002.1382670289.00007FF695AAF000.00000004.00000001.01000000.00000012.sdmp, WinRAR.exe, 0000001B.00000002.2123184792.00007FF630CCF000.00000004.00000001.01000000.00000012.sdmpString found in binary or memory: https://notifier.rarlab.com/?language=$L&source=RARLAB&landingpage=firstexpired&version=$V&architect
Source: WinRAR.exe, 00000007.00000002.1232642690.00007FF713E60000.00000004.00000001.01000000.00000004.sdmp, WinRAR.exe, 00000007.00000003.1216552626.0000012691E32000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://notifier.rarlab.com/?language=English&source=RARLAB&landingpage=first&version=701&architectu
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ntp.msn.cn/
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ntp.msn.cn/edge/ntp
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ntp.msn.com/
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ntp.www.office.com/
Source: msedgewebview2.exe, 0000000C.00000002.1246612619.00003F100020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://office.net/
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://outlook.com/
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://outlook.live.com/
Source: msedgewebview2.exe, 0000000C.00000002.1243835973.00003F1000020000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000F.00000003.1211552856.000023F000114000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/
Source: msedgewebview2.exe, 0000000C.00000002.1243835973.00003F1000020000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/?
Source: msedgewebview2.exe, 0000000C.00000002.1254181583.00003F100098C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/chrome/blank.html
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redian.mnjunshi.com/?qid=tpnews
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redian.mnjunshi.com/?qid=tpnewsy_pcuni
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://so.lenovo.com.cn
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ssjj.4399.com/
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://start.jword.jp/?fr=slc
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tg.602.com
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tj.xyhvip.cn
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tp.9377s.com
Source: msedgewebview2.exe, 0000000C.00000002.1240085619.000002199C0F8000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1241564696.00000219A1202000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1239964174.000002199C0E6000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000003.1205673515.000002199DF56000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000003.1232389462.000002199C0DC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://unitedstates1.ss.wd.microsoft.us/
Source: msedgewebview2.exe, 0000000C.00000002.1240781040.000002199DF02000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000003.1205673515.000002199DF56000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://unitedstates2.ss.wd.microsoft.us/
Source: msedgewebview2.exe, 0000000C.00000002.1240781040.000002199DF02000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://unitedstates2.ss.wd.microsoft.us/FPNT
Source: msedgewebview2.exe, 0000000C.00000002.1241564696.00000219A1202000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000003.1205673515.000002199DF56000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://unitedstates4.ss.wd.microsoft.us/
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://web.sogou.com/?
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://windows.msn.cn/
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://windows.msn.com/
Source: msedgewebview2.exe, 0000000C.00000002.1244460378.00003F100008B000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.2345.com/?
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/100030_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/10305_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/10379.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/10379_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/107884_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/109832_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/110975_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/112689_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/115339_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/117227_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/117945_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/118852_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/122099_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/12669_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/12669_4.htmhttps://www.4399.com/flash/122099_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/127539_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/130389_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/130396.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/130396_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/132028.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/133630_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/134302_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/136516_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/137116_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/137953_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/1382_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/145991_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/151915_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/155283_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/155476_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/15548_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/160944_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/163478_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/171322_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/173634_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/177937_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/17801_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/18012.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/18012_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/180977_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/18169_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/187040_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/187228_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/188593.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/188739_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/189558_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/191203_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/195673_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/195990_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/198491_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/198637_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/198660_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/199408_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202061_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202574_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202604_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202692_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202724_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202785.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202819_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202828_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202901_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202907_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202911_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203018_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203093_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203152.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203153_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203154.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203166_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203178_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203215_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203231_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203369_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203371_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203404_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203453_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203476_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203481_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203481_3.htmhttps://www.4399.com/flash/203476_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203495_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203515_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203564_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203682_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203768_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204044_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204056_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204206.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204255_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204290_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204422_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204429_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204562_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204650_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204685_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204886_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204926_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204952_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204989_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205090_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205147.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205165.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205182.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205235_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205325_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205341_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205462_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205536_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205551_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205845_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/206114_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/20660_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/206724_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/207195_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/207717_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/208107_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/209567_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/210650_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/212767_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/21552_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/216417_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/21674_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217370_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217603_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217622_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217629_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217706_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217815_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217844_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217855_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217926_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/218066_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/218162_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/218717_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/218860_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/218939_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/220266_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/221162_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/221700_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/221839_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/222061_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/222151_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/222442_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/22287_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/22287_2.htmhttps://www.4399.com/flash/222442_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/223745.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/223745_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/225193_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/227465_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/230446_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/231814_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/27924.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/27924_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/32979_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/35538.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/35538_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/3881_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/3883_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/39379_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/40779_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/41193_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/42760_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/43689_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/43841_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/47931_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/48272_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/48504.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/48504_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/55146_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/59227_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/60369_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/6232_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/63805_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/65731_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/69112_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/69156_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/70215_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/72526_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/73386.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/776_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/79452_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/81895_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/83345_4.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/85646_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/87425_2.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/88902_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/90302_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/93015_1.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/93398_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/93551_3.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/yzzrhj.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/zmhj.htm
Source: msedgewebview2.exe, 0000000C.00000002.1251549891.00003F1000538000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/zmhj.htm#search3-6407
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.91duba.com/?
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.91duba.com/?f=
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/?tn=
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1252339897.00003F10005E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/s?tn=15007414_9_dg&wd=
Source: msedgewebview2.exe, 0000000C.00000002.1252339897.00003F10005E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/s?tn=15007414_9_dg&wd=?
Source: msedgewebview2.exe, 0000000C.00000002.1245242937.00003F10000F8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.catcert.net/verarrel
Source: msedgewebview2.exe, 0000000C.00000002.1252339897.00003F10005E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.douyin.com/?ug_source=
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.flash.cn/success
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.hao123.com/?tn=
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.huobi.com/?utm_source=UT&utm_medium=prodnews&inviter_id=
Source: msedgewebview2.exe, 0000000C.00000002.1252339897.00003F10005E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.iduba.com/sv.html?f=
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.jiegeng.com
Source: msedgewebview2.exe, 0000000C.00000002.1251549891.00003F1000538000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ludashi.com/cms/server/monitor.php?id=
Source: msedgewebview2.exe, 0000000C.00000002.1251549891.00003F1000538000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ludashi.com/cms/server/monitor.php?id=?
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.microsoftnews.cn/
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.microsoftnews.com/
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.msn.cn/
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.nate.com/?f=nateontb
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.newduba.cn/?
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.newduba.cn/?f=
Source: WinRAR.exe, 00000007.00000000.1135964922.00007FF713EBE000.00000002.00000001.01000000.00000004.sdmpString found in binary or memory: https://www.rarlab.com
Source: WinRAR.exe, 00000007.00000000.1135823152.00007FF713E0A000.00000002.00000001.01000000.00000004.sdmp, WinRAR.exe, 00000018.00000000.1331366536.00007FF695A70000.00000002.00000001.01000000.00000012.sdmp, WinRAR.exe, 0000001B.00000000.2057627926.00007FF630C90000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: https://www.rarlab.com/reminder.php?language=$L&source=rarlab&architecture=$A&version=$Vorder.htmInt
Source: WinRAR.exe, 00000007.00000000.1135964922.00007FF713EBE000.00000002.00000001.01000000.00000004.sdmpString found in binary or memory: https://www.rarlab.com/themes.htm
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.so.com/?src=
Source: msedgewebview2.exe, 0000000C.00000002.1251549891.00003F1000538000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.so.com/s?ie=
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.sogou.com/web?ie=
Source: msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.staging-bing-int.com/
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.startfenster.de
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.startseite24.net
Source: msedgewebview2.exe, 0000000C.00000002.1240781040.000002199DF02000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1241084679.000002199DF2C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://xsts.auth.xboxlive.com
Source: msedgewebview2.exe, 0000000C.00000002.1240781040.000002199DF02000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://xsts.auth.xboxlive.com/https://login.windows.net/
Source: msedgewebview2.exe, 0000000C.00000002.1239574212.000002199C0C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://xsts.auth.xboxlive.com5
Source: msedgewebview2.exe, 0000000C.00000002.1241264554.000002199DF4B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://xsts.auth.xboxlive.com65
Source: msedgewebview2.exe, 0000000C.00000002.1241264554.000002199DF4B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://xsts.auth.xboxlive.com9B
Source: msedgewebview2.exe, 0000000C.00000002.1241264554.000002199DF4B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://xsts.auth.xboxlive.comDisableTelemetryOptInSettingsUx
Source: msedgewebview2.exe, 0000000C.00000002.1252339897.00003F10005E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yxtg.3zwx.cn/tg/ttfc.html?sc=
Source: msedgewebview2.exe, 0000000C.00000002.1252339897.00003F10005E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yxtg.flamebird.cn/tg/ttfc.html?sc=
Source: msedgewebview2.exe, 0000000C.00000002.1252339897.00003F10005E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yxtg.taojike.com.cn/tg/ttfc.html?sc=
Source: msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://zum.com/?af=
Source: classification engineClassification label: mal48.mine.winZIP@17/117@0/0
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile created: C:\Users\user\AppData\Roaming\WinRARJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeMutant created: NULL
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeMutant created: \Sessions\1\BaseNamedObjects\WinRAR_Busy
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile created: C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile read: C:\Users\desktop.iniJump to behavior
Source: C:\Windows\System32\rundll32.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: unknownProcess created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Source: msedgewebview2.exe, 0000000C.00000003.1231869365.00003F1000874000.00000004.00000800.00020000.00000000.sdmp, Login Data.12.drBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
Source: WinRAR.exeString found in binary or memory: invalid string_view positionActivePathThemes\winrar_theme_description.txttitle=about=background=RAR.icoREV.icoSetup.icoToolbar\Add.bmpRarSmall.bmpShellExtBMPRar.icopngToolbar\Add.pngSFX.icoSFXLogo.bmpORGTHEMESHELPOrganizeThemes*.theme.rar\Themes\addAdd.pngextoExtractTo.pngtestTest.pngviewView.pngdelDelete.pngfindFind.pngprnPrint.pngwizWizard.pngcvtConvert.pnginfoInfo.pngexitExit.pngrepRepair.pngextrExtract.pngvirVirusScan.pngcmtComment.pngprotProtect.pnglockLock.pngSFX.pngrptReport.pngbncBenchmark.pngReBarWindow32f.%sGeneral\Toolbar\Buttons.posf.%s.sepa.%sa.%s.sepToolbar\ViewMainToolbarWindow32ViewSmallFolderUp.pngBand%d_%dGeneral\Toolbar\LayoutSELECTTOOLBARSTOOLBARBUTTONS----------HELPToolbarButtonsSizeDiskTreeTreePanelArcTreeRightBorderRarTreeWindowSysTreeView32
Source: WinRAR.exeString found in binary or memory: invalid string_view positionActivePathThemes\winrar_theme_description.txttitle=about=background=RAR.icoREV.icoSetup.icoToolbar\Add.bmpRarSmall.bmpShellExtBMPRar.icopngToolbar\Add.pngSFX.icoSFXLogo.bmpORGTHEMESHELPOrganizeThemes*.theme.rar\Themes\addAdd.pngextoExtractTo.pngtestTest.pngviewView.pngdelDelete.pngfindFind.pngprnPrint.pngwizWizard.pngcvtConvert.pnginfoInfo.pngexitExit.pngrepRepair.pngextrExtract.pngvirVirusScan.pngcmtComment.pngprotProtect.pnglockLock.pngSFX.pngrptReport.pngbncBenchmark.pngReBarWindow32f.%sGeneral\Toolbar\Buttons.posf.%s.sepa.%sa.%s.sepToolbar\ViewMainToolbarWindow32ViewSmallFolderUp.pngBand%d_%dGeneral\Toolbar\LayoutSELECTTOOLBARSTOOLBARBUTTONS----------HELPToolbarButtonsSizeDiskTreeTreePanelArcTreeRightBorderRarTreeWindowSysTreeView32
Source: unknownProcess created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe "C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe"
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeProcess created: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe "C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe" -isetup_integration
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=6588.548.7445727294754826910
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7ffa2c0c8e88,0x7ffa2c0c8e98,0x7ffa2c0c8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1728 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2196 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2460 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1729768802568476 --launch-time-ticks=4567489855 --mojo-platform-channel-handle=3452 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:1
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe "C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe"
Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe "C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe"
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=6588.548.7445727294754826910Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7ffa2c0c8e88,0x7ffa2c0c8e98,0x7ffa2c0c8ea8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1728 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:2Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2196 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2460 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1729768802568476 --launch-time-ticks=4567489855 --mojo-platform-channel-handle=3452 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:1Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: msimg32.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: riched20.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: usp10.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: msls31.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: dataexchange.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: dcomp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: mpr.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: drprov.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: winsta.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: ntlanman.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: davclnt.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: davhlpr.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: cscapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: netutils.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: dlnashext.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: playtodevice.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: devdispitemprovider.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: mmdevapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: devobj.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wpdshext.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: portabledeviceapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: ehstorshell.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: ehstorapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: secur32.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: samcli.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: samlib.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: thumbcache.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: edputil.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: slc.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: sppc.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: pcacli.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: sfc_os.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: msimg32.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: riched20.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: usp10.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: msls31.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: dataexchange.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: dcomp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: thumbcache.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: linkinfo.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: ntshrui.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: cscapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: mpr.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: drprov.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: winsta.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: ntlanman.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: davclnt.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: davhlpr.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: netutils.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: dlnashext.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: playtodevice.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: devdispitemprovider.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: mmdevapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: devobj.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wpdshext.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: portabledeviceapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: ehstorshell.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: ehstorapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: secur32.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: samcli.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: samlib.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: version.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winmm.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: kbdus.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: userenv.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: netutils.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mdmregistration.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mdmregistration.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: omadmapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dmcmnutils.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: iri.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dsreg.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: profapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dwrite.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: nlaapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dhcpcsvc6.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dhcpcsvc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wldp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.ui.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windowmanagementapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: inputhost.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: propsys.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: profapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mscms.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: coloradapterclient.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winsta.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.security.authentication.web.core.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: devobj.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dataexchange.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dcomp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: resourcepolicyclient.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mf.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mfplat.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: rtworkq.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: hevcdecoder.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dolbydecmft.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: uiautomationcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mfperfhelper.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: atlthunk.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: oleacc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: directmanipulation.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: hevcdecoder.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: tenantrestrictionsplugin.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: vaultcli.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winmm.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winmm.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dhcpcsvc6.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dhcpcsvc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: nlaapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winmm.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: msimg32.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: riched20.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: usp10.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: msls31.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: dataexchange.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: dcomp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: mpr.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: drprov.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: winsta.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: ntlanman.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: davclnt.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: davhlpr.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: cscapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: netutils.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: dlnashext.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: playtodevice.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: devdispitemprovider.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: mmdevapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: devobj.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wpdshext.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: portabledeviceapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: ehstorshell.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: ehstorapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: secur32.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: samcli.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: samlib.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: thumbcache.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: msimg32.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: riched20.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: usp10.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: msls31.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: dataexchange.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: dcomp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: mpr.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: drprov.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: winsta.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: ntlanman.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: davclnt.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: davhlpr.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: cscapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: netutils.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: dlnashext.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: playtodevice.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: devdispitemprovider.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: mmdevapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: devobj.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wpdshext.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: portabledeviceapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: ehstorshell.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: ehstorapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: secur32.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: samcli.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: samlib.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeSection loaded: thumbcache.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32Jump to behavior
Source: WinRAR.lnk.10.drLNK file: ..\..\..\..\..\..\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe
Source: WinRAR.lnk0.10.drLNK file: ..\..\..\..\..\..\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeWindow found: window name: SysTabControl32Jump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeWindow detected: Number of UI elements: 37
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeRegistry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiverJump to behavior
Source: Archive.zipStatic file information: File size 3810357 > 1048576
Source: Binary string: D:\Projects\WinRAR\build\winrar64\Release\WinRAR.pdb source: WinRAR.exe
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRARJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnkJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRARJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnkJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnkJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnkJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeRegistry key monitored for changes: HKEY_CURRENT_USER_ClassesJump to behavior
Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Code Cache\wasm FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Code Cache\js FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\blob_storage\87732226-b741-41b3-a4ff-6f39be78ee83 FullSizeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile opened: C:\Users\user\AppData\LocalJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile opened: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zipJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile opened: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile opened: C:\Users\user\AppDataJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile opened: C:\Users\userJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeFile opened: C:\Users\user\AppData\Local\TempJump to behavior
Source: WinRAR.exe, 0000001B.00000003.2061327202.00000225E3B87000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}!y
Source: WinRAR.exe, 00000018.00000002.1382300480.0000024EAF0A4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: 2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}T
Source: WinRAR.exe, 0000000A.00000003.1186152427.000001CFA1912000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: War&Prod_VMware_
Source: WinRAR.exe, 00000007.00000003.1139736251.0000012693BE9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: WinRAR.exe, 00000007.00000003.1139736251.0000012693BE9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\8b}E
Source: WinRAR.exe, 00000007.00000003.1139736251.0000012693BE9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\8b}\#
Source: WinRAR.exe, 0000001B.00000003.2061327202.00000225E3B87000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\dll
Source: WinRAR.exe, 00000007.00000003.1139736251.0000012693BE9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}b8b}\B
Source: WinRAR.exe, 0000001B.00000003.2113880651.00000225E3BCA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: AGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: msedgewebview2.exe, 0000000C.00000002.1238884699.000002199C045000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000000F.00000002.1216458506.000001D22D02B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7ffa2c0c8e88,0x7ffa2c0c8e98,0x7ffa2c0c8ea8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1728 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:2Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2196 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2460 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1729768802568476 --launch-time-ticks=4567489855 --mojo-platform-channel-handle=3452 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:1Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=winrar.exe --webview-exe-version=7.1.0 --user-data-dir="c:\users\user\appdata\local\temp\winrar.exe.webview2\ebwebview" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --enable-features=mojoipcz --mojo-named-platform-channel-pipe=6588.548.7445727294754826910
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=c:\users\user\appdata\local\temp\winrar.exe.webview2\ebwebview /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=c:\users\user\appdata\local\temp\winrar.exe.webview2\ebwebview\crashpad --annotation=isofficialbuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=win64 "--annotation=prod=edge webview2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7ffa2c0c8e88,0x7ffa2c0c8e98,0x7ffa2c0c8ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="c:\users\user\appdata\local\temp\winrar.exe.webview2\ebwebview" --webview-exe-name=winrar.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=waaaaaaaaadgaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaaaeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=1728 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=mojoipcz /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --noerrdialogs --user-data-dir="c:\users\user\appdata\local\temp\winrar.exe.webview2\ebwebview" --webview-exe-name=winrar.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2196 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=mojoipcz /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.storageservice --lang=en-gb --service-sandbox-type=service --noerrdialogs --user-data-dir="c:\users\user\appdata\local\temp\winrar.exe.webview2\ebwebview" --webview-exe-name=winrar.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2460 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=mojoipcz /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="c:\users\user\appdata\local\temp\winrar.exe.webview2\ebwebview" --webview-exe-name=winrar.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_ch" --time-ticks-at-unix-epoch=-1729768802568476 --launch-time-ticks=4567489855 --mojo-platform-channel-handle=3452 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=mojoipcz /prefetch:1
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=winrar.exe --webview-exe-version=7.1.0 --user-data-dir="c:\users\user\appdata\local\temp\winrar.exe.webview2\ebwebview" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --enable-features=mojoipcz --mojo-named-platform-channel-pipe=6588.548.7445727294754826910Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=c:\users\user\appdata\local\temp\winrar.exe.webview2\ebwebview /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=c:\users\user\appdata\local\temp\winrar.exe.webview2\ebwebview\crashpad --annotation=isofficialbuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=win64 "--annotation=prod=edge webview2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7ffa2c0c8e88,0x7ffa2c0c8e98,0x7ffa2c0c8ea8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="c:\users\user\appdata\local\temp\winrar.exe.webview2\ebwebview" --webview-exe-name=winrar.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=waaaaaaaaadgaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaaaeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=1728 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=mojoipcz /prefetch:2Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --noerrdialogs --user-data-dir="c:\users\user\appdata\local\temp\winrar.exe.webview2\ebwebview" --webview-exe-name=winrar.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2196 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=mojoipcz /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.storageservice --lang=en-gb --service-sandbox-type=service --noerrdialogs --user-data-dir="c:\users\user\appdata\local\temp\winrar.exe.webview2\ebwebview" --webview-exe-name=winrar.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2460 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=mojoipcz /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="c:\users\user\appdata\local\temp\winrar.exe.webview2\ebwebview" --webview-exe-name=winrar.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_ch" --time-ticks-at-unix-epoch=-1729768802568476 --launch-time-ticks=4567489855 --mojo-platform-channel-handle=3452 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=mojoipcz /prefetch:1Jump to behavior
Source: WinRAR.exeBinary or memory string: %%=%c:%%=%c:EDITtooltips_class32CMDWNDADDCMDWNDOTHERCMDWNDCONVERTCMDWNDFINDCMDWNDBENCHCMDWNDREAD* %sHELPExecArcCmdInterface\CmdWin\%sDoneCMDMODETaskbarCreatedProgmanHELPCmdMode
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\WidevineCdm\manifest.json VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\Trust Protection Lists\manifest.json VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\System32\spool\drivers\color\sRGB Color Space Profile.icm VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\MEIPreload\preloaded_data.pb VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Network\SCT Auditing Pending Reports VolumeInformationJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts12
Command and Scripting Interpreter		1
Windows Service		1
Windows Service		1
Masquerading		OS Credential Dumping1
Query Registry		Remote ServicesData from Local SystemData ObfuscationExfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
Registry Run Keys / Startup Folder		12
Process Injection		12
Process Injection		LSASS Memory1
Security Software Discovery		Remote Desktop ProtocolData from Removable MediaJunk DataExfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAt1
DLL Side-Loading		1
Registry Run Keys / Startup Folder		1
Rundll32		Security Account Manager1
Process Discovery		SMB/Windows Admin SharesData from Network Shared DriveSteganographyAutomated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook1
DLL Side-Loading		1
DLL Side-Loading		NTDS1
Remote System Discovery		Distributed Component Object ModelInput CaptureProtocol ImpersonationTraffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon ScriptSoftware PackingLSA Secrets2
File and Directory Discovery		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC ScriptsSteganographyCached Domain Credentials22
System Information Discovery		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1541170 Sample: Archive.zip Startdate: 24/10/2024 Architecture: WINDOWS Score: 48 28 Sigma detected: Potential Persistence Via App Paths Default Property 2->28 7 WinRAR.exe 410 8 2->7         started        9 WinRAR.exe 6 2->9         started        11 WinRAR.exe 6 2->11         started        13 rundll32.exe 2->13         started        process3 process4 15 msedgewebview2.exe 33 190 7->15         started        18 WinRAR.exe 77 14 7->18         started        signatures5 30 Found strings related to Crypto-Mining 15->30 20 msedgewebview2.exe 15->20         started        22 msedgewebview2.exe 15->22         started        24 msedgewebview2.exe 4 15->24         started        26 2 other processes 15->26 process6

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://www.chambersign.org10%URL Reputationsafe

Domains and IPs

Contacted Domains

No contacted domains info

URLs from Memory and Binaries

NameSourceMaliciousAntivirus DetectionReputation
http://web.503188.com/?msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
    		unknown
    https://hao.360.com/?installermsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
      		unknown
      http://www.4399.com/flash/32979.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
        		unknown
        https://anglebug.com/7246?msedgewebview2.exe, 0000000C.00000002.1255977854.00003F1000B0C000.00000004.00000800.00020000.00000000.sdmpfalse
          		unknown
          http://hao123.di178.com/?r916msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
            		unknown
            https://www.4399.com/flash/180977_3.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
              		unknown
              https://tg.602.commsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                		unknown
                https://www.4399.com/flash/127539_4.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                  		unknown
                  http://anglebug.com/4633msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpfalse
                    		unknown
                    https://anglebug.com/7382msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpfalse
                      		unknown
                      https://www.4399.com/flash/205462_4.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                        		unknown
                        https://www.4399.com/flash/145991_4.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                          		unknown
                          http://www.chambersign.org1msedgewebview2.exe, 0000000C.00000002.1252745212.00003F1000858000.00000004.00000800.00020000.00000000.sdmpfalse
                          • URL Reputation: safe
                          		unknown
                          https://ntp.msn.cn/edge/ntpmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                            		unknown
                            https://malaysia.smarmsedgewebview2.exe, 0000000C.00000002.1239045953.000002199C06D000.00000004.00000020.00020000.00000000.sdmpfalse
                              		unknown
                              https://www.4399.com/flash/39379_2.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                		unknown
                                https://www.4399.com/flash/55146_4.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                  		unknown
                                  https://www.4399.com/flash/195673_4.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                    		unknown
                                    https://www.microsoftnews.cn/msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpfalse
                                      		unknown
                                      https://kf.07073.commsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                        		unknown
                                        http://unisolated.invalid/msedgewebview2.exe, 0000000C.00000002.1257855460.00003F1000D24000.00000004.00000800.00020000.00000000.sdmpfalse
                                          		unknown
                                          https://www.4399.com/flash/18012.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                            		unknown
                                            https://www.4399.com/flash/zmhj.htm#search3-6407msedgewebview2.exe, 0000000C.00000002.1251549891.00003F1000538000.00000004.00000800.00020000.00000000.sdmpfalse
                                              		unknown
                                              http://bd.gy912.commsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                		unknown
                                                https://www.91duba.com/?f=msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                  		unknown
                                                  http://anglebug.com/6929msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpfalse
                                                    		unknown
                                                    https://www.4399.com/flash/217926_2.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                      		unknown
                                                      https://www.4399.com/flash/218860_1.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                        		unknown
                                                        https://anglebug.com/7246msedgewebview2.exe, 0000000C.00000002.1255977854.00003F1000B0C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                          		unknown
                                                          https://www.4399.com/flash/27924_2.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                            		unknown
                                                            https://int.msn.cn/msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                              		unknown
                                                              https://anglebug.com/7369msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                		unknown
                                                                https://anglebug.com/7489msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                  		unknown
                                                                  https://unitedstates1.ss.wd.microsoft.us/msedgewebview2.exe, 0000000C.00000002.1240085619.000002199C0F8000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1241564696.00000219A1202000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1239964174.000002199C0E6000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000003.1205673515.000002199DF56000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000003.1232389462.000002199C0DC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                    		unknown
                                                                    https://www.4399.com/flash/18012_4.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                      		unknown
                                                                      https://www.newduba.cn/?msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                        		unknown
                                                                        https://www.4399.com/flash/48504.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		unknown
                                                                          https://easyauth.edgebrowser.microsoft-staging-falcon.io/msedgewebview2.exe, 0000000C.00000002.1250257317.00003F1000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            		unknown
                                                                            http://anglebug.com/5881zmsedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		unknown
                                                                              http://df.edge.qhkj.baicana.commsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                		unknown
                                                                                https://hao.qq.com/?unc=Af31026&s=o400493_1?msedgewebview2.exe, 0000000C.00000002.1252339897.00003F10005E0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		unknown
                                                                                  https://tp.9377s.commsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    		unknown
                                                                                    https://easyauth.edgebrowser.microsoft-testing-falcon.io/msedgewebview2.exe, 0000000C.00000002.1250257317.00003F1000444000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      		unknown
                                                                                      http://anglebug.com/4722msedgewebview2.exe, 0000000C.00000002.1255977854.00003F1000B0C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400169000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		unknown
                                                                                        http://r.emsoso.cnmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		unknown
                                                                                          https://www.4399.com/flash/zmhj.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		unknown
                                                                                            https://www.4399.com/flash/69156_1.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		unknown
                                                                                              https://www.4399.com/flash/776_1.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		unknown
                                                                                                http://129fy.ie.chalai.netmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		unknown
                                                                                                  https://www.4399.com/flash/198637_4.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		unknown
                                                                                                    https://www.4399.com/flash/133630_4.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		unknown
                                                                                                      http://sgcs.edge.ker58.commsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		unknown
                                                                                                        https://www.4399.com/flash/218717_2.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          		unknown
                                                                                                          https://www.4399.com/flash/136516_3.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            		unknown
                                                                                                            https://www.4399.com/flash/203215_3.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		unknown
                                                                                                              https://www.4399.com/flash/207195_4.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                		unknown
                                                                                                                http://anglebug.com/3502msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		unknown
                                                                                                                  http://anglebug.com/3623msedgewebview2.exe, 0000000C.00000002.1255813502.00003F1000AEC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1237455648.000047E4000A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		unknown
                                                                                                                    https://discovery.lenovo.com.cn/home062291msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      		unknown
                                                                                                                      https://www.newduba.cn/?f=msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        		unknown
                                                                                                                        https://hao.360.com/?src=jsqthmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		unknown
                                                                                                                          http://anglebug.com/3625msedgewebview2.exe, 0000000C.00000002.1255813502.00003F1000AEC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1237455648.000047E4000A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		unknown
                                                                                                                            http://anglebug.com/3624msedgewebview2.exe, 0000000C.00000002.1255813502.00003F1000AEC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1237455648.000047E4000A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                              		unknown
                                                                                                                              https://my.4399.com/yxmsdzls/msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		unknown
                                                                                                                                https://xsts.auth.xboxlive.commsedgewebview2.exe, 0000000C.00000002.1240781040.000002199DF02000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1241084679.000002199DF2C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  		unknown
                                                                                                                                  https://www.4399.com/flash/217855_4.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		unknown
                                                                                                                                    http://anglebug.com/3862msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      		unknown
                                                                                                                                      https://yxtg.taojike.com.cn/tg/ttfc.html?sc=msedgewebview2.exe, 0000000C.00000002.1252339897.00003F10005E0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        		unknown
                                                                                                                                        http://anglebug.com/4836msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208751226.000047E400185000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          		unknown
                                                                                                                                          https://issuetracker.google.com/issues/166475273msedgewebview2.exe, 0000000C.00000002.1256428373.00003F1000B64000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236741973.000047E400028000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                            		unknown
                                                                                                                                            https://www.4399.com/flash/21674_3.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		unknown
                                                                                                                                              https://www.4399.com/flash/204650_1.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                		unknown
                                                                                                                                                https://localhost.msn.com/msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  		unknown
                                                                                                                                                  https://anglebug.com/7369wmsedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		unknown
                                                                                                                                                    https://www.4399.com/flash/115339_1.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      		unknown
                                                                                                                                                      https://www.4399.com/flash/203369_3.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        		unknown
                                                                                                                                                        https://www.jiegeng.commsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                          		unknown
                                                                                                                                                          https://internet-start.net/?msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		unknown
                                                                                                                                                            https://www.4399.com/flash/35538.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		unknown
                                                                                                                                                              https://outlook.com/msedgewebview2.exe, 0000000C.00000002.1250937829.00003F10004BC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                		unknown
                                                                                                                                                                https://www.4399.com/flash/218066_3.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		unknown
                                                                                                                                                                  https://www.4399.com/flash/6232_3.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    		unknown
                                                                                                                                                                    https://www.4399.com/flash/195990_1.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      		unknown
                                                                                                                                                                      https://www.4399.com/flash/12669_4.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		unknown
                                                                                                                                                                        https://www.4399.com/flash/204056_4.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		unknown
                                                                                                                                                                          http://anglebug.com/3970msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000C.00000002.1253763106.00003F1000930000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208751226.000047E400185000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208549347.000047E400161000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            		unknown
                                                                                                                                                                            https://www.4399.com/flash/205090_2.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              		unknown
                                                                                                                                                                              http://anglebug.com/5430iewmsedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                		unknown
                                                                                                                                                                                https://www.startfenster.demsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		unknown
                                                                                                                                                                                  https://www.4399.com/flash/10379_3.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		unknown
                                                                                                                                                                                    https://www.4399.com/flash/203018_4.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		unknown
                                                                                                                                                                                      http://tx.edge.ker58.commsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                        		unknown
                                                                                                                                                                                        https://www.so.com/?src=msedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		unknown
                                                                                                                                                                                          http://anglebug.com/5901msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		unknown
                                                                                                                                                                                            http://anglebug.com/3965msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		unknown
                                                                                                                                                                                              https://anglebug.com/7161msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                		unknown
                                                                                                                                                                                                https://anglebug.com/7162msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                  https://www.4399.com/flash/202828_2.htmmsedgewebview2.exe, 0000000C.00000002.1252151364.00003F10005B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    http://anglebug.com/5906msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208751226.000047E400185000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://anglebug.com/2517msedgewebview2.exe, 0000000C.00000002.1256755086.00003F1000B9C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1239015142.000047E40020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208976910.000047E4001A5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000002.1236495481.000047E40000C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208808921.000047E4001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000000E.00000003.1208645330.000047E400174000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        		unknown

                                                                                                                                                                                                        World Map of Contacted IPs

                                                                                                                                                                                                        No contacted IP infos

                                                                                                                                                                                                        General Information

                                                                                                                                                                                                        Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                        Analysis ID:1541170
                                                                                                                                                                                                        Start date and time:2024-10-24 14:34:47 +02:00
                                                                                                                                                                                                        Joe Sandbox product:CloudBasic
                                                                                                                                                                                                        Overall analysis duration:0h 6m 20s
                                                                                                                                                                                                        Hypervisor based Inspection enabled:false
                                                                                                                                                                                                        Report type:full
                                                                                                                                                                                                        Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                                                                                                                                                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                        Number of analysed new started processes analysed:27
                                                                                                                                                                                                        Number of new started drivers analysed:0
                                                                                                                                                                                                        Number of existing processes analysed:0
                                                                                                                                                                                                        Number of existing drivers analysed:0
                                                                                                                                                                                                        Number of injected processes analysed:1
                                                                                                                                                                                                        Technologies:
                                                                                                                                                                                                        • HCA enabled
                                                                                                                                                                                                        • EGA enabled
                                                                                                                                                                                                        • AMSI enabled
                                                                                                                                                                                                        Analysis Mode:default
                                                                                                                                                                                                        Analysis stop reason:Timeout
                                                                                                                                                                                                        Sample name:Archive.zip
                                                                                                                                                                                                        Detection:MAL
                                                                                                                                                                                                        Classification:mal48.mine.winZIP@17/117@0/0
                                                                                                                                                                                                        EGA Information:Failed
                                                                                                                                                                                                        HCA Information:
                                                                                                                                                                                                        • Successful, ratio: 100%
                                                                                                                                                                                                        • Number of executed functions: 0
                                                                                                                                                                                                        • Number of non-executed functions: 0
                                                                                                                                                                                                        Cookbook Comments:
                                                                                                                                                                                                        • Found application associated with file extension: .zip

                                                                                                                                                                                                        Warnings

                                                                                                                                                                                                        • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, consent.exe, SIHClient.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                                                                                                                                                                                                        • Excluded IPs from analysis (whitelisted): 13.107.42.16
                                                                                                                                                                                                        • Excluded domains from analysis (whitelisted): www.bing.com, fs.microsoft.com, ocsp.digicert.com, config.edge.skype.com.trafficmanager.net, slscr.update.microsoft.com, l-0007.config.skype.com, config-edge-skype.l-0007.l-msedge.net, evoke-windowsservices-tas.msedge.net, ctldl.windowsupdate.com, l-0007.l-msedge.net, config.edge.skype.com, fe3cr.delivery.mp.microsoft.com
                                                                                                                                                                                                        • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                        • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                        • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                        • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                        • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                        • VT rate limit hit for: Archive.zip

                                                                                                                                                                                                        Simulations

                                                                                                                                                                                                        Behavior and APIs

                                                                                                                                                                                                        No simulations

                                                                                                                                                                                                        Joe Sandbox View / Context

                                                                                                                                                                                                        IPs

                                                                                                                                                                                                        No context

                                                                                                                                                                                                        Domains

                                                                                                                                                                                                        No context

                                                                                                                                                                                                        ASNs

                                                                                                                                                                                                        No context

                                                                                                                                                                                                        JA3 Fingerprints

                                                                                                                                                                                                        No context

                                                                                                                                                                                                        Dropped Files

                                                                                                                                                                                                        No context

                                                                                                                                                                                                        Created / dropped Files

                                                                                                                                                                                                        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe
                                                                                                                                                                                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Read-Only, ctime=Thu Oct 24 15:33:44 2024, mtime=Thu Oct 24 11:36:06 2024, atime=Thu Oct 24 15:33:44 2024, length=3289752, window=hide
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):1635
                                                                                                                                                                                                        Entropy (8bit):4.85026419303491
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:24:8hH3zhzCR8JgKKEl34b4F4LAM1ujMkWCj6El3/4KwRS2qygm:8531GR83l34q48cujMIJl3/4LSzyg
                                                                                                                                                                                                        MD5:49863A21D893225884014C73CC01DF7F
                                                                                                                                                                                                        SHA1:ED0848A4E24A1DA74E14F3454BD89910B583E2D3
                                                                                                                                                                                                        SHA-256:47D94F0E44A060CD64F26F01B56B2B51482647D88B74AC21EF22DA67D0F14E78
                                                                                                                                                                                                        SHA-512:DBFA4508518F6B62A349CCAADF92FF4092F7A4E60E35383EB510EA11C052CB133FBF5580EECC0E5375AD774AD2FF159E2CFE2F15D1E5AF445E7D32DCFBB0EE56
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:L..................F...........}2&....~K.&.....}2&...22.......................:..DG..Yr?.D..U..k0.&...&......&..9......>.&...kK.&......t...CFSF..1.....FWtM..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......FWtMXYqd.....Y.....................?@.A.p.p.D.a.t.a...B.P.1.....XYwd..Local.<......FWtMXYxd.....Z........................L.o.c.a.l.....N.1.....XY.d..Temp..:......FWtMXY.d....=Z....)...................T.e.m.p.......1.....XY.d..TEMP1_~2.ZIP.........XY.dXY.d...........................9..T.e.m.p.1._.M.D.E._.F.i.l.e._.S.a.m.p.l.e._.c.e.8.d.e.5.9.e.2.2.7.7.e.9.0.0.3.f.3.a.9.c.9.6.2.6.0.c.e.0.9.9.c.a.7.c.d.a.6.c...z.i.p.....`.2..22.XY6...WinRAR.exe..F......XY6.XY.d..............................W.i.n.R.A.R...e.x.e.......................-...................>.J}.....C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe..*.P.r.o.c.e.s.s. .R.A.R.,. .Z.I.P. .a.n.d. .o.t.h.e.r. .a.r.c.h.i.v.e. .f.o.r.m.a.t.s.......\.....\.....\....

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\16a9868f-826f-4895-80a8-2589121f2327.tmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):2901
                                                                                                                                                                                                        Entropy (8bit):5.2931624827701045
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:48:YDEFMsFiHGS0af1WevaVYCw3p8QSh/cIgwLURMYXylVotoWm5K1D19HB+oUdrxf5:PNkGS1f1JvaVY558rh/cI9URoDotovwS
                                                                                                                                                                                                        MD5:AEDEC78B663A43ED3A3E272B3F2AE5C4
                                                                                                                                                                                                        SHA1:AA91D4577AC3B2F7F1D3F08D88E4057FEC57376D
                                                                                                                                                                                                        SHA-256:4667DDCB78A9DBE2E62D720E7D1E201F6DE6A9A49453032EE33D42E2CB92A4A4
                                                                                                                                                                                                        SHA-512:BDACD29F93EB76C5B5E87279E47D98C289FFAF4EB1C88DF5DDE18A198FD2C9A0BE723B2A019EADA36FE9E8AE0374F6E74972FC75078AD42D272993D8B6A25CD5
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"dual_engine":{"ie_to_edge":{"redirection_mode":0}},"edge":{"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"fre":{"oem_bookmarks_set":true},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABBqindxK43RoU848x9eeSCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAABHiIJnpapfvtixtlTlv1/FLQirg+GgXCLJFktH6jqtOwAAAAAOgAAAAAIAACAAAAA/UhpoPnSYMBySflstceF2EY4r3EpXOWiFd9NGC8aN5zAAAABHR4fc0GkZg8M621GioW23/+gEnS1Iwcpk5We/0s9qch5cfVtlr6GaWV1l9FaDuNtAAAAAiLD+IePNDJXSxExdwFtSQC5ucvs1X5RET2DERC89YhAVLcjKVydPyl5lo0/mrKejNaJK/OOI8S4tHOLTAw2rFQ=="},"policy":{"last_statistics_update":"13374246969428527"},"profile":{"info_cache":{"Default":{"avatar_icon":"chrome://t

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\594800bc-92d9-4a97-8367-4369cb3fae61.tmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):3411
                                                                                                                                                                                                        Entropy (8bit):5.256368554463997
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:96:PNkGS3f1JvaVY558rh/cIyURoDotojRBFBOeZ/3TwJX4u:PNBStxkVoDU4FBZjU
                                                                                                                                                                                                        MD5:11CB2774424B4F6778C43468B6EA8E24
                                                                                                                                                                                                        SHA1:6D29B626DE4193B0C877CC76030CDA365203C131
                                                                                                                                                                                                        SHA-256:0A386F1B61056B93A7FF339E4AD99DEA5B8300561FE83795281D8464F6C6079D
                                                                                                                                                                                                        SHA-512:B55D775B4795761FED367B2734B9D1388E287A832C67A203B5A19A87260C90B58A9A311602549687F1F926423520115A230349BB5AF03A03627F879E8A09E49C
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"dual_engine":{"ie_to_edge":{"redirection_mode":0}},"edge":{"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"fre":{"oem_bookmarks_set":true},"hardware_acceleration_mode_previous":true,"is_dsp_recommended":true,"legacy":{"profile":{"name":{"migrated":true}}},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABBqindxK43RoU848x9eeSCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAABHiIJnpapfvtixtlTlv1/FLQirg+GgXCLJFktH6jqtOwAAAAAOgAAAAAIAACAAAAA/UhpoPnSYMBySflstceF2EY4r3EpXOWiFd9NGC8aN5zAAAABHR4fc0GkZg8M621GioW23/+gEnS1Iwcpk5We/0s9qch5cfVtlr6GaWV1l9FaDuNtAAAAAiLD+IePNDJXSxExdwFtSQC5ucvs1X5RET2DERC89YhAVLcjKVydPyl5lo0/mrKejNaJK/OOI8S4tHOLTAw2rFQ=="},"policy":{"last_statistics_update":"13374246969428527"},"profile":{"info_cache":{"Default":

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\730d6d3f-43f4-41bf-8f0a-e2af144d8c0f.tmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):951
                                                                                                                                                                                                        Entropy (8bit):5.699106445215073
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:24:YKWJu5rrtXWRns9pnaVYCOHBkaeCqWOxLbvX8QQRCYfYg:Yqf1WevaVYC6BkZzx3vxB0
                                                                                                                                                                                                        MD5:7FD81900C3375139217F0713C6B4C875
                                                                                                                                                                                                        SHA1:4D2CE79A23EC3E85326039613AEFD31C08431B6F
                                                                                                                                                                                                        SHA-256:E6ECF22F6C6C356920FA4A17858A94793ED346E7A7D36B1A790DD2356DA2D08A
                                                                                                                                                                                                        SHA-512:8F8EE7CA1EA21B6506C1D17C634E0E04AE79E79C34E28405EA939C16B1C5F575072322F50F39ADB0077F4312F361DE4286A7AE07A3665AC931B75C1EDF9ECFEE
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABBqindxK43RoU848x9eeSCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAABHiIJnpapfvtixtlTlv1/FLQirg+GgXCLJFktH6jqtOwAAAAAOgAAAAAIAACAAAAA/UhpoPnSYMBySflstceF2EY4r3EpXOWiFd9NGC8aN5zAAAABHR4fc0GkZg8M621GioW23/+gEnS1Iwcpk5We/0s9qch5cfVtlr6GaWV1l9FaDuNtAAAAAiLD+IePNDJXSxExdwFtSQC5ucvs1X5RET2DERC89YhAVLcjKVydPyl5lo0/mrKejNaJK/OOI8S4tHOLTAw2rFQ=="},"uninstall_metrics":{"installation_date2":"1729773369"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":7111,"pseudo_low_entropy_source":6346,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13374246969267669","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\943810b9-6762-4dbd-ba79-508a8a92114c.tmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):2054
                                                                                                                                                                                                        Entropy (8bit):5.458549424049033
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:48:YDEFMsFiHC0af1WevaVYCwM5n1KHB+oUdrxfBkZzJfR3TxBG/d2a:PNkC1f1JvaVY5aGB2ReZ9Z3TxI4a
                                                                                                                                                                                                        MD5:832C84EF50D14C5D6A2BE6F35D576F14
                                                                                                                                                                                                        SHA1:2E8824C9E378064D9EC4BB4E4B65B60C2F5989D7
                                                                                                                                                                                                        SHA-256:F984B478C16753324A0C8DF71024A9A6C3F1D0EE81582720A137251DECA00B56
                                                                                                                                                                                                        SHA-512:4ED97FD9F5235FAF5EF2DE08DF471DD2D04A8B758F9214849EAF117C1FA5AA3FF897F0F54415203327C0CC55CF1FFE991AFEE7EB489FC946DE3E19CC39E74AEE
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"dual_engine":{"ie_to_edge":{"redirection_mode":0}},"edge":{"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABBqindxK43RoU848x9eeSCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAABHiIJnpapfvtixtlTlv1/FLQirg+GgXCLJFktH6jqtOwAAAAAOgAAAAAIAACAAAAA/UhpoPnSYMBySflstceF2EY4r3EpXOWiFd9NGC8aN5zAAAABHR4fc0GkZg8M621GioW23/+gEnS1Iwcpk5We/0s9qch5cfVtlr6GaWV1l9FaDuNtAAAAAiLD+IePNDJXSxExdwFtSQC5ucvs1X5RET2DERC89YhAVLcjKVydPyl5lo0/mrKejNaJK/OOI8S4tHOLTAw2rFQ=="},"policy":{"last_statistics_update":"13374246969428527"},"profile":{"info_cache":{},"profile_counts_reported":"13374246969452813","profiles_order":[]},

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\BrowserMetrics\BrowserMetrics-671A3F39-165C.pma

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):1310720
                                                                                                                                                                                                        Entropy (8bit):0.34271542453705417
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:768:CYpMKabbJh4A2tuK56Tb53QwenwIq32hagosT4BvRGO:CflbbJh4AtK4Tb53wq32hagoO41RG
                                                                                                                                                                                                        MD5:BBD245087FD9AAEA5DA1562F8D79C5B8
                                                                                                                                                                                                        SHA1:88C2A570767F2C7CDCFEAE15E167861313E293AB
                                                                                                                                                                                                        SHA-256:DB02BB8C38853B5D68B5E44A77C67C489CC777FBBD323CD5C1EDED38B9E1546B
                                                                                                                                                                                                        SHA-512:7FC4DE9012F39C10A7D4659DD3D868DEB28318DB50E5A92DAF09CB1EAE96BF9BCBB620A2C3C4E8726D0C7C0103CA07486461C887545A08A05DD0D75CCEBFB584
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:...@............C.].....@...............@)..................`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30....3.........117.0.2045.47-64".en-GB*...Windows NT..10.0.190452(..x86_64..?.......".rtogcq20,1...x86_64J....?.^o..P....7...............1.>..*......fW:00000000000000000000000000000000000000000000!00000000000000000000000000000000000000000000!WinRAR.exe..1900/01/01:00:00:00!WinRAR.exe".7.1.02...".*.:..............,..(.......EarlyProcessSingleton.......Default3.(..$.......msEdgeEDropUI.......triggered....8..4... ...msDelayLoadAuthenticationManager....triggered....<..8...#...msSleepingTabsShorterTimeoutDefault.....triggered....8..4... ...msEdgeMouseGestureDefaultEnabled....triggered....8..4.......msEdgeShowHomeButtonByDefault.......triggered....<..8...$...msConsumerIEModeToolbarButtonDefault

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Crashpad\settings.dat

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):280
                                                                                                                                                                                                        Entropy (8bit):1.891841114052025
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:FiWWltln/clNEjYb1gmlx/ll:o1ifCmlZl
                                                                                                                                                                                                        MD5:CEC3C199AA02C4C08E4C07EA491476A7
                                                                                                                                                                                                        SHA1:15517922F8757D62069FF9D1112E4DA055783D5F
                                                                                                                                                                                                        SHA-256:C8DA316619F213BEABEE8911697D75057538A5BDC2F29D8FE17F27ACE13FFBE6
                                                                                                                                                                                                        SHA-512:A16DBB48D3B65556567B9C773C47FE95738A2DED0A1185A0A267B67DA6392399915777B75947D173508F34DC0A39CEF3D6FC2CE2A86667099F6E09BA09C9CDE1
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:sdPC....................=E.[...K.>..ZU..................................................................................................................................................................................................{F3017226-FE2A-4295-8BDF-00C3A9A7E4C.}C:........

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Crashpad\throttle_store.dat

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):20
                                                                                                                                                                                                        Entropy (8bit):3.6219280948873624
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:8g6Vvn:8g6Vv
                                                                                                                                                                                                        MD5:9E4E94633B73F4A7680240A0FFD6CD2C
                                                                                                                                                                                                        SHA1:E68E02453CE22736169A56FDB59043D33668368F
                                                                                                                                                                                                        SHA-256:41C91A9C93D76295746A149DCE7EBB3B9EE2CB551D84365FFF108E59A61CC304
                                                                                                                                                                                                        SHA-512:193011A756B2368956C71A9A3AE8BC9537D99F52218F124B2E64545EEB5227861D372639052B74D0DD956CB33CA72A9107E069F1EF332B9645044849D14AF337
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:level=none expiry=0.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\44f47071-7796-4013-9f59-1a610f12db56.tmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):6780
                                                                                                                                                                                                        Entropy (8bit):5.580521325752955
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:96:vGiSPlf/ROoBpkF5d10iV7VaTEv9V5h5pg5vezodIU8KoSpsA5IOrMn3YPo0MG6s:r+rYD9l5TSpFIOAn3go0iugs
                                                                                                                                                                                                        MD5:5864333F6A1D1E3635FF7F08C3CB5B9A
                                                                                                                                                                                                        SHA1:9194A4443D00F8CCDFF20278D7F2447715CDF3A4
                                                                                                                                                                                                        SHA-256:32341B8EE1A79214CD58C2AC40235D577134FF4E912656CC99CFE7BA81D3EC95
                                                                                                                                                                                                        SHA-512:26828E71983825E31B81F71A807E28EFD5B90BB1E24648125D8B34A3701719D8C39A2BA4A8A126FA9D286F70CB94C00B43A93EB30B4B7A3BE03E78F94A9D56F9
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"extensions":{"settings":{"dgiklkfkllikcanfonkcabmbdfmgleag":{"active_permissions":{"api":[],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13374246969610158","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13374246969610158","location":5,"manifest":{"content_capabilities":{"include_globs":["https://*excel.officeapps.live.com/*","https://*onenote.officeapps.live.com/*","https://*powerpoint.officeapps.live.com/*","https://*word-edit.officeapps.live.com/*","https://*excel.officeapps.live.com.mcas.ms/*","https://*onenote.officeapps.live.com.mcas.ms/*","https://*word-edit.officeapps.live.com.mcas.ms/*","https://*excel.partner.officewebapps.cn/*","https://*onenote.partner.officewebapps.cn/*","https://*powerpoint.partner.officewebapps.cn/*","https://*word-edit.partner.officewebapps.cn/*","https://*excel.gov.online.office365.us/*","

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\4ff646df-e31c-483b-b309-c8868829ba10.tmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):5604
                                                                                                                                                                                                        Entropy (8bit):4.758172030381299
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:96:stI/v6Rs13ZCa8zJdY5eh6Cb7/x+6MhmuecmAedPIMR7K:stsvosXCakzY8bV+FiA0dhK
                                                                                                                                                                                                        MD5:0CFBDC0461097690F427FD161FD8D181
                                                                                                                                                                                                        SHA1:483CE90D11145144DDE52CF78927E14B6095D2E8
                                                                                                                                                                                                        SHA-256:BDB9C7D25E1CE45757226C1C9D2875A688386BAA1E535C110EF4B4121026CE3F
                                                                                                                                                                                                        SHA-512:E1FB62328A819C340F6257035E1A86CFE9201198AD8C9D52279B0E70CE5F477F0FF7A444CD8059A86389B3A66AF06E18B8D83639C5D664938570B6641AA697B6
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374246969743500","alternate_error_pages":{"backup":true,"enabled":false},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":984,"browser_content_container_width":1066,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13374246970039053","domain_diversity":{"last_reporting_timestamp":"13374246969759476"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sit

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\AssistanceHome\AssistanceHomeSQLite

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):12288
                                                                                                                                                                                                        Entropy (8bit):0.3202460253800455
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:6:l9bNFlEuWk8TRH9MRumWEyE4gLueXdNOmWxFxCxmWxYgCxmW5y/mWz4ynLAtD/W4:TLiuWkMORuHEyESeXdwDQ3SOAtD/ie
                                                                                                                                                                                                        MD5:40B18EC43DB334E7B3F6295C7626F28D
                                                                                                                                                                                                        SHA1:0E46584B0E0A9703C6B2EC1D246F41E63AF2296F
                                                                                                                                                                                                        SHA-256:85E961767239E90A361FB6AA0A3FD9DAA57CAAF9E30599BB70124F1954B751C8
                                                                                                                                                                                                        SHA-512:8BDACDC4A9559E4273AD01407D5D411035EECD927385A51172F401558444AD29B5AD2DC5562D1101244665EBE86BBDDE072E75ECA050B051482005EB6A52CDBD
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Code Cache\js\index

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):24
                                                                                                                                                                                                        Entropy (8bit):2.1431558784658327
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:m+l:m
                                                                                                                                                                                                        MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                                                        SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                                                        SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                                                        SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:0\r..m..................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Code Cache\js\index-dir\temp-index

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):48
                                                                                                                                                                                                        Entropy (8bit):2.9972243200613975
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:fZuKcFjE4vbn:IKib
                                                                                                                                                                                                        MD5:5C1AA3AE1903E46200A1151810538559
                                                                                                                                                                                                        SHA1:27B41F61C78D26E274CB8BC4AA43EB12B3B89289
                                                                                                                                                                                                        SHA-256:52B7B75D696A866074386F8BFEADE1160BA9866832B438D7C340A47C998BADE8
                                                                                                                                                                                                        SHA-512:F07E95480D9CF0AB2459FACBE62B117A35B711982A78F7E3BD996E07C78D71E435C9DC597A169948374B9157C0912C102F5E196AD3C6D377C84E041205E93FFA
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:(....v..oy retne........................$J../.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):48
                                                                                                                                                                                                        Entropy (8bit):2.9972243200613975
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:fZuKcFjE4vbn:IKib
                                                                                                                                                                                                        MD5:5C1AA3AE1903E46200A1151810538559
                                                                                                                                                                                                        SHA1:27B41F61C78D26E274CB8BC4AA43EB12B3B89289
                                                                                                                                                                                                        SHA-256:52B7B75D696A866074386F8BFEADE1160BA9866832B438D7C340A47C998BADE8
                                                                                                                                                                                                        SHA-512:F07E95480D9CF0AB2459FACBE62B117A35B711982A78F7E3BD996E07C78D71E435C9DC597A169948374B9157C0912C102F5E196AD3C6D377C84E041205E93FFA
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:(....v..oy retne........................$J../.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Code Cache\wasm\index

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):24
                                                                                                                                                                                                        Entropy (8bit):2.1431558784658327
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:m+l:m
                                                                                                                                                                                                        MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                                                        SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                                                        SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                                                        SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:0\r..m..................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Code Cache\wasm\index-dir\temp-index

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):48
                                                                                                                                                                                                        Entropy (8bit):2.9972243200613975
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:wq9ENYH:w7Na
                                                                                                                                                                                                        MD5:24AB377DAF1AE64D57D5EA54C44D60FE
                                                                                                                                                                                                        SHA1:C312663559430F20A4A8F16FDDD7907010992F1C
                                                                                                                                                                                                        SHA-256:9870B695E05C30281BE51D4BA8C28BFE9A1936DDDFB5EB2417C057E246F375AC
                                                                                                                                                                                                        SHA-512:23BB4D1007D49C1CCD8E7298E2223633C2F45082512EE6FD3864D39BE79E622054B716F93A248C59733F28A905E8CE199F505F5EF6489926F344EB94730CF27B
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:(...."..oy retne.........................#../.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Code Cache\wasm\index-dir\the-real-index (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):48
                                                                                                                                                                                                        Entropy (8bit):2.9972243200613975
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:wq9ENYH:w7Na
                                                                                                                                                                                                        MD5:24AB377DAF1AE64D57D5EA54C44D60FE
                                                                                                                                                                                                        SHA1:C312663559430F20A4A8F16FDDD7907010992F1C
                                                                                                                                                                                                        SHA-256:9870B695E05C30281BE51D4BA8C28BFE9A1936DDDFB5EB2417C057E246F375AC
                                                                                                                                                                                                        SHA-512:23BB4D1007D49C1CCD8E7298E2223633C2F45082512EE6FD3864D39BE79E622054B716F93A248C59733F28A905E8CE199F505F5EF6489926F344EB94730CF27B
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:(...."..oy retne.........................#../.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\DIPS

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):28672
                                                                                                                                                                                                        Entropy (8bit):0.4351464020915919
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:24:TLi5YFQq3qh7z3WMYziciNW9WkZ96UwjfBI:TouQq3qh7z3bY2LNW9WMcU4B
                                                                                                                                                                                                        MD5:7DB15A0E3CFE9C43522CF49ECE450F2E
                                                                                                                                                                                                        SHA1:A195D4F4A064FD651AED3BB2027A157C0C413059
                                                                                                                                                                                                        SHA-256:D0CAEB5CBE48AC7F3C7965CA578C6ED9AC827558FCB3B91409B767C23E2DED57
                                                                                                                                                                                                        SHA-512:E062BB6D297DEEBD6C4D8D2839922C4EA0209D1DD8E933DEC4A9E4D14A326AF33B2E0C5833D47188EA02976A9C23D9B7849F8D05077E63D52AB385E015011731
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\DawnCache\data_0

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):8192
                                                                                                                                                                                                        Entropy (8bit):0.01057775872642915
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsFl:/F
                                                                                                                                                                                                        MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                                        SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                                        SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                                        SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\DawnCache\data_1

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):270336
                                                                                                                                                                                                        Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                        MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                        SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                        SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                        SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\DawnCache\data_2

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):8192
                                                                                                                                                                                                        Entropy (8bit):0.011852361981932763
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                                        MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                                        SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                                        SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                                        SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\DawnCache\data_3

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):8192
                                                                                                                                                                                                        Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                        MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                        SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                        SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                        SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\DawnCache\index

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):262512
                                                                                                                                                                                                        Entropy (8bit):9.553120663130604E-4
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:LsNlWpIf:Ls3Wqf
                                                                                                                                                                                                        MD5:9AF410A07888C27C9F9370246523D712
                                                                                                                                                                                                        SHA1:2E6F71E44E95B2521BAC712FC9324F7BDA21691C
                                                                                                                                                                                                        SHA-256:936F2B9397167C574F5FBACAEABEB6097159509F0C84374FC2DD5D05F2B7F57B
                                                                                                                                                                                                        SHA-512:B6708713DE38C4D8D878F1308F3E52E99A626D4E30611A3C363372FB8B27595089BA16363664D0D9C6306141D48342D6EFCBA8E6060FCFAE5BA3E5F91DB0D412
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:............................................/.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension Rules\000001.dbtmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension Rules\000003.log

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):38
                                                                                                                                                                                                        Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:FQxlXNQxlX:qTCT
                                                                                                                                                                                                        MD5:51A2CBB807F5085530DEC18E45CB8569
                                                                                                                                                                                                        SHA1:7AD88CD3DE5844C7FC269C4500228A630016AB5B
                                                                                                                                                                                                        SHA-256:1C43A1BDA1E458863C46DFAE7FB43BFB3E27802169F37320399B1DD799A819AC
                                                                                                                                                                                                        SHA-512:B643A8FA75EDA90C89AB98F79D4D022BB81F1F62F50ED4E5440F487F22D1163671EC3AE73C4742C11830214173FF2935C785018318F4A4CAD413AE4EEEF985DF
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:.f.5................f.5...............

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension Rules\CURRENT (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension Rules\LOG

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):303
                                                                                                                                                                                                        Entropy (8bit):5.254571637872097
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:6:+oUZcGh1sHO23fcV5paVdg2KLlooUZcEVq2PsHO23fcV5paPrqIFUv:logHVEV5HL9+VvkHVEV5o3FUv
                                                                                                                                                                                                        MD5:51302359A8064635DAEA315CCC2C6485
                                                                                                                                                                                                        SHA1:D44CB4554A80F93F21A993C172BDC7E820CCE3EF
                                                                                                                                                                                                        SHA-256:0CBF0E0A4A5AEC7D047328D377CCDADEF4597B8C93E481E1C3879A0DE2885E8D
                                                                                                                                                                                                        SHA-512:44F3FEC8C3356F3EB5CC37516A04E43F2CAC54F821C86FEF699D678BF18A5CEBC7A6709F34C32657A9826B4A7FE6034B765E0436C753A7D27410A3FA9B26140B
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:2024/10/24-08:36:09.660 1680 Creating DB C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension Rules since it was missing..2024/10/24-08:36:09.760 1680 Reusing MANIFEST C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension Rules/MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension Rules\MANIFEST-000001

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:OpenPGP Secret Key
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):41
                                                                                                                                                                                                        Entropy (8bit):4.704993772857998
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                        MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                        SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                        SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                        SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension Scripts\000001.dbtmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension Scripts\000003.log

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):38
                                                                                                                                                                                                        Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:FQxlXNQxlX:qTCT
                                                                                                                                                                                                        MD5:51A2CBB807F5085530DEC18E45CB8569
                                                                                                                                                                                                        SHA1:7AD88CD3DE5844C7FC269C4500228A630016AB5B
                                                                                                                                                                                                        SHA-256:1C43A1BDA1E458863C46DFAE7FB43BFB3E27802169F37320399B1DD799A819AC
                                                                                                                                                                                                        SHA-512:B643A8FA75EDA90C89AB98F79D4D022BB81F1F62F50ED4E5440F487F22D1163671EC3AE73C4742C11830214173FF2935C785018318F4A4CAD413AE4EEEF985DF
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:.f.5................f.5...............

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension Scripts\CURRENT (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension Scripts\LOG

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):307
                                                                                                                                                                                                        Entropy (8bit):5.249798287403003
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:6:+oUZcm1sHO23fcV5p6FB2KLlooUZcLCSVq2PsHO23fcV5p65IFUv:lDHVEV5QFFL9wSVvkHVEV5QWFUv
                                                                                                                                                                                                        MD5:710017F13607FBA7A12E59D15410AFDF
                                                                                                                                                                                                        SHA1:0E64C3EF1090459BDC27D1C9B9F1D7166F113BFF
                                                                                                                                                                                                        SHA-256:B1A345A19E8F9A983EDF2BF9363F92092EEEC8FEA9DDBC3824365F1B5FD6348D
                                                                                                                                                                                                        SHA-512:3D1F3A394240C8A6FB5F4C21BA8D52915406AD285F760911B7832AE074E14773C9553D9A10C1FC3BD7DECBEA08B9A0D711C68741E52CFAC100D4A3C685E27434
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:2024/10/24-08:36:09.804 1680 Creating DB C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension Scripts since it was missing..2024/10/24-08:36:09.822 1680 Reusing MANIFEST C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension Scripts/MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension Scripts\MANIFEST-000001

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:OpenPGP Secret Key
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):41
                                                                                                                                                                                                        Entropy (8bit):4.704993772857998
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                        MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                        SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                        SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                        SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension State\000001.dbtmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension State\000003.log

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):114
                                                                                                                                                                                                        Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:FQxlXNQxlXNQxlXNQxlXNQxlXNQxlX:qTCTCTCTCTCT
                                                                                                                                                                                                        MD5:891A884B9FA2BFF4519F5F56D2A25D62
                                                                                                                                                                                                        SHA1:B54A3C12EE78510CB269FB1D863047DD8F571DEA
                                                                                                                                                                                                        SHA-256:E2610960C3757D1757F206C7B84378EFA22D86DCF161A98096A5F0E56E1A367E
                                                                                                                                                                                                        SHA-512:CD50C3EE4DFB9C4EC051B20DD1E148A5015457EE0C1A29FFF482E62291B32097B07A069DB62951B32F209FD118FD77A46B8E8CC92DA3EAAE6110735D126A90EE
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:.f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension State\CURRENT (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension State\LOG

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):303
                                                                                                                                                                                                        Entropy (8bit):5.2614069774803935
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:6:+oUZces1sHO23fcV5pYg2KLlooUZcRdYVq2PsHO23fcV5pNIFUv:l+HVEV5NL9fdYVvkHVEV5wFUv
                                                                                                                                                                                                        MD5:3F855F75DCAB20D65FD586B40F92B676
                                                                                                                                                                                                        SHA1:9BFFC55A4A7E07DBDB920A44A64FD86AACF2CC49
                                                                                                                                                                                                        SHA-256:73DE077C769747722DD0E820B4A947B86FB01060D1C7C065C9FF44B67F6FF802
                                                                                                                                                                                                        SHA-512:C96DC4B30CAACC5BEA558C567B46163BB046DB8A897117332B40490D06C9B47B87098A800FA0BBF412A94A2FBA2B4DF00059FE580FF984E7A00FC38892A9A2C9
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:2024/10/24-08:36:09.843 1680 Creating DB C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension State since it was missing..2024/10/24-08:36:09.856 1680 Reusing MANIFEST C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension State/MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Extension State\MANIFEST-000001

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:OpenPGP Secret Key
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):41
                                                                                                                                                                                                        Entropy (8bit):4.704993772857998
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                        MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                        SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                        SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                        SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\ExtensionActivityComp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 1, cookie 0x1, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):4096
                                                                                                                                                                                                        Entropy (8bit):0.3169096321222068
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:lSWbNFl/sl+ltl4ltllOl83/XWEEabIDWzdWuAzTgdWj3FtFIU:l9bNFlEs1ok8fDEPDadUTgd81Z
                                                                                                                                                                                                        MD5:2554AD7847B0D04963FDAE908DB81074
                                                                                                                                                                                                        SHA1:F84ABD8D05D7B0DFB693485614ECF5204989B74A
                                                                                                                                                                                                        SHA-256:F6EF01E679B9096A7D8A0BD8151422543B51E65142119A9F3271F25F966E6C42
                                                                                                                                                                                                        SHA-512:13009172518387D77A67BBF86719527077BE9534D90CB06E7F34E1CCE7C40B49A185D892EE859A8BAFB69D5EBB6D667831A0FAFBA28AC1F44570C8B68F8C90A4
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\ExtensionActivityEdge

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 8, cookie 0x8, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):32768
                                                                                                                                                                                                        Entropy (8bit):0.40981274649195937
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:24:TL1WK3iOvwxwwweePKmJIOAdQBVA/kjo/TJZwJ9OV3WOT/5eQQ:Tmm+/9ZW943WOT/
                                                                                                                                                                                                        MD5:1A7F642FD4F71A656BE75B26B2D9ED79
                                                                                                                                                                                                        SHA1:51BBF587FB0CCC2D726DDB95C96757CC2854CFAD
                                                                                                                                                                                                        SHA-256:B96B6DDC10C29496069E16089DB0AB6911D7C13B82791868D583897C6D317977
                                                                                                                                                                                                        SHA-512:FD14EADCF5F7AB271BE6D8EF682977D1A0B5199A142E4AB353614F2F96AE9B49A6F35A19CC237489F297141994A4A16B580F88FAC44486FCB22C05B2F1C3F7D1
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j............M.....8...b..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Favicons

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 10, cookie 0x8, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):20480
                                                                                                                                                                                                        Entropy (8bit):0.6975083372685086
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:24:LLiZxh0GY/l1rWR1PmCx9fZjsBX+T6UwcE85fBmI:EBmw6fU1zBmI
                                                                                                                                                                                                        MD5:F5BBD8449A9C3AB28AC2DE45E9059B01
                                                                                                                                                                                                        SHA1:C569D730853C33234AF2402E69C19E0C057EC165
                                                                                                                                                                                                        SHA-256:825FF36C4431084C76F3D22CE0C75FA321EA680D1F8548706B43E60FCF5B566E
                                                                                                                                                                                                        SHA-512:96ACDED5A51236630A64FAE91B8FA9FAB43E22E0C1BCB80C2DD8D4829E03FBFA75AA6438053599A42EC4BBCF805BF0B1E6DFF9069B2BA182AD0BB30F2542FD3F
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j..........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\GPUCache\data_0

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):8192
                                                                                                                                                                                                        Entropy (8bit):0.01057775872642915
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsFl:/F
                                                                                                                                                                                                        MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                                        SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                                        SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                                        SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\GPUCache\data_1

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):270336
                                                                                                                                                                                                        Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                        MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                        SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                        SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                        SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\GPUCache\data_2

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):8192
                                                                                                                                                                                                        Entropy (8bit):0.011852361981932763
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                                        MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                                        SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                                        SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                                        SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\GPUCache\data_3

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):8192
                                                                                                                                                                                                        Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                        MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                        SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                        SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                        SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\GPUCache\index

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):262512
                                                                                                                                                                                                        Entropy (8bit):9.553120663130604E-4
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:LsNlvFl:Ls3H
                                                                                                                                                                                                        MD5:D2CC322EB8ACD313E0E28703C3674E2D
                                                                                                                                                                                                        SHA1:6BA7184DF3D46E9E28B91CD15A441655901BF11F
                                                                                                                                                                                                        SHA-256:CF26E39E26C29359C24046920120139BF1C2CD95A15699C3CD56E5120ACB3E07
                                                                                                                                                                                                        SHA-512:39B2A0188E71E4A9CC228D229C21CE3E0600CD7FDE4BF3F07828436FE6B5D07AFE9E3537A62708F4FCC345C36FF0D9B342E015373A04164239FFA7AAA5E51113
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................[.../.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\History

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):155648
                                                                                                                                                                                                        Entropy (8bit):0.5407252242845243
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb
                                                                                                                                                                                                        MD5:7B955D976803304F2C0505431A0CF1CF
                                                                                                                                                                                                        SHA1:E29070081B18DA0EF9D98D4389091962E3D37216
                                                                                                                                                                                                        SHA-256:987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC
                                                                                                                                                                                                        SHA-512:CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Local Storage\leveldb\000001.dbtmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Local Storage\leveldb\CURRENT (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Local Storage\leveldb\LOG

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):313
                                                                                                                                                                                                        Entropy (8bit):5.284463771471452
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:6:+oUXos1sHO23fcV51a2jM8B2KLlooUTd3+q2PsHO23fcV51a2jMGIFUv:lyCHVEV51jFL92ovkHVEV51EFUv
                                                                                                                                                                                                        MD5:942AF5BF0FE23B008D814CBBA23888DD
                                                                                                                                                                                                        SHA1:D521ED78FF87604D5A62DFFACEC7B4B44550FAA7
                                                                                                                                                                                                        SHA-256:4AB3BFB5EEFDFB9CF540E18197B0C438B0DC2EAB699B27D959D4B018C6590FEC
                                                                                                                                                                                                        SHA-512:8668EC467457515CBC7341A68B18DB033E8912E8E5BCB6EE50BE9F97FAA5054ACB20746FEB47444B593052B07062F19BFA4788FADEC49CD96403E954AE151552
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:2024/10/24-08:36:10.018 668 Creating DB C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Local Storage\leveldb since it was missing..2024/10/24-08:36:10.050 668 Reusing MANIFEST C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Local Storage\leveldb/MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Local Storage\leveldb\MANIFEST-000001

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:OpenPGP Secret Key
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):41
                                                                                                                                                                                                        Entropy (8bit):4.704993772857998
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                        MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                        SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                        SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                        SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Login Data

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 21, cookie 0xc, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):43008
                                                                                                                                                                                                        Entropy (8bit):0.9009435143901008
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:96:C2BeymwLCn8MouB6wzFlXqiEqUvJKLuyn:C2TLG7IwRFqidn
                                                                                                                                                                                                        MD5:FB3D677576C25FF04A308A1F627410B7
                                                                                                                                                                                                        SHA1:97D530911F9CB0C37717ABB145D748982ADA0440
                                                                                                                                                                                                        SHA-256:A79300470D18AF26E3C5B4F23F81915B92D490105CE84A8122BF8100EC0C7517
                                                                                                                                                                                                        SHA-512:ED6666B064958B107E55BD76E52D2E5BF7A4791379902D208EF909A6B68803240D372CE03641249EB917C241B36A5684656A48D099A8A084AD34BA009857B098
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Network Action Predictor

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 11, cookie 0x6, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):45056
                                                                                                                                                                                                        Entropy (8bit):0.40293591932113104
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:24:TLVgTjDk5Yk8k+/kCkzD3zzbLGfIzLihje90xq/WMFFfeFzfXVVlYWOT/CUFSe:Tmo9n+8dv/qALihje9kqL42WOT/9F
                                                                                                                                                                                                        MD5:ADC0CFB8A1A20DE2C4AB738B413CBEA4
                                                                                                                                                                                                        SHA1:238EF489E5FDC6EBB36F09D415FB353350E7097B
                                                                                                                                                                                                        SHA-256:7C071E36A64FB1881258712C9880F155D9CBAC693BADCC391A1CB110C257CC37
                                                                                                                                                                                                        SHA-512:38C8B7293B8F7BEF03299BAFB981EEEE309945B1BDE26ACDAD6FDD63247C21CA04D493A1DDAFC3B9A1904EFED998E9C7C0C8E98506FD4AC0AB252DFF34566B66
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j.......=......\.t.+.>...,...=........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Network\26be1f42-241f-4220-b1b7-e8b33f24209a.tmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):111
                                                                                                                                                                                                        Entropy (8bit):4.718418993774295
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKtiVY:YHpoeS7PMVKJTnMRK3VY
                                                                                                                                                                                                        MD5:285252A2F6327D41EAB203DC2F402C67
                                                                                                                                                                                                        SHA1:ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6
                                                                                                                                                                                                        SHA-256:5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
                                                                                                                                                                                                        SHA-512:11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Network\3426cef9-734a-4d87-9bd5-ec9f913cda28.tmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):40
                                                                                                                                                                                                        Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                        MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                        SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                        SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                        SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Network\70ccab7c-5a76-4a05-b764-096ababd279f.tmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Network\Cookies

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):20480
                                                                                                                                                                                                        Entropy (8bit):0.6732424250451717
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:24:TLO1nKbXYFpFNYcoqT1kwE6UwpQ9YHVXxZ6HfB:Tq1KLopF+SawLUO1Xj8B
                                                                                                                                                                                                        MD5:CFFF4E2B77FC5A18AB6323AF9BF95339
                                                                                                                                                                                                        SHA1:3AA2C2115A8EB4516049600E8832E9BFFE0C2412
                                                                                                                                                                                                        SHA-256:EC8B67EF7331A87086A6CC085B085A6B7FFFD325E1B3C90BD3B9B1B119F696AE
                                                                                                                                                                                                        SHA-512:0BFDC8D28D09558AA97F4235728AD656FE9F6F2C61DDA2D09B416F89AB60038537B7513B070B907E57032A68B9717F03575DB6778B68386254C8157559A3F1BC
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Network\Network Persistent State (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):111
                                                                                                                                                                                                        Entropy (8bit):4.718418993774295
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKtiVY:YHpoeS7PMVKJTnMRK3VY
                                                                                                                                                                                                        MD5:285252A2F6327D41EAB203DC2F402C67
                                                                                                                                                                                                        SHA1:ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6
                                                                                                                                                                                                        SHA-256:5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
                                                                                                                                                                                                        SHA-512:11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Network\SCT Auditing Pending Reports~RF45b1fa.TMP (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):40
                                                                                                                                                                                                        Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                        MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                        SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                        SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                        SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Network\Trust Tokens

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):36864
                                                                                                                                                                                                        Entropy (8bit):0.36515621748816035
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:24:TLH3lIIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:Tb31DtX5nDOvyKDhU1cSB
                                                                                                                                                                                                        MD5:25363ADC3C9D98BAD1A33D0792405CBF
                                                                                                                                                                                                        SHA1:D06E343087D86EF1A06F7479D81B26C90A60B5C3
                                                                                                                                                                                                        SHA-256:6E019B8B9E389216D5BDF1F2FE63F41EF98E71DA101F2A6BE04F41CC5954532D
                                                                                                                                                                                                        SHA-512:CF7EEE35D0E00945AF221BEC531E8BF06C08880DA00BD103FA561BC069D7C6F955CBA3C1C152A4884601E5A670B7487D39B4AE9A4D554ED8C14F129A74E555F7
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j.......X..g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Network\a700842a-8bf5-4da5-bf7c-548d985953fc.tmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Preferences (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):5604
                                                                                                                                                                                                        Entropy (8bit):4.758172030381299
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:96:stI/v6Rs13ZCa8zJdY5eh6Cb7/x+6MhmuecmAedPIMR7K:stsvosXCakzY8bV+FiA0dhK
                                                                                                                                                                                                        MD5:0CFBDC0461097690F427FD161FD8D181
                                                                                                                                                                                                        SHA1:483CE90D11145144DDE52CF78927E14B6095D2E8
                                                                                                                                                                                                        SHA-256:BDB9C7D25E1CE45757226C1C9D2875A688386BAA1E535C110EF4B4121026CE3F
                                                                                                                                                                                                        SHA-512:E1FB62328A819C340F6257035E1A86CFE9201198AD8C9D52279B0E70CE5F477F0FF7A444CD8059A86389B3A66AF06E18B8D83639C5D664938570B6641AA697B6
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13374246969743500","alternate_error_pages":{"backup":true,"enabled":false},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":984,"browser_content_container_width":1066,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13374246970039053","domain_diversity":{"last_reporting_timestamp":"13374246969759476"},"dual_engine":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":{},"shared_cookie_data":{},"sitelist_data_2":{},"sit

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\PreferredApps

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):33
                                                                                                                                                                                                        Entropy (8bit):4.051821770808046
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:YVXADAEvTLSJ:Y9AcEvHSJ
                                                                                                                                                                                                        MD5:2B432FEF211C69C745ACA86DE4F8E4AB
                                                                                                                                                                                                        SHA1:4B92DA8D4C0188CF2409500ADCD2200444A82FCC
                                                                                                                                                                                                        SHA-256:42B55D126D1E640B1ED7A6BDCB9A46C81DF461FA7E131F4F8C7108C2C61C14DE
                                                                                                                                                                                                        SHA-512:948502DE4DC89A7E9D2E1660451FCD0F44FD3816072924A44F145D821D0363233CC92A377DBA3A0A9F849E3C17B1893070025C369C8120083A622D025FE1EACF
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"preferred_apps":[],"version":1}

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\README

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):182
                                                                                                                                                                                                        Entropy (8bit):4.2629097520179995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:RGXKRjg0QwVIWRKXECSAV6jDyhjgHGAW+LB2Z4MKLFE1SwhiFAfXQmWyKBPMwRgK:z3frsUpAQQgHGwB26MK8Sw06fXQmWtRT
                                                                                                                                                                                                        MD5:643E00B0186AA80523F8A6BED550A925
                                                                                                                                                                                                        SHA1:EC4056125D6F1A8890FFE01BFFC973C2F6ABD115
                                                                                                                                                                                                        SHA-256:A0C9ABAE18599F0A65FC654AD36251F6330794BEA66B718A09D8B297F3E38E87
                                                                                                                                                                                                        SHA-512:D91A934EAF7D9D669B8AD4452234DE6B23D15237CB4D251F2C78C8339CEE7B4F9BA6B8597E35FE8C81B3D6F64AE707C68FF492903C0EDC3E4BAF2C6B747E247D
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:Microsoft Edge settings and storage represent user-selected preferences and information and MUST not be extracted, overwritten or modified except through Microsoft Edge defined APIs.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Secure Preferences (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):6780
                                                                                                                                                                                                        Entropy (8bit):5.580521325752955
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:96:vGiSPlf/ROoBpkF5d10iV7VaTEv9V5h5pg5vezodIU8KoSpsA5IOrMn3YPo0MG6s:r+rYD9l5TSpFIOAn3go0iugs
                                                                                                                                                                                                        MD5:5864333F6A1D1E3635FF7F08C3CB5B9A
                                                                                                                                                                                                        SHA1:9194A4443D00F8CCDFF20278D7F2447715CDF3A4
                                                                                                                                                                                                        SHA-256:32341B8EE1A79214CD58C2AC40235D577134FF4E912656CC99CFE7BA81D3EC95
                                                                                                                                                                                                        SHA-512:26828E71983825E31B81F71A807E28EFD5B90BB1E24648125D8B34A3701719D8C39A2BA4A8A126FA9D286F70CB94C00B43A93EB30B4B7A3BE03E78F94A9D56F9
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"extensions":{"settings":{"dgiklkfkllikcanfonkcabmbdfmgleag":{"active_permissions":{"api":[],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13374246969610158","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13374246969610158","location":5,"manifest":{"content_capabilities":{"include_globs":["https://*excel.officeapps.live.com/*","https://*onenote.officeapps.live.com/*","https://*powerpoint.officeapps.live.com/*","https://*word-edit.officeapps.live.com/*","https://*excel.officeapps.live.com.mcas.ms/*","https://*onenote.officeapps.live.com.mcas.ms/*","https://*word-edit.officeapps.live.com.mcas.ms/*","https://*excel.partner.officewebapps.cn/*","https://*onenote.partner.officewebapps.cn/*","https://*powerpoint.partner.officewebapps.cn/*","https://*word-edit.partner.officewebapps.cn/*","https://*excel.gov.online.office365.us/*","

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Session Storage\000001.dbtmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Session Storage\000003.log

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:modified
                                                                                                                                                                                                        Size (bytes):61
                                                                                                                                                                                                        Entropy (8bit):3.7273991737283296
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:S8ltHlS+QUl1ASEGhTFl:S85aEFl
                                                                                                                                                                                                        MD5:9F7EADC15E13D0608B4E4D590499AE2E
                                                                                                                                                                                                        SHA1:AFB27F5C20B117031328E12DD3111A7681FF8DB5
                                                                                                                                                                                                        SHA-256:5C3A5B578AB9FE853EAD7040BC161929EA4F6902073BA2B8BB84487622B98923
                                                                                                                                                                                                        SHA-512:88455784C705F565C70FA0A549C54E2492976E14643E9DD0A8E58C560D003914313DF483F096BD33EC718AEEC7667B8DE063A73627AA3436BA6E7E562E565B3F
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:*...#................version.1..namespace-..&f...............

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Session Storage\CURRENT (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Session Storage\LOG

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):301
                                                                                                                                                                                                        Entropy (8bit):5.231718617323498
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:6:+oUjs1sHO23fcV5WQM72KLlooUEf+q2PsHO23fcV5WQMxIFUv:lgHVEV5IL9CvkHVEV5HFUv
                                                                                                                                                                                                        MD5:085ED998D00AEFB2054B4444A2DE4161
                                                                                                                                                                                                        SHA1:C5506B39F9A9D61B25A4EF9B2FF830FBD892EBBD
                                                                                                                                                                                                        SHA-256:59D86A327FA3236C09DB60043ACF55F39CA740761C57E4873FFFA621977CE045
                                                                                                                                                                                                        SHA-512:1929DE373C061EF782D3DA4147AA5BEEEA63FD5B5EED4D9EECAB36E8D0D5795DAEF53F84665DD73715DE950529DDE4B894FDE54175FB57AB645127B37A175611
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:2024/10/24-08:36:10.150 668 Creating DB C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Session Storage since it was missing..2024/10/24-08:36:10.222 668 Reusing MANIFEST C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Session Storage/MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Session Storage\MANIFEST-000001

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:OpenPGP Secret Key
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):41
                                                                                                                                                                                                        Entropy (8bit):4.704993772857998
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                        MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                        SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                        SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                        SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Site Characteristics Database\000001.dbtmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Site Characteristics Database\000003.log

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):40
                                                                                                                                                                                                        Entropy (8bit):3.473726825238924
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:41tt0diERGn:et084G
                                                                                                                                                                                                        MD5:148079685E25097536785F4536AF014B
                                                                                                                                                                                                        SHA1:C5FF5B1B69487A9DD4D244D11BBAFA91708C1A41
                                                                                                                                                                                                        SHA-256:F096BC366A931FBA656BDCD77B24AF15A5F29FC53281A727C79F82C608ECFAB8
                                                                                                                                                                                                        SHA-512:C2556034EA51ABFBC172EB62FF11F5AC45C317F84F39D4B9E3DDBD0190DA6EF7FA03FE63631B97AB806430442974A07F8E81B5F7DC52D9F2FCDC669ADCA8D91F
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:.On.!................database_metadata.1

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Site Characteristics Database\CURRENT (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Site Characteristics Database\LOG

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):331
                                                                                                                                                                                                        Entropy (8bit):5.229585354801988
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:6:+oUZcUEB1sHO23fcV5UUh2gr52KLlooUZcKQ3+q2PsHO23fcV5UUh2ghZIFUv:lOEAHVEV5rhHJL9P+vkHVEV5rhHh2FUv
                                                                                                                                                                                                        MD5:70D971D45FEE3D746068C99B50CAD429
                                                                                                                                                                                                        SHA1:27B0DB16E5FB7AA3EEA04027E471DD72B1E7DAEC
                                                                                                                                                                                                        SHA-256:FDD4E9645E6DF1A5C8222F49793B97348A181079A773D63FD55BA5721A04649C
                                                                                                                                                                                                        SHA-512:90CFA7F5DD9D1777C139B795B9383FCD1DE6A9086E0A41C39C5E82E492E3BF237A1CA8D82FFDE2D7ABBC6720A5E7A446F63C24D756466E2DF1BCEBF1EB9CFB9C
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:2024/10/24-08:36:09.593 170c Creating DB C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Site Characteristics Database since it was missing..2024/10/24-08:36:09.717 170c Reusing MANIFEST C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Site Characteristics Database/MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Site Characteristics Database\MANIFEST-000001

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:OpenPGP Secret Key
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):41
                                                                                                                                                                                                        Entropy (8bit):4.704993772857998
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                        MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                        SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                        SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                        SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Sync Data\LevelDB\000001.dbtmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Sync Data\LevelDB\000003.log

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):46
                                                                                                                                                                                                        Entropy (8bit):4.019797536844534
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:sLollttz6sjlGXU2tkn:qolXtWswXU2tkn
                                                                                                                                                                                                        MD5:90881C9C26F29FCA29815A08BA858544
                                                                                                                                                                                                        SHA1:06FEE974987B91D82C2839A4BB12991FA99E1BDD
                                                                                                                                                                                                        SHA-256:A2CA52E34B6138624AC2DD20349CDE28482143B837DB40A7F0FBDA023077C26A
                                                                                                                                                                                                        SHA-512:15F7F8197B4FC46C4C5C2570FB1F6DD73CB125F9EE53DFA67F5A0D944543C5347BDAB5CCE95E91DD6C948C9023E23C7F9D76CFF990E623178C92F8D49150A625
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:...n'................_mts_schema_descriptor...

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Sync Data\LevelDB\CURRENT (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Sync Data\LevelDB\LOG

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):305
                                                                                                                                                                                                        Entropy (8bit):5.286538508312772
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:6:+oUTnEq1sHO23fcV5gx2KLlooUR71WM+q2PsHO23fcV5WIFUv:l2ERHVEV5gVL94L+vkHVEV5PFUv
                                                                                                                                                                                                        MD5:85EE1C8B5EC605DFEE0AA1CAB193A277
                                                                                                                                                                                                        SHA1:1C9FC7DB1AA9271873B64123B7B13A12193E4FCE
                                                                                                                                                                                                        SHA-256:B1E7021D835A387ABAC4296CC6914872B90376D13186A59A55D9F78417DC0FFF
                                                                                                                                                                                                        SHA-512:E743A6250B30D98B7880979528F4E0B4EF1F8CD8A6C34F857017F140CCE498C0DDAB30A0B27BC20A5B77D5B6CF1F83C43411B8A01BFEFB82CD393F80169AE06E
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:2024/10/24-08:36:10.058 bac Creating DB C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Sync Data\LevelDB since it was missing..2024/10/24-08:36:10.072 bac Reusing MANIFEST C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Sync Data\LevelDB/MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Sync Data\LevelDB\MANIFEST-000001

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:OpenPGP Secret Key
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):41
                                                                                                                                                                                                        Entropy (8bit):4.704993772857998
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                        MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                        SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                        SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                        SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Visited Links

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):131072
                                                                                                                                                                                                        Entropy (8bit):0.002110589502647469
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:ImtVT72le:IiV3We
                                                                                                                                                                                                        MD5:362AF8F64392414C34E3E6A5407BEFCD
                                                                                                                                                                                                        SHA1:F89863676392C462D3972378166EBB498D7367A2
                                                                                                                                                                                                        SHA-256:DA808B0F39FB0F8E75B228091B812D5B284EE04A6D7B44DD67E88E07D23FCBC4
                                                                                                                                                                                                        SHA-512:900EDF61C51146AC2AF90F98D1D615F77DDB522E23EAD22605C9881D5E3C87898F2B40A71E8500ADBBAB804667043AB27318786E07D149E550ABB8FFAEE5A7EE
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:VLnk.....?.........;.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\Web Data

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 87, cookie 0x36, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):178176
                                                                                                                                                                                                        Entropy (8bit):0.9328712687751187
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:192:R2qAdB9TbTbuDDsnxCkvSAE+WslKOMq+c:R2qOB1nxCkvSAELyKOMq+c
                                                                                                                                                                                                        MD5:6B2D5ED0A90C99FD05D58FE8E924C886
                                                                                                                                                                                                        SHA1:34E1103E18E57E9D1769C89DFB2DAD84BFDD54B5
                                                                                                                                                                                                        SHA-256:2873E973AB5B91CD07405FD5D35E2A843A408AD53696372BEC794F4582368E49
                                                                                                                                                                                                        SHA-512:08373748A19C0381866090CB60929A4642BB624AF777240CB63B918180CEEE0C80DFAD852830FC6821AD6266DF1A865940A90D2089621F612617C5E92A4B29B2
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:SQLite format 3......@ .......W...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\heavy_ad_intervention_opt_out.db

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 4, cookie 0x2, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16384
                                                                                                                                                                                                        Entropy (8bit):0.35226517389931394
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:12:TLC+waBg9LBgVDBgQjiZBgKuFtuQkMbmgcVAzO5kMCgGUg5OR:TLPdBgtBgJBgQjiZS53uQFE27MCgGZsR
                                                                                                                                                                                                        MD5:D2CCDC36225684AAE8FA563AFEDB14E7
                                                                                                                                                                                                        SHA1:3759649035F23004A4C30A14C5F0B54191BEBF80
                                                                                                                                                                                                        SHA-256:080AEE864047C67CB1586A5BA5EDA007AFD18ECC2B702638287E386F159D7AEE
                                                                                                                                                                                                        SHA-512:1A915AF643D688CA68AEDC1FF26C407D960D18DFDE838B417C437D7ADAC7B91C906E782DCC414784E64287915BD1DE5BB6A282E59AA9FEB8C384B4D4BC5F70EC
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j.......Q......Q......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\shared_proto_db\000001.dbtmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\shared_proto_db\CURRENT (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\shared_proto_db\LOG

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):303
                                                                                                                                                                                                        Entropy (8bit):5.328313816248529
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:6:+oUZc+SRM1sHO23fcV54rl2KLlooUZcLdq2PsHO23fcV54rK+IFUv:lJRrHVEV5qL9zvkHVEV553FUv
                                                                                                                                                                                                        MD5:0A324D7E02E4D605012EDE0319DAD55A
                                                                                                                                                                                                        SHA1:1D9567968EE1247F9281014BD1537014B0A5FFAB
                                                                                                                                                                                                        SHA-256:44C9D613B1B7619AA882A46DC5E9BB1A4D4CFC2119F89174DDF1AFA34272A59B
                                                                                                                                                                                                        SHA-512:F22B310D1C9F63CE2FDDA56352732208D94BD9EED4A2E926DF67B0CF573833235987DE701EB3521A8F52E7D6492C3C2A64CA187971A780AAF4242FFA9BBAB894
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:2024/10/24-08:36:09.806 1b24 Creating DB C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\shared_proto_db since it was missing..2024/10/24-08:36:09.822 1b24 Reusing MANIFEST C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\shared_proto_db/MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\shared_proto_db\MANIFEST-000001

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:OpenPGP Secret Key
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):41
                                                                                                                                                                                                        Entropy (8bit):4.704993772857998
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                        MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                        SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                        SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                        SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\shared_proto_db\metadata\000001.dbtmp

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\shared_proto_db\metadata\000003.log

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):184
                                                                                                                                                                                                        Entropy (8bit):3.71325125317076
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:G0XttkJcsRwI9tkJcscml9t3moBNJ4XlfmoytfmEa8q///fmEbn:G0Xtqcsqc9Ct3msNJ4mv1m9p//3m8
                                                                                                                                                                                                        MD5:AF826572446A866B993052AEC9760422
                                                                                                                                                                                                        SHA1:2BA6EF209765B9CEB75F4C7698F20A0992119565
                                                                                                                                                                                                        SHA-256:FE6EC58485FFA98BA4F69C7B67348F8F8128DD58AD3DAE577F993C32EEFA48ED
                                                                                                                                                                                                        SHA-512:538D97BEAEECAB5E24E628B2ED42C799DD82E12624C1077D1AE70FC2B5ED81EC1BC261C39B509C96AFF98DF0E837CA68A27A1032299B386C8590F046EE4391FE
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\shared_proto_db\metadata\CURRENT (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\shared_proto_db\metadata\LOG

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):321
                                                                                                                                                                                                        Entropy (8bit):5.322821500406727
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:6:+oUZczSRM1sHO23fcV54rzs52KLlooUZcoMq2PsHO23fcV54rzAdIFUv:lhSRrHVEV559L9+MvkHVEV5uFUv
                                                                                                                                                                                                        MD5:515105FBE571ADB9CA7F098847D7D669
                                                                                                                                                                                                        SHA1:30D9B139C7DE8235A2CABA6169114AB5DDE40B62
                                                                                                                                                                                                        SHA-256:F38FB1D3A0BF6A2A57995E4FA697BBE8A8B3CB15EB0DA468EDBDD60698E5EB98
                                                                                                                                                                                                        SHA-512:734153804E76A47B5B5F8AF254E89743057D57615F29F3C73E67600FA5D410247E142DA708E0638B8EAFAD83116A2681F25994C5DDF3701BAFC7838E73F22E91
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:2024/10/24-08:36:09.722 1b24 Creating DB C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\shared_proto_db\metadata since it was missing..2024/10/24-08:36:09.758 1b24 Reusing MANIFEST C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\shared_proto_db\metadata/MANIFEST-000001.

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Default\shared_proto_db\metadata\MANIFEST-000001

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:OpenPGP Secret Key
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):41
                                                                                                                                                                                                        Entropy (8bit):4.704993772857998
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                        MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                        SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                        SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                        SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\GrShaderCache\data_0

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):8192
                                                                                                                                                                                                        Entropy (8bit):0.01057775872642915
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsFl:/F
                                                                                                                                                                                                        MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                                        SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                                        SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                                        SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\GrShaderCache\data_1

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):270336
                                                                                                                                                                                                        Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                        MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                        SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                        SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                        SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\GrShaderCache\data_2

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):8192
                                                                                                                                                                                                        Entropy (8bit):0.011852361981932763
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                                        MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                                        SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                                        SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                                        SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\GrShaderCache\data_3

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):8192
                                                                                                                                                                                                        Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                        MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                        SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                        SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                        SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\GrShaderCache\index

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):262512
                                                                                                                                                                                                        Entropy (8bit):9.47693366977411E-4
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:LsNlHb/:Ls37/
                                                                                                                                                                                                        MD5:688409ADD8BDAA80D4BF9F0747ED6D55
                                                                                                                                                                                                        SHA1:A6429F060BB678C00ABC74B64433A684B53BED5A
                                                                                                                                                                                                        SHA-256:DE225243F4B9C879CCBE416A27E8E5758B985DAA3C3DC6CA31DF6E7A32296384
                                                                                                                                                                                                        SHA-512:B2E35FC049C37803C9C0ED9666F370ACC08AB53B3F93F028F601D82A06992DD690E95E62A53ECE0C115A4FF15E150B0FD6266CC42D1279D6486FA68262C99C0C
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................m.../.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\GraphiteDawnCache\data_0

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):8192
                                                                                                                                                                                                        Entropy (8bit):0.01057775872642915
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsFl:/F
                                                                                                                                                                                                        MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                                        SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                                        SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                                        SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\GraphiteDawnCache\data_1

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):270336
                                                                                                                                                                                                        Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                        MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                        SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                        SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                        SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\GraphiteDawnCache\data_2

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):8192
                                                                                                                                                                                                        Entropy (8bit):0.011852361981932763
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                                        MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                                        SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                                        SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                                        SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\GraphiteDawnCache\data_3

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):8192
                                                                                                                                                                                                        Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                        MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                        SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                        SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                        SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\GraphiteDawnCache\index

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):262512
                                                                                                                                                                                                        Entropy (8bit):9.553120663130604E-4
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:LsNl3T:Ls33T
                                                                                                                                                                                                        MD5:C2895AD350655F8C5D072634AFAB6079
                                                                                                                                                                                                        SHA1:420DC2DE539D87412CD226772DF1AC6901EFF1F3
                                                                                                                                                                                                        SHA-256:7BAA3626573CDAD4472E6FF0999DA9FF42E2C632FD43C2482A305FC2F2EF57AB
                                                                                                                                                                                                        SHA-512:EA961972F6080A96D9486B3543FC386A12EB5D96610A48E2867FE1DCFAF0482EBE8B76ACD658999D93F4BDB90118260DE2FC4E5ECD8EC1AF4B5354BF58161E41
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................VY../.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Last Version

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):13
                                                                                                                                                                                                        Entropy (8bit):2.7192945256669794
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:NYLFRQI:ap2I
                                                                                                                                                                                                        MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                                                                                                                                                                                                        SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                                                                                                                                                                                                        SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                                                                                                                                                                                                        SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:117.0.2045.47

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Local State (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):951
                                                                                                                                                                                                        Entropy (8bit):5.699106445215073
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:24:YKWJu5rrtXWRns9pnaVYCOHBkaeCqWOxLbvX8QQRCYfYg:Yqf1WevaVYC6BkZzx3vxB0
                                                                                                                                                                                                        MD5:7FD81900C3375139217F0713C6B4C875
                                                                                                                                                                                                        SHA1:4D2CE79A23EC3E85326039613AEFD31C08431B6F
                                                                                                                                                                                                        SHA-256:E6ECF22F6C6C356920FA4A17858A94793ED346E7A7D36B1A790DD2356DA2D08A
                                                                                                                                                                                                        SHA-512:8F8EE7CA1EA21B6506C1D17C634E0E04AE79E79C34E28405EA939C16B1C5F575072322F50F39ADB0077F4312F361DE4286A7AE07A3665AC931B75C1EDF9ECFEE
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABBqindxK43RoU848x9eeSCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAABHiIJnpapfvtixtlTlv1/FLQirg+GgXCLJFktH6jqtOwAAAAAOgAAAAAIAACAAAAA/UhpoPnSYMBySflstceF2EY4r3EpXOWiFd9NGC8aN5zAAAABHR4fc0GkZg8M621GioW23/+gEnS1Iwcpk5We/0s9qch5cfVtlr6GaWV1l9FaDuNtAAAAAiLD+IePNDJXSxExdwFtSQC5ucvs1X5RET2DERC89YhAVLcjKVydPyl5lo0/mrKejNaJK/OOI8S4tHOLTAw2rFQ=="},"uninstall_metrics":{"installation_date2":"1729773369"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":7111,"pseudo_low_entropy_source":6346,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13374246969267669","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Local State~RF45af7a.TMP (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):951
                                                                                                                                                                                                        Entropy (8bit):5.699106445215073
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:24:YKWJu5rrtXWRns9pnaVYCOHBkaeCqWOxLbvX8QQRCYfYg:Yqf1WevaVYC6BkZzx3vxB0
                                                                                                                                                                                                        MD5:7FD81900C3375139217F0713C6B4C875
                                                                                                                                                                                                        SHA1:4D2CE79A23EC3E85326039613AEFD31C08431B6F
                                                                                                                                                                                                        SHA-256:E6ECF22F6C6C356920FA4A17858A94793ED346E7A7D36B1A790DD2356DA2D08A
                                                                                                                                                                                                        SHA-512:8F8EE7CA1EA21B6506C1D17C634E0E04AE79E79C34E28405EA939C16B1C5F575072322F50F39ADB0077F4312F361DE4286A7AE07A3665AC931B75C1EDF9ECFEE
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABBqindxK43RoU848x9eeSCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAABHiIJnpapfvtixtlTlv1/FLQirg+GgXCLJFktH6jqtOwAAAAAOgAAAAAIAACAAAAA/UhpoPnSYMBySflstceF2EY4r3EpXOWiFd9NGC8aN5zAAAABHR4fc0GkZg8M621GioW23/+gEnS1Iwcpk5We/0s9qch5cfVtlr6GaWV1l9FaDuNtAAAAAiLD+IePNDJXSxExdwFtSQC5ucvs1X5RET2DERC89YhAVLcjKVydPyl5lo0/mrKejNaJK/OOI8S4tHOLTAw2rFQ=="},"uninstall_metrics":{"installation_date2":"1729773369"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":7111,"pseudo_low_entropy_source":6346,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13374246969267669","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Local State~RF45afa9.TMP (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):951
                                                                                                                                                                                                        Entropy (8bit):5.699106445215073
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:24:YKWJu5rrtXWRns9pnaVYCOHBkaeCqWOxLbvX8QQRCYfYg:Yqf1WevaVYC6BkZzx3vxB0
                                                                                                                                                                                                        MD5:7FD81900C3375139217F0713C6B4C875
                                                                                                                                                                                                        SHA1:4D2CE79A23EC3E85326039613AEFD31C08431B6F
                                                                                                                                                                                                        SHA-256:E6ECF22F6C6C356920FA4A17858A94793ED346E7A7D36B1A790DD2356DA2D08A
                                                                                                                                                                                                        SHA-512:8F8EE7CA1EA21B6506C1D17C634E0E04AE79E79C34E28405EA939C16B1C5F575072322F50F39ADB0077F4312F361DE4286A7AE07A3665AC931B75C1EDF9ECFEE
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABBqindxK43RoU848x9eeSCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAABHiIJnpapfvtixtlTlv1/FLQirg+GgXCLJFktH6jqtOwAAAAAOgAAAAAIAACAAAAA/UhpoPnSYMBySflstceF2EY4r3EpXOWiFd9NGC8aN5zAAAABHR4fc0GkZg8M621GioW23/+gEnS1Iwcpk5We/0s9qch5cfVtlr6GaWV1l9FaDuNtAAAAAiLD+IePNDJXSxExdwFtSQC5ucvs1X5RET2DERC89YhAVLcjKVydPyl5lo0/mrKejNaJK/OOI8S4tHOLTAw2rFQ=="},"uninstall_metrics":{"installation_date2":"1729773369"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":7111,"pseudo_low_entropy_source":6346,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13374246969267669","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Local State~RF45b314.TMP (copy)

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):951
                                                                                                                                                                                                        Entropy (8bit):5.699106445215073
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:24:YKWJu5rrtXWRns9pnaVYCOHBkaeCqWOxLbvX8QQRCYfYg:Yqf1WevaVYC6BkZzx3vxB0
                                                                                                                                                                                                        MD5:7FD81900C3375139217F0713C6B4C875
                                                                                                                                                                                                        SHA1:4D2CE79A23EC3E85326039613AEFD31C08431B6F
                                                                                                                                                                                                        SHA-256:E6ECF22F6C6C356920FA4A17858A94793ED346E7A7D36B1A790DD2356DA2D08A
                                                                                                                                                                                                        SHA-512:8F8EE7CA1EA21B6506C1D17C634E0E04AE79E79C34E28405EA939C16B1C5F575072322F50F39ADB0077F4312F361DE4286A7AE07A3665AC931B75C1EDF9ECFEE
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABBqindxK43RoU848x9eeSCEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAABHiIJnpapfvtixtlTlv1/FLQirg+GgXCLJFktH6jqtOwAAAAAOgAAAAAIAACAAAAA/UhpoPnSYMBySflstceF2EY4r3EpXOWiFd9NGC8aN5zAAAABHR4fc0GkZg8M621GioW23/+gEnS1Iwcpk5We/0s9qch5cfVtlr6GaWV1l9FaDuNtAAAAAiLD+IePNDJXSxExdwFtSQC5ucvs1X5RET2DERC89YhAVLcjKVydPyl5lo0/mrKejNaJK/OOI8S4tHOLTAw2rFQ=="},"uninstall_metrics":{"installation_date2":"1729773369"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":7111,"pseudo_low_entropy_source":6346,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13374246969267669","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\ShaderCache\data_0

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):8192
                                                                                                                                                                                                        Entropy (8bit):0.01057775872642915
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsFl:/F
                                                                                                                                                                                                        MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                                        SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                                        SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                                        SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\ShaderCache\data_1

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):270336
                                                                                                                                                                                                        Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                        MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                        SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                        SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                        SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\ShaderCache\data_2

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):8192
                                                                                                                                                                                                        Entropy (8bit):0.011852361981932763
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                                        MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                                        SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                                        SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                                        SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\ShaderCache\data_3

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):8192
                                                                                                                                                                                                        Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                        MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                        SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                        SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                        SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\ShaderCache\index

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):262512
                                                                                                                                                                                                        Entropy (8bit):9.553120663130604E-4
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:LsNlcH/:Ls3cH/
                                                                                                                                                                                                        MD5:D01FA8275B3E22DD1DAFC06C8B055B79
                                                                                                                                                                                                        SHA1:2307696BEEDA914D6972208964743579BEA06704
                                                                                                                                                                                                        SHA-256:EAB556084D731A82428DD6CCB7DBC4B661825679ECC9FD7C8ABA12674E981F14
                                                                                                                                                                                                        SHA-512:0775CC9026E94E0162105D67268E3E6F03D8BCCF2CE8C3932CB0CE44A3F06F7EF6ABEA9C33F14CE2EE0DF9E9E2F4739E4ADD25BA2427F568B4F8778A6B55B3EF
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:........................................R..../.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Variations

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):85
                                                                                                                                                                                                        Entropy (8bit):4.3488360343066725
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:YQ3JYq9xSs0dMEJAELJ25AmIpozQan:YQ3Kq9X0dMgAEiLIM
                                                                                                                                                                                                        MD5:BC6142469CD7DADF107BE9AD87EA4753
                                                                                                                                                                                                        SHA1:72A9AA05003FAB742B0E4DC4C5D9EDA6B9F7565C
                                                                                                                                                                                                        SHA-256:B26DA4F8C7E283AA74386DA0229D66AF14A37986B8CA828E054FC932F68DD557
                                                                                                                                                                                                        SHA-512:47D1A67A16F5DC6D50556C5296E65918F0A2FCAD0E8CEE5795B100FE8CD89EAF5E1FD67691E8A57AF3677883A5D8F104723B1901D11845B286474C8AC56F6182
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:{"user_experience_metrics.stability.exited_cleanly":true,"variations_crash_streak":0}

                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe
                                                                                                                                                                                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Read-Only, ctime=Thu Oct 24 15:33:44 2024, mtime=Thu Oct 24 11:36:06 2024, atime=Thu Oct 24 15:33:44 2024, length=3289752, window=hide
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):1593
                                                                                                                                                                                                        Entropy (8bit):4.87249396819182
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:24:8hR3zhzCR8JgKKEl34b4F4LAM1ujMkWCE6El3/4KwRS2qygm:8/31GR83l34q48cujMXJl3/4LSzyg
                                                                                                                                                                                                        MD5:FAF6689162748840A00F71BDE4A8193F
                                                                                                                                                                                                        SHA1:0EE4575EFD5D39009C19DD52DE663B869D694048
                                                                                                                                                                                                        SHA-256:5B11575474721E3BCFD1D9D2FE33FBF8DB36FA49A005FBCB5B6B830F20101F8D
                                                                                                                                                                                                        SHA-512:580FB1E4D74668AE12F3A5DE67D746328B46D819DED7CA9EC053E1C2E8E09A35B061AF5D286393C6AE721706BEFA2DC667F140134892D0B1997FF98123E84C91
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:L..................F...........}2&....|K.&.....}2&...22.......................:..DG..Yr?.D..U..k0.&...&......&..9......>.&...kK.&......t...CFSF..1.....FWtM..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......FWtMXYqd.....Y.....................?@.A.p.p.D.a.t.a...B.P.1.....XYwd..Local.<......FWtMXYxd.....Z........................L.o.c.a.l.....N.1.....XY.d..Temp..:......FWtMXY.d....=Z....)...................T.e.m.p.......1.....XY.d..TEMP1_~2.ZIP.........XY.dXY.d...........................9..T.e.m.p.1._.M.D.E._.F.i.l.e._.S.a.m.p.l.e._.c.e.8.d.e.5.9.e.2.2.7.7.e.9.0.0.3.f.3.a.9.c.9.6.2.6.0.c.e.0.9.9.c.a.7.c.d.a.6.c...z.i.p.....`.2..22.XY6...WinRAR.exe..F......XY6.XY.d..............................W.i.n.R.A.R...e.x.e.......................-...................>.J}.....C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe..*.P.r.o.c.e.s.s. .R.A.R.,. .Z.I.P. .a.n.d. .o.t.h.e.r. .a.r.c.h.i.v.e. .f.o.r.m.a.t.s.j.....\.....\.....\....

                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\WinRAR\version.dat

                                                                                                                                                                                                        Download File
                                                                                                                                                                                                        Process:C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe
                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                        Size (bytes):12
                                                                                                                                                                                                        Entropy (8bit):3.2516291673878226
                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                        SSDEEP:3:L0n:L0
                                                                                                                                                                                                        MD5:74FE0F77EE53EF8CA77D6EDEEE0BC64C
                                                                                                                                                                                                        SHA1:5D4C1DDF6598FEA107A8618166E16674C2A6507B
                                                                                                                                                                                                        SHA-256:40AE026F248FA1538143421F3361F63DDD17C9F7FEA32F37474B478A98D5764E
                                                                                                                                                                                                        SHA-512:BFBEFB51325716C74265718BAFFAF2C822D48E4924423C49BA71126288A6AEB2CDF14223F0077D7C370EB96C3AA3BC0398A1BDA94054EE504B41027642BD3DC4
                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                        Preview:....nr.I.&..

                                                                                                                                                                                                        Static File Info

                                                                                                                                                                                                        General

                                                                                                                                                                                                        File type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                                        Entropy (8bit):7.999621173911269
                                                                                                                                                                                                        TrID:
                                                                                                                                                                                                        • ZIP compressed archive (8000/1) 99.91%
                                                                                                                                                                                                        • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.09%
                                                                                                                                                                                                        File name:Archive.zip
                                                                                                                                                                                                        File size:3'810'357 bytes
                                                                                                                                                                                                        MD5:4dfe9e36193114f33d8bd68433b1c27f
                                                                                                                                                                                                        SHA1:ca76c1931c64bf2f9252c7ef53d05600d387247c
                                                                                                                                                                                                        SHA256:fe2418fb7d72832e350dc521027c933e31cff060de1f1359fcc89b30937a63ec
                                                                                                                                                                                                        SHA512:762a15569bd09feb8471cfb09be0740663db8156960e2280a50d41451039ea54a0a35aa90e8c9c06dadb8e9894a52223a1aed1f3d88eedd45393c0987ff776af
                                                                                                                                                                                                        SSDEEP:98304:qw/K3SY9vqh+M2I3I1okbZ4uY9A4nlTgJsBySPixfgRu/OMJx:V2nvqIB0c/SzBywsD/OMn
                                                                                                                                                                                                        TLSH:76063364BF3C1D068CF73FACCC79D50E94A11B8508596CA78C4A54897E7A08F4BED2B6
                                                                                                                                                                                                        File Content Preview:PK........6tXY.........5..<. .MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zipUT....>.g.>.g.>.gux...............@..PK........6dXYw@..Q4...22...$.WinRAR.exe.. .........W.!..&..V.!..&..U.!..&..8.:.'....D..ek.(:.7.........l#\............O@g`%%.e.

                                                                                                                                                                                                        File Icon

                                                                                                                                                                                                        Icon Hash:1c1c1e4e4ececedc

                                                                                                                                                                                                        Network Behavior

                                                                                                                                                                                                        No network behavior found

                                                                                                                                                                                                        Statistics

                                                                                                                                                                                                        CPU Usage

                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                        Memory Usage

                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                        High Level Behavior Distribution

                                                                                                                                                                                                        Click to dive into process behavior distribution

                                                                                                                                                                                                        Behavior

                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                        System Behavior

                                                                                                                                                                                                        General

                                                                                                                                                                                                        Target ID:0
                                                                                                                                                                                                        Start time:08:35:51
                                                                                                                                                                                                        Start date:24/10/2024
                                                                                                                                                                                                        Path:C:\Windows\System32\rundll32.exe
                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                        Commandline:C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                                                                                                                                                        Imagebase:0x7ff615440000
                                                                                                                                                                                                        File size:71'680 bytes
                                                                                                                                                                                                        MD5 hash:EF3179D498793BF4234F708D3BE28633
                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                        General

                                                                                                                                                                                                        Target ID:7
                                                                                                                                                                                                        Start time:08:36:03
                                                                                                                                                                                                        Start date:24/10/2024
                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe
                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe"
                                                                                                                                                                                                        Imagebase:0x7ff713c30000
                                                                                                                                                                                                        File size:3'289'752 bytes
                                                                                                                                                                                                        MD5 hash:0D76233931DFA993FD9B546BD5229976
                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                        General

                                                                                                                                                                                                        Target ID:10
                                                                                                                                                                                                        Start time:08:36:05
                                                                                                                                                                                                        Start date:24/10/2024
                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe
                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe" -isetup_integration
                                                                                                                                                                                                        Imagebase:0x7ff713c30000
                                                                                                                                                                                                        File size:3'289'752 bytes
                                                                                                                                                                                                        MD5 hash:0D76233931DFA993FD9B546BD5229976
                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                        General

                                                                                                                                                                                                        Target ID:12
                                                                                                                                                                                                        Start time:08:36:08
                                                                                                                                                                                                        Start date:24/10/2024
                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=6588.548.7445727294754826910
                                                                                                                                                                                                        Imagebase:0x7ff685680000
                                                                                                                                                                                                        File size:3'749'328 bytes
                                                                                                                                                                                                        MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                        Reputation:moderate
                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                        General

                                                                                                                                                                                                        Target ID:13
                                                                                                                                                                                                        Start time:08:36:08
                                                                                                                                                                                                        Start date:24/10/2024
                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x170,0x7ffa2c0c8e88,0x7ffa2c0c8e98,0x7ffa2c0c8ea8
                                                                                                                                                                                                        Imagebase:0x7ff685680000
                                                                                                                                                                                                        File size:3'749'328 bytes
                                                                                                                                                                                                        MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                        Reputation:moderate
                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                        General

                                                                                                                                                                                                        Target ID:14
                                                                                                                                                                                                        Start time:08:36:09
                                                                                                                                                                                                        Start date:24/10/2024
                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1728 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:2
                                                                                                                                                                                                        Imagebase:0x7ff685680000
                                                                                                                                                                                                        File size:3'749'328 bytes
                                                                                                                                                                                                        MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                        Reputation:moderate
                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                        General

                                                                                                                                                                                                        Target ID:15
                                                                                                                                                                                                        Start time:08:36:09
                                                                                                                                                                                                        Start date:24/10/2024
                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2196 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:3
                                                                                                                                                                                                        Imagebase:0x7ff685680000
                                                                                                                                                                                                        File size:3'749'328 bytes
                                                                                                                                                                                                        MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                        Reputation:moderate
                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                        General

                                                                                                                                                                                                        Target ID:17
                                                                                                                                                                                                        Start time:08:36:09
                                                                                                                                                                                                        Start date:24/10/2024
                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2460 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:8
                                                                                                                                                                                                        Imagebase:0x7ff685680000
                                                                                                                                                                                                        File size:3'749'328 bytes
                                                                                                                                                                                                        MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                        Reputation:moderate
                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                        General

                                                                                                                                                                                                        Target ID:18
                                                                                                                                                                                                        Start time:08:36:10
                                                                                                                                                                                                        Start date:24/10/2024
                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Temp\WinRAR.exe.WebView2\EBWebView" --webview-exe-name=WinRAR.exe --webview-exe-version=7.1.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1729768802568476 --launch-time-ticks=4567489855 --mojo-platform-channel-handle=3452 --field-trial-handle=1732,i,9282830004954028553,13470874776180929565,262144 --enable-features=MojoIpcz /prefetch:1
                                                                                                                                                                                                        Imagebase:0x7ff685680000
                                                                                                                                                                                                        File size:3'749'328 bytes
                                                                                                                                                                                                        MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                        Reputation:moderate
                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                        General

                                                                                                                                                                                                        Target ID:24
                                                                                                                                                                                                        Start time:08:36:22
                                                                                                                                                                                                        Start date:24/10/2024
                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe
                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe"
                                                                                                                                                                                                        Imagebase:0x7ff695880000
                                                                                                                                                                                                        File size:3'289'752 bytes
                                                                                                                                                                                                        MD5 hash:0D76233931DFA993FD9B546BD5229976
                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                        General

                                                                                                                                                                                                        Target ID:27
                                                                                                                                                                                                        Start time:08:37:35
                                                                                                                                                                                                        Start date:24/10/2024
                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe
                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\Temp2_MDE_File_Sample_ce8de59e2277e9003f3a9c96260ce099ca7cda6c.zip\WinRAR.exe"
                                                                                                                                                                                                        Imagebase:0x7ff630aa0000
                                                                                                                                                                                                        File size:3'289'752 bytes
                                                                                                                                                                                                        MD5 hash:0D76233931DFA993FD9B546BD5229976
                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                        Disassembly

                                                                                                                                                                                                        No disassembly