Exes_724bb69dbe7019681b2777b8af30ccfc_exe.json

1.  
2. [*] MalFamily: "Malicious"
3.  
4. [*] MalScore: 10.0
5.  
6. [*] File Name: "Exes_724bb69dbe7019681b2777b8af30ccfc.exe"
7. [*] File Size: 475136
8. [*] File Type: "PE32 executable (GUI) Intel 80386, for MS Windows"
9. [*] SHA256: "fdd462b785528556a4309b3a49dc8d48276af2716cee2e0d1b5e7b3c0fc9f936"
10. [*] MD5: "724bb69dbe7019681b2777b8af30ccfc"
11. [*] SHA1: "c87f935eb94e605b2ba50e55224d1e66b7c9a7fe"
12. [*] SHA512: "d023817abfc03959252fed3218ecd32855415a3d42576bb8d739fee9aaead66d9e6e65a31564530dccf12a570c7732e7e1f009b09a1c77687b596a996fa38f94"
13. [*] CRC32: "78A3B30A"
14. [*] SSDEEP: "12288:7VozUWWenWAVfk1UBhHHT4oiIzIrsqF934inl:7vEWcf64hT4JiIZv4ol"
15.  
16. [*] Process Execution: [
17. "Exes_724bb69dbe7019681b2777b8af30ccfc.exe"
18. ]
19.  
20. [*] Signatures Detected: [
21. {
22. "Description": "Creates RWX memory",
23. "Details": []
24. },
25. {
26. "Description": "Performs some HTTP requests",
27. "Details": [
28. {
29. "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEAPxtOFfOoLxFJZ4s9fYR1w%3D"
30. },
31. {
32. "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEA%2BdzSc7B3UzA8k03selSwo%3D"
33. },
34. {
35. "url": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEAaJg2QslT5G973OQUPxM8E%3D"
36. },
37. {
38. "url": "http://redirector.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe"
39. },
40. {
41. "url": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes"
42. }
43. ]
44. },
45. {
46. "Description": "The binary likely contains encrypted or compressed data.",
47. "Details": [
48. {
49. "section": "name: .text, entropy: 7.35, characteristics: IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ, raw_size: 0x00070000, virtual_size: 0x0006f7c4"
50. }
51. ]
52. },
53. {
54. "Description": "Attempts to repeatedly call a single API many times in order to delay analysis time",
55. "Details": [
56. {
57. "Spam": "Exes_724bb69dbe7019681b2777b8af30ccfc.exe (2704) called API CreateProcessInternalW 36198 times"
58. }
59. ]
60. },
61. {
62. "Description": "File has been identified by 14 Antiviruses on VirusTotal as malicious",
63. "Details": [
64. {
65. "Bkav": "HW32.Packed."
66. },
67. {
68. "FireEye": "Generic.mg.724bb69dbe701968"
69. },
70. {
71. "Cylance": "Unsafe"
72. },
73. {
74. "ESET-NOD32": "a variant of Win32/GenKryptik.DKNR"
75. },
76. {
77. "APEX": "Malicious"
78. },
79. {
80. "Invincea": "heuristic"
81. },
82. {
83. "McAfee-GW-Edition": "BehavesLike.Win32.VBObfus.gc"
84. },
85. {
86. "Fortinet": "W32/GenKryptik.DKWI!tr"
87. },
88. {
89. "Trapmine": "malicious.high.ml.score"
90. },
91. {
92. "Microsoft": "Trojan:Win32/Fuerboos.E!cl"
93. },
94. {
95. "SentinelOne": "DFI - Suspicious PE"
96. },
97. {
98. "AVG": "FileRepMalware"
99. },
100. {
101. "Cybereason": "malicious.eb94e6"
102. },
103. {
104. "CrowdStrike": "win/malicious_confidence_60% (D)"
105. }
106. ]
107. }
108. ]
109.  
110. [*] Started Service: []
111.  
112. [*] Executed Commands: [
113. "\\x01C:\\Users\\user\\AppData\\Local\\Temp\\Exes_724bb69dbe7019681b2777b8af30ccfc.exe\""
114. ]
115.  
116. [*] Mutexes: [
117. "CicLoadWinStaWinSta0",
118. "Local\\MSCTF.CtfMonitorInstMutexDefault1"
119. ]
120.  
121. [*] Modified Files: []
122.  
123. [*] Deleted Files: []
124.  
125. [*] Modified Registry Keys: []
126.  
127. [*] Deleted Registry Keys: []
128.  
129. [*] DNS Communications: []
130.  
131. [*] Domains: []
132.  
133. [*] Network Communication - ICMP: []
134.  
135. [*] Network Communication - HTTP: [
136. {
137. "count": 1,
138. "body": "",
139. "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEAPxtOFfOoLxFJZ4s9fYR1w%3D",
140. "user-agent": "Microsoft-CryptoAPI/6.1",
141. "method": "GET",
142. "host": "ocsp.digicert.com",
143. "version": "1.1",
144. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEAPxtOFfOoLxFJZ4s9fYR1w%3D",
145. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEAPxtOFfOoLxFJZ4s9fYR1w%3D HTTP/1.1\r\nCache-Control: max-age = 150849\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Tue, 28 May 2019 10:50:30 GMT\r\nIf-None-Match: \"5ced1276-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
146. "port": 80
147. },
148. {
149. "count": 1,
150. "body": "",
151. "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEA%2BdzSc7B3UzA8k03selSwo%3D",
152. "user-agent": "Microsoft-CryptoAPI/6.1",
153. "method": "GET",
154. "host": "ocsp.digicert.com",
155. "version": "1.1",
156. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEA%2BdzSc7B3UzA8k03selSwo%3D",
157. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEA%2BdzSc7B3UzA8k03selSwo%3D HTTP/1.1\r\nCache-Control: max-age = 135176\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Tue, 28 May 2019 05:30:18 GMT\r\nIf-None-Match: \"5cecc76a-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
158. "port": 80
159. },
160. {
161. "count": 1,
162. "body": "",
163. "uri": "http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEAaJg2QslT5G973OQUPxM8E%3D",
164. "user-agent": "Microsoft-CryptoAPI/6.1",
165. "method": "GET",
166. "host": "ocsp.digicert.com",
167. "version": "1.1",
168. "path": "/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEAaJg2QslT5G973OQUPxM8E%3D",
169. "data": "GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSPwl%2BrBFlJbvzLXU1bGW08VysJ2wQUj%2Bh%2B8G0yagAFI8dwl2o6kP9r6tQCEAaJg2QslT5G973OQUPxM8E%3D HTTP/1.1\r\nCache-Control: max-age = 168744\r\nConnection: Keep-Alive\r\nAccept: */*\r\nIf-Modified-Since: Tue, 28 May 2019 15:00:08 GMT\r\nIf-None-Match: \"5ced4cf8-1d7\"\r\nUser-Agent: Microsoft-CryptoAPI/6.1\r\nHost: ocsp.digicert.com\r\n\r\n",
170. "port": 80
171. },
172. {
173. "count": 2,
174. "body": "",
175. "uri": "http://redirector.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe",
176. "user-agent": "Microsoft BITS/7.5",
177. "method": "HEAD",
178. "host": "redirector.gvt1.com",
179. "version": "1.1",
180. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe",
181. "data": "HEAD /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: redirector.gvt1.com\r\n\r\n",
182. "port": 80
183. },
184. {
185. "count": 1,
186. "body": "",
187. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
188. "user-agent": "Microsoft BITS/7.5",
189. "method": "HEAD",
190. "host": "r5---sn-tt1eln7s.gvt1.com",
191. "version": "1.1",
192. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
193. "data": "HEAD /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
194. "port": 80
195. },
196. {
197. "count": 1,
198. "body": "",
199. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
200. "user-agent": "Microsoft BITS/7.5",
201. "method": "GET",
202. "host": "r5---sn-tt1eln7s.gvt1.com",
203. "version": "1.1",
204. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
205. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=0-7366\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
206. "port": 80
207. },
208. {
209. "count": 1,
210. "body": "",
211. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
212. "user-agent": "Microsoft BITS/7.5",
213. "method": "GET",
214. "host": "r5---sn-tt1eln7s.gvt1.com",
215. "version": "1.1",
216. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
217. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=7367-17506\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
218. "port": 80
219. },
220. {
221. "count": 1,
222. "body": "",
223. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
224. "user-agent": "Microsoft BITS/7.5",
225. "method": "GET",
226. "host": "r5---sn-tt1eln7s.gvt1.com",
227. "version": "1.1",
228. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
229. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=17507-29896\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
230. "port": 80
231. },
232. {
233. "count": 1,
234. "body": "",
235. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
236. "user-agent": "Microsoft BITS/7.5",
237. "method": "GET",
238. "host": "r5---sn-tt1eln7s.gvt1.com",
239. "version": "1.1",
240. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
241. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=29897-44638\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
242. "port": 80
243. },
244. {
245. "count": 1,
246. "body": "",
247. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
248. "user-agent": "Microsoft BITS/7.5",
249. "method": "GET",
250. "host": "r5---sn-tt1eln7s.gvt1.com",
251. "version": "1.1",
252. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
253. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=44639-75328\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
254. "port": 80
255. },
256. {
257. "count": 1,
258. "body": "",
259. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
260. "user-agent": "Microsoft BITS/7.5",
261. "method": "GET",
262. "host": "r5---sn-tt1eln7s.gvt1.com",
263. "version": "1.1",
264. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
265. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=75329-91747\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
266. "port": 80
267. },
268. {
269. "count": 1,
270. "body": "",
271. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
272. "user-agent": "Microsoft BITS/7.5",
273. "method": "GET",
274. "host": "r5---sn-tt1eln7s.gvt1.com",
275. "version": "1.1",
276. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
277. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=91748-128997\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
278. "port": 80
279. },
280. {
281. "count": 1,
282. "body": "",
283. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
284. "user-agent": "Microsoft BITS/7.5",
285. "method": "GET",
286. "host": "r5---sn-tt1eln7s.gvt1.com",
287. "version": "1.1",
288. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
289. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=128998-248110\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
290. "port": 80
291. },
292. {
293. "count": 1,
294. "body": "",
295. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
296. "user-agent": "Microsoft BITS/7.5",
297. "method": "GET",
298. "host": "r5---sn-tt1eln7s.gvt1.com",
299. "version": "1.1",
300. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
301. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=248111-369487\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
302. "port": 80
303. },
304. {
305. "count": 1,
306. "body": "",
307. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
308. "user-agent": "Microsoft BITS/7.5",
309. "method": "GET",
310. "host": "r5---sn-tt1eln7s.gvt1.com",
311. "version": "1.1",
312. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
313. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=369488-530742\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
314. "port": 80
315. },
316. {
317. "count": 1,
318. "body": "",
319. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
320. "user-agent": "Microsoft BITS/7.5",
321. "method": "GET",
322. "host": "r5---sn-tt1eln7s.gvt1.com",
323. "version": "1.1",
324. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
325. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=530743-718672\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
326. "port": 80
327. },
328. {
329. "count": 1,
330. "body": "",
331. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
332. "user-agent": "Microsoft BITS/7.5",
333. "method": "GET",
334. "host": "r5---sn-tt1eln7s.gvt1.com",
335. "version": "1.1",
336. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
337. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=718673-966612\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
338. "port": 80
339. },
340. {
341. "count": 1,
342. "body": "",
343. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
344. "user-agent": "Microsoft BITS/7.5",
345. "method": "GET",
346. "host": "r5---sn-tt1eln7s.gvt1.com",
347. "version": "1.1",
348. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
349. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=966613-1176953\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
350. "port": 80
351. },
352. {
353. "count": 1,
354. "body": "",
355. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
356. "user-agent": "Microsoft BITS/7.5",
357. "method": "GET",
358. "host": "r5---sn-tt1eln7s.gvt1.com",
359. "version": "1.1",
360. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
361. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=1176954-1458812\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
362. "port": 80
363. },
364. {
365. "count": 1,
366. "body": "",
367. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
368. "user-agent": "Microsoft BITS/7.5",
369. "method": "GET",
370. "host": "r5---sn-tt1eln7s.gvt1.com",
371. "version": "1.1",
372. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
373. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=1458813-1816996\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
374. "port": 80
375. },
376. {
377. "count": 1,
378. "body": "",
379. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
380. "user-agent": "Microsoft BITS/7.5",
381. "method": "GET",
382. "host": "r5---sn-tt1eln7s.gvt1.com",
383. "version": "1.1",
384. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
385. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=1816997-2231304\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
386. "port": 80
387. },
388. {
389. "count": 1,
390. "body": "",
391. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
392. "user-agent": "Microsoft BITS/7.5",
393. "method": "GET",
394. "host": "r5---sn-tt1eln7s.gvt1.com",
395. "version": "1.1",
396. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
397. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=2231305-2633949\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
398. "port": 80
399. },
400. {
401. "count": 1,
402. "body": "",
403. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
404. "user-agent": "Microsoft BITS/7.5",
405. "method": "GET",
406. "host": "r5---sn-tt1eln7s.gvt1.com",
407. "version": "1.1",
408. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
409. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=2633950-3064046\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
410. "port": 80
411. },
412. {
413. "count": 1,
414. "body": "",
415. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
416. "user-agent": "Microsoft BITS/7.5",
417. "method": "GET",
418. "host": "r5---sn-tt1eln7s.gvt1.com",
419. "version": "1.1",
420. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
421. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=3064047-3522216\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
422. "port": 80
423. },
424. {
425. "count": 1,
426. "body": "",
427. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
428. "user-agent": "Microsoft BITS/7.5",
429. "method": "GET",
430. "host": "r5---sn-tt1eln7s.gvt1.com",
431. "version": "1.1",
432. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
433. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=3522217-4001602\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
434. "port": 80
435. },
436. {
437. "count": 1,
438. "body": "",
439. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
440. "user-agent": "Microsoft BITS/7.5",
441. "method": "GET",
442. "host": "r5---sn-tt1eln7s.gvt1.com",
443. "version": "1.1",
444. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
445. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=4001603-4513022\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
446. "port": 80
447. },
448. {
449. "count": 1,
450. "body": "",
451. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
452. "user-agent": "Microsoft BITS/7.5",
453. "method": "GET",
454. "host": "r5---sn-tt1eln7s.gvt1.com",
455. "version": "1.1",
456. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
457. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=4513023-5021692\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
458. "port": 80
459. },
460. {
461. "count": 1,
462. "body": "",
463. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
464. "user-agent": "Microsoft BITS/7.5",
465. "method": "GET",
466. "host": "r5---sn-tt1eln7s.gvt1.com",
467. "version": "1.1",
468. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
469. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=5021693-5804358\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
470. "port": 80
471. },
472. {
473. "count": 1,
474. "body": "",
475. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
476. "user-agent": "Microsoft BITS/7.5",
477. "method": "GET",
478. "host": "r5---sn-tt1eln7s.gvt1.com",
479. "version": "1.1",
480. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
481. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=5804359-6649978\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
482. "port": 80
483. },
484. {
485. "count": 1,
486. "body": "",
487. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
488. "user-agent": "Microsoft BITS/7.5",
489. "method": "GET",
490. "host": "r5---sn-tt1eln7s.gvt1.com",
491. "version": "1.1",
492. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
493. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=6649979-7239868\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
494. "port": 80
495. },
496. {
497. "count": 1,
498. "body": "",
499. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
500. "user-agent": "Microsoft BITS/7.5",
501. "method": "GET",
502. "host": "r5---sn-tt1eln7s.gvt1.com",
503. "version": "1.1",
504. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
505. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=7239869-7755700\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
506. "port": 80
507. },
508. {
509. "count": 1,
510. "body": "",
511. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
512. "user-agent": "Microsoft BITS/7.5",
513. "method": "GET",
514. "host": "r5---sn-tt1eln7s.gvt1.com",
515. "version": "1.1",
516. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
517. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=7755701-8334180\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
518. "port": 80
519. },
520. {
521. "count": 1,
522. "body": "",
523. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
524. "user-agent": "Microsoft BITS/7.5",
525. "method": "GET",
526. "host": "r5---sn-tt1eln7s.gvt1.com",
527. "version": "1.1",
528. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
529. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=8334181-9232566\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
530. "port": 80
531. },
532. {
533. "count": 1,
534. "body": "",
535. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
536. "user-agent": "Microsoft BITS/7.5",
537. "method": "GET",
538. "host": "r5---sn-tt1eln7s.gvt1.com",
539. "version": "1.1",
540. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
541. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=9232567-9849188\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
542. "port": 80
543. },
544. {
545. "count": 1,
546. "body": "",
547. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
548. "user-agent": "Microsoft BITS/7.5",
549. "method": "GET",
550. "host": "r5---sn-tt1eln7s.gvt1.com",
551. "version": "1.1",
552. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
553. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=9849189-10879949\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
554. "port": 80
555. },
556. {
557. "count": 1,
558. "body": "",
559. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
560. "user-agent": "Microsoft BITS/7.5",
561. "method": "GET",
562. "host": "r5---sn-tt1eln7s.gvt1.com",
563. "version": "1.1",
564. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
565. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=10879950-11577790\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
566. "port": 80
567. },
568. {
569. "count": 1,
570. "body": "",
571. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
572. "user-agent": "Microsoft BITS/7.5",
573. "method": "GET",
574. "host": "r5---sn-tt1eln7s.gvt1.com",
575. "version": "1.1",
576. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
577. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=11577791-12743729\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
578. "port": 80
579. },
580. {
581. "count": 1,
582. "body": "",
583. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
584. "user-agent": "Microsoft BITS/7.5",
585. "method": "GET",
586. "host": "r5---sn-tt1eln7s.gvt1.com",
587. "version": "1.1",
588. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
589. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=12743730-14023093\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
590. "port": 80
591. },
592. {
593. "count": 1,
594. "body": "",
595. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
596. "user-agent": "Microsoft BITS/7.5",
597. "method": "GET",
598. "host": "r5---sn-tt1eln7s.gvt1.com",
599. "version": "1.1",
600. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
601. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=14023094-15425878\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
602. "port": 80
603. },
604. {
605. "count": 1,
606. "body": "",
607. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
608. "user-agent": "Microsoft BITS/7.5",
609. "method": "GET",
610. "host": "r5---sn-tt1eln7s.gvt1.com",
611. "version": "1.1",
612. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
613. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=15425879-16975968\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
614. "port": 80
615. },
616. {
617. "count": 1,
618. "body": "",
619. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
620. "user-agent": "Microsoft BITS/7.5",
621. "method": "GET",
622. "host": "r5---sn-tt1eln7s.gvt1.com",
623. "version": "1.1",
624. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
625. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=16975969-18070352\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
626. "port": 80
627. },
628. {
629. "count": 1,
630. "body": "",
631. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
632. "user-agent": "Microsoft BITS/7.5",
633. "method": "GET",
634. "host": "r5---sn-tt1eln7s.gvt1.com",
635. "version": "1.1",
636. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
637. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=18070353-19162589\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
638. "port": 80
639. },
640. {
641. "count": 1,
642. "body": "",
643. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
644. "user-agent": "Microsoft BITS/7.5",
645. "method": "GET",
646. "host": "r5---sn-tt1eln7s.gvt1.com",
647. "version": "1.1",
648. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
649. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=19162590-20719840\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
650. "port": 80
651. },
652. {
653. "count": 1,
654. "body": "",
655. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
656. "user-agent": "Microsoft BITS/7.5",
657. "method": "GET",
658. "host": "r5---sn-tt1eln7s.gvt1.com",
659. "version": "1.1",
660. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
661. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=20719841-22418810\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
662. "port": 80
663. },
664. {
665. "count": 1,
666. "body": "",
667. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
668. "user-agent": "Microsoft BITS/7.5",
669. "method": "GET",
670. "host": "r5---sn-tt1eln7s.gvt1.com",
671. "version": "1.1",
672. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
673. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=22418811-23563928\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
674. "port": 80
675. },
676. {
677. "count": 1,
678. "body": "",
679. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
680. "user-agent": "Microsoft BITS/7.5",
681. "method": "GET",
682. "host": "r5---sn-tt1eln7s.gvt1.com",
683. "version": "1.1",
684. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
685. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=23563929-24774403\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
686. "port": 80
687. },
688. {
689. "count": 1,
690. "body": "",
691. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
692. "user-agent": "Microsoft BITS/7.5",
693. "method": "GET",
694. "host": "r5---sn-tt1eln7s.gvt1.com",
695. "version": "1.1",
696. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
697. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=24774404-26690692\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
698. "port": 80
699. },
700. {
701. "count": 1,
702. "body": "",
703. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
704. "user-agent": "Microsoft BITS/7.5",
705. "method": "GET",
706. "host": "r5---sn-tt1eln7s.gvt1.com",
707. "version": "1.1",
708. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
709. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=26690693-28601746\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
710. "port": 80
711. },
712. {
713. "count": 1,
714. "body": "",
715. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
716. "user-agent": "Microsoft BITS/7.5",
717. "method": "GET",
718. "host": "r5---sn-tt1eln7s.gvt1.com",
719. "version": "1.1",
720. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
721. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=28601747-29783838\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
722. "port": 80
723. },
724. {
725. "count": 1,
726. "body": "",
727. "uri": "http://r5---sn-tt1eln7s.gvt1.com/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
728. "user-agent": "Microsoft BITS/7.5",
729. "method": "GET",
730. "host": "r5---sn-tt1eln7s.gvt1.com",
731. "version": "1.1",
732. "path": "/edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes",
733. "data": "GET /edgedl/release2/chrome/AO3hITetZBsR_75.0.3770.100/75.0.3770.100_74.0.3729.169_chrome_updater.exe?cms_redirect=yes&mip=172.98.67.13&mm=28&mn=sn-tt1eln7s&ms=nvh&mt=1560956080&mv=m&pl=24&shardbypass=yes HTTP/1.1\r\nConnection: Keep-Alive\r\nAccept: */*\r\nAccept-Encoding: identity\r\nIf-Unmodified-Since: Tue, 18 Jun 2019 05:17:16 GMT\r\nRange: bytes=29783839-30336767\r\nUser-Agent: Microsoft BITS/7.5\r\nX-Old-UID: cnt=0\r\nX-Last-HR: 0x0\r\nX-Last-HTTP-Status-Code: 0\r\nX-Retry-Count: 0\r\nX-HTTP-Attempts: 1\r\nHost: r5---sn-tt1eln7s.gvt1.com\r\n\r\n",
734. "port": 80
735. }
736. ]
737.  
738. [*] Network Communication - SMTP: []
739.  
740. [*] Network Communication - Hosts: []
741.  
742. [*] Network Communication - IRC: []
743.  
744. [*] Static Analysis: {
745. "pe": {
746. "peid_signatures": null,
747. "imports": [
748. {
749. "imports": [
750. {
751. "name": null,
752. "address": "0x401000"
753. },
754. {
755. "name": null,
756. "address": "0x401004"
757. },
758. {
759. "name": null,
760. "address": "0x401008"
761. },
762. {
763. "name": "MethCallEngine",
764. "address": "0x40100c"
765. },
766. {
767. "name": null,
768. "address": "0x401010"
769. },
770. {
771. "name": null,
772. "address": "0x401014"
773. },
774. {
775. "name": null,
776. "address": "0x401018"
777. },
778. {
779. "name": null,
780. "address": "0x40101c"
781. },
782. {
783. "name": null,
784. "address": "0x401020"
785. },
786. {
787. "name": null,
788. "address": "0x401024"
789. },
790. {
791. "name": null,
792. "address": "0x401028"
793. },
794. {
795. "name": null,
796. "address": "0x40102c"
797. },
798. {
799. "name": null,
800. "address": "0x401030"
801. },
802. {
803. "name": null,
804. "address": "0x401034"
805. },
806. {
807. "name": null,
808. "address": "0x401038"
809. },
810. {
811. "name": null,
812. "address": "0x40103c"
813. },
814. {
815. "name": null,
816. "address": "0x401040"
817. },
818. {
819. "name": "EVENT_SINK_AddRef",
820. "address": "0x401044"
821. },
822. {
823. "name": null,
824. "address": "0x401048"
825. },
826. {
827. "name": null,
828. "address": "0x40104c"
829. },
830. {
831. "name": null,
832. "address": "0x401050"
833. },
834. {
835. "name": null,
836. "address": "0x401054"
837. },
838. {
839. "name": null,
840. "address": "0x401058"
841. },
842. {
843. "name": null,
844. "address": "0x40105c"
845. },
846. {
847. "name": "EVENT_SINK_Release",
848. "address": "0x401060"
849. },
850. {
851. "name": null,
852. "address": "0x401064"
853. },
854. {
855. "name": "EVENT_SINK_QueryInterface",
856. "address": "0x401068"
857. },
858. {
859. "name": "__vbaExceptHandler",
860. "address": "0x40106c"
861. },
862. {
863. "name": null,
864. "address": "0x401070"
865. },
866. {
867. "name": null,
868. "address": "0x401074"
869. },
870. {
871. "name": null,
872. "address": "0x401078"
873. },
874. {
875. "name": null,
876. "address": "0x40107c"
877. },
878. {
879. "name": null,
880. "address": "0x401080"
881. },
882. {
883. "name": null,
884. "address": "0x401084"
885. },
886. {
887. "name": null,
888. "address": "0x401088"
889. },
890. {
891. "name": null,
892. "address": "0x40108c"
893. },
894. {
895. "name": null,
896. "address": "0x401090"
897. },
898. {
899. "name": null,
900. "address": "0x401094"
901. },
902. {
903. "name": null,
904. "address": "0x401098"
905. },
906. {
907. "name": null,
908. "address": "0x40109c"
909. },
910. {
911. "name": null,
912. "address": "0x4010a0"
913. },
914. {
915. "name": null,
916. "address": "0x4010a4"
917. },
918. {
919. "name": null,
920. "address": "0x4010a8"
921. },
922. {
923. "name": null,
924. "address": "0x4010ac"
925. },
926. {
927. "name": null,
928. "address": "0x4010b0"
929. },
930. {
931. "name": null,
932. "address": "0x4010b4"
933. }
934. ],
935. "dll": "MSVBVM60.DLL"
936. }
937. ],
938. "digital_signers": null,
939. "exported_dll_name": null,
940. "actual_checksum": "0x0007920e",
941. "overlay": null,
942. "imagebase": "0x00400000",
943. "reported_checksum": "0x0007920e",
944. "icon_hash": null,
945. "entrypoint": "0x004011d4",
946. "timestamp": "2000-06-05 23:33:32",
947. "osversion": "4.0",
948. "sections": [
949. {
950. "name": ".text",
951. "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ",
952. "virtual_address": "0x00001000",
953. "size_of_data": "0x00070000",
954. "entropy": "7.35",
955. "raw_address": "0x00001000",
956. "virtual_size": "0x0006f7c4",
957. "characteristics_raw": "0x60000020"
958. },
959. {
960. "name": ".data",
961. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
962. "virtual_address": "0x00071000",
963. "size_of_data": "0x00000000",
964. "entropy": "0.00",
965. "raw_address": "0x00000000",
966. "virtual_size": "0x00005430",
967. "characteristics_raw": "0xc0000040"
968. },
969. {
970. "name": ".rsrc",
971. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ",
972. "virtual_address": "0x00077000",
973. "size_of_data": "0x00003000",
974. "entropy": "3.68",
975. "raw_address": "0x00071000",
976. "virtual_size": "0x000024f6",
977. "characteristics_raw": "0x40000040"
978. }
979. ],
980. "resources": [],
981. "dirents": [
982. {
983. "virtual_address": "0x00000000",
984. "name": "IMAGE_DIRECTORY_ENTRY_EXPORT",
985. "size": "0x00000000"
986. },
987. {
988. "virtual_address": "0x00070664",
989. "name": "IMAGE_DIRECTORY_ENTRY_IMPORT",
990. "size": "0x00000028"
991. },
992. {
993. "virtual_address": "0x00077000",
994. "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE",
995. "size": "0x000024f6"
996. },
997. {
998. "virtual_address": "0x00000000",
999. "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION",
1000. "size": "0x00000000"
1001. },
1002. {
1003. "virtual_address": "0x00000000",
1004. "name": "IMAGE_DIRECTORY_ENTRY_SECURITY",
1005. "size": "0x00000000"
1006. },
1007. {
1008. "virtual_address": "0x00000000",
1009. "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC",
1010. "size": "0x00000000"
1011. },
1012. {
1013. "virtual_address": "0x00000000",
1014. "name": "IMAGE_DIRECTORY_ENTRY_DEBUG",
1015. "size": "0x00000000"
1016. },
1017. {
1018. "virtual_address": "0x00000000",
1019. "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT",
1020. "size": "0x00000000"
1021. },
1022. {
1023. "virtual_address": "0x00000000",
1024. "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR",
1025. "size": "0x00000000"
1026. },
1027. {
1028. "virtual_address": "0x00000000",
1029. "name": "IMAGE_DIRECTORY_ENTRY_TLS",
1030. "size": "0x00000000"
1031. },
1032. {
1033. "virtual_address": "0x00000000",
1034. "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG",
1035. "size": "0x00000000"
1036. },
1037. {
1038. "virtual_address": "0x00000220",
1039. "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT",
1040. "size": "0x00000020"
1041. },
1042. {
1043. "virtual_address": "0x00001000",
1044. "name": "IMAGE_DIRECTORY_ENTRY_IAT",
1045. "size": "0x000000bc"
1046. },
1047. {
1048. "virtual_address": "0x00000000",
1049. "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT",
1050. "size": "0x00000000"
1051. },
1052. {
1053. "virtual_address": "0x00000000",
1054. "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR",
1055. "size": "0x00000000"
1056. },
1057. {
1058. "virtual_address": "0x00000000",
1059. "name": "IMAGE_DIRECTORY_ENTRY_RESERVED",
1060. "size": "0x00000000"
1061. }
1062. ],
1063. "exports": [],
1064. "guest_signers": {},
1065. "imphash": "31f36d079c0768b10b5a2a77b286e009",
1066. "icon_fuzzy": null,
1067. "icon": null,
1068. "pdbpath": null,
1069. "imported_dll_count": 1,
1070. "versioninfo": []
1071. }
1072. }
1073.  
1074. [*] Resolved APIs: [
1075. "cryptbase.dll.SystemFunction036",
1076. "uxtheme.dll.ThemeInitApiHook",
1077. "user32.dll.IsProcessDPIAware",
1078. "oleaut32.dll.OleLoadPictureEx",
1079. "oleaut32.dll.DispCallFunc",
1080. "oleaut32.dll.LoadTypeLibEx",
1081. "oleaut32.dll.UnRegisterTypeLib",
1082. "oleaut32.dll.CreateTypeLib2",
1083. "oleaut32.dll.VarDateFromUdate",
1084. "oleaut32.dll.VarUdateFromDate",
1085. "oleaut32.dll.GetAltMonthNames",
1086. "oleaut32.dll.VarNumFromParseNum",
1087. "oleaut32.dll.VarParseNumFromStr",
1088. "oleaut32.dll.VarDecFromR4",
1089. "oleaut32.dll.VarDecFromR8",
1090. "oleaut32.dll.VarDecFromDate",
1091. "oleaut32.dll.VarDecFromI4",
1092. "oleaut32.dll.VarDecFromCy",
1093. "oleaut32.dll.VarR4FromDec",
1094. "oleaut32.dll.GetRecordInfoFromTypeInfo",
1095. "oleaut32.dll.GetRecordInfoFromGuids",
1096. "oleaut32.dll.SafeArrayGetRecordInfo",
1097. "oleaut32.dll.SafeArraySetRecordInfo",
1098. "oleaut32.dll.SafeArrayGetIID",
1099. "oleaut32.dll.SafeArraySetIID",
1100. "oleaut32.dll.SafeArrayCopyData",
1101. "oleaut32.dll.SafeArrayAllocDescriptorEx",
1102. "oleaut32.dll.SafeArrayCreateEx",
1103. "oleaut32.dll.VarFormat",
1104. "oleaut32.dll.VarFormatDateTime",
1105. "oleaut32.dll.VarFormatNumber",
1106. "oleaut32.dll.VarFormatPercent",
1107. "oleaut32.dll.VarFormatCurrency",
1108. "oleaut32.dll.VarWeekdayName",
1109. "oleaut32.dll.VarMonthName",
1110. "oleaut32.dll.VarAdd",
1111. "oleaut32.dll.VarAnd",
1112. "oleaut32.dll.VarCat",
1113. "oleaut32.dll.VarDiv",
1114. "oleaut32.dll.VarEqv",
1115. "oleaut32.dll.VarIdiv",
1116. "oleaut32.dll.VarImp",
1117. "oleaut32.dll.VarMod",
1118. "oleaut32.dll.VarMul",
1119. "oleaut32.dll.VarOr",
1120. "oleaut32.dll.VarPow",
1121. "oleaut32.dll.VarSub",
1122. "oleaut32.dll.VarXor",
1123. "oleaut32.dll.VarAbs",
1124. "oleaut32.dll.VarFix",
1125. "oleaut32.dll.VarInt",
1126. "oleaut32.dll.VarNeg",
1127. "oleaut32.dll.VarNot",
1128. "oleaut32.dll.VarRound",
1129. "oleaut32.dll.VarCmp",
1130. "oleaut32.dll.VarDecAdd",
1131. "oleaut32.dll.VarDecCmp",
1132. "oleaut32.dll.VarBstrCat",
1133. "oleaut32.dll.VarCyMulI4",
1134. "oleaut32.dll.VarBstrCmp",
1135. "ole32.dll.CoCreateInstanceEx",
1136. "ole32.dll.CLSIDFromProgIDEx",
1137. "sxs.dll.SxsOleAut32MapIIDOrCLSIDToTypeLibrary",
1138. "user32.dll.GetSystemMetrics",
1139. "user32.dll.MonitorFromWindow",
1140. "user32.dll.MonitorFromRect",
1141. "user32.dll.MonitorFromPoint",
1142. "user32.dll.EnumDisplayMonitors",
1143. "user32.dll.GetMonitorInfoA",
1144. "dwmapi.dll.DwmIsCompositionEnabled",
1145. "gdi32.dll.GetLayout",
1146. "gdi32.dll.GdiRealizationInfo",
1147. "gdi32.dll.FontIsLinked",
1148. "advapi32.dll.RegOpenKeyExW",
1149. "advapi32.dll.RegQueryInfoKeyW",
1150. "gdi32.dll.GetTextFaceAliasW",
1151. "advapi32.dll.RegEnumValueW",
1152. "advapi32.dll.RegCloseKey",
1153. "advapi32.dll.RegQueryValueExW",
1154. "gdi32.dll.GetFontAssocStatus",
1155. "advapi32.dll.RegQueryValueExA",
1156. "advapi32.dll.RegEnumKeyExW",
1157. "gdi32.dll.GdiIsMetaPrintDC",
1158. "ole32.dll.CoInitializeEx",
1159. "ole32.dll.CoUninitialize",
1160. "ole32.dll.CoRegisterInitializeSpy",
1161. "ole32.dll.CoRevokeInitializeSpy",
1162. "gdi32.dll.GetTextExtentExPointWPri",
1163. "kernel32.dll.NlsGetCacheUpdateCount",
1164. "kernel32.dll.GetCalendarInfoW",
1165. "kernel32.dll.GetTickCount",
1166. "kernel32.dll.Sleep",
1167. "user32.dll.GetCursorPos",
1168. "user32.dll.EnumWindows",
1169. "kernel32.dll.SetErrorMode",
1170. "kernel32.dll.SetLastError",
1171. "kernel32.dll.VirtualAllocEx",
1172. "kernel32.dll.CloseHandle",
1173. "shell32.dll.ShellExecuteW",
1174. "kernel32.dll.WriteFile",
1175. "kernel32.dll.UnmapViewOfFile",
1176. "kernel32.dll.CreateFileW",
1177. "kernel32.dll.TerminateProcess",
1178. "kernel32.dll.VirtualProtectEx",
1179. "kernel32.dll.CreateProcessInternalW",
1180. "kernel32.dll.GetTempPathW",
1181. "kernel32.dll.GetLongPathNameW",
1182. "kernel32.dll.GetFileSize",
1183. "kernel32.dll.ReadFile",
1184. "ntdll.dll.NtProtectVirtualMemory",
1185. "kernel32.dll.GetCommandLineW"
1186. ]
1187.  
1188. [*] Static Analysis: {
1189. "pe": {
1190. "peid_signatures": null,
1191. "imports": [
1192. {
1193. "imports": [
1194. {
1195. "name": null,
1196. "address": "0x401000"
1197. },
1198. {
1199. "name": null,
1200. "address": "0x401004"
1201. },
1202. {
1203. "name": null,
1204. "address": "0x401008"
1205. },
1206. {
1207. "name": "MethCallEngine",
1208. "address": "0x40100c"
1209. },
1210. {
1211. "name": null,
1212. "address": "0x401010"
1213. },
1214. {
1215. "name": null,
1216. "address": "0x401014"
1217. },
1218. {
1219. "name": null,
1220. "address": "0x401018"
1221. },
1222. {
1223. "name": null,
1224. "address": "0x40101c"
1225. },
1226. {
1227. "name": null,
1228. "address": "0x401020"
1229. },
1230. {
1231. "name": null,
1232. "address": "0x401024"
1233. },
1234. {
1235. "name": null,
1236. "address": "0x401028"
1237. },
1238. {
1239. "name": null,
1240. "address": "0x40102c"
1241. },
1242. {
1243. "name": null,
1244. "address": "0x401030"
1245. },
1246. {
1247. "name": null,
1248. "address": "0x401034"
1249. },
1250. {
1251. "name": null,
1252. "address": "0x401038"
1253. },
1254. {
1255. "name": null,
1256. "address": "0x40103c"
1257. },
1258. {
1259. "name": null,
1260. "address": "0x401040"
1261. },
1262. {
1263. "name": "EVENT_SINK_AddRef",
1264. "address": "0x401044"
1265. },
1266. {
1267. "name": null,
1268. "address": "0x401048"
1269. },
1270. {
1271. "name": null,
1272. "address": "0x40104c"
1273. },
1274. {
1275. "name": null,
1276. "address": "0x401050"
1277. },
1278. {
1279. "name": null,
1280. "address": "0x401054"
1281. },
1282. {
1283. "name": null,
1284. "address": "0x401058"
1285. },
1286. {
1287. "name": null,
1288. "address": "0x40105c"
1289. },
1290. {
1291. "name": "EVENT_SINK_Release",
1292. "address": "0x401060"
1293. },
1294. {
1295. "name": null,
1296. "address": "0x401064"
1297. },
1298. {
1299. "name": "EVENT_SINK_QueryInterface",
1300. "address": "0x401068"
1301. },
1302. {
1303. "name": "__vbaExceptHandler",
1304. "address": "0x40106c"
1305. },
1306. {
1307. "name": null,
1308. "address": "0x401070"
1309. },
1310. {
1311. "name": null,
1312. "address": "0x401074"
1313. },
1314. {
1315. "name": null,
1316. "address": "0x401078"
1317. },
1318. {
1319. "name": null,
1320. "address": "0x40107c"
1321. },
1322. {
1323. "name": null,
1324. "address": "0x401080"
1325. },
1326. {
1327. "name": null,
1328. "address": "0x401084"
1329. },
1330. {
1331. "name": null,
1332. "address": "0x401088"
1333. },
1334. {
1335. "name": null,
1336. "address": "0x40108c"
1337. },
1338. {
1339. "name": null,
1340. "address": "0x401090"
1341. },
1342. {
1343. "name": null,
1344. "address": "0x401094"
1345. },
1346. {
1347. "name": null,
1348. "address": "0x401098"
1349. },
1350. {
1351. "name": null,
1352. "address": "0x40109c"
1353. },
1354. {
1355. "name": null,
1356. "address": "0x4010a0"
1357. },
1358. {
1359. "name": null,
1360. "address": "0x4010a4"
1361. },
1362. {
1363. "name": null,
1364. "address": "0x4010a8"
1365. },
1366. {
1367. "name": null,
1368. "address": "0x4010ac"
1369. },
1370. {
1371. "name": null,
1372. "address": "0x4010b0"
1373. },
1374. {
1375. "name": null,
1376. "address": "0x4010b4"
1377. }
1378. ],
1379. "dll": "MSVBVM60.DLL"
1380. }
1381. ],
1382. "digital_signers": null,
1383. "exported_dll_name": null,
1384. "actual_checksum": "0x0007920e",
1385. "overlay": null,
1386. "imagebase": "0x00400000",
1387. "reported_checksum": "0x0007920e",
1388. "icon_hash": null,
1389. "entrypoint": "0x004011d4",
1390. "timestamp": "2000-06-05 23:33:32",
1391. "osversion": "4.0",
1392. "sections": [
1393. {
1394. "name": ".text",
1395. "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ",
1396. "virtual_address": "0x00001000",
1397. "size_of_data": "0x00070000",
1398. "entropy": "7.35",
1399. "raw_address": "0x00001000",
1400. "virtual_size": "0x0006f7c4",
1401. "characteristics_raw": "0x60000020"
1402. },
1403. {
1404. "name": ".data",
1405. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
1406. "virtual_address": "0x00071000",
1407. "size_of_data": "0x00000000",
1408. "entropy": "0.00",
1409. "raw_address": "0x00000000",
1410. "virtual_size": "0x00005430",
1411. "characteristics_raw": "0xc0000040"
1412. },
1413. {
1414. "name": ".rsrc",
1415. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ",
1416. "virtual_address": "0x00077000",
1417. "size_of_data": "0x00003000",
1418. "entropy": "3.68",
1419. "raw_address": "0x00071000",
1420. "virtual_size": "0x000024f6",
1421. "characteristics_raw": "0x40000040"
1422. }
1423. ],
1424. "resources": [],
1425. "dirents": [
1426. {
1427. "virtual_address": "0x00000000",
1428. "name": "IMAGE_DIRECTORY_ENTRY_EXPORT",
1429. "size": "0x00000000"
1430. },
1431. {
1432. "virtual_address": "0x00070664",
1433. "name": "IMAGE_DIRECTORY_ENTRY_IMPORT",
1434. "size": "0x00000028"
1435. },
1436. {
1437. "virtual_address": "0x00077000",
1438. "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE",
1439. "size": "0x000024f6"
1440. },
1441. {
1442. "virtual_address": "0x00000000",
1443. "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION",
1444. "size": "0x00000000"
1445. },
1446. {
1447. "virtual_address": "0x00000000",
1448. "name": "IMAGE_DIRECTORY_ENTRY_SECURITY",
1449. "size": "0x00000000"
1450. },
1451. {
1452. "virtual_address": "0x00000000",
1453. "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC",
1454. "size": "0x00000000"
1455. },
1456. {
1457. "virtual_address": "0x00000000",
1458. "name": "IMAGE_DIRECTORY_ENTRY_DEBUG",
1459. "size": "0x00000000"
1460. },
1461. {
1462. "virtual_address": "0x00000000",
1463. "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT",
1464. "size": "0x00000000"
1465. },
1466. {
1467. "virtual_address": "0x00000000",
1468. "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR",
1469. "size": "0x00000000"
1470. },
1471. {
1472. "virtual_address": "0x00000000",
1473. "name": "IMAGE_DIRECTORY_ENTRY_TLS",
1474. "size": "0x00000000"
1475. },
1476. {
1477. "virtual_address": "0x00000000",
1478. "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG",
1479. "size": "0x00000000"
1480. },
1481. {
1482. "virtual_address": "0x00000220",
1483. "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT",
1484. "size": "0x00000020"
1485. },
1486. {
1487. "virtual_address": "0x00001000",
1488. "name": "IMAGE_DIRECTORY_ENTRY_IAT",
1489. "size": "0x000000bc"
1490. },
1491. {
1492. "virtual_address": "0x00000000",
1493. "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT",
1494. "size": "0x00000000"
1495. },
1496. {
1497. "virtual_address": "0x00000000",
1498. "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR",
1499. "size": "0x00000000"
1500. },
1501. {
1502. "virtual_address": "0x00000000",
1503. "name": "IMAGE_DIRECTORY_ENTRY_RESERVED",
1504. "size": "0x00000000"
1505. }
1506. ],
1507. "exports": [],
1508. "guest_signers": {},
1509. "imphash": "31f36d079c0768b10b5a2a77b286e009",
1510. "icon_fuzzy": null,
1511. "icon": null,
1512. "pdbpath": null,
1513. "imported_dll_count": 1,
1514. "versioninfo": []
1515. }
1516. }