494 строки
17 KiB
JSON
494 строки
17 KiB
JSON
[
|
|
{
|
|
"fileQualifier":"-7364030719992865801",
|
|
"lastEventDisplayName":"Microsoft OneDriveFile Co-Authoring Executable (FileCoAuth.exe)",
|
|
"hash":"SHA1##420BE0941CEB6B0781A93D6ED81B1C80E733A5FF",
|
|
"publisher":"Microsoft Corporation",
|
|
"totalEvents":7,
|
|
"applicationType":"Executable",
|
|
"eventType":"Launch",
|
|
"lastEventSourceType":"Updater",
|
|
"lastEventSourceName":"Updater (Windows Update)",
|
|
"lastEventDate":"2022-03-10T13:32:03.206Z",
|
|
"lastEventUserName":"DESKTOP-S4J3FEM\\User1",
|
|
"lastEventJustification":"",
|
|
"threatDetectionAction":"",
|
|
"lastEventFileName":"FileCoAuth.exe",
|
|
"affectedComputers":1,
|
|
"affectedUsers":1,
|
|
"firstEventDate":"2022-03-10T12:32:02.642Z",
|
|
"firstEventUserName":"DESKTOP-S4J3FEM\\User1",
|
|
"fileSize":921504,
|
|
"CLSID":"",
|
|
"mimeType":"",
|
|
"url":"",
|
|
"appPackageDisplayName":"",
|
|
"agentId":"f67fa0d1-300a-45c0-b199-8d74821efd29",
|
|
"fileLocation":"",
|
|
"skippedCount":0,
|
|
"skipped":false,
|
|
"aggregatedBy":"420BE0941CEB6B0781A93D6ED81B1C80E733A5FF,2048",
|
|
"deceptionType":0,
|
|
"defenceActionId":0,
|
|
"lastAgentId":"f67fa0d1-300a-45c0-b199-8d74821efd29",
|
|
"event_type":"aggregated_events"
|
|
},
|
|
{
|
|
"policyName":"",
|
|
"hash":"420BE0941CEB6B0781A93D6ED81B1C80E733A5FF",
|
|
"publisher":"Microsoft Corporation",
|
|
"eventType":"Launch",
|
|
"sourceType":"Updater",
|
|
"sourceName":"Updater (Windows Update)",
|
|
"lastEventDate":"2022-03-10T13:32:03.206Z",
|
|
"firstEventDate":"2022-03-10T13:32:03.206Z",
|
|
"userName":"DESKTOP-S4J3FEM\\Adam",
|
|
"justification":"",
|
|
"fileName":"FileCoAuth.exe",
|
|
"originalFileName":"FileCoAuth.exe",
|
|
"fileSize":921504,
|
|
"threatProtectionAction":"ALL",
|
|
"packageName":"Microsoft OneDrive (OneDriveSetup.exe)",
|
|
"company":"Microsoft Corporation",
|
|
"filePath":"C:\\Users\\Adam\\AppData\\Local\\Microsoft\\OneDrive\\22.033.0213.0002\\FileCoAuth.exe",
|
|
"fileDescription":"Microsoft OneDriveFile Co-Authoring Executable",
|
|
"productName":"Microsoft OneDrive",
|
|
"productVersion":"22.33.213.2",
|
|
"bundleName":"",
|
|
"bundleVersion":"",
|
|
"bundleId":"",
|
|
"applicationSubType":"",
|
|
"fileVersion":"22.33.213.2",
|
|
"modificationTime":"2022-03-09T06:15:26.532Z",
|
|
"userIsAdmin":false,
|
|
"agentEventCount":1,
|
|
"skippedCount":0,
|
|
"accessAction":"false",
|
|
"accessTargetType":"Internet",
|
|
"accessTargetName":"",
|
|
"processCommandLine":"c32a0705-29bf-4a19-9e54-51495acc9b2f",
|
|
"sourceProcessCommandLine":"",
|
|
"sourceProcessUsername":"",
|
|
"sourceProcessHash":"",
|
|
"sourceProcessPublisher":"",
|
|
"sourceProcessSigner":"",
|
|
"displayName":"Microsoft OneDriveFile Co-Authoring Executable (FileCoAuth.exe)",
|
|
"evidences":"",
|
|
"owner":"DESKTOP-S4J3FEM\\User1",
|
|
"deceptionType":0,
|
|
"lureUser":"",
|
|
"sourceWSName":"",
|
|
"fatherProcess":"",
|
|
"sourceWSIp":"",
|
|
"winEventType":0,
|
|
"winEventRecordId":0,
|
|
"logonAttemptTypeId":0,
|
|
"logonStatusId":0,
|
|
"agentId":"f67fa0d1-300a-45c0-b199-8d74821efd29",
|
|
"event_type":"raw_event"
|
|
},
|
|
{
|
|
"policyName":"",
|
|
"hash":"420BE0941CEB6B0781A93D6ED81B1C80E733A5FF",
|
|
"publisher":"Microsoft Corporation",
|
|
"eventType":"Launch",
|
|
"sourceType":"Updater",
|
|
"sourceName":"Updater (Windows Update)",
|
|
"lastEventDate":"2022-03-10T13:22:03.096Z",
|
|
"firstEventDate":"2022-03-10T13:22:03.096Z",
|
|
"userName":"DESKTOP-S4J3FEM\\User1",
|
|
"justification":"",
|
|
"fileName":"FileCoAuth.exe",
|
|
"originalFileName":"FileCoAuth.exe",
|
|
"fileSize":921504,
|
|
"threatProtectionAction":"ALL",
|
|
"packageName":"Microsoft OneDrive (OneDriveSetup.exe)",
|
|
"company":"Microsoft Corporation",
|
|
"filePath":"C:\\Users\\Adam\\AppData\\Local\\Microsoft\\OneDrive\\22.033.0213.0002\\FileCoAuth.exe",
|
|
"fileDescription":"Microsoft OneDriveFile Co-Authoring Executable",
|
|
"productName":"Microsoft OneDrive",
|
|
"productVersion":"22.33.213.2",
|
|
"bundleName":"",
|
|
"bundleVersion":"",
|
|
"bundleId":"",
|
|
"applicationSubType":"",
|
|
"fileVersion":"22.33.213.2",
|
|
"modificationTime":"2022-03-09T06:15:26.532Z",
|
|
"userIsAdmin":false,
|
|
"agentEventCount":1,
|
|
"skippedCount":0,
|
|
"accessAction":"false",
|
|
"accessTargetType":"Internet",
|
|
"accessTargetName":"",
|
|
"processCommandLine":"7959afaa-637e-40da-8c14-8a259b288a8d",
|
|
"sourceProcessCommandLine":"",
|
|
"sourceProcessUsername":"",
|
|
"sourceProcessHash":"",
|
|
"sourceProcessPublisher":"",
|
|
"sourceProcessSigner":"",
|
|
"displayName":"Microsoft OneDriveFile Co-Authoring Executable (FileCoAuth.exe)",
|
|
"evidences":"",
|
|
"owner":"DESKTOP-S4J3FEM\\Adam",
|
|
"deceptionType":0,
|
|
"lureUser":"",
|
|
"sourceWSName":"",
|
|
"fatherProcess":"",
|
|
"sourceWSIp":"",
|
|
"winEventType":0,
|
|
"winEventRecordId":0,
|
|
"logonAttemptTypeId":0,
|
|
"logonStatusId":0,
|
|
"agentId":"f67fa0d1-300a-45c0-b199-8d74821efd29",
|
|
"event_type":"raw_event"
|
|
},
|
|
{
|
|
"policyName":"",
|
|
"hash":"420BE0941CEB6B0781A93D6ED81B1C80E733A5FF",
|
|
"publisher":"Microsoft Corporation",
|
|
"eventType":"Launch",
|
|
"sourceType":"Updater",
|
|
"sourceName":"Updater (Windows Update)",
|
|
"lastEventDate":"2022-03-10T13:12:03.007Z",
|
|
"firstEventDate":"2022-03-10T13:12:03.007Z",
|
|
"userName":"DESKTOP-S4J3FEM\\User1",
|
|
"justification":"",
|
|
"fileName":"FileCoAuth.exe",
|
|
"originalFileName":"FileCoAuth.exe",
|
|
"fileSize":921504,
|
|
"threatProtectionAction":"ALL",
|
|
"packageName":"Microsoft OneDrive (OneDriveSetup.exe)",
|
|
"company":"Microsoft Corporation",
|
|
"filePath":"C:\\Users\\Adam\\AppData\\Local\\Microsoft\\OneDrive\\22.033.0213.0002\\FileCoAuth.exe",
|
|
"fileDescription":"Microsoft OneDriveFile Co-Authoring Executable",
|
|
"productName":"Microsoft OneDrive",
|
|
"productVersion":"22.33.213.2",
|
|
"bundleName":"",
|
|
"bundleVersion":"",
|
|
"bundleId":"",
|
|
"applicationSubType":"",
|
|
"fileVersion":"22.33.213.2",
|
|
"modificationTime":"2022-03-09T06:15:26.532Z",
|
|
"userIsAdmin":false,
|
|
"agentEventCount":1,
|
|
"skippedCount":0,
|
|
"accessAction":"false",
|
|
"accessTargetType":"Internet",
|
|
"accessTargetName":"",
|
|
"processCommandLine":"4cd5082e-0bbd-43b0-a356-208020602327",
|
|
"sourceProcessCommandLine":"",
|
|
"sourceProcessUsername":"",
|
|
"sourceProcessHash":"",
|
|
"sourceProcessPublisher":"",
|
|
"sourceProcessSigner":"",
|
|
"displayName":"Microsoft OneDriveFile Co-Authoring Executable (FileCoAuth.exe)",
|
|
"evidences":"",
|
|
"owner":"DESKTOP-S4J3FEM\\User1",
|
|
"deceptionType":0,
|
|
"lureUser":"",
|
|
"sourceWSName":"",
|
|
"fatherProcess":"",
|
|
"sourceWSIp":"",
|
|
"winEventType":0,
|
|
"winEventRecordId":0,
|
|
"logonAttemptTypeId":0,
|
|
"logonStatusId":0,
|
|
"agentId":"f67fa0d1-300a-45c0-b199-8d74821efd29",
|
|
"event_type":"raw_event"
|
|
},
|
|
{
|
|
"policyName":"",
|
|
"hash":"420BE0941CEB6B0781A93D6ED81B1C80E733A5FF",
|
|
"publisher":"Microsoft Corporation",
|
|
"eventType":"Launch",
|
|
"sourceType":"Updater",
|
|
"sourceName":"Updater (Windows Update)",
|
|
"lastEventDate":"2022-03-10T13:02:02.918Z",
|
|
"firstEventDate":"2022-03-10T13:02:02.918Z",
|
|
"userName":"DESKTOP-S4J3FEM\\User1",
|
|
"justification":"",
|
|
"fileName":"FileCoAuth.exe",
|
|
"originalFileName":"FileCoAuth.exe",
|
|
"fileSize":921504,
|
|
"threatProtectionAction":"ALL",
|
|
"packageName":"Microsoft OneDrive (OneDriveSetup.exe)",
|
|
"company":"Microsoft Corporation",
|
|
"filePath":"C:\\Users\\User1\\AppData\\Local\\Microsoft\\OneDrive\\22.033.0213.0002\\FileCoAuth.exe",
|
|
"fileDescription":"Microsoft OneDriveFile Co-Authoring Executable",
|
|
"productName":"Microsoft OneDrive",
|
|
"productVersion":"22.33.213.2",
|
|
"bundleName":"",
|
|
"bundleVersion":"",
|
|
"bundleId":"",
|
|
"applicationSubType":"",
|
|
"fileVersion":"22.33.213.2",
|
|
"modificationTime":"2022-03-09T06:15:26.532Z",
|
|
"userIsAdmin":false,
|
|
"agentEventCount":1,
|
|
"skippedCount":0,
|
|
"accessAction":"false",
|
|
"accessTargetType":"Internet",
|
|
"accessTargetName":"",
|
|
"processCommandLine":"-Embedding",
|
|
"sourceProcessCommandLine":"",
|
|
"sourceProcessUsername":"",
|
|
"sourceProcessHash":"",
|
|
"sourceProcessPublisher":"",
|
|
"sourceProcessSigner":"",
|
|
"displayName":"Microsoft OneDriveFile Co-Authoring Executable (FileCoAuth.exe)",
|
|
"evidences":"",
|
|
"owner":"DESKTOP-S4J3FEM\\User1",
|
|
"deceptionType":0,
|
|
"lureUser":"",
|
|
"sourceWSName":"",
|
|
"fatherProcess":"",
|
|
"sourceWSIp":"",
|
|
"winEventType":0,
|
|
"winEventRecordId":0,
|
|
"logonAttemptTypeId":0,
|
|
"logonStatusId":0,
|
|
"agentId":"f67fa0d1-300a-45c0-b199-8d74821efd29",
|
|
"event_type":"raw_event"
|
|
},
|
|
{
|
|
"policyName":"",
|
|
"hash":"420BE0941CEB6B0781A93D6ED81B1C80E733A5FF",
|
|
"publisher":"Microsoft Corporation",
|
|
"eventType":"Launch",
|
|
"sourceType":"Updater",
|
|
"sourceName":"Updater (Windows Update)",
|
|
"lastEventDate":"2022-03-10T12:52:02.77Z",
|
|
"firstEventDate":"2022-03-10T12:52:02.77Z",
|
|
"userName":"DESKTOP-S4J3FEM\\Adam",
|
|
"justification":"",
|
|
"fileName":"FileCoAuth.exe",
|
|
"originalFileName":"FileCoAuth.exe",
|
|
"fileSize":921504,
|
|
"threatProtectionAction":"ALL",
|
|
"packageName":"Microsoft OneDrive (OneDriveSetup.exe)",
|
|
"company":"Microsoft Corporation",
|
|
"filePath":"C:\\Users\\Adam\\AppData\\Local\\Microsoft\\OneDrive\\22.033.0213.0002\\FileCoAuth.exe",
|
|
"fileDescription":"Microsoft OneDriveFile Co-Authoring Executable",
|
|
"productName":"Microsoft OneDrive",
|
|
"productVersion":"22.33.213.2",
|
|
"bundleName":"",
|
|
"bundleVersion":"",
|
|
"bundleId":"",
|
|
"applicationSubType":"",
|
|
"fileVersion":"22.33.213.2",
|
|
"modificationTime":"2022-03-09T06:15:26.532Z",
|
|
"userIsAdmin":false,
|
|
"agentEventCount":1,
|
|
"skippedCount":0,
|
|
"accessAction":"false",
|
|
"accessTargetType":"Internet",
|
|
"accessTargetName":"",
|
|
"processCommandLine":"-Embedding",
|
|
"sourceProcessCommandLine":"",
|
|
"sourceProcessUsername":"",
|
|
"sourceProcessHash":"",
|
|
"sourceProcessPublisher":"",
|
|
"sourceProcessSigner":"",
|
|
"displayName":"Microsoft OneDriveFile Co-Authoring Executable (FileCoAuth.exe)",
|
|
"evidences":"",
|
|
"owner":"DESKTOP-S4J3FEM\\User1",
|
|
"deceptionType":0,
|
|
"lureUser":"",
|
|
"sourceWSName":"",
|
|
"fatherProcess":"",
|
|
"sourceWSIp":"",
|
|
"winEventType":0,
|
|
"winEventRecordId":0,
|
|
"logonAttemptTypeId":0,
|
|
"logonStatusId":0,
|
|
"agentId":"f67fa0d1-300a-45c0-b199-8d74821efd29",
|
|
"event_type":"raw_event"
|
|
},
|
|
{
|
|
"policyName":"",
|
|
"hash":"420BE0941CEB6B0781A93D6ED81B1C80E733A5FF",
|
|
"publisher":"Microsoft Corporation",
|
|
"eventType":"Launch",
|
|
"sourceType":"Updater",
|
|
"sourceName":"Updater (Windows Update)",
|
|
"lastEventDate":"2022-03-10T12:42:02.745Z",
|
|
"firstEventDate":"2022-03-10T12:42:02.745Z",
|
|
"userName":"DESKTOP-S4J3FEM\\User1",
|
|
"justification":"",
|
|
"fileName":"FileCoAuth.exe",
|
|
"originalFileName":"FileCoAuth.exe",
|
|
"fileSize":921504,
|
|
"threatProtectionAction":"ALL",
|
|
"packageName":"Microsoft OneDrive (OneDriveSetup.exe)",
|
|
"company":"Microsoft Corporation",
|
|
"filePath":"C:\\Users\\User1\\AppData\\Local\\Microsoft\\OneDrive\\22.033.0213.0002\\FileCoAuth.exe",
|
|
"fileDescription":"Microsoft OneDriveFile Co-Authoring Executable",
|
|
"productName":"Microsoft OneDrive",
|
|
"productVersion":"22.33.213.2",
|
|
"bundleName":"",
|
|
"bundleVersion":"",
|
|
"bundleId":"",
|
|
"applicationSubType":"",
|
|
"fileVersion":"22.33.213.2",
|
|
"modificationTime":"2022-03-09T06:15:26.532Z",
|
|
"userIsAdmin":false,
|
|
"agentEventCount":1,
|
|
"skippedCount":0,
|
|
"accessAction":"false",
|
|
"accessTargetType":"Internet",
|
|
"accessTargetName":"",
|
|
"processCommandLine":"-Embedding",
|
|
"sourceProcessCommandLine":"",
|
|
"sourceProcessUsername":"",
|
|
"sourceProcessHash":"",
|
|
"sourceProcessPublisher":"",
|
|
"sourceProcessSigner":"",
|
|
"displayName":"Microsoft OneDriveFile Co-Authoring Executable (FileCoAuth.exe)",
|
|
"evidences":"",
|
|
"owner":"DESKTOP-S4J3FEM\\User1",
|
|
"deceptionType":0,
|
|
"lureUser":"",
|
|
"sourceWSName":"",
|
|
"fatherProcess":"",
|
|
"sourceWSIp":"",
|
|
"winEventType":0,
|
|
"winEventRecordId":0,
|
|
"logonAttemptTypeId":0,
|
|
"logonStatusId":0,
|
|
"agentId":"f67fa0d1-300a-45c0-b199-8d74821efd29",
|
|
"event_type":"raw_event"
|
|
},
|
|
{
|
|
"policyName":"",
|
|
"hash":"420BE0941CEB6B0781A93D6ED81B1C80E733A5FF",
|
|
"publisher":"Microsoft Corporation",
|
|
"eventType":"Launch",
|
|
"sourceType":"Updater",
|
|
"sourceName":"Updater (Windows Update)",
|
|
"lastEventDate":"2022-03-10T12:32:02.642Z",
|
|
"firstEventDate":"2022-03-10T12:32:02.642Z",
|
|
"userName":"DESKTOP-S4J3FEM\\User1",
|
|
"justification":"",
|
|
"fileName":"FileCoAuth.exe",
|
|
"originalFileName":"FileCoAuth.exe",
|
|
"fileSize":921504,
|
|
"threatProtectionAction":"ALL",
|
|
"packageName":"Microsoft OneDrive (OneDriveSetup.exe)",
|
|
"company":"Microsoft Corporation",
|
|
"filePath":"C:\\Users\\Adam\\AppData\\Local\\Microsoft\\OneDrive\\22.033.0213.0002\\FileCoAuth.exe",
|
|
"fileDescription":"Microsoft OneDriveFile Co-Authoring Executable",
|
|
"productName":"Microsoft OneDrive",
|
|
"productVersion":"22.33.213.2",
|
|
"bundleName":"",
|
|
"bundleVersion":"",
|
|
"bundleId":"",
|
|
"applicationSubType":"",
|
|
"fileVersion":"22.33.213.2",
|
|
"modificationTime":"2022-03-09T06:15:26.532Z",
|
|
"userIsAdmin":false,
|
|
"agentEventCount":1,
|
|
"skippedCount":0,
|
|
"accessAction":"false",
|
|
"accessTargetType":"Internet",
|
|
"accessTargetName":"",
|
|
"processCommandLine":"-Embedding",
|
|
"sourceProcessCommandLine":"",
|
|
"sourceProcessUsername":"",
|
|
"sourceProcessHash":"",
|
|
"sourceProcessPublisher":"",
|
|
"sourceProcessSigner":"",
|
|
"displayName":"Microsoft OneDriveFile Co-Authoring Executable (FileCoAuth.exe)",
|
|
"evidences":"",
|
|
"owner":"DESKTOP-S4J3FEM\\User1",
|
|
"deceptionType":0,
|
|
"lureUser":"",
|
|
"sourceWSName":"",
|
|
"fatherProcess":"",
|
|
"sourceWSIp":"",
|
|
"winEventType":0,
|
|
"winEventRecordId":0,
|
|
"logonAttemptTypeId":0,
|
|
"logonStatusId":0,
|
|
"agentId":"f67fa0d1-300a-45c0-b199-8d74821efd29",
|
|
"event_type":"raw_event"
|
|
},
|
|
{
|
|
"fileQualifier":"-7888190047813311883",
|
|
"lastEventDisplayName":"Torrent (uTorrent.exe)",
|
|
"hash":"SHA1##6EFF8FAFE38C4AC165695A0DF780DFB3BA7C9102",
|
|
"publisher":"BitTorrent, Inc.",
|
|
"totalEvents":1,
|
|
"applicationType":"Executable",
|
|
"eventType":"StartElevated",
|
|
"lastEventSourceType":"NetworkShare",
|
|
"lastEventSourceName":"\\\\vmware-host\\Shared Folders\\Desktop\\uTorrent.exe",
|
|
"lastEventDate":"2022-03-17T08:55:59.837Z",
|
|
"firstEventDate":"2022-03-17T08:55:59.837Z",
|
|
"lastEventUserName":"DESKTOP-S4J3FEM\\User1",
|
|
"lastEventJustification":"",
|
|
"policyId":7938,
|
|
"policyName":"Video Demo",
|
|
"threatDetectionAction":"",
|
|
"lastEventFileName":"uTorrent.exe",
|
|
"affectedComputers":1,
|
|
"affectedUsers":1,
|
|
"exposedUsers":"",
|
|
"firstEventUserName":"host\\b",
|
|
"fileSize":5298648,
|
|
"CLSID":"",
|
|
"mimeType":"",
|
|
"adminTaskId":"",
|
|
"url":"",
|
|
"appPackageDisplayName":"",
|
|
"agentId":"",
|
|
"fileLocation":"\\\\vmware-host\\Shared Folders\\Desktop\\",
|
|
"skippedCount":0,
|
|
"skipped":false,
|
|
"deceptionType":0,
|
|
"aggregatedBy":"6EFF8FAFE38C4AC165695A0DF780DFB3BA7C9102,Video Demo",
|
|
"defenceActionId":0,
|
|
"set_name":"My Set(cyberark_7)",
|
|
"event_type":"aggregated_policy_audits"
|
|
},
|
|
{
|
|
"hash":"6EFF8FAFE38C4AC165695A0DF780DFB3BA7C9102",
|
|
"publisher":"BitTorrent, Inc.",
|
|
"eventType":"StartElevated",
|
|
"sourceType":"NetworkShare",
|
|
"sourceName":"\\\\vmware-host\\Shared Folders\\Desktop\\uTorrent.exe",
|
|
"lastEventDate":"2022-03-17T08:55:59.837Z",
|
|
"userName":"host\\a",
|
|
"fileName":"uTorrent.exe",
|
|
"fileSize":5298648,
|
|
"fileDescription":"Torrent",
|
|
"packageName":"Torrent (uTorrent.exe)",
|
|
"company":"BitTorrent Inc.",
|
|
"filePath":"\\\\vmware-host\\Shared Folders\\Desktop\\uTorrent.exe",
|
|
"firstEventDate":"2022-03-17T08:55:59.837Z",
|
|
"productName":"Torrent",
|
|
"productVersion":"3.5.5.46036",
|
|
"bundleName":"",
|
|
"bundleVersion":"",
|
|
"fileVersion":"3.5.5.46036",
|
|
"modificationTime":"2021-07-26T13:22:48Z",
|
|
"userIsAdmin":false,
|
|
"agentEventCount":1,
|
|
"skippedCount":0,
|
|
"workingDirectory":"",
|
|
"runAsUsername":"",
|
|
"originUserUID":"",
|
|
"interpreter":"",
|
|
"fileAccessPermission":"",
|
|
"commandInfo":"",
|
|
"arguments":"",
|
|
"justification":"",
|
|
"justificationEmail":"",
|
|
"displayName":"Torrent (uTorrent.exe)",
|
|
"originalFileName":"uTorrent.exe",
|
|
"owner":"Everyone",
|
|
"policyName":"Video Demo",
|
|
"fileQualifier":"-7888190047813311883",
|
|
"agentId":"f67fa0d1-300a-45c0-b199-8d74821efd29",
|
|
"set_name":"My Set(cyberark_7)",
|
|
"event_type":"policy_audit_raw_event_details"
|
|
}
|
|
] |