top title background image
flash

60MLnq8Uma.exe

Status: finished
Submission Time: 2022-08-05 14:31:06 +02:00
Malicious
Trojan
Spyware
Evader
RedLine, Vidar

Comments

Tags

  • exe
  • RecordBreaker

Details

  • Analysis ID:
    679285
  • API (Web) ID:
    1046791
  • Analysis Started:
    2022-08-05 14:31:06 +02:00
  • Analysis Finished:
    2022-08-05 14:44:42 +02:00
  • MD5:
    ffba715730cdb446fa832c8fcaa4f783
  • SHA1:
    c15cccf1ba94a7e67e615bf4f94d1266fc9d3c7b
  • SHA256:
    7fd0c18e417e77f1b4019024738211632265864ea3acf9f985eea6c0c75ba3ba
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
malicious
Score: 76
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious
Score: 43/71
malicious
Score: 11/21
malicious
Score: 18/26
malicious
malicious

IPs

IP Country Detection
31.41.244.134
Russian Federation
103.89.90.61
Viet Nam
142.250.185.205
United States
Click to see the 4 hidden entries
239.255.255.250
Reserved
148.251.234.83
Germany
142.250.186.110
United States
45.159.248.53
Russian Federation

Domains

Name IP Detection
accounts.google.com
142.250.185.205
iplogger.org
148.251.234.83
clients.l.google.com
142.250.186.110
Click to see the 1 hidden entries
clients2.google.com
0.0.0.0

URLs

Name Detection
http://45.159.248.53:80/6925953557.zip
http://146.19.247.187:80
http://45.159.248.53/1571
Click to see the 97 hidden entries
http://45.159.248.53/6925953557.zip
http://62.204.41.126:80
http://45.159.248.53/
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
https://iplogger.org/1AbtZ4
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/SCT
https://accounts.google.com/MergeSession
https://iplogger.org/1AbtZ4
http://schemas.xmlsoap.org/ws/2004/10/wsat/Rollback
http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
https://play.google.com
http://schemas.xmlsoap.org/ws/2004/04/security/trust/Nonce
https://www.google.com/images/cleardot.gif
http://www.borland.com/namespaces/Typeslhttp://www.borland.com/namespaces/Types-IAppServerSOAPU
https://iplogger.org/1nfDK4
https://iplogger.org/1RCgX4
http://tempuri.org/Entity/Id8Response
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
http://tempuri.org/Entity/Id10Response
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
http://schemas.xmlsoap.org/ws/2004/08/addressing/faultD
https://iplogger.org/1nfDK4$
http://tempuri.org/Entity/Id5Response
http://schemas.xmlsoap.org/ws/2004/10/wsat/Committed
https://iplogger.org/1AbtZ42
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
https://iplogger.org/1A4aK4l9i
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT
http://schemas.xmlsoap.org/ws/2005/02/rm/SequenceAcknowledgement
https://iplogger.org/1A4aK4
https://www.google.com/intl/en-US/chrome/blank.html
http://tempuri.org/Entity/Id19ResponseX
http://schemas.xmlsoap.org/ws/2004/04/security/sc/sct
http://schemas.xmlsoap.org/ws/2005/05/identity/right/possessproperty
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1
http://schemas.xmlsoap.org/ws/2005/02/trust/CK/PSHA1
http://schemas.xmlsoap.org/ws/2004/06/addressingex
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentif
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
https://apis.google.com
http://tempuri.org/Entity/Id13Response
http://www.company.com/83886080NewProduct000100NewProduct1NewProduct
https://iplogger.org/1RLtX4
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#GSS_Kerberosv5_AP_REQ1510
https://iplogger.org/1nfDK41nfDK4
http://www.borland.com/namespaces/Types
http://schemas.xmlsoap.org/ws/2005/02/rm/CreateSequenceResponse
http://ns.adp/1.0/
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
http://tempuri.org/Entity/Id15Response
http://schemas.xmlsoap.org/ws/2004/10/wsat
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
https://iplogger.org/1nfDK4
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
http://tempuri.org/Entity/Id21Response
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
http://tempuri.org/Entity/Id2Response
http://tempuri.org/
https://iplogger.org/1RyX
http://tempuri.org/Entity/Id12Response
http://schemas.xmlsoap.org/soap/encoding/Nhttp://www.borland.com/namespaces/Types
http://schemas.xmlsoap.org/ws/2004/08/addressing/faultL
https://duckduckgo.com/ac/?q=
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
https://duckduckgo.com/chrome_newtab
http://iptc.org/mpCore
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
https://iplogger.org/1RCgX41RCgX4
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
https://iplogger.org/1nfDK42
http://schemas.xmlsoap.org/ws/2004/08/addressing
https://www.google.com/images/dot2.gif
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
http://tempuri.org/Entity/Id24Response
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
https://iplogger.org/1RyjC4h
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
https://payments.google.com/payments/v4/js/integrator.js
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
https://iplogger.org/favicon.ico
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
https://api.ip.sb/ip
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
https://iplogger.org/1AbtZ41AbtZ4
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name

Dropped files

Name File Type Hashes Detection
C:\Program Files (x86)\Company\NewProduct\F0geI.exe
PE32 executable (GUI) Intel 80386, for MS Windows
#
C:\Program Files (x86)\Company\NewProduct\EU1.exe
PE32 executable (GUI) Intel 80386, for MS Windows
#
C:\Program Files (x86)\Company\NewProduct\namdoitntn.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
#
Click to see the 97 hidden entries
C:\Program Files (x86)\Company\NewProduct\real.exe
PE32 executable (GUI) Intel 80386, for MS Windows
#
C:\Program Files (x86)\Company\NewProduct\safert44.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Program Files (x86)\Company\NewProduct\tag.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
#
C:\Users\user\AppData\Local\Temp\9ce2c081-ed62-4e54-b4c8-404a75fc7f69.tmp
Google Chrome extension, version 3
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\9ce2c081-ed62-4e54-b4c8-404a75fc7f69.tmp
Google Chrome extension, version 3
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
#
C:\Users\user\AppData\Local\Temp\9ac1684a-48e9-49ef-8030-02cea745830e.tmp
very short file (no magic)
#
C:\Users\user\AppData\Local\Temp\$inst\temp_0.tmp
Microsoft Cabinet archive data, 1084240 bytes, 7 files
#
C:\Users\user\AppData\Local\Temp\$inst\2.tmp
Microsoft Cabinet archive data, 36 bytes
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\fda3767a-bb30-400c-b392-1eb51b1d35b6.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\e45259ab-59f6-4d21-b3df-710a48fac05e.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\ce586d77-b73c-4f39-8b26-c00b1e0544cb.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\cb839613-54b8-40b8-a9e5-181fa0a089af.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\a1c21be2-3f7e-4ce9-af3f-d6c45b400477.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Temp\scoped_dir1784_479546164\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\3d0b4a09-0ea0-445d-979e-95d01c809cfa.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\61b8fc2f-e6ed-4e9f-a73e-418a0950becd.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\593eaa24-9c64-4634-9276-c4ca38d0eae2.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\46387c62-1759-465e-998e-44fa67789dca.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2df3f161-7f80-4040-9a36-005849ce9e57.tmp
very short file (no magic)
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\96e05b14-3e55-434f-8904-ee6a66a6a64d.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\8e34bad8-603a-4c88-930b-48c5ce583757.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\80986aba-20d7-46e0-86f7-6dd4b58d5aaf.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\6e6f1448-06ab-4b27-bdad-c4c8d4500c57.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\6daaacbe-b370-46c7-87f8-c7f196b1977e.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\4e3337f0-37c9-4136-88af-974b90f81ea7.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\67a32282-3c1b-46c4-8a8b-0b85cb21452a.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\351e5334-e592-4ede-97d9-72191b9ceb41.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\1925729d-0389-41a9-9ee6-665214ef1409.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\0a99ed2f-57cc-4cb9-aff7-f5c67410bafa.tmp
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\04db8cd5-560b-4ddd-9345-5f35bee7d2f8.tmp
ASCII text, with very long lines, with no line terminators
#
C:\ProgramData\99789809357306738804327095
SQLite 3.x database, last written using SQLite version 3032001
#
C:\ProgramData\90086746497565308377612473
SQLite 3.x database, last written using SQLite version 3032001
#
C:\ProgramData\72400542610335650885395152
SQLite 3.x database, last written using SQLite version 3032001
#
C:\ProgramData\55545951388730196135639946
SQLite 3.x database, last written using SQLite version 3032001
#
C:\ProgramData\18246142217425895483101212
SQLite 3.x database, last written using SQLite version 3032001
#
C:\ProgramData\15433399600983392635192229
SQLite 3.x database, last written using SQLite version 3032001
#
C:\Program Files (x86)\Company\NewProduct\kukurzka9000.exe
PE32 executable (GUI) Intel 80386, for MS Windows
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f6d1da51-075d-45a0-b166-cd5611b02429.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\de82924b-1435-42d7-9d5b-2c20f8aeda2e.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\dcc02c56-ea64-4e37-8310-a897f0744c87.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d5225633-432b-4836-af8b-188aa8b508bc.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d15f57f4-5125-409b-bc3c-10154bb64cf7.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ae1d6384-ba1b-41c7-96bd-c30f69ddc406.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\1d2c5aa3-a93c-4034-bc71-bc598f127bfa.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\GrShaderCache\GPUCache\data_1
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\439054b4-2b61-458e-92b9-a5858bf42fae.tmp
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
#
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
#