Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://drive.google.com/file/d/10ZEpdChPT9jwCFiJw9hXOEY8dOss8aoQ/view?usp=drive_web

Overview

General Information

Sample URL:https://drive.google.com/file/d/10ZEpdChPT9jwCFiJw9hXOEY8dOss8aoQ/view?usp=drive_web
Analysis ID:1417201

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 812 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://drive.google.com/file/d/10ZEpdChPT9jwCFiJw9hXOEY8dOss8aoQ/view?usp=drive_web MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 5876 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1980,i,821366349264162231,4594861110002995098,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D10ZEpdChPT9jwCFiJw9hXOEY8dOss8aoQ%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D10ZEpdChPT9jwCFiJw9hXOEY8dOss8aoQ%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ARZ0qKKmKhel6VVQ28hxqhWqAREiKHHBGibKuWYc2LPKHTKKewD_b9I3CQCyx0dkxVfngTnMI3IrVg&osid=1&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-100622906%3A1711648671512057&theme=mn&ddm=0HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49769 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.41.168.93:443 -> 192.168.2.16:49770 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.41.168.93:443 -> 192.168.2.16:49771 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49782 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 23.41.168.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.41.168.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.41.168.93
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 23.41.168.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.41.168.93
Source: unknownDNS traffic detected: queries for: drive.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49697
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49697 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49688 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49769 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.41.168.93:443 -> 192.168.2.16:49770 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.41.168.93:443 -> 192.168.2.16:49771 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49782 version: TLS 1.2
Source: classification engineClassification label: clean0.win@16/34@26/245
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://drive.google.com/file/d/10ZEpdChPT9jwCFiJw9hXOEY8dOss8aoQ/view?usp=drive_web
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1980,i,821366349264162231,4594861110002995098,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1980,i,821366349264162231,4594861110002995098,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://drive.google.com/file/d/10ZEpdChPT9jwCFiJw9hXOEY8dOss8aoQ/view?usp=drive_web0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
about:blank0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
blobcomments-pa.clients6.google.com
142.251.16.95
truefalse
    		high
    play.google.com
    		172.253.62.100
    		truefalse
      		high
      plus.l.google.com
      		142.251.179.101
      		truefalse
        		high
        drive.google.com
        		142.251.111.102
        		truefalse
          		high
          www.google.com
          		172.253.62.106
          		truefalse
            		high
            peoplestackwebexperiments-pa.clients6.google.com
            		172.253.122.95
            		truefalse
              		high
              googlehosted.l.googleusercontent.com
              		172.253.63.132
              		truefalse
                		high
                lh3.googleusercontent.com
                		unknown
                		unknownfalse
                  		high
                  apis.google.com
                  		unknown
                  		unknownfalse
                    		high

                    Contacted URLs

                    NameMaliciousAntivirus DetectionReputation
                    https://drive.google.com/file/d/10ZEpdChPT9jwCFiJw9hXOEY8dOss8aoQ/viewfalse
                      		high
                      https://drive.google.com/auth_warmupfalse
                        		high
                        about:blankfalse
                        • Avira URL Cloud: safe
                        		low

                        World Map of Contacted IPs

                        • No. of IPs < 25%
                        • 25% < No. of IPs < 50%
                        • 50% < No. of IPs < 75%
                        • 75% < No. of IPs

                        Public IPs

                        IPDomainCountryFlagASNASN NameMalicious
                        172.253.122.139
                        		unknownUnited States
                        		15169GOOGLEUSfalse
                        142.251.111.102
                        		drive.google.comUnited States
                        		15169GOOGLEUSfalse
                        172.253.62.94
                        		unknownUnited States
                        		15169GOOGLEUSfalse
                        142.251.163.100
                        		unknownUnited States
                        		15169GOOGLEUSfalse
                        142.251.16.139
                        		unknownUnited States
                        		15169GOOGLEUSfalse
                        142.251.167.94
                        		unknownUnited States
                        		15169GOOGLEUSfalse
                        142.250.31.94
                        		unknownUnited States
                        		15169GOOGLEUSfalse
                        142.251.179.101
                        		plus.l.google.comUnited States
                        		15169GOOGLEUSfalse
                        172.253.62.106
                        		www.google.comUnited States
                        		15169GOOGLEUSfalse
                        142.250.31.95
                        		unknownUnited States
                        		15169GOOGLEUSfalse
                        142.251.163.95
                        		unknownUnited States
                        		15169GOOGLEUSfalse
                        172.253.62.100
                        		play.google.comUnited States
                        		15169GOOGLEUSfalse
                        1.1.1.1
                        		unknownAustralia
                        		13335CLOUDFLARENETUSfalse
                        142.251.111.113
                        		unknownUnited States
                        		15169GOOGLEUSfalse
                        142.251.111.95
                        		unknownUnited States
                        		15169GOOGLEUSfalse
                        172.253.63.95
                        		unknownUnited States
                        		15169GOOGLEUSfalse
                        172.253.63.94
                        		unknownUnited States
                        		15169GOOGLEUSfalse
                        142.251.16.102
                        		unknownUnited States
                        		15169GOOGLEUSfalse
                        172.253.122.95
                        		peoplestackwebexperiments-pa.clients6.google.comUnited States
                        		15169GOOGLEUSfalse
                        172.253.122.94
                        		unknownUnited States
                        		15169GOOGLEUSfalse
                        172.253.63.132
                        		googlehosted.l.googleusercontent.comUnited States
                        		15169GOOGLEUSfalse
                        239.255.255.250
                        		unknownReserved
                        		unknownunknownfalse
                        142.251.16.99
                        		unknownUnited States
                        		15169GOOGLEUSfalse
                        142.251.16.95
                        		blobcomments-pa.clients6.google.comUnited States
                        		15169GOOGLEUSfalse
                        172.253.115.84
                        		unknownUnited States
                        		15169GOOGLEUSfalse

                        Private

                        IP
                        192.168.2.16

                        General Information

                        Joe Sandbox version:40.0.0 Tourmaline
                        Analysis ID:1417201
                        Start date and time:2024-03-28 18:57:20 +01:00
                        Joe Sandbox product:CloudBasic
                        Overall analysis duration:
                        Hypervisor based Inspection enabled:false
                        Report type:full
                        Cookbook file name:defaultwindowsinteractivecookbook.jbs
                        Sample URL:https://drive.google.com/file/d/10ZEpdChPT9jwCFiJw9hXOEY8dOss8aoQ/view?usp=drive_web
                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                        Number of analysed new started processes analysed:14
                        Number of new started drivers analysed:0
                        Number of existing processes analysed:0
                        Number of existing drivers analysed:0
                        Number of injected processes analysed:0
                        Technologies:
                        • EGA enabled
                        Analysis Mode:stream
                        Analysis stop reason:Timeout
                        Detection:CLEAN
                        Classification:clean0.win@16/34@26/245

                        Warnings

                        • Exclude process from analysis (whitelisted): svchost.exe
                        • Excluded IPs from analysis (whitelisted): 172.253.122.94, 142.251.16.102, 142.251.16.113, 142.251.16.101, 142.251.16.139, 142.251.16.138, 142.251.16.100, 172.253.115.84, 34.104.35.123, 172.253.63.95, 142.251.167.94, 172.253.62.94, 142.251.163.95, 142.251.167.95, 142.251.111.95, 142.250.31.95, 172.253.122.95, 172.253.62.95, 172.253.115.95, 142.251.16.95, 142.251.179.95
                        • Excluded domains from analysis (whitelisted): fonts.googleapis.com, ssl.gstatic.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, content-autofill.googleapis.com, fonts.gstatic.com, content.googleapis.com, clientservices.googleapis.com, clients.l.google.com, www.gstatic.com
                        • Not all processes where analyzed, report is missing behavior information
                        • VT rate limit hit for: https://drive.google.com/file/d/10ZEpdChPT9jwCFiJw9hXOEY8dOss8aoQ/view?usp=drive_web

                        Created / dropped Files

                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 16:57:47 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2673
                        Entropy (8bit):3.987761262286063
                        Encrypted:false
                        SSDEEP:
                        MD5:5ACBD627048DE7E95191ED54009FF769
                        SHA1:B03C61F96736CD431D192361611013DCAE62F200
                        SHA-256:540219B7297422A16D202C59D4F5195921B67097B433D2BF9C78A55BB4624045
                        SHA-512:F0EA1041A3D74239E0B2ECA323F919569690AC57F1CE19ED5C414473FEF2B3E7335A449F9EC6FF210053BCB4DD0B52ECF126171CB22BA55CBE07038A4C2CAE0E
                        Malicious:false
                        Reputation:unknown
                        Preview:L..................F.@.. ...$+.,......q9...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I|X1.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V|X7.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V|X7.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V|X7............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V|X8............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............_I......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 16:57:47 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2675
                        Entropy (8bit):4.002485024229692
                        Encrypted:false
                        SSDEEP:
                        MD5:DD198B9853980668A5DEE7252DAC4B03
                        SHA1:1B02CEFA6249C32DDAD38CAC1FE050F0266E0808
                        SHA-256:00FA23987D3E7DCA79D3458564EF0F3156D999219695FA98CBAB36F66D572425
                        SHA-512:8002ACC30F4DE32BDFDBC6B1D2B497E2B2630567D082C310A7E316C3A775D8EE981A8AF435ACE322E279B553D76AC71351768CB0E26B5D85D9F2F0FE08DE463A
                        Malicious:false
                        Reputation:unknown
                        Preview:L..................F.@.. ...$+.,......{q9...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I|X1.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V|X7.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V|X7.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V|X7............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V|X8............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............_I......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2689
                        Entropy (8bit):4.008907862307886
                        Encrypted:false
                        SSDEEP:
                        MD5:E080D58F151E93DECDECCAA514B6DE52
                        SHA1:A4B7C39045D12E2B6D78FDE852D1C83DC59029FA
                        SHA-256:5A201F354141ED982CBA7D964BEDDA9F48BD5BF33F5B398B4D7F39A8080DB9D0
                        SHA-512:AC96932E6F19843D336D42CBB5F8B951897DBCEB446ED893E6268F14610B55D2724ECA57D721BCB82B4AC04D7F281D2ACA7B40F829A99AAACD9DBD5610DA6FE1
                        Malicious:false
                        Reputation:unknown
                        Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I|X1.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V|X7.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V|X7.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V|X7............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............_I......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 16:57:47 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2677
                        Entropy (8bit):3.9997635295813416
                        Encrypted:false
                        SSDEEP:
                        MD5:E075C63A55DC8BC46F1B53CEC286D65C
                        SHA1:DC6F25D771F1165CD3073B57D635161D41672D71
                        SHA-256:619FDBE47F57BC42A54BF389A5D6E4623B39E22BBA1406F011D25146598B3869
                        SHA-512:80E5666590B356670640EB5F1210BAECDA4998CE9EB0CEBF730D17298CA5D8CB34185B243E6ED6256F00A883842C69123A37F4B69BC1BA8590F5846D33270A60
                        Malicious:false
                        Reputation:unknown
                        Preview:L..................F.@.. ...$+.,.....|vq9...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I|X1.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V|X7.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V|X7.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V|X7............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V|X8............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............_I......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 16:57:47 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2677
                        Entropy (8bit):3.988517480153493
                        Encrypted:false
                        SSDEEP:
                        MD5:E02CF6B8BF76EDE69A2FB33180FB0401
                        SHA1:B1E28B2B05D0843B27C95082874F019CAA9F34E8
                        SHA-256:2F1DD04029C568E171ABA3AA1271AB34E2B65CFD6C159C0316AC29BE0BC9A979
                        SHA-512:E75556017716FEF3E9C42D4CD1BA5BB613A67C45697DF0EE2186B181BD1D77B555D5C208997822CF66323F41BFF2286A92AA197ABD139DE8607227CDE3B4E4A7
                        Malicious:false
                        Reputation:unknown
                        Preview:L..................F.@.. ...$+.,.......q9...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I|X1.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V|X7.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V|X7.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V|X7............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V|X8............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............_I......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 16:57:47 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2679
                        Entropy (8bit):3.9992248970202358
                        Encrypted:false
                        SSDEEP:
                        MD5:BEF236A25CE2D40CB7CFBF482CFE6338
                        SHA1:03D924569E9BB57895534D0F227CE52AB2AE5B61
                        SHA-256:72EC38E03DE6890A589E95C11D6702882DC75D4C265E706C8F4777C4EA32669E
                        SHA-512:C8BA2ADDD076455311117E012C7262C85CD0371CD4D7FA639BD8B8C8CD608D254FC0437C0194C4C4DBA50E2EDF940C562163BDB3EBE9E3DAB311EF292F75734C
                        Malicious:false
                        Reputation:unknown
                        Preview:L..................F.@.. ...$+.,......nq9...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I|X1.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V|X7.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V|X7.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V|X7............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V|X8............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............_I......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                        Chrome Cache Entry: 100

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                        Category:downloaded
                        Size (bytes):831
                        Entropy (8bit):7.690596689293278
                        Encrypted:false
                        SSDEEP:
                        MD5:916C9BCCCF19525AD9D3CD1514008746
                        SHA1:9CCCE6978D2417927B5150FFAAC22F907FF27B6E
                        SHA-256:358E814139D3ED8469B36935A071BE6696CCAD7DD9BDBFDB80C052B068AE2A50
                        SHA-512:B73C1A81997ABE12DBA4AE1FA38F070079448C3798E7161C9262CCBA6EE6A91E8A243F0E4888C8AEF33CE1CF83818FC44C85AE454A522A079D08121CD8628D00
                        Malicious:false
                        Reputation:unknown
                        URL:https://ssl.gstatic.com/images/branding/product/1x/drive_2020q4_32dp.png
                        Preview:.PNG........IHDR... ... .....szz.....IDATx.b .....+......m..dW.@..tm.Y.....m.....m.m..L.|.....{..b...t..........=H..qt..V..X..<jQc...p...fdU.\2.....9T...Jz!9...L.)&.....n....`~.T.\.\.$.....qQ.....LFOx......^&,"bB..Lh9$_.6<...A...Q.T&y.,'...p...W`.2.?X(.o.4.J?.2...@.4...*..X..c......[UZJ...MN.].z..f..DFe.J.....:!r...0X......).....^*..!....u..c..R4.GH....Y....E....Q......+!..)...e"......,.Ge.r.T..!..r..(.|.9f...}......(...s..N...[..~.%6QF..g..r......CN.e"(..uY.h._1.H.e....r.k..%^S.c..<..0.s.j..,D........]..y.2(..OC.o\.3..".....cw...:;.btq......w=.......R-[].4..]...?.....o..K../cC.<O...y..O.......{.-'Ln9..M.*6t.(.........o.K.$....bz.X._d......Z].U.....t....Bf.Zl.^vA._..g.{l....V...{....=.jua..[...k......j....Y\...!..+.m..X..t(....."..Mz.26l....7X.C...-...Z.lvl.......y}x..........7.m.VV....IEND.B`.

                        Chrome Cache Entry: 102

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (1290)
                        Category:downloaded
                        Size (bytes):205284
                        Entropy (8bit):5.523631436576388
                        Encrypted:false
                        SSDEEP:
                        MD5:7A52489AB93FBF1D5C48445C1F8B0B22
                        SHA1:6DF2534DF34CF88E1EC5ECB3DBB854F5A3772604
                        SHA-256:F2FD87CE7683C9952FC050FC173F5E0929F0C38B3FD4DF6C5F030FACA6680D24
                        SHA-512:7F287273FB3D66D7C33330DD16C2FF7F7B811788C2F1F9F0282576E4212F71E4346A3F640D329A30A57C433AE4C9B090C10E655A134B373C47BDD4B73E14B836
                        Malicious:false
                        Reputation:unknown
                        URL:"https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uvrmm4sgViM.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_AfeXEgP9UD-iQrKiwqZLadQ_cBg/cb=gapi.loaded_1"
                        Preview:gapi.loaded_1(function(_){var window=this;._.rh=(window.gapi||{}).load;._.Eo=_.hf(_.tf,"rw",_.jf());.var Fo=function(a,b){(a=_.Eo[a])&&a.state<b&&(a.state=b)};var Go=function(a){a=(a=_.Eo[a])?a.oid:void 0;if(a){var b=_.ef.getElementById(a);b&&b.parentNode.removeChild(b);delete _.Eo[a];Go(a)}};_.Ho=function(a){a=a.container;"string"===typeof a&&(a=document.getElementById(a));return a};_.Io=function(a){var b=a.clientWidth;return"position:absolute;top:-10000px;width:"+(b?b+"px":a.style.width||"300px")+";margin:0px;border-style:none;"};._.Jo=function(a,b){var c={},d=a.Gc(),e=b&&b.width,f=b&&b.height,h=b&&b.verticalAlign;h&&(c.verticalAlign=h);e||(e=d.width||a.width);f||(f=d.height||a.height);d.width=c.width=e;d.height=c.height=f;d=a.getIframeEl();e=a.getId();Fo(e,2);a:{e=a.getSiteEl();c=c||{};if(_.tf.oa){var k=d.id;if(k){f=(f=_.Eo[k])?f.state:void 0;if(1===f||4===f)break a;Go(k)}}(f=e.nextSibling)&&f.dataset&&f.dataset.gapistub&&(e.parentNode.removeChild(f),e.style.cssText="");f=c.width;h=

                        Chrome Cache Entry: 103

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (915)
                        Category:downloaded
                        Size (bytes):6654
                        Entropy (8bit):5.481171800370918
                        Encrypted:false
                        SSDEEP:
                        MD5:C83E59E9CD3D3BB6398F12CE60B1D078
                        SHA1:A10590DF745EC7E9A2303FEDED36C5936756A90E
                        SHA-256:A496E0C427CC1708C7F811D8C81417F96A51F37A29EB50FB35C15B639109CCE4
                        SHA-512:4E1D1C63CF0080A4A8AC17AA6CF4E9D9830B061D6441910ACE0C1523FAD2922323476A64F35E26F3D56F3F17327A52C4CF7B78DF64E3C82C670E86B0CBB08F79
                        Malicious:false
                        Reputation:unknown
                        URL:"https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.en.CQDxuDmva14.O/am=gAE/d=0/rs=AO0039vZOBzjT5lqWHdmN2Y34DYjxBaJjg/m=MpJwZc,UUJqVe,sy3,s39S4,syl,pw70Gc"
                        Preview:try{.w("MpJwZc");..y();.}catch(e){_DumpException(e)}.try{.w("UUJqVe");..y();.}catch(e){_DumpException(e)}.try{.vf(ru);.}catch(e){_DumpException(e)}.try{.w("s39S4");.var xQb=function(a,b,c){c?a.setAttribute(b,c):a.removeAttribute(b);a.hasAttribute("c-wiz")||(b=a,"C-DATA"===a.tagName&&(b=a.parentElement),PIa(b,!1))},yQb=function(a,b,c){var d=a.getAttribute(b)||"";c=String(c||"");c=c.split(";").filter(function(e){return e});d=d.split(";").filter(function(e){return eh(e,":.CLIENT")});La(c,d);(c=c.join(";"))?a.setAttribute(b,c):a.removeAttribute(b);Nga(a)},CQb=function(){zQb||(zQb=!0,AQb=bga,bga=function(a){AQb&&AQb(a);for(var b=0;b<a.length;b++){var c=a[b];kf(c)&&.zf(c).Oza(c)}},BQb=cga,cga=function(a){BQb&&BQb(a);for(var b=0;b<a.length;b++){var c=a[b];kf(c)&&zf(c).Pza(c)}})},DQb=function(a){if(a=a||document.body){var b=document.head.querySelector("style[data-late-css]");a=n(Array.from(a.querySelectorAll("style[data-server-css-collection], link[data-server-css-collection]")));for(var c=a.n

                        Chrome Cache Entry: 104

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (3383)
                        Category:downloaded
                        Size (bytes):109002
                        Entropy (8bit):5.487228566621995
                        Encrypted:false
                        SSDEEP:
                        MD5:36D3ED351F0A1F94ECA1D05622680ACC
                        SHA1:1934F936AC5C609F5DA9999E6632F9428AB65AE1
                        SHA-256:7E2ECEE513FD3CEE859BA116561A5A71EA95A8F89C9294397945FD4787BA2D13
                        SHA-512:01506714F6E320AE6DBE5E20D6315B2A5621D3228984F084CE36BA52D8BD746648802F486209A99D144A752FA07FD8E8BE0847D39C0CA655EC0A97CEDBCA7205
                        Malicious:false
                        Reputation:unknown
                        URL:https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
                        Preview:(function(){var m,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ba="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a},ca=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");.},da=ca(this),r=function(a,b){if(b)a:{var c=da;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&ba(c,a,{configurable:!0,writable:!0,value:b})}};.r("Symbol",function(a){if(a)return a;var b=function(g,f){this.wc=g;ba(this,"description",{configurable:!0,writable:!0,value:f})};b.prototype.toString=function(){return this.wc};var c="jscomp_symbol_"+(1E9*Math.random()>>>0)+"_",d=0,e=function

                        Chrome Cache Entry: 107

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with no line terminators
                        Category:downloaded
                        Size (bytes):28
                        Entropy (8bit):4.280394654123195
                        Encrypted:false
                        SSDEEP:
                        MD5:4708D1B37F72B842EFE4238A9825064B
                        SHA1:889321990FC6854DD351DF9DE8D41D2C9253BAF0
                        SHA-256:10B772A54149F2086265D2CAF0C434B7CABE913BBE3665CB9DE5FAEC5EB2FB7F
                        SHA-512:1285F4AEFE4F061D9D53FE96509AD93070843265C306123D197DF3603EEFF92FC6017019410015203B2DF139CC9594E387246D4211EADE320A7E77CCCA6EFDDA
                        Malicious:false
                        Reputation:unknown
                        URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwncHhV_nsiGYRIFDZFhlU4SBQ0G7bv_?alt=proto
                        Preview:ChIKBw2RYZVOGgAKBw0G7bv/GgA=

                        Chrome Cache Entry: 108

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (1843)
                        Category:downloaded
                        Size (bytes):939010
                        Entropy (8bit):5.561664903176862
                        Encrypted:false
                        SSDEEP:
                        MD5:AF1EE7843455E05CF3B402691D375F88
                        SHA1:1E7E1AB7969573DF528E51176938898EEBFA1249
                        SHA-256:B07CF803AFF03A1570063A325A6717F089B1ADFD91AF8B96FCD205A52E3FB9C3
                        SHA-512:47ADEC81EC3771BAEED7C08E78320F72934755274F7E2B0C9799E753945F9C5334E69D574C36852F60111A2BAE1F30302A136D5B4A8077C320CA2882BC64311F
                        Malicious:false
                        Reputation:unknown
                        URL:"https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.en.CQDxuDmva14.O/am=gAE/d=0/rs=AO0039vZOBzjT5lqWHdmN2Y34DYjxBaJjg/m=dSirkf,sy4y,sy1m,n90YA,ZGAB2e,sLGWFe,sy1h,sy2n,sy2o,sy1o,M79aPc,syq,sys,sy10,sy1j,sy1n,sy1u,sy2h,sy2q,sy2u,sy32,sy3e,sy3g,sy3s,sy3r,sy3n,sy3z,sy4q,nJ4XF,sy4z,sy51,UKcSG,AtsVYc"
                        Preview:try{.w("dSirkf");..y();.}catch(e){_DumpException(e)}.try{.w("n90YA");.var dJc=new $q;dJc.altKey=!0;dJc.keyCode=39;(new $q).keyCode=13;.y();.}catch(e){_DumpException(e)}.try{.w("ZGAB2e");..y();.}catch(e){_DumpException(e)}.try{.w("sLGWFe");..y();.}catch(e){_DumpException(e)}.try{.var aN=function(a){this.da=p(a)};O(aN,v);aN.prototype.Ak=function(){return xi(this,7)};var bN=function(a){this.da=p(a)};O(bN,v);bN.prototype.getName=function(){return E(this,4)};bN.prototype.sp=function(){return E(this,11)};var cN=function(a){this.da=p(a)};O(cN,v);cN.prototype.getInfo=function(){return N(this,bN,1)};cN.prototype.kr=function(){return N(this,aN,3)};.}catch(e){_DumpException(e)}.try{.var dN=function(a){return function(){return Ob(a)}};.}catch(e){_DumpException(e)}.try{.var WZb=function(a){this.da=p(a)};O(WZb,v);WZb.prototype.getSeconds=function(){return Ce(this,1)};var XZb=function(){return B('<span class="'+D(Pu("OiePBf-zPjgPe",void 0))+'"></span>')};.}catch(e){_DumpException(e)}.try{.w("M79aPc")

                        Chrome Cache Entry: 109

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (597)
                        Category:downloaded
                        Size (bytes):1700686
                        Entropy (8bit):5.618396209737557
                        Encrypted:false
                        SSDEEP:
                        MD5:F23161B46311A0DEB83BF9F1E4E46538
                        SHA1:C486EB5E665DD9A65857FCCFBA0F45A7A61CA0CD
                        SHA-256:D70075251F608B32675903EC66C60009B182210409BD389AF9334A7C13FC8416
                        SHA-512:A25CAB400B6E21B5CF860E6864C3BAD3479C7222F07B8A2C091FA5084F1D4E88E7F5ECCFBA1F242B3205375EECDBE0A0F3674007FC9E9D052335A6AE08B32BB4
                        Malicious:false
                        Reputation:unknown
                        URL:"https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.en.CQDxuDmva14.O/am=gAE/d=1/rs=AO0039vZOBzjT5lqWHdmN2Y34DYjxBaJjg/m=v,wb"
                        Preview:try{.var _F_toggles_initialize=function(a){("undefined"!==typeof globalThis?globalThis:"undefined"!==typeof self?self:this)._F_toggles=a||[]};_F_toggles_initialize([0x180, ]);./*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/./*.. SPDX-License-Identifier: Apache-2.0.*/./*... Copyright (c) 2015-2018 Google, Inc., Netflix, Inc., Microsoft Corp. and contributors. Licensed under the Apache License, Version 2.0 (the "License");. you may not use this file except in compliance with the License.. You may obtain a copy of the License at. http://www.apache.org/licenses/LICENSE-2.0. Unless required by applicable law or agreed to in writing, software. distributed under the License is distributed on an "AS IS" BASIS,. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.. See the License for the specific language governing permissions and. limitations under the License..*/./*. Copyright The Closure Library Authors.. SPDX-License-Identifier: A

                        Chrome Cache Entry: 110

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:Web Open Font Format (Version 2), TrueType, length 34108, version 1.0
                        Category:downloaded
                        Size (bytes):34108
                        Entropy (8bit):7.993096562158293
                        Encrypted:true
                        SSDEEP:
                        MD5:C15D33A9508923BE839D315A999AB9C7
                        SHA1:D17F6E786A1464E13D4EC8E842F4EB121B103842
                        SHA-256:65C99D3B9F1A1B905046E30D00A97F2D4D605E565C32917E7A89A35926E04B98
                        SHA-512:959490E7AE26D4821170482D302E8772DD641FFBBE08CFEE47F3AA2D7B1126DCCD6DEC5F1448CA71A4A8602981966EF8790AE0077429857367A33718B5097D06
                        Malicious:false
                        Reputation:unknown
                        URL:https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
                        Preview:wOF2.......<..........................................\..4?HVAR.t.`?STAT..'...J/<.....`..(..Z.0..,.6.$.... ..B..K..[.h...c.....nC .../.V.v..6>nT.*R...b.8.@.......ON.ch.......k..."..".9..\D...JBJ."T%5...Z2..Q.)wJ...sA.h..m....n..F.....t..ig.=..y.s@............t..j.*....n.h(...........N..)9.....v`|z....8.7..kTq....^.......[.K.O..1ZP.....;.HP.......>..+..j:.V.......A......[.f.l..v`x....F_..vo...e....n...H..X.2.v}...(.1J...x.....}.....5.3.....?..?..7...S..0.9..C.0.M..M9..e.b....bc..b4.0"e.G.....XT....z............E'c.(."...x`].]..e.rQ..ye.z........kFh;....Y.yPt.._Q.._-q..mi.Og.W.-qUI*...m5..r.mvA~o....S.f........s..ql.aXD...H..wy.P..k...f$.V^.2...8U{...f.....]]..G..cf.......D.c&B'S.2~..N..........R;..).5...../... 6....b....]d6."C..T..........OI\+V'...E.[.g.u.E....,*!F.....*U.q. :x.s..1..C....H..S%..)....h......K..........pw.f...f.......an3....9....@......%.2.c.+........cXD..F...B.....0'...O.z8.B....4...\..&c...H....;..p....@.l...:........L..`...5..xo&.

                        Chrome Cache Entry: 111

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:HTML document, Unicode text, UTF-8 text, with very long lines (1136)
                        Category:dropped
                        Size (bytes):1555
                        Entropy (8bit):5.249530958699059
                        Encrypted:false
                        SSDEEP:
                        MD5:FBE36EB2EECF1B90451A3A72701E49D2
                        SHA1:AE56EA57C52D1153CEC33CEF91CF935D2D3AF14D
                        SHA-256:E8F2DED5D74C0EE5F427A20B6715E65BC79ED5C4FC67FB00D89005515C8EFE63
                        SHA-512:7B1FD6CF34C26AF2436AF61A1DE16C9DBFB4C43579A9499F4852A7848F873BAC15BEEEA6124CF17F46A9F5DD632162364E0EC120ACA5F65E7C5615FF178A248F
                        Malicious:false
                        Reputation:unknown
                        Preview:<!DOCTYPE html>.<html lang=en>. <meta charset=utf-8>. <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">. <title>Error 400 (Bad Request)!!1</title>. <style>. *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//ww

                        Chrome Cache Entry: 112

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:SVG Scalable Vector Graphics image
                        Category:downloaded
                        Size (bytes):118370
                        Entropy (8bit):5.846748398907928
                        Encrypted:false
                        SSDEEP:
                        MD5:BA7AB7044D6C6C0240C3917858948CFF
                        SHA1:3B840B104CB3D74D5A35FBD193ACA32D27815D3E
                        SHA-256:0189F7C6ED35A7BE5E51A30366FBC54C9C9E27D2511DB44895D85A1458F83AB5
                        SHA-512:660D3407052C6965E6451C8D2AA9DC302C0F97129864E320731B89174F2A87B776201A57AA30A8CCF1A455700A6D9E2C42A070CC0F964D14A6D9E73DA47C4697
                        Malicious:false
                        Reputation:unknown
                        URL:https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite56.svg
                        Preview:<?xml version='1.0' encoding='UTF-8'?><!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" x="0" y="0" width="31px" height="3980px" viewBox="0 0 31 3980" preserveAspectRatio="none"><g transform="translate(0,960)"><path d="M20 2H4c-1.1 0-2 .9-2 2v18l4-4h14c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm0 14H4V4h16v12zm-9-5H7V9h4V5h2v4h4v2h-4v4h-2v-4z"/></g><g transform="translate(0,432)"><path fill="#C4C7C5" d="M20 2H4c-1.1 0-2 .9-2 2v18l4-4h14c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm0 14H4V4h16v12zm-9-5H7V9h4V5h2v4h4v2h-4v4h-2v-4z"/></g><g transform="translate(0,2152)"><path d="M17.705 10.1401L14.3 4H9.70001L3.60001 15L5.70001 19H13.8027C14.2671 19.8028 14.9121 20.488 15.6822 21H5.70001C5.00001 21 4.30001 20.6 3.90001 19.9L1.80001 15.9C1.50001 15.3 1.50001 14.6 1.80001 14L8.00001 3C8.30001 2.4 9.00001 2 9.70001 2H14.3C15 2 15.7 2.4 16.1 3L20.0307 10.0882C19.6959 10.0

                        Chrome Cache Entry: 113

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
                        Category:downloaded
                        Size (bytes):15344
                        Entropy (8bit):7.984625225844861
                        Encrypted:false
                        SSDEEP:
                        MD5:5D4AEB4E5F5EF754E307D7FFAEF688BD
                        SHA1:06DB651CDF354C64A7383EA9C77024EF4FB4CEF8
                        SHA-256:3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
                        SHA-512:7EB7C301DF79D35A6A521FAE9D3DCCC0A695D3480B4D34C7D262DD0C67ABEC8437ED40E2920625E98AAEAFBA1D908DEC69C3B07494EC7C29307DE49E91C2EF48
                        Malicious:false
                        Reputation:unknown
                        URL:https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
                        Preview:wOF2......;........H..;..........................d..@..J.`..L.T..<.....x.....^...x.6.$..6. ..t. ..I.h|.l....A....b6........(......@e.]...*:..-.0..r.)..hS..h...N.).D.........b.].......^..t?.m{...."84...9......c...?..r3o....}...S]....zbO.../z..{.....~cc....I...#.G.D....#*e.A..b...b`a5P.4........M....v4..fI#X.z,.,...=avy..F.a.\9.P|.[....r.Q@M.I.._.9..V..Q..]......[ {u..L@...]..K......]C....l$.Z.Z...Zs.4........ x.........F.?.7N..].|.wb\....Z{1L#..t....0.dM...$JV...{..oX...i....6.v.~......)|.TtAP&).KQ.]y........'...:.d..+..d..."C.h..p.2.M..e,.*UP..@.q..7..D.@...,......B.n. r&.......F!.....\...;R.?-.i...,7..cb../I...Eg...!X.)5.Aj7...Ok..l7.j.A@B`".}.w.m..R.9..T.X.X.d....S..`XI..1... .$C.H.,.\. ..A(.AZ.................`Wr.0]y..-..K.1.............1.tBs..n.0...9.F[b.3x...*$....T..PM.Z-.N.rS?I.<8eR'.3..27..?;..OLf*.Rj.@.o.W...........j~ATA....vX.N:.3dM.r.)Q.B...4i.f..K.l..s....e.U.2...k..a.GO.}..../.'..%$..ed.*.'..qP....M..j....../.z&.=...q<....-..?.A.%..K..

                        Chrome Cache Entry: 116

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (65536), with no line terminators
                        Category:downloaded
                        Size (bytes):2556262
                        Entropy (8bit):5.696893547387637
                        Encrypted:false
                        SSDEEP:
                        MD5:71C921BAFF1DFB729E013C6AAF5D9109
                        SHA1:3A36ED249E5CB0E166CA4D4B92AC5533E7FB6979
                        SHA-256:00FFC75A8320637C63B82C1CA0E5694C28C2E920E5ECED2C1F90896FB04CB46B
                        SHA-512:43A97323490C2558B7E2ACF61AC40C574C3375784B7A4CBAE324D9447D94E995B52C1AB946822A654D2309C86C880FEAACADAB09B83D43E0028104E4175E1318
                        Malicious:false
                        Reputation:unknown
                        URL:https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.gGAw3HFcDSA.L.W.O/am=gAE/d=0/rs=AO0039u4EC_9-Zn1H0sOkcQ7YNFQdLRHRA
                        Preview:@keyframes shimmer{0%{background-position:100% 50%}to{background-position:0 50%}}@keyframes fadeInAnimation{0%{opacity:0}to{opacity:1}}.ja0jmf{-webkit-align-content:center;align-content:center;-webkit-animation-fill-mode:forwards;animation-fill-mode:forwards;-webkit-animation-iteration-count:1;animation-iteration-count:1;-webkit-animation:fadeInAnimation ease 200ms;animation:fadeInAnimation ease 200ms;background-color:var(--dt-surface,#fff);display:-webkit-box;display:-webkit-flex;display:flex;-webkit-flex-direction:column;flex-direction:column;height:100%;position:absolute;top:0;width:100%;z-index:3000}.F6wkof{-webkit-animation:shimmer 2.2s ease infinite;animation:shimmer 2.2s ease infinite;background:0 0/300% 300% linear-gradient(-61deg,var(--dt-inverse-on-surface,#dadce0) 40%,var(--dt-surface-container-highest,#f1f3f4) 50%,var(--dt-inverse-on-surface,#dadce0) 60%);background-color:var(--dt-inverse-on-surface,#dadce0)}@media (forced-colors:active){.F6wkof{border:1px solid var(--dt-ou

                        Chrome Cache Entry: 117

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with no line terminators
                        Category:downloaded
                        Size (bytes):52
                        Entropy (8bit):4.2098671219040344
                        Encrypted:false
                        SSDEEP:
                        MD5:66AB9517DCA3300C7D3DB7BAAA5B28E2
                        SHA1:256850B49FA5D31FA769AFBF675B6CFE2FBB879D
                        SHA-256:B53C85B72C2DFED350A88FFF87ED434A4E8420CD1423067FEB31759A53DD08FA
                        SHA-512:D54856E54075B7487D9CA673D5D7AA82F5691BB8449A5E09F72CE44136A262D1A13CC577A6F850C158364C495FB489F9BF94242069FE9A19500C3D0F9F56283B
                        Malicious:false
                        Reputation:unknown
                        URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISJQm4AQ_njqwvuhIFDZFhlU4SBQ0G7bv_EgUNkWGVThIFDQbtu_8=?alt=proto
                        Preview:CiQKBw2RYZVOGgAKBw0G7bv/GgAKBw2RYZVOGgAKBw0G7bv/GgA=

                        Chrome Cache Entry: 118

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with no line terminators
                        Category:downloaded
                        Size (bytes):16
                        Entropy (8bit):3.75
                        Encrypted:false
                        SSDEEP:
                        MD5:EC331136E75314D2030EE013B6069921
                        SHA1:6B7428B8B15616A67F767D42964AF94FCBE2A803
                        SHA-256:A7358DF6B7B60280F2A0D7CD5B70A9F1DFA4FCE5C31FB1A24FB2F109AF7EE977
                        SHA-512:30C9B411C937F7D3DE9E59D8BE1CDE4F262B05C6AC2EC2D2C1956E705FE255D84DE17913826A0378B7FD4E51E075EE72A6BF16B870BF78B83D4F1D4507A44278
                        Malicious:false
                        Reputation:unknown
                        URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAmlNHcUu78_khIFDQbtu_8=?alt=proto
                        Preview:CgkKBw0G7bv/GgA=

                        Chrome Cache Entry: 119

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (2121)
                        Category:downloaded
                        Size (bytes):120458
                        Entropy (8bit):5.5013823425434225
                        Encrypted:false
                        SSDEEP:
                        MD5:4946E441A6612999602214249EDF6075
                        SHA1:F963393FBFDC741D58964234E617ABDD2336CDC4
                        SHA-256:70CD320339737C378A73B9837EFEAF4F1B233315873FE5B1FF7128AB8F82BF2D
                        SHA-512:851CA5BF5A7E84D742233AEBCE0E5CA458CF47F18DD0C66CFA7D621C1B95F8243F31758D6E754D6EFB3F58DABD85E4109C654CC1FF6C26A7DD7BFB9F1EDF60A9
                        Malicious:false
                        Reputation:unknown
                        URL:"https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uvrmm4sgViM.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_AfeXEgP9UD-iQrKiwqZLadQ_cBg/cb=gapi.loaded_0"
                        Preview:gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){("undefined"!==typeof globalThis?globalThis:"undefined"!==typeof self?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x20000, ]);.var da,ma,na,sa,ta,ya,Ca,Ea;_.ca=function(a){return function(){return _.ba[a].apply(this,arguments)}};_.ba=[];da=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};ma="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.na=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.qa=na(this);sa=function(a,b){if(b)a:{var c=_.qa;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b

                        Chrome Cache Entry: 79

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (2101)
                        Category:downloaded
                        Size (bytes):92330
                        Entropy (8bit):5.650533230671488
                        Encrypted:false
                        SSDEEP:
                        MD5:A8FDED83F926B8521AE89FE9B14F36D4
                        SHA1:737510054DE25391AC52FF26C10D27176A534A20
                        SHA-256:8A95556BBC59093C0B97D4C55E9720D41327B73BE80F7CA3FDEC5E93F9BBB5D1
                        SHA-512:E9444C5911F07313D801DD74EF4D901BFA31E5EB875EC8A5145465324307435D49767438D44895578DAB4CEED206C123F3BC36ECB7066260715A3A43CD723971
                        Malicious:false
                        Reputation:unknown
                        URL:"https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.en.CQDxuDmva14.O/am=gAE/d=0/rs=AO0039vZOBzjT5lqWHdmN2Y34DYjxBaJjg/m=sy50,sy13,sy53,sy5b,sy5c,sy5e,sy5d,sy5h,rj51oe,gypOCd"
                        Preview:try{.var sJc=function(){FE.apply(this,arguments)};O(sJc,FE);sJc.prototype.enqueue=function(a,b){this.insert(a,b)};var tJc=function(a,b){a%=b;return 0>a*b?a+b:a},uJc=function(a){return 1-Math.pow(1-a,3)};.}catch(e){_DumpException(e)}.try{.var xXb=function(){return ia&&ja?!ja.mobile&&(la("iPad")||la("Android")||la("Silk")):la("iPad")||la("Android")&&!la("Mobile")||la("Silk")},bL=function(){return!(ia&&ja?ja.mobile:!xXb()&&(la("iPod")||la("iPhone")||la("Android")||la("IEMobile")))&&!xXb()};.}catch(e){_DumpException(e)}.try{.var Hyd=function(a,b){this.C=a instanceof jr?a:new jr(a,b)};Zj(Hyd,IWa);Hyd.prototype.reposition=function(a,b,c,d){var e=pr(a);var f=e.body;e=e.documentElement;e=new jr(f.scrollLeft||e.scrollLeft,f.scrollTop||e.scrollTop);f=this.C.x+e.x;e=this.C.y+e.y;var g=JWa(a);f-=g.x;e-=g.y;xz(new jr(f,e),a,b,c,null,null,d)};var $3=function(a,b){Hyd.call(this,a,b)};Zj($3,Hyd);$3.prototype.F=0;$3.prototype.D=function(a){this.F=a};.$3.prototype.reposition=function(a,b,c,d){var e=qt(a

                        Chrome Cache Entry: 80

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:PNG image data, 1024 x 916, 8-bit/color RGBA, non-interlaced
                        Category:downloaded
                        Size (bytes):153612
                        Entropy (8bit):7.981783205253067
                        Encrypted:false
                        SSDEEP:
                        MD5:ECC8FD2DA03FFE27FE2DEB15A4484E37
                        SHA1:04CF8152390485AFFB9AE4B89F65130D8F13254E
                        SHA-256:B50C671CBEF1C7B365E57579E47799C66C51FE31C143D14B33DA741F4478137A
                        SHA-512:6EF55FABBBF4D2EC927CE42A539B491C1DA870192BC602A9166B85EEB7D9C68005E67259BFF10EE6A469D3680850D27CF680850FD3FA081247C54EDA761B63AD
                        Malicious:false
                        Reputation:unknown
                        URL:https://lh3.googleusercontent.com/drive-viewer/AKGpihYDrQv5wr-ATp9sW8t8TaqHLMlh-bDx-Xi8PuPOLbct99GQTmeEE9MQCRquSxvIntn7KGS32Hx95VBzOeVI2tj8g6ag=s1600-v0
                        Preview:.PNG........IHDR.............<MAX.. .IDATx...wxU.....'..4...aCP..+. ]....9}.........},......"bA........;...W...c... H.!.?..eLV..\...o......"""""""R..^..........O.........Z@.........Z@.........Z@.........Z@.........Z@.........Z@.........Z@.........Z..u...^..KX.a#..z.EDDD~#..G..M.W7..("R... ".>^..?.....q......y...<.....o.:..T....'".8x..O<..}......q"...........g...;3&Q.^].#.H5..."..... .....c.....#""".y.&...x..7.......H5.&."...Y..KZ4o.....u...........6f....i..qD..P.@..s]..'N....G...<N$""".....wO........_.Q.@...r.r.].u].....{.GDDD..[o....;.z.Z.}..qD.c*...b.X...N....Gc...DDD.B2..g....W...N?"...."..{.>b......7m.h.u.........{z.......'^...... RK...0m.L...cG..:....\DO.~.`0.7.....8"....Dj.).gRT\..A.R7...qDDD.".W..C.=BaQ....u....."...{.;.#...f.....#""".... .N........#".P.@......l........^.....K )).S..c.6.^..u....."...kX..;.mC..{z.GDDD....{qE.V|.l9.....8"r... R.8....&.............M|>_.../N...8.'..KI..Ej...>g.m.v.Mt....8"""..^..7].M[X..K...%...H-QZ....o.3M~..(

                        Chrome Cache Entry: 82

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:JSON data
                        Category:downloaded
                        Size (bytes):1759
                        Entropy (8bit):4.391878636648615
                        Encrypted:false
                        SSDEEP:
                        MD5:91BF8029246DB5C16E22AA2D902B853E
                        SHA1:172A3EF016071D1BFE1CA972BA951F9494A9573E
                        SHA-256:19058B329154B4DFFE93E30C26119ECE79523E763D0FFF9F84D1E66C58CF7AD6
                        SHA-512:8CADFEA3E7F3D19A73915AA478318A9B11FC3EC414A6732658355E7EE4A5A22CFF629F7262672BBC0E1FB34419FAE4FCC087951889DD7B3D2396F105D57F3536
                        Malicious:false
                        Reputation:unknown
                        URL:https://blobcomments-pa.clients6.google.com/v1/metadata?docId=10ZEpdChPT9jwCFiJw9hXOEY8dOss8aoQ&revisionId=0B-NRo767rJ1XU0Rjc2VTclptTUp1T2oyVnU4a0FWSnlPYVhzPQ&userLocale=en&timeZoneId=Etc%2FGMT-1&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797
                        Preview:{. "serializedDocosKeyData": "[null,null,0,null,null,null,null,1,[\"Anonymous\",null,\"//ssl.gstatic.com/docs/common/blue_silhouette96-0.png\",\"ANONYMOUS_105250506097979753968\",1,null,1,null,1],1,\"AAHRpnXtBuMBMRg94_Gy7GSccC50XC922Elub2gfU2XZkSVO2JM3KlIQABrsJC3GZt7CMURn12EEwkGleyg22ZDXqAOUtZZyVng\",null,null,null,null,null,1,null,null,1,null,null,null,null,1,0,null,null,null,0,null,null,0,null,null,null,null,1,0,null,null,null,null,[\"tf\",60000,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,0,0,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,0,0,null,null,null,1,null,null,null,null,null,null,0,null,null,\"\",null,0,null,null,null,null,0],[[5703839,5704695,5704745,5707899,5711538,5712270,5712639,5712647,5713195,5714051,5737800,5748810,5771837,5771857,5779500,5792878,48966262,49372463,49375342,49451659,49453005,49472091,49622751,4962314

                        Chrome Cache Entry: 83

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:HTML document, ASCII text
                        Category:downloaded
                        Size (bytes):382
                        Entropy (8bit):5.368512433532322
                        Encrypted:false
                        SSDEEP:
                        MD5:4B7AD0F4A01C7B00332E32EC2AED659A
                        SHA1:B32054DE6F0F2C1436D57F8E732DCB00A999A309
                        SHA-256:8DFB011BDD3818585E4D607FE59A7FC562D40613DC924514E773FDF04CEB6754
                        SHA-512:484833F78C832A1C1E0EC40F263DD31E1ADABE4DE9FC1739D2A85C817FA1EEF4DAC5112000800B1EC0A2CA6173696A12AA8BE6F7393E589A340E58C207661F90
                        Malicious:false
                        Reputation:unknown
                        URL:https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.uvrmm4sgViM.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo_AfeXEgP9UD-iQrKiwqZLadQ_cBg%2Fm%3D__features__
                        Preview:<!DOCTYPE html>.<html>.<head>.<title></title>.<meta http-equiv="X-UA-Compatible" content="IE=edge" />.<script nonce="ZexBpF75qbgWVIl9-Q-BYQ">. window['startup'] = function() {. googleapis.server.init();. };.</script>.<script src="https://apis.google.com/js/googleapis.proxy.js?onload=startup" async defer nonce="ZexBpF75qbgWVIl9-Q-BYQ"></script>.</head>.<body>.</body>.</html>.

                        Chrome Cache Entry: 84

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:PNG image data, 150 x 54, 8-bit/color RGBA, non-interlaced
                        Category:downloaded
                        Size (bytes):3170
                        Entropy (8bit):7.934630496764965
                        Encrypted:false
                        SSDEEP:
                        MD5:9D73B3AA30BCE9D8F166DE5178AE4338
                        SHA1:D0CBC46850D8ED54625A3B2B01A2C31F37977E75
                        SHA-256:DBEF5E5530003B7233E944856C23D1437902A2D3568CDFD2BEAF2166E9CA9139
                        SHA-512:8E55D1677CDBFE9DB6700840041C815329A57DF69E303ADC1F994757C64100FE4A3A17E86EF4613F4243E29014517234DEBFBCEE58DAB9FC56C81DD147FDC058
                        Malicious:false
                        Reputation:unknown
                        URL:https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
                        Preview:.PNG........IHDR.......6.....%.`....)IDATx..].pT..>.l......b..(Hv7 D7.n.8....V..H_.R;S.hY`w.(..*.N_R."0`.-.A..|.*N..`....n..{.&..l.o..;.....a....d..$.................J.1.*.....7+.c...o..T/.~V.r.....D..G.Ic.....E_.FUR.&..U%...X.4!!Q.H";......e(Ic...$..."1..jR[.L..../Ek.}AH...W.L.V....Y..S..q...!._r.D....G,%...Hu.$q..\.j.x...G.....]....B.i.I.+B.....Hu.....Q...K;...J.q..._......_.x....A:......j....:c...^.....k=GIj..Y]B.V..m...Y.\....$..!....+.R%..U/;p.....R4.g.R...XH.3%..JHHby.eqOZdnS..$.. ....dn...$.w....E.o.8...b@.z.)5.L4|.F...9......pP.8.|....-.M..:..ux...7.]...'..(q..~.....KQ.W..,b..L<.Y.].V+....t4.$.V.O.....D.5..v.j...Hd.M....z.......V..q.p.......;:.J.%2.G.;./.E...!.H. ..../Dk.8.T....+..%Vs4..DC.R.`..Z..........0.[)N!.....%.>&.b.$.M....P.!...!....'Kv..Nd...mvR.:.L....w..y%.i..H..u....s.Se1.[.)."..)%.I.....(.#M..4.@....#.....X..P<...k..g....O..I..>-...'._.Q..T.y.=Z.GR{]..&t}*......>J..!,..X6.HC..$.:.}..z...._b.b.4.E.....;.Ha.?s.

                        Chrome Cache Entry: 86

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (2628)
                        Category:downloaded
                        Size (bytes):78816
                        Entropy (8bit):5.595039197853547
                        Encrypted:false
                        SSDEEP:
                        MD5:C33274557C7019372DAF65D62BEDE0D4
                        SHA1:D4642405EFDCE1344E98D6890113A1CDF92760A3
                        SHA-256:748653B2A83FB6E79F7CF4217DE88626DE140EB70A06AE1A7EFD295A510AB339
                        SHA-512:132EC32AE9BBE815BFB26E787ACD00676003406FE40BB50D6D972573C72388ED677FCF5DEA0809D33DBE9B712F4685FBCFB89E5DB8D01C1BDE31397054C09136
                        Malicious:false
                        Reputation:unknown
                        URL:https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uvrmm4sgViM.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_AfeXEgP9UD-iQrKiwqZLadQ_cBg/cb=gapi.loaded_0?le=scs
                        Preview:gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){("undefined"!==typeof globalThis?globalThis:"undefined"!==typeof self?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x20000, ]);.var da,ma,na,sa,ta,ya,Ca,Ea;_.ca=function(a){return function(){return _.ba[a].apply(this,arguments)}};_.ba=[];da=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};ma="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.na=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.qa=na(this);sa=function(a,b){if(b)a:{var c=_.qa;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b

                        Chrome Cache Entry: 87

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:JSON data
                        Category:dropped
                        Size (bytes):464
                        Entropy (8bit):4.758217138015706
                        Encrypted:false
                        SSDEEP:
                        MD5:BA6AB51487CFAEF8F7E56133C34AAE37
                        SHA1:19DF244D1D07FF43020A7B001A5B27498507CB7D
                        SHA-256:FB20FC7C1F7CFCF723EFCEE54434C316E05EE614F707502344330828FFC1CC98
                        SHA-512:95EC94EE16487C430C45E98CF822425F2C7934F69CA257C5E20B1F9E659D6BBF6519E09AD65CE18DA8CA3786D477FC93286F3C6C6AAA1C08B319A4B9AAE854EA
                        Malicious:false
                        Reputation:unknown
                        Preview:{. "error": {. "code": 403,. "message": "Requests from referer \u003cempty\u003e are blocked.",. "status": "PERMISSION_DENIED",. "details": [. {. "@type": "type.googleapis.com/google.rpc.ErrorInfo",. "reason": "API_KEY_HTTP_REFERRER_BLOCKED",. "domain": "googleapis.com",. "metadata": {. "service": "blobcomments-pa.googleapis.com",. "consumer": "projects/298134251447". }. }. ]. }.}.

                        Chrome Cache Entry: 89

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:JSON data
                        Category:dropped
                        Size (bytes):626
                        Entropy (8bit):4.60225951443478
                        Encrypted:false
                        SSDEEP:
                        MD5:83A8719F50F54A04835CF33B68E9DA68
                        SHA1:9A5B826814B6AF5960092F0D995E5D9C6317FC49
                        SHA-256:E4C44B356156B57A483B9B8468946997FDEFFBCD600482C0B362ED9768A071FA
                        SHA-512:D1BAC50E7CD13A1654A9A20F245CA53C4E100155F3669DF6A431E75FF198C2D2798A5C58EF46F335A69FA632CA08E0763F7B08D07721E2F82490565EE92942C3
                        Malicious:false
                        Reputation:unknown
                        Preview:{. "error": {. "code": 403,. "message": "Requests from referer \u003cempty\u003e are blocked.",. "errors": [. {. "message": "Requests from referer \u003cempty\u003e are blocked.",. "domain": "global",. "reason": "forbidden". }. ],. "status": "PERMISSION_DENIED",. "details": [. {. "@type": "type.googleapis.com/google.rpc.ErrorInfo",. "reason": "API_KEY_HTTP_REFERRER_BLOCKED",. "domain": "googleapis.com",. "metadata": {. "service": "drive.googleapis.com",. "consumer": "projects/847707997455". }. }. ]. }.}.

                        Chrome Cache Entry: 90

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (2054)
                        Category:downloaded
                        Size (bytes):15118
                        Entropy (8bit):5.466749905796788
                        Encrypted:false
                        SSDEEP:
                        MD5:BA46414875BF2144AE0B87EA416B343E
                        SHA1:D9DF053E9F36C823779F1D998EF9418F43E8F442
                        SHA-256:C1EF85631D3600F9983D8C582AA5704FEA9140C2A183B6BA1FB35D5E954EA047
                        SHA-512:3CAD633A1A970A3283E7421B67BF5C5D88E446832F5138F5108D178A12ECFA49540B6FC6B0FAC311772AE280E46ECBE1156006517CCD2316308B5AD6B40CB1A5
                        Malicious:false
                        Reputation:unknown
                        URL:https://apis.google.com/js/googleapis.proxy.js?onload=startup
                        Preview:(function(){var aa="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a},ba=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");},ca=ba(this),g=function(a,b){if(b)a:{var c=ca;a=a.split(".");for(var d=0;d<a.length-.1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&aa(c,a,{configurable:!0,writable:!0,value:b})}},h=function(a,b,c){if(null==a)throw new TypeError("The 'this' value for String.prototype."+c+" must not be null or undefined");if(b instanceof RegExp)throw new TypeError("First argument to String.prototype."+c+" must not be a regular expression");return a+""};.g("String.prototype.endsWith",function(a){return a?a:function(b,c){var d=h(this

                        Chrome Cache Entry: 93

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:GIF image data, version 89a, 1 x 1
                        Category:dropped
                        Size (bytes):43
                        Entropy (8bit):3.16293190511019
                        Encrypted:false
                        SSDEEP:
                        MD5:FC94FB0C3ED8A8F909DBC7630A0987FF
                        SHA1:56D45F8A17F5078A20AF9962C992CA4678450765
                        SHA-256:2DFE28CBDB83F01C940DE6A88AB86200154FD772D568035AC568664E52068363
                        SHA-512:C87BF81FD70CF6434CA3A6C05AD6E9BD3F1D96F77DDDAD8D45EE043B126B2CB07A5CF23B4137B9D8462CD8A9ADF2B463AB6DE2B38C93DB72D2D511CA60E3B57E
                        Malicious:false
                        Reputation:unknown
                        Preview:GIF89a.............!.......,...........D..;

                        Chrome Cache Entry: 95

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
                        Category:downloaded
                        Size (bytes):259
                        Entropy (8bit):6.7268503778685105
                        Encrypted:false
                        SSDEEP:
                        MD5:AF848AEE503A57E479B0FB57318F3F2F
                        SHA1:68FE7097531D492691C6FA3454C8192D13E8572F
                        SHA-256:33DD0582F6972DDDB05BEE6FD5EA0312FBD782A8003F4C7876AFEBD0F08F49AD
                        SHA-512:1225614BBD2BD8DCF57B31759093EC92096A16AB428DE43606A8F71367BF247B9ADFE1F2C18E5F7156A216CBC4B35CF5070A39E4740FBDE1BAE5709D43734619
                        Malicious:false
                        Reputation:unknown
                        URL:https://ssl.gstatic.com/docs/doclist/images/mediatype/icon_3_pdf_x16.png
                        Preview:.PNG........IHDR................a....IDATx.cx.l......+g.....N... ...=....D.|Y8.......]Z...E.p....`5.....}.lD5..3.....?.......?..8..D......H.....n..(?..r.....L3....|.....cm...@j@..j.8..|T/ ....4...^..P>PC:<.>#......CBz.d..".^8.....h......V...Q......IEND.B`.

                        Chrome Cache Entry: 96

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:downloaded
                        Size (bytes):21836
                        Entropy (8bit):5.612275151948576
                        Encrypted:false
                        SSDEEP:
                        MD5:087964E8AC859B87529454C53FAE4F73
                        SHA1:FFD324F4787D9D80265071B14D0EEA980327555E
                        SHA-256:8E20748D4F2809DE43DDEC5EBA1D8CBAC192079F996FC4FE88DD3A5C159D31E3
                        SHA-512:FE5461898F46415A540012BACB2060EF7A20AF0B5504195AACEB009BCF25FC9B6C76E50BA24361B9EFD5AA54EEE9126CECEDC33D0502127052818CCE5691E873
                        Malicious:false
                        Reputation:unknown
                        URL:"https://fonts.googleapis.com/css?family=Google+Sans:300,400,500,700"
                        Preview:/*. * See: https://fonts.google.com/license/googlerestricted. */./* armenian */.@font-face {. font-family: 'Google Sans';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPiIUvaYr.woff2) format('woff2');. unicode-range: U+0308, U+0530-058F, U+2010, U+2024, U+25CC, U+FB13-FB17;.}./* bengali */.@font-face {. font-family: 'Google Sans';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPiAUvaYr.woff2) format('woff2');. unicode-range: U+0951-0952, U+0964-0965, U+0980-09FE, U+1CD0, U+1CD2, U+1CD5-1CD6, U+1CD8, U+1CE1, U+1CEA, U+1CED, U+1CF2, U+1CF5-1CF7, U+200C-200D, U+20B9, U+25CC, U+A8F1;.}./* cyrillic-ext */.@font-face {. font-family: 'Google Sans';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_I

                        Chrome Cache Entry: 97

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (2122)
                        Category:downloaded
                        Size (bytes):218116
                        Entropy (8bit):5.520938530269999
                        Encrypted:false
                        SSDEEP:
                        MD5:6C551C9378F09BA729327D85A1DA057D
                        SHA1:E9A8F9B70E684C37278CB6B0D7648865CC751BF4
                        SHA-256:C94E3247AF806C832C6CC47719D99B88B942DCC22D2B055E7CFF524BCDE76B9B
                        SHA-512:54536DF68608FFB6308852ACF14CFD27152DD8DF81D216B32F27BA38C221C8F3500B77D4C9B8D542AAA07243FC496929419DA71A70C3CC703ED837908AD89ACB
                        Malicious:false
                        Reputation:unknown
                        URL:"https://www.gstatic.com/og/_/js/k=og.qtm.en_US.dogDKQInKz0.2019.O/rt=j/m=qabr,q_dnp,qapid,qads,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTsw5QIWBz13IsEaqvclOTrY3nEiuQ"
                        Preview:this.gbar_=this.gbar_||{};(function(_){var window=this;.try{._.se=function(a){return _.pd(a)&&1==a.nodeType};_.te=function(a,b){if("textContent"in a)a.textContent=b;else if(3==a.nodeType)a.data=String(b);else if(a.firstChild&&3==a.firstChild.nodeType){for(;a.lastChild!=a.firstChild;)a.removeChild(a.lastChild);a.firstChild.data=String(b)}else _.qe(a),a.appendChild(_.re(a).createTextNode(String(b)))};var ue;_.ve=function(a,b){b?a.setAttribute("role",b):a.removeAttribute("role")};_.we=function(a,b,c){Array.isArray(c)&&(c=c.join(" "));var d="aria-"+b;""===c||void 0==c?(ue||(ue={atomic:!1,autocomplete:"none",dropeffect:"none",haspopup:!1,live:"off",multiline:!1,multiselectable:!1,orientation:"vertical",readonly:!1,relevant:"additions text",required:!1,sort:"none",busy:!1,disabled:!1,hidden:!1,invalid:"false"}),c=ue,b in c?a.setAttribute(d,c[b]):a.removeAttribute(d)):a.setAttribute(d,c)};var Ae;_.ze=function(a,b,c,d,e,f){if(_.Lb&&e)return _.xe(a);if(e&&!d)return!1;if(!_.Jb){"number"===typeof

                        Static File Info

                        No static file info