Edit tour

Windows Analysis Report
https://www.easeus.com/thankyou/install-data-recovery-wizard-trial.htm?linkid=brand_install_drwtrial%5C

Overview

General Information

Sample URL:	https://www.easeus.com/thankyou/install-data-recovery-wizard-trial.htm?linkid=brand_install_drwtrial%5C
Analysis ID:	1428893

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Found iframes

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 6944 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.easeus.com/thankyou/install-data-recovery-wizard-trial.htm?linkid=brand_install_drwtrial%5C MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 7128 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1972,i,15443183352294079776,14758598947917918881,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: Iframe src: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=53e320ce0000640005793e9d#locale=en-US&styleHeight=150px&styleWidth=100%25&theme=dark
Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: Iframe src: https://gum.criteo.com/syncframe?topUrl=update.easeus.com&origin=onetag#{"bundle":{"origin":0,"value":null},"cw":true,"optout":{"origin":0,"value":null},"origin":"onetag","sid":{"origin":0,"value":null},"tld":"easeus.com","topUrl":"update.easeus.com","version":"5_23_0","ifa":{"origin":0,"value":null},"lsw":true,"pm":0}
Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: Iframe src: https://fledge.us.criteo.com/interest-group?data=fr0U3nxLZHNRUGdoYlpZbDBzZTFaV1IwS0NjekRxd013blo2VWV5Q3QvOVgvVkZaditlN21Da2k4SmFGWTZkT3NoT0dqNFA2ckJ2azZsZ3hRT2Fxb00zcHU3ZGJvRjNhZnNUZUtaZGxVbmVzOXpWcXVNUVNtWnVRZTVrZG4vRys3Y2ZkM0VzR3orZVRmQ3NHRUZsUjc3dy9icDBQU3dXQUdxa1RhZ3VMQVZZaGZIdEgyUGp6bEQ2bHMrS0JqVFl1T2l5Qy9NTU14aFVDWkpnaTVZcE5ocnQ1S1l3PT18
Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: Iframe src: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=53e320ce0000640005793e9d#locale=en-US&styleHeight=150px&styleWidth=100%25&theme=dark
Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: Iframe src: https://gum.criteo.com/syncframe?topUrl=update.easeus.com&origin=onetag#{"bundle":{"origin":0,"value":null},"cw":true,"optout":{"origin":0,"value":null},"origin":"onetag","sid":{"origin":0,"value":null},"tld":"easeus.com","topUrl":"update.easeus.com","version":"5_23_0","ifa":{"origin":0,"value":null},"lsw":true,"pm":0}
Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: Iframe src: https://fledge.us.criteo.com/interest-group?data=fr0U3nxLZHNRUGdoYlpZbDBzZTFaV1IwS0NjekRxd013blo2VWV5Q3QvOVgvVkZaditlN21Da2k4SmFGWTZkT3NoT0dqNFA2ckJ2azZsZ3hRT2Fxb00zcHU3ZGJvRjNhZnNUZUtaZGxVbmVzOXpWcXVNUVNtWnVRZTVrZG4vRys3Y2ZkM0VzR3orZVRmQ3NHRUZsUjc3dy9icDBQU3dXQUdxa1RhZ3VMQVZZaGZIdEgyUGp6bEQ2bHMrS0JqVFl1T2l5Qy9NTU14aFVDWkpnaTVZcE5ocnQ1S1l3PT18
Source: https://order.easeus.com/505/purl-store?cart=206648&coupon=BZ5S-XQSJ&x-source=drwtrial_install_bundle	HTTP Parser: Iframe src: //www.googletagmanager.com/ns.html?id=GTM-M6R373J
Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: Iframe src: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=53e320ce0000640005793e9d#locale=en-US&styleHeight=150px&styleWidth=100%25&theme=dark
Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: Iframe src: https://gum.criteo.com/syncframe?topUrl=update.easeus.com&origin=onetag#{"bundle":{"origin":0,"value":null},"cw":true,"optout":{"origin":0,"value":null},"origin":"onetag","sid":{"origin":0,"value":null},"tld":"easeus.com","topUrl":"update.easeus.com","version":"5_23_0","ifa":{"origin":0,"value":null},"lsw":true,"pm":0}
Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: Iframe src: https://fledge.us.criteo.com/interest-group?data=fr0U3nxLZHNRUGdoYlpZbDBzZTFaV1IwS0NjekRxd013blo2VWV5Q3QvOVgvVkZaditlN21Da2k4SmFGWTZkT3NoT0dqNFA2ckJ2azZsZ3hRT2Fxb00zcHU3ZGJvRjNhZnNUZUtaZGxVbmVzOXpWcXVNUVNtWnVRZTVrZG4vRys3Y2ZkM0VzR3orZVRmQ3NHRUZsUjc3dy9icDBQU3dXQUdxa1RhZ3VMQVZZaGZIdEgyUGp6bEQ2bHMrS0JqVFl1T2l5Qy9NTU14aFVDWkpnaTVZcE5ocnQ1S1l3PT18
Source: https://order.easeus.com/505/purl-store?cart=206648&coupon=BZ5S-XQSJ&x-source=drwtrial_install_bundle	HTTP Parser: Iframe src: //www.googletagmanager.com/ns.html?id=GTM-M6R373J
Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: Iframe src: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=53e320ce0000640005793e9d#locale=en-US&styleHeight=150px&styleWidth=100%25&theme=dark

Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: No favicon
Source: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=53e320ce0000640005793e9d#locale=en-US&styleHeight=150px&styleWidth=100%25&theme=dark	HTTP Parser: No favicon
Source: https://fledge.us.criteo.com/interest-group?data=fr0U3nxLZHNRUGdoYlpZbDBzZTFaV1IwS0NjekRxd013blo2VWV5Q3QvOVgvVkZaditlN21Da2k4SmFGWTZkT3NoT0dqNFA2ckJ2azZsZ3hRT2Fxb00zcHU3ZGJvRjNhZnNUZUtaZGxVbmVzOXpWcXVNUVNtWnVRZTVrZG4vRys3Y2ZkM0VzR3orZVRmQ3NHRUZsUjc3dy9icDBQU3dXQUdxa1RhZ3VMQVZZaGZIdEgyUGp6bEQ2bHMrS0JqVFl1T2l5Qy9NTU14aFVDWkpnaTVZcE5ocnQ1S1l3PT18	HTTP Parser: No favicon

Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: No <meta name="author".. found
Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: No <meta name="author".. found
Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: No <meta name="author".. found
Source: https://order.easeus.com/505/purl-store?cart=206648&coupon=BZ5S-XQSJ&x-source=drwtrial_install_bundle	HTTP Parser: No <meta name="author".. found
Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: No <meta name="author".. found
Source: https://order.easeus.com/505/purl-store?cart=206648&coupon=BZ5S-XQSJ&x-source=drwtrial_install_bundle	HTTP Parser: No <meta name="author".. found
Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: No <meta name="author".. found

Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: No <meta name="copyright".. found
Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: No <meta name="copyright".. found
Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: No <meta name="copyright".. found
Source: https://order.easeus.com/505/purl-store?cart=206648&coupon=BZ5S-XQSJ&x-source=drwtrial_install_bundle	HTTP Parser: No <meta name="copyright".. found
Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: No <meta name="copyright".. found
Source: https://order.easeus.com/505/purl-store?cart=206648&coupon=BZ5S-XQSJ&x-source=drwtrial_install_bundle	HTTP Parser: No <meta name="copyright".. found
Source: https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.16:49850 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.16:49865 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49870 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49988 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	TCP traffic detected without corresponding DNS query: 52.165.165.26
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: unknown

DNS traffic detected: queries for: www.easeus.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 49967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.16:49850 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.16:49865 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49870 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49988 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@17/122@192/940

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.easeus.com/thankyou/install-data-recovery-wizard-trial.htm?linkid=brand_install_drwtrial%5C
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1972,i,15443183352294079776,14758598947917918881,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1972,i,15443183352294079776,14758598947917918881,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
rtb-csync-use1.smartadserver.com	23.105.12.150	true	false	high
hb.yahoo.net	23.34.82.22	true	false	high
privacyportal-de.onetrust.com	104.18.32.137	true	false	high
measurement-api.us5.vip.prod.criteo.com	74.119.117.37	true	false	high
dcjcrc9i4ufln.cloudfront.net	3.161.188.76	true	false	high
us-east-eb2.3lift.com	52.223.22.214	true	false	high
static-cf.cleverbridge.com	104.16.243.229	true	false	high
dynamic.us5.vip.prod.criteo.com	74.119.117.10	true	false	high
us-vip001.taboola.com	141.226.224.48	true	false	high
d20qwf0wrdtevy.cloudfront.net	3.161.188.80	true	false	high
fledge.us5.vip.prod.criteo.com	74.119.117.20	true	false	high
ch-vip001.taboola.com	141.226.124.48	true	false	high
csm.us5.vip.prod.criteo.net	74.119.117.24	true	false	high
stats.g.doubleclick.net	74.125.136.156	true	false	high
contextual.media.net	23.63.156.62	true	false	high
dcs-public-edge-va6-158015560.us-east-1.elb.amazonaws.com	107.23.169.28	true	false	high
scontent.xx.fbcdn.net	31.13.88.13	true	false	high
r.casalemedia.com	172.64.151.101	true	false	high
visitor-us-west-2.omnitagjs.com	35.161.161.42	true	false	high
na-ice.360yield.com	34.239.2.224	true	false	high
sync.crwdcntrl.net	44.195.233.246	true	false	high
cm.g.doubleclick.net	64.233.185.156	true	false	high
pug-vac.pubmnet.com	8.28.7.83	true	false	unknown
idaas-ext.cph.liveintent.com	3.237.57.79	true	false	high
www.google.com	172.253.124.147	true	false	high
tapestry.tapad.com	34.111.113.62	true	false	high
match.adsrvr.org	52.223.40.198	true	false	high
star-mini.c10r.facebook.com	31.13.66.35	true	false	high
gum.us5.vip.prod.criteo.com	74.119.117.17	true	false	high
chidc2.outbrain.org	50.31.142.127	true	false	unknown
nydc1.outbrain.org	64.202.112.63	true	false	unknown
pcs3prod18.us-east-1.elasticbeanstalk.com	23.20.181.89	true	false	high
trends.revcontent.com	54.85.17.93	true	false	high
pricingapi.cleverbridge.com	104.16.242.229	true	false	high
exchange.mediavine.com	3.223.118.246	true	false	high
s.ad.smaato.net	18.67.76.108	true	false	high
inv-nets.admixer.net	216.219.92.22	true	false	high
match-us-east-1-ecs.sharethrough.com	34.228.96.208	true	false	high
partners-alb-1113315349.us-east-1.elb.amazonaws.com	54.236.114.45	true	false	high
easeus-s.cleverbridge.com	104.16.243.229	true	false	high
widget.trustpilot.com	13.225.214.35	true	false	high
ib.anycast.adnxs.com	68.67.160.26	true	false	high
widget.us5.vip.prod.criteo.com	74.119.117.16	true	false	high
user-data-us-east.bidswitch.net	35.211.178.172	true	false	unknown
static.da1.vip.prod.criteo.net	74.119.118.134	true	false	high
cdn.cookielaw.org	104.19.177.52	true	false	high
geolocation.onetrust.com	104.18.32.137	true	false	high
secure.adnxs.com	unknown	unknown	false	high
dynamic.criteo.com	unknown	unknown	false	high
jadserve.postrelease.com	unknown	unknown	false	high
sslwidget.criteo.com	unknown	unknown	false	high
csm.us5.us.criteo.net	unknown	unknown	false	high
dis.criteo.com	unknown	unknown	false	high
static.criteo.net	unknown	unknown	false	high
measurement-api.criteo.com	unknown	unknown	false	high
pixel.rubiconproject.com	unknown	unknown	false	high
connect.facebook.net	unknown	unknown	false	high
d.turn.com	unknown	unknown	false	high
simage2.pubmatic.com	unknown	unknown	false	high
match.sharethrough.com	unknown	unknown	false	high
criteo-partners.tremorhub.com	unknown	unknown	false	unknown
order.easeus.com	unknown	unknown	false	high
criteo-sync.teads.tv	unknown	unknown	false	high
update.easeus.com	unknown	unknown	false	high
gum.criteo.com	unknown	unknown	false	high
rtb-csync.smartadserver.com	unknown	unknown	false	high
ad.360yield.com	unknown	unknown	false	high
sync.outbrain.com	unknown	unknown	false	high
dpm.demdex.net	unknown	unknown	false	high
aa.agkn.com	unknown	unknown	false	high
visitor.omnitagjs.com	unknown	unknown	false	high
x.bidswitch.net	unknown	unknown	false	unknown
www.facebook.com	unknown	unknown	false	high
i.liadm.com	unknown	unknown	false	high
tags.bluekai.com	unknown	unknown	false	high
www.easeus.com	unknown	unknown	false	high
sync-t1.taboola.com	unknown	unknown	false	high
ib.adnxs.com	unknown	unknown	false	high
partner.mediawallahscript.com	unknown	unknown	false	unknown
ade.clmbtech.com	unknown	unknown	false	high
fledge.us.criteo.com	unknown	unknown	false	high
eb2.3lift.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Reputation
https://gum.criteo.com/syncframe?topUrl=update.easeus.com&origin=onetag#{%22bundle%22:{%22origin%22:0,%22value%22:null},%22cw%22:true,%22optout%22:{%22origin%22:0,%22value%22:null},%22origin%22:%22onetag%22,%22sid%22:{%22origin%22:0,%22value%22:null},%22tld%22:%22easeus.com%22,%22topUrl%22:%22update.easeus.com%22,%22version%22:%225_23_0%22,%22ifa%22:{%22origin%22:0,%22value%22:null},%22lsw%22:true,%22pm%22:0}	false	high
https://static.criteo.net/empty.html	false	high
https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=53e320ce0000640005793e9d#locale=en-US&styleHeight=150px&styleWidth=100%25&theme=dark	false	high
about:blank	false	low
https://order.easeus.com/505/purl-store?cart=206648&coupon=BZ5S-XQSJ&x-source=drwtrial_install_bundle	false	high
https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm	false	high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
50.31.142.127	chidc2.outbrain.org	United States	22075	AS-OUTBRAINUS	false
18.244.202.101	unknown	United States	16509	AMAZON-02US	false
68.67.160.26	ib.anycast.adnxs.com	United States	29990	ASN-APPNEXUS	false
74.119.118.134	static.da1.vip.prod.criteo.net	United States	19750	AS-CRITEOUS	false
184.25.164.23	unknown	United States	9498	BBIL-APBHARTIAirtelLtdIN	false
23.216.73.228	unknown	United States	20940	AKAMAI-ASN1EU	false
3.161.188.80	d20qwf0wrdtevy.cloudfront.net	United States	16509	AMAZON-02US	false
172.253.124.147	www.google.com	United States	15169	GOOGLEUS	false
35.211.178.172	user-data-us-east.bidswitch.net	United States	19527	GOOGLE-2US	false
35.161.161.42	visitor-us-west-2.omnitagjs.com	United States	16509	AMAZON-02US	false
8.28.7.83	pug-vac.pubmnet.com	United States	62713	AS-PUBMATICUS	false
69.173.151.100	unknown	United States	26667	RUBICONPROJECTUS	false
104.18.32.137	privacyportal-de.onetrust.com	United States	13335	CLOUDFLARENETUS	false
18.214.128.131	unknown	United States	14618	AMAZON-AESUS	false
107.23.169.28	dcs-public-edge-va6-158015560.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
23.34.82.22	hb.yahoo.net	United States	25019	SAUDINETSTC-ASSA	false
104.18.6.90	unknown	United States	13335	CLOUDFLARENETUS	false
31.13.88.13	scontent.xx.fbcdn.net	Ireland	32934	FACEBOOKUS	false
74.119.117.10	dynamic.us5.vip.prod.criteo.com	United States	19750	AS-CRITEOUS	false
74.125.138.94	unknown	United States	15169	GOOGLEUS	false
35.71.131.137	unknown	United States	237	MERIT-AS-14US	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
141.226.124.48	ch-vip001.taboola.com	Israel	200478	TABOOLA-ASIL	false
13.107.21.237	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
3.161.188.76	dcjcrc9i4ufln.cloudfront.net	United States	16509	AMAZON-02US	false
74.119.117.37	measurement-api.us5.vip.prod.criteo.com	United States	19750	AS-CRITEOUS	false
173.194.219.102	unknown	United States	15169	GOOGLEUS	false
131.253.33.237	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
54.224.162.95	unknown	United States	14618	AMAZON-AESUS	false
23.23.223.78	unknown	United States	14618	AMAZON-AESUS	false
104.18.36.155	unknown	United States	13335	CLOUDFLARENETUS	false
3.237.57.79	idaas-ext.cph.liveintent.com	United States	14618	AMAZON-AESUS	false
104.16.243.229	static-cf.cleverbridge.com	United States	13335	CLOUDFLARENETUS	false
44.195.233.246	sync.crwdcntrl.net	United States	14618	AMAZON-AESUS	false
18.205.173.75	unknown	United States	14618	AMAZON-AESUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
23.201.213.98	unknown	United States	5432	PROXIMUS-ISP-ASBE	false
23.223.31.174	unknown	United States	16625	AKAMAI-ASUS	false
54.187.88.108	unknown	United States	16509	AMAZON-02US	false
216.219.92.22	inv-nets.admixer.net	United States	19318	IS-AS-1US	false
74.125.136.156	stats.g.doubleclick.net	United States	15169	GOOGLEUS	false
69.194.242.12	unknown	United States	6336	TURN-US-ASNUS	false
104.16.242.229	pricingapi.cleverbridge.com	United States	13335	CLOUDFLARENETUS	false
52.223.40.198	match.adsrvr.org	United States	8987	AMAZONEXPANSIONGB	false
74.125.136.157	unknown	United States	15169	GOOGLEUS	false
34.228.96.208	match-us-east-1-ecs.sharethrough.com	United States	14618	AMAZON-AESUS	false
34.199.64.78	unknown	United States	14618	AMAZON-AESUS	false
108.177.122.104	unknown	United States	15169	GOOGLEUS	false
23.63.201.151	unknown	United States	16625	AKAMAI-ASUS	false
96.7.224.33	unknown	United States	20940	AKAMAI-ASN1EU	false
23.63.156.62	contextual.media.net	United States	16625	AKAMAI-ASUS	false
104.19.177.52	cdn.cookielaw.org	United States	13335	CLOUDFLARENETUS	false
34.239.2.224	na-ice.360yield.com	United States	14618	AMAZON-AESUS	false
172.64.151.101	r.casalemedia.com	United States	13335	CLOUDFLARENETUS	false
34.230.195.204	unknown	United States	14618	AMAZON-AESUS	false
54.236.114.45	partners-alb-1113315349.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
64.233.185.156	cm.g.doubleclick.net	United States	15169	GOOGLEUS	false
3.223.118.246	exchange.mediavine.com	United States	14618	AMAZON-AESUS	false
23.223.31.146	unknown	United States	16625	AKAMAI-ASUS	false
142.250.9.94	unknown	United States	15169	GOOGLEUS	false
31.13.88.35	unknown	Ireland	32934	FACEBOOKUS	false
141.226.224.48	us-vip001.taboola.com	Israel	200478	TABOOLA-ASIL	false
13.225.214.35	widget.trustpilot.com	United States	16509	AMAZON-02US	false
68.67.160.114	unknown	United States	29990	ASN-APPNEXUS	false
18.67.76.108	s.ad.smaato.net	United States	3	MIT-GATEWAYSUS	false
172.217.215.113	unknown	United States	15169	GOOGLEUS	false
23.105.12.150	rtb-csync-use1.smartadserver.com	United States	30633	LEASEWEB-USA-WDCUS	false
68.67.160.117	unknown	United States	29990	ASN-APPNEXUS	false
74.119.117.17	gum.us5.vip.prod.criteo.com	United States	19750	AS-CRITEOUS	false
35.71.139.29	unknown	United States	237	MERIT-AS-14US	false
142.250.105.95	unknown	United States	15169	GOOGLEUS	false
74.119.117.16	widget.us5.vip.prod.criteo.com	United States	19750	AS-CRITEOUS	false
31.13.66.35	star-mini.c10r.facebook.com	Ireland	32934	FACEBOOKUS	false
142.250.105.97	unknown	United States	15169	GOOGLEUS	false
54.85.17.93	trends.revcontent.com	United States	14618	AMAZON-AESUS	false
142.250.105.99	unknown	United States	15169	GOOGLEUS	false
3.161.188.91	unknown	United States	16509	AMAZON-02US	false
34.111.113.62	tapestry.tapad.com	United States	15169	GOOGLEUS	false
52.223.22.214	us-east-eb2.3lift.com	United States	8987	AMAZONEXPANSIONGB	false
23.105.14.106	unknown	United States	30633	LEASEWEB-USA-WDCUS	false
18.211.29.223	unknown	United States	14618	AMAZON-AESUS	false
74.119.117.24	csm.us5.vip.prod.criteo.net	United States	19750	AS-CRITEOUS	false
142.251.15.84	unknown	United States	15169	GOOGLEUS	false
142.250.9.100	unknown	United States	15169	GOOGLEUS	false
23.20.181.89	pcs3prod18.us-east-1.elasticbeanstalk.com	United States	14618	AMAZON-AESUS	false
142.250.9.102	unknown	United States	15169	GOOGLEUS	false
74.119.117.20	fledge.us5.vip.prod.criteo.com	United States	19750	AS-CRITEOUS	false
64.202.112.63	nydc1.outbrain.org	United States	22075	AS-OUTBRAINUS	false

Private

IP
192.168.2.4
192.168.2.16

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1428893
Start date and time:	2024-04-19 19:24:26 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://www.easeus.com/thankyou/install-data-recovery-wizard-trial.htm?linkid=brand_install_drwtrial%5C
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	14
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean1.win@17/122@192/940

Warnings

Exclude process from analysis (whitelisted): SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.9.94, 172.217.215.113, 172.217.215.102, 172.217.215.101, 172.217.215.100, 172.217.215.139, 172.217.215.138, 142.251.15.84, 104.18.6.90, 104.18.7.90, 34.104.35.123, 142.250.105.95, 172.253.124.95, 142.250.9.95, 142.251.15.95, 74.125.138.95, 64.233.185.95, 64.233.177.95, 74.125.136.95, 173.194.219.95, 64.233.176.95, 172.217.215.95, 108.177.122.95, 142.250.105.97, 142.250.9.102, 142.250.9.139, 142.250.9.113, 142.250.9.101, 142.250.9.100, 142.250.9.138, 173.194.219.102, 173.194.219.101, 173.194.219.138, 173.194.219.113, 173.194.219.139, 173.194.219.100, 199.232.214.172, 69.173.151.100, 23.63.201.151, 23.201.213.98, 13.107.21.237, 204.79.197.237, 23.216.73.228, 18.214.128.131, 23.23.223.78, 34.195.246.239, 34.202.186.94, 35.168.31.54, 3.227.98.225, 131.253.33.237, 13.107.22.237, 23.223.31.174, 23.223.31.146, 69.194.242.12
Excluded domains from analysis (whitelisted): tags.bluekai.com.edgekey.net, d.turn.com.akadns.net, pixel.rubiconproject.net.akadns.net, slscr.update.microsoft.com, clientservices.googleapis.com, www.easeus.com.cdn.cloudflare.net, e9126.x.akamaiedge.net, clients2.google.com, www.googletagmanager.com, dual-a-0034.dc-msedge.net, jadserve.postrelease.com.akadns.net, rtb-csync-geo.usersync-prod-sas.akadns.net, ade.clmbtech.com-v2.edgekey.net, www.google-analytics.com, e9957.e4.akamaiedge.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, c-bing-com.dual-a-0034.a-msedge.net, ctldl.windowsupdate.com, e63851.dscj.akamaiedge.net, criteo-sync.teads.tv.edgekey.net, edgedl.me.gvt1.com, c.bing.com, dual-a-0034.a-msedge.net, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://www.easeus.com/thankyou/install-data-recovery-wizard-trial.htm?linkid=brand_install_drwtrial%5C

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 16:24:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.98940362441337
Encrypted:	false
SSDEEP:
MD5:	E6A05F5CBDA564FF3B493CF928F3B1EF
SHA1:	894403FA99EACCCABF8CD7902E409EFB5AA481FE
SHA-256:	95183DF11757D10C80FB88BB8C1A3BD18B47F8A4EC88E7541E6C740A60F99D1E
SHA-512:	ADB63E6C086F7BB3A565785628C39710946C402274A0DD983451ADEF52938CB6B4C2A16786B3DC6CDD14CBD0A509407345BEC95CF3582A50168E0C03E2728EB6
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....cBA.~...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........R..}.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 16:24:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	4.007308561144009
Encrypted:	false
SSDEEP:
MD5:	F761E7EA7685EAA961CCB543B40789A4
SHA1:	EF671A6524C0C528B740BF8F9AF5FF9BA497546A
SHA-256:	356320858F3D157FF73FC5745712A723B0BD94B4510144B25D753A1CE85F2E9D
SHA-512:	A16F8BBE853363CC6D688C0EC2E6D8B63C7CDB261D5BA231B983156AE96756200CBFDB3B8DF76CEBFF094F3AED88DFDE0422BC8F379897E54BB851C1D9E60858
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....._3.~...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........R..}.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.0150717640618225
Encrypted:	false
SSDEEP:
MD5:	9E1A5563A4745DBE8DF9862798333914
SHA1:	D398303FBF8F0449ED6472BE6498932A8E9AB070
SHA-256:	E4AC8F894D473DD2876534BDE4EA8C18A85BA67DFFBFCA6A174B637C145CF99F
SHA-512:	FB2014B5EE543F98F648178AF44C6C0E17143BA9F7AE94C16047DE04438C6078DCDC538EC0DF46E769E6DE4DDAC9E50B3B7A0C7E6865100542BF0CF6F6E7D377
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........R..}.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 16:24:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	4.005043038386982
Encrypted:	false
SSDEEP:
MD5:	C444489AB73CCB7DD01AD3D04E1EFF96
SHA1:	4240F778EE5257ECB433A2F080E8EA4B747957DF
SHA-256:	551BC8303E0C698D4F6BFE0BD431CCC241B0159CA3CD5A9CC6EBA760C5FD6C01
SHA-512:	0832BF061C81609D5AEEC356393C9B928274253E7EBA5D7156AC4167E47F5388A1CACB65ACD65E710962EC501B8B1DC428D924B12A5CC9BD32122045F5592A5C
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....".-.~...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........R..}.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 16:24:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.993490811078967
Encrypted:	false
SSDEEP:
MD5:	3EB89CFAB9D4FB879F809980325AFE09
SHA1:	EA72A4E58BD417A743DE731EA2F9A35FB6B3C2A8
SHA-256:	C52EFC8DBED1283A533C8CA3A294D10061AF300D951F385A1490EA4B7B798DDB
SHA-512:	808E3A0E2BB0ABFCAEB67BC43D5D19A0F2E415C5206AAC89E18B5619D50224CA4419E93E6A69A23F3105DA85FE6685005CEF3EC14062C7F17E6FC489930DEE19
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......:.~...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........R..}.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 16:24:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	4.005932543773586
Encrypted:	false
SSDEEP:
MD5:	CEC09327D2C0E714742D91825FFF8407
SHA1:	C8FA17473E1204A4A0DCF7AA11C9977BFAB6D2A6
SHA-256:	37EC07EB804E7841470AAEF2057CDED9D71C6AD82D54177AC89193F69F6DBBAF
SHA-512:	DBCDEE25AF495B1CCF8B319D7DF073CD225DFEDF49BCA18686BF26BA80A9A978A3DB926F82B2DDDFB6BE17950D00AD19D1BBD9E7C5CF9394AE00988FB13F545F
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......".~...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........R..}.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	36653
Entropy (8bit):	5.571964369043842
Encrypted:	false
SSDEEP:
MD5:	D6FDEEED9AA42B2AE2AE7028406D4672
SHA1:	4EFE86E5064E7CDBB0E9845B42D40C8335B533C3
SHA-256:	FF02F51C8514178FFD26D56FDA9AAB193EE4E85F49C8278B95B5544F60C765F2
SHA-512:	528CE84764AFB713EA0D809062B0F66D555A8FF78482E29FE98E7157C6D0C9CE12556F5618B5A019F96A9473651494D1853748A33C069D4119990D44C825250A
Malicious:	false
Reputation:	unknown
Preview:	{"DomainData":{"pccloseButtonType":"Icon","pclifeSpanYr":"Year","pclifeSpanYrs":"Years","pclifeSpanSecs":"A few seconds","pclifeSpanWk":"Week","pclifeSpanWks":"Weeks","pccontinueWithoutAcceptText":"Continue without Accepting","MainText":"Privacy Preference Center","MainInfoText":"When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.","AboutText":"More information","AboutCookiesText":"Your Priv

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	95948
Entropy (8bit):	5.390377559358716
Encrypted:	false
SSDEEP:
MD5:	32865F8B0518670A04C81659CD3871DB
SHA1:	8CAAAAFBAC3E189C42DED3278355BDCAAA95DC99
SHA-256:	1492D0BB67B07F042F35595A70369DB5BD89E02CCA12DE3140B2519A381ABA69
SHA-512:	1CDC055D1ED4EA4263379C97A45184834231CA0C02100C8600E4EEC7AC2F5E928D385AFC0044E262B54A77A80BBE1F9A07836E8C7F503CFED4C6D1AB430CF9D5
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/default/js/jquery.js
Preview:	/!jQuery v1.11.3 \| (c) 2005, 2015 jQuery Foundation, Inc. \| jquery.org/license/!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k={},l="1.11.3",m=function(a,b){return new m.fn.init(a,b)},n=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,o=/^-ms-/,p=/-([\da-z])/gi,q=function(a,b){return b.toUpperCase()};m.fn=m.prototype={jquery:l,constructor:m,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=m.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a,b){return m.each(this,a,b)},map:function(a){return this.pushStack(m.map(this,function(b,c){return

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 143968, version 1.0
Category:	downloaded
Size (bytes):	143968
Entropy (8bit):	7.996862081173573
Encrypted:	true
SSDEEP:
MD5:	47FD50EC98BF52397B1ADB3DEDBECA37
SHA1:	48E7C0C0F0324786BF0B4D71031091F99FB2E179
SHA-256:	03A79B26659E525305430C37A6A29B7D9726DD1070C907800C4C53999E74769A
SHA-512:	BACFBE122E794453B8A401BF1B77E4B678D6CB94E8B82F04ED4875A8DA1DCE5CE014F4490A4C9147C87163ADBCAFBEC5B671252273E015B5AEDA2B0AF98E0A53
Malicious:	false
Reputation:	unknown
URL:	https://update.easeus.com/default/typeface/icon/iconfont.woff
Preview:	wOFF......2`......D,........................GSUB.......;...T .%zOS/2...D...D...`<iQ.cmap............D..glyf..............z.head.......1...6E..hhea... ...!...$-'.hmtx...D...P...4aS.Xloca...........8.0..maxp.."........ ....name.."....@...g..<.post..#....w...W.L.'x.c`d``.b0`.c`rq..a..I,.c.b`a...<2.1'3=.......i. f....&;.H.x.c`a.b........t.....B3.f0b...2.23`..i.)...1............0#."&.....x...w..c.....I....h*%....YI..-.mm.h.-....%d.=.....8........=.og...==..w].y\.....'.%.>m."..J....P........./mJ[...........\......?p`................3;.....2yc...M.....~.)..0.ds.....Z...>......sx...%v..x.c...q0.p(../^.kx.o.M.............o.G..Y..`.....~,.>..6..uX..y!..!6ck.g+^....g.<^8/c'..X..xN.DN.dN.TN.5.......a\.........\..\..\.\.\..\......-...\|..q.w.q..M\|...Y6..\|.W..<......~\|..8..%...x......w......l...3~......_..7.$.1?.c...3x...N..{9....Or7...l.gX.G...da..]<...X.."<.EY.'.8..D.`S..y.O.i,.R,.2,...]..X.g.,Va5..s.".cm^......Rl.6l.Z..zl..<....x...+..+........K...a..b./.\|,.

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	106894
Entropy (8bit):	5.174763762188255
Encrypted:	false
SSDEEP:
MD5:	AAB96965C7775FD7F9E1160B81DEB786
SHA1:	C853BA0DC6C87F6C3271C37213ED83D12A052E8D
SHA-256:	016C9CE41D8C7E63F8CE0B2DD041074170A7089428792DB01892723F52DE5241
SHA-512:	24E4D9E5D9BCB95BC5C508B1C0FFE5722C80A68D7F71AE631FD98304B1B6B20E795369EA38F64569A735BF0A0853ECB3F1540A4696514CDF644468914EBA8EDD
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/default2/css/base.css
Preview:	@font-face{font-family:lexend;src:url(/default/typeface/Lexend/Lexend-Light.woff2) format("woff2"),url(/default/typeface/Lexend/Lexend-Light.woff) format("woff");font-weight:300;font-style:normal;font-display:swap}@font-face{font-family:lexend;src:url(/default/typeface/Lexend/Lexend-Regular.woff2) format("woff2"),url(/default/typeface/Lexend/Lexend-Regular.woff) format("woff");font-weight:400;font-style:normal;font-display:swap}@font-face{font-family:lexend;src:url(/default/typeface/Lexend/Lexend-SemiBold.woff2) format("woff2"),url(/default/typeface/Lexend/Lexend-SemiBold.woff) format("woff");font-weight:600;font-style:normal;font-display:swap}@font-face{font-family:lexend;src:url(/default/typeface/Lexend/Lexend-SemiBold.woff2) format("woff2"),url(/default/typeface/Lexend/Lexend-SemiBold.woff) format("woff");font-weight:700;font-style:normal;font-display:swap}{margin:0;padding:0;border:0;list-style:none;vertical-align:baseline}:focus{outline:none}html{-webkit-text-size-adjust:none;te

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.577819531114783
Encrypted:	false
SSDEEP:
MD5:	4C8A26E14EDABDD7D6BFBF1472AFC853
SHA1:	F268C3DB54608F753ED9320CB2411B00A40C8D65
SHA-256:	B9224CA870B658AB694ECED1FBB07A971FCE7D0C990E50046929E9968BAF435C
SHA-512:	820B85A739953E8A71E89FEB45BBFB01E2D2F8977D30B0AB11BED28A7CA2B0365595AA7074A3A9780C8DE95E0C8DE839B5C390519F5238E8435F44736CDD497F
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAmKHxkjm9MTVRIFDaWTNiQ=?alt=proto
Preview:	CgkKBw2lkzYkGgA=

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1900)
Category:	downloaded
Size (bytes):	124720
Entropy (8bit):	5.538687788540712
Encrypted:	false
SSDEEP:
MD5:	0EBBF3C6DE6FD19724664DE43B068772
SHA1:	05A117998960C76FB81523A74EE5A1698EA3B332
SHA-256:	9454E263B01F29A0A786D74FA94BC92324357FC83A156DA54A0898962007232D
SHA-512:	7540AB65AF4E47B0582F9C72C7E3CC3E34912B9A52C2FC764A9A7E999E2F8D41DF20B1A97C71BFAE73FF748866D561960375A3D1DEBFE0C49A97309586B4010C
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/js
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[],. "tags":[],. "predicates":[],. "rules":[].},."runtime":[ .]...........};...var ba,ea=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},fa="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a},ia=function(a){for(var b=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global],c=0;c<b.length;++c){var d=b[c];if(d&&d.Math==Math)return d}throw Error("Cannot find global object");.},ja=ia(this),ka=function(a,b){if(b)a:{for(var c=ja,d=a.split("."),e=0;e<d.length-1;e++){var f=d[e];if(!(f in c))break a;c=c[f]}var h=d[d.length-1],l=c[h],m=b(l);m!=l&&null!=m&&fa(c,h,{configurable:!0,writable:!0,value:m})}},la=function(a){return a.raw=a},ma=function(a,

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	5689
Entropy (8bit):	5.350386737726508
Encrypted:	false
SSDEEP:
MD5:	8B3534266608375F78A6908967FC270E
SHA1:	DFCE7C1E26AEE1DF942814E24C4F23B9A5E5A85D
SHA-256:	FB6D4AC0D4D47AF0DEA0ECD3B5B4A1498F1485D5FFADA047778D19F4EFFFD2DE
SHA-512:	E297CDFA9D9C41661D4DE534EECB3ABA7286D7A1D0D3E01ED97E291C0EF52D6EB3ED7F37E212DF029FD45CBD99590C6D3DFEE3422CA3B5169F79EAE9B5C379C9
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/1/cleverAnalytics.js
Preview:	// filter out IE7-10 and Windows Server 2012 to avoid errors in in-apps..if (navigator.appVersion.indexOf("MSIE") == -1 && navigator.appVersion.indexOf("NT 6.2") == -1) {..../* NEW COOKIE CONSENT LAW - EXPLICIT OPT-IN REQUIRED - DISABLE GA FOR NOW...(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]\|\|function(){...(i[r].q=i[r].q\|\|[]).push(arguments)},i[r].l=1new Date();a=s.createElement(o),...m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)...})(window,document,'script','//www.google-analytics.com/analytics.js','ga');../.......var currentStep = 0;...if (document.all && !document.querySelector) {... // ie7 or older...} else {... //console.log('>IE7')... if(document.querySelector('.CBScopecart') !== null && document.querySelector('.CBPagedefault') !== null) {currentStep = 1}... else if(document.querySelector('.CBScopecheckout') !== null && document.querySelector('.CBPagedefault') !== null) {currentStep = 2}... else if(document.querySel

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced
Category:	dropped
Size (bytes):	68
Entropy (8bit):	4.403590365002627
Encrypted:	false
SSDEEP:
MD5:	EDB2AA47631C67A43709D4CCD2501E33
SHA1:	87475B448C53CF32FFE78AB121DB8BAB41D478E0
SHA-256:	6019C3C9E47DC991F8D9937DEAFBB0740C2E61E321324798CB508773B0814824
SHA-512:	65820EEAF261F01988570AFE7866D9B83901950DFBD89542009A1FAAAE520E1AF2FA08789B7E94A64B0E1A3BDC39256354EFE1D38856621851DD65E80505DBB2
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR.....................IDATx.c........o.......IEND.B`.

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65387), with no line terminators
Category:	downloaded
Size (bytes):	161169
Entropy (8bit):	5.273694962351281
Encrypted:	false
SSDEEP:
MD5:	1AD97162AB696CD63E4623B41E04E468
SHA1:	8260EC7447D9F0A54B2ABBFC0F41979DF12CF4A8
SHA-256:	EAC827697D6F114483747C8BC2949785573F64DF0C0C7CFCDB0A94B5645E264C
SHA-512:	D40A120C12246DDDB36CF28F107B0A7DECD705765165E7114397F9AAC6F19A1818798CC93100D9FC10A7FA0A3846BEF5BA220FBF1246277611E440B603309070
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/default/js/other-test.js
Preview:	"use strict";function _defineProperty(e,t,a){return(t=_toPropertyKey(t))in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function _toPropertyKey(e){e=_toPrimitive(e,"string");return"symbol"===_typeof2(e)?e:String(e)}function _toPrimitive(e,t){if("object"!==_typeof2(e)\|\|null===e)return e;var a=e[Symbol.toPrimitive];if(void 0===a)return("string"===t?String:Number)(e);a=a.call(e,t\|\|"default");if("object"!==_typeof2(a))return a;throw new TypeError("@@toPrimitive must return a primitive value.")}function _typeof2(e){return(_typeof2="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e})(e)}$(function(){var e=$("body"),t=function(){globleJs.load_script("//widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js"),e.unbind("mousemove touchstart",t),t=function(){}};e.bind("mousemove touchstart",t),set

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Category:	dropped
Size (bytes):	1150
Entropy (8bit):	3.752464110682366
Encrypted:	false
SSDEEP:
MD5:	3B4102344684A314ECAE0E0B0A56A5C8
SHA1:	0935BD54A2BC35D66BF6F92951151D9523DAD38E
SHA-256:	15FB0280344CA0C0668995CC88FE36016558ADCAF6852F079F416EFD2691AB2C
SHA-512:	C4CE77286E895DA48E37EA677D0FF2F646354CD2C7B0CF3EC3D8CCBD8B7DFF585EBA09AB9E59EEC294F3307B23F94C8DF4C379E2A40CB1E881536E67CA169783
Malicious:	false
Reputation:	unknown
Preview:	............ .h.......(....... ..... .....@.......................................?../..S..5....................................................j..X.t...y..}........................................................}...s..f..9.........................................q=..p4..p- X...=...........................................l.1.k...k...l.v.k.6.j...e...m.[.n&..............................k...k...k...m...o-..k...k...k...k...l.\.k.......................k...k...k...k.;.....k.o.k...k...k...k...k...k...................k...k...k...k...k.z.k.C.k...k...k...k...k...k...k...............k.V.k...k...k...k...k...k.X.k.G.k...k...k...k...k.D.................k.\.k...k...k...k...k...l...l...k...k...k...k.t.....................k.,.k...k...k...k...l.......k...k...k...k.;.........................m!..m#,.j...j...n.e.k.[.k...k...l.9........................................Y...9...t4..o+..p9.........................................n.. .w...u.....)....................................................3....u..U.

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	70
Entropy (8bit):	3.577769619550495
Encrypted:	false
SSDEEP:
MD5:	58A7930CD4577FC33C35828C271EAB8F
SHA1:	406E57F86DC101E10F3A57BE1E2F7B93C4580474
SHA-256:	8D70B3E6BADB6973663B398D297BB32EAEDD08826A1AF98D0A1CFCE5324FFCE0
SHA-512:	F7A5F748F4C0D3096A3CA972886FE9A9DFF5DCE7792779EC6FFC42FA880B3815E2E4C3BDEA452352F3844B81864C9BFB7861F66AC961CFA66CB9CB4FEBE568E8
Malicious:	false
Reputation:	unknown
URL:	https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
Preview:	GIF89a...................!..NETSCAPE2.0.....!.......,................;

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	3.0314906788435274
Encrypted:	false
SSDEEP:
MD5:	325472601571F31E1BF00674C368D335
SHA1:	2DAEAA8B5F19F0BC209D976C02BD6ACB51B00B0A
SHA-256:	B1442E85B03BDCAF66DC58C7ABB98745DD2687D86350BE9A298A1D9382AC849B
SHA-512:	717EA0FF7F3F624C268ECCB244E24EC1305AB21557ABB3D6F1A7E183FF68A2D28F13D1D2AF926C9EF6D1FB16DD8CBE34CD98CACF79091DDDC7874DCEE21ECFDC
Malicious:	false
Reputation:	unknown
URL:	https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-x9QmKkWVp-lCUOQgg7ieymhymmKSK9z9oWHdhQ&C=1
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 130 x 130, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	7666
Entropy (8bit):	7.933507370457831
Encrypted:	false
SSDEEP:
MD5:	184B3FEB8FB09B7914DAD3F60A0B76F4
SHA1:	E92783681027F36FD0BA360622D72694D7F5281E
SHA-256:	85B0FBBDDA0891264BBB0352A53C28252C959B594C2F605AB2679B695C8E2058
SHA-512:	3844157B0D3CCA9AE1AE23C2357336AE1061CE59ABC6E092CB21D27AD88C114A2F6B29458B5D6E2A485DD1BC298E5EEA3E31B6620155373AFB25313EE79CCD1B
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/images_2016/user/erik.png
Preview:	.PNG........IHDR....................zPLTE......0"%........}\|..~.......pi......O@H61.........J;Bta`............tl.................gVc.....lbq.......dOR.............s_<+-......z....VAB.........ms.{r.[K"....p...hU...pYUD9B..~x....PD...YN[...~quE4I0/....}]IJ.i_...........~.yf+....siiKBs`eQ:7....OEQ..............{p.pg....dZD........`k..\|bW....6:..f8,....rz....MY.eO]/ ........3D.-.......tRNS....#.X..b...5C.D..........IDATx...O.P..].C...<......k%....07....5.Y'...........=..C....w]I`...{...r.W*...P..}r.R)..o....7...v.^...z}wwwkw}g~v..u.<7....Uu]...z..,.Y.e....5b.g......m.7.l....xw.a...C1V._....@R.>..e......m..7'.Wn........l.... .J....X[...J...il...c....@...xS.....#..LW..`<..U..F..r.)....\t...A.fg.F.+{.W....$MS..4Z...q'.U.(.......D.......J.. 2...=4A.@..\....K..DX!...Z....~..9.....K.....u...B}....(........\..=.............B.xA.B.}P6} .....M.]2..$.. ...Zu.}..A.......0..X.2.G t.A..K.p.R...5.i..qlD......!.....!-.(.gH.t .D.E...R

Chrome Cache Entry: 161

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	297531
Entropy (8bit):	5.226025129950431
Encrypted:	false
SSDEEP:
MD5:	4AEF01D730A809D81A41A46CB8C4789E
SHA1:	8CFAA9894FFC1E8442FB909570C79B7835483068
SHA-256:	5A43E7E1A626C5A211605D48338DE1CA6DCAEF67832DFC9D13BC9BC91685A135
SHA-512:	00604F217FEB9A1D0E30FB2F6BF7F3A8EA571FF760D7FBDF75ED38DB289616860E917DC7AA488A0DEE12503A880DEE5CDF57DF13221A756888D682D63E62D83C
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/js/Shop.js
Preview:	.function Class(fromClass, constructor) {.fromClass = fromClass \|\| Function;.if (!constructor \|\| constructor.constructor != Function) { constructor = function () { }; }.if (fromClass.constructor == Function) {.constructor.prototype = new fromClass;.constructor.prototype.constructor = constructor;.constructor.prototype.parent = fromClass.prototype;.} else {.constructor.prototype = fromClass;.constructor.prototype.constructor = constructor;.constructor.prototype.parent = fromClass;.}.return constructor;.}.RegExp.prototype.family = 'RegExp';.String.from = function (obj) {.return (obj + '');.};.String.prototype.trim = String.prototype.trim \|\| function () {.return this.replace(/^\s+\|\s+$/g, '');.};.String.prototype.clean = function () {.return this.replace(/\s+/g, ' ').trim();.};.String.prototype.startsWith = function (str) {.return (this.indexOf(str) == 0);.};.String.prototype.endsWith = function (str) {.return (this.match(str + '$') == str);.};.String.prototype.repeat = function (times) {

Chrome Cache Entry: 163

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (6410)
Category:	downloaded
Size (bytes):	10910
Entropy (8bit):	5.801917855341204
Encrypted:	false
SSDEEP:
MD5:	0D0E458EF3C28EB162E6D8DDE6A9BE9A
SHA1:	CF6054CE0D92D1E79CAE1AFD7E4CB84D4E8D7E24
SHA-256:	B82075A806AD0CC5988E25B0C05D9A9AF9590DB29B8774CA99143362E991BF72
SHA-512:	DAD22E7F9E643BAB4F369BB1E3B5CA63C9C7158F3713E1E33D873FD3C822BF1E63838220ABFF3E63C4CD1FA50DC4887D496B57E0DA5193CA71D234114DF46C15
Malicious:	false
Reputation:	unknown
URL:	https://sslwidget.criteo.com/event?a=104435&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523&p2=e%3Dvpg&p3=e%3Ddis&adce=1&bundle=fozlcV9pTllDNHlnNmFlUVlVeVE4azJqMWRQNFJuSkZGN04wdzlnNFNVZk9TRTRpN3NLWk1zcm5RWGx0alduRG9COXBZUGE2Wmw0MVd3d0VpbSUyQmJGU3M2OXk1SVV3R0FvOTI4MzdVWUx3bkVmVEd6N1NOSTBCT1ZZQVVNSnFDZ1lKSkdsVmFhTm1IcmN3Ylh1dkh3QyUyRlBzY0t3JTNEJTNE&tld=easeus.com&dy=1&fu=https%253A%252F%252Fupdate.easeus.com%252Fthankyou%252Finstall-data-recovery-wizard-trial.htm&ceid=e7d161cc-907c-47ae-8409-fac6cebfd2da&dtycbr=39001
Preview:	./* /(function() {var qss="&cb="+Math.floor(99999999999Math.random());try{qss+="&ref="+encodeURIComponent(document.referrer)}catch(e){}try{qss+="&sc_r="+encodeURIComponent(screen.width+"x"+screen.height)}catch(e){}try{qss+="&sc_d="+encodeURIComponent(screen.colorDepth.toString())}catch(e){}var callDis=function(e,t,n,o){function c(){callDisInternal(e,t,n,o)}"complete"===document.readyState?setTimeout(c):window.addEventListener?window.addEventListener("load",c,!1):window.attachEvent("onload",c)},disCalled=!1,callDisInternal=function(e,t,n,o){disCalled\|\|(disCalled=!0,n=(n?"https:":"")+"//"+t+"/dis/dis.aspx",(t=document.createElement("iframe")).width=t.height="0",t.style.display="none",t.setAttribute("sandbox","allow-same-origin allow-scripts"),t.title="Criteo DIS iframe",void 0!==o&&""!==o&&(document.body.appendChild(t),null!=t.contentDocument)?(t.contentDocument.open(),t.contentDocument.write(o),t.contentDocument.close()):(t.src=(n+"?p="+e+qss).substring(0,2e3),(o=document.getElem

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 120 x 45, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	6276
Entropy (8bit):	7.908494616852233
Encrypted:	false
SSDEEP:
MD5:	145C02DDEFBEDA7FC8E6D18E0AF55EB0
SHA1:	3CC9B3B3F45C201B5D5B7796FE923E6E2B6C8CD5
SHA-256:	03CF6201814D9459C11F59A8BE4E19125741C5D520C1E2316F2AC578F7F54EFB
SHA-512:	1B03BBDE1E6D3BD029E82BA099E1C334B39E29EA6BBC30E8C34D62641FB8F2DF3483F62657817E06DB167D2F8EE0038B87D88E5977DFAEDFB0107577D7C31B82
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/images/en/logoTlsSecuredLarge.png
Preview:	.PNG........IHDR...x...-.....e'......tEXtSoftware.Adobe ImageReadyq.e<...fiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:685E1D761AB6DF1182ADB46A1A4519BB" xmpMM:DocumentID="xmp.did:5E75F4F8FE2511E4AA60994BEB36FBED" xmpMM:InstanceID="xmp.iid:5E75F4F7FE2511E4AA60994BEB36FBED" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:59FA3F6823FEE411BED7CC61DC7FCDB1" stRef:documentID="xmp.did:685E1D761AB6DF1182ADB46A1A4519BB"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......IDATx..\.xT.^g.2yN.... AHH.k(.-.\.D..~....

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	70
Entropy (8bit):	4.10370516063324
Encrypted:	false
SSDEEP:
MD5:	B0F41DFDB39537EAD363417D80CFC0A7
SHA1:	93C53BC2B37815BF7574FF54D923979054DE4057
SHA-256:	413FA819EBD01D88E44A674D282AB109B747DB63592C57E099706B364D8C2DEB
SHA-512:	273AD5ECF19EDBE8F81006676558110F122A50E8BED71E2D69E8A7D6474189256198B38803086AFA21EF14F457B6FB1CB1EB4E633A9DF50505A8E9C84F6F8AB4
Malicious:	false
Reputation:	unknown
Preview:	jsonFeed({"country":"US","state":"","stateName":"","continent":"NA"});

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (703), with no line terminators
Category:	downloaded
Size (bytes):	703
Entropy (8bit):	5.326234611665612
Encrypted:	false
SSDEEP:
MD5:	750DF438450878ABB77A6018C3FA557F
SHA1:	1F9FE8C4B812A00A32A3F9861670B8B7286BC3B8
SHA-256:	EA19C4DD010214C1C7C58470DC84134E45FF28575182C21B9CDCD29B0112A447
SHA-512:	A28BEC2F145243C6C22F44DDFF5F04CF7E2D619B881AFFCEE63DF79A747BBB542A260F21333F2D592CFD5ADFCEDCF0C5F021B40637966B3EF6AF7898F8F058EC
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/default/js/cj.js
Preview:	"use strict";$(function(){var e,t,c,s,a=document.URL;if(/^https/.test(a)){var o="390467271471";/^.?\.easeus\.de/.test(a)?o="390466647600":/^.?\.easeus\.fr/.test(a)?o="390466765032":/^.?\.easeus\.co\.kr/.test(a)&&(o="390467184579");a=document.URL.replace(/(^http.?\/\/.?\/)./,"$1");e=a+"proxydirectory/tags/"+o+"/tag.js",c="script",(s=(t=document).createElement(c)).src=e,s.type="text/java"+c,s.async=!0,s.id="cjapitag",(e=t.getElementsByTagName(c)[0]).parentNode.insertBefore(s,e);var r=globleJs.GET("cjevent"),n="domain="+document.URL.replace(/http.?\./,".").replace(/\/./,"");r&&(r=r.toLocaleLowerCase(),cookie.setcookie("cje",r,9480,!1,n,!0),cookie.setcookie("cjevent_sc",r,9480,!1,n,!0))}});

Chrome Cache Entry: 167

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	37325
Entropy (8bit):	5.235829898521673
Encrypted:	false
SSDEEP:
MD5:	E1C82F92F71C37A671B637F08DBAFD7F
SHA1:	7BE607FDCCCBE8CEFDBCC54827524220DC3D7796
SHA-256:	E970D8BDF3E84489E0ED046F181DD3D436ED60649F0476DDB415381C64DAB538
SHA-512:	BD601873F7921E2763B79A1C4EEF9D5A4058ACEC3877BDF337FB92CAFE7A0E98423E9D6E1B9D06AAABCC5FB8E908F5C0EBAFD55711769AB2FA5EF14F1C1DBE44
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/1/ga_event_tracking.js
Preview:	// CLX-10858, Januar 30th, 2023..$(document).ready(function() {.....// prevent multiple click listeners on same object in case file is loaded more than once.. if (typeof CRAddToCart === 'undefined') {.. .CRAddToCart = false;.. }.. .. if (typeof xsPurchase === 'undefined') {.. .xsPurchase = false;.. }.. .. if (typeof cbProductAdd === 'undefined') {.. .cbProductAdd = false;.. }.. .. if (typeof CBProductAdd === 'undefined') {.. .CBProductAdd = false;.. }.. .. if (typeof cbProductActions === 'undefined') {.. .cbProductActions = false;.. }.. .. if (typeof cbProductDelete === 'undefined') {.. .cbProductDelete = false;.. }.. .. if (typeof CBProductDelete === 'undefined') {.. .CBProductDelete = false;.. }.. .. if (typeof cleverSubmitPurchaseFlag === 'undefined') {.. .cleverSubmitPurchaseFlag = false;.. }.. .. if (typeof inputFieldCompletedFlag === 'undefined') {.. .inputFieldCompletedFlag = false;.. }.. .. if (typeof paymentMethodChangedFlag === 'undefined'

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (331), with CRLF line terminators
Category:	downloaded
Size (bytes):	41510
Entropy (8bit):	5.052126692832544
Encrypted:	false
SSDEEP:
MD5:	0F41DAF295BE0BA8BFEC48B2BCDED1F1
SHA1:	C7E95BE299D124AA05711FE89ECD0E54BA40E733
SHA-256:	5F489B471D8E2BDCD3A7DEDF65780EC124D5E7DD5D7993C832CB2FC0C7895DEC
SHA-512:	794056D993544DD160AF78C2B1360E84960E0472E4FBEEF3C2FB22FDC2B4C03F9A80837E7B28C723DB98659BDEDC349BA41A463D05CDDE17D05B900EEE08B92F
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/1/cleverZIPtoState_AllCountries.js
Preview:	// wrapper..(function($){.. try{.... /*.. @author - Maggie Jones.. * @file - Sets correct state according to user entered zip code.... * <pre>.. * CONFIGURATION OPTIONS:.. * NOTE: the following need to be set BELOW the script reference:.. * - To turn off a country: window.cbZipToState.countryStatus[lowercase country] = false;.. * (i.e window.cbZipToState.countryStatus['us'] = false).. * - To turn off "keyup" listener: window.cbZipToState.keyup = false;.. * - To hide state until match found (for special country/state text-type UI): window.cbZipToState.hideBlankState = true;.. * - To turn off entire script window.cbZipToState.status = false;.. * - To trigger change event on state for all state/provinces set window.cbZipToState.triggerChangeForAllStates=true.. * IMPORTANT NOTES:.. * - purpose of this script is not to enforce strict zip/state match but to help customer by -.. * automatically selecting state based on zip... * - some checkouts hide the

Chrome Cache Entry: 170

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 176 x 121, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	5665
Entropy (8bit):	7.789483783515542
Encrypted:	false
SSDEEP:
MD5:	DFE9655E355B18E974F6ECEBEDF80F4C
SHA1:	D78DA71808CCE59FB408743EBC459AFF61E047C6
SHA-256:	59805425C06693A44B2635086F8D9747B31F884CBECFB0D655AB46FAA8394C54
SHA-512:	A8BD03869314699C4DE417EDD3EC4E07C4D631123565A6E5D27BD27899189207E62C9ABC3210599E7B0B8C745D8E2D9DAEAD23BF77716CD65BFD21B6FBE0C143
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR.......y.......[.....PLTE..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................+.&U....tRNS......._....I$}.#..P..'..4..M.qn+.VM?=.~{Z.......t`:7.............a9......mHG<-.............ushZQE21+!...................xkhSMA?5*................_PB,#........\|idc\XVE9%.......

Chrome Cache Entry: 174

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	5588
Entropy (8bit):	4.504433278726454
Encrypted:	false
SSDEEP:
MD5:	FA90774CF99780F6EFDF8F65A400D8D2
SHA1:	9BC212C38C16C5D5177A0ECE0F44847358314FC1
SHA-256:	BB230994469278CBE80E0336A575209516879AD6A5E8CC9233956E71747DE578
SHA-512:	ACC59616B2F91A0F0ED03C23A70CA2989825BE42E3047AEE3EAA9175D2DFCC38F45987F8F9DE9117273A8050C7B8276B9B4913C2C82CED2F4A6A85AED080AB88
Malicious:	false
Reputation:	unknown
Preview:	<?xml version="1.0" encoding="utf-8"?>.. Generator: Adobe Illustrator 16.0.4, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->..<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">..<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"... width="124px" height="33px" viewBox="0 0 124 33" enable-background="new 0 0 124 33" xml:space="preserve">..<path fill="#253B80" d="M46.211,6.749h-6.839c-0.468,0-0.866,0.34-0.939,0.802l-2.766,17.537c-0.055,0.346,0.213,0.658,0.564,0.658...h3.265c0.468,0,0.866-0.34,0.939-0.803l0.746-4.73c0.072-0.463,0.471-0.803,0.938-0.803h2.165c4.505,0,7.105-2.18,7.784-6.5...c0.306-1.89,0.013-3.375-0.872-4.415C50.224,7.353,48.5,6.749,46.211,6.749z M47,13.154c-0.374,2.454-2.249,2.454-4.062,2.454...h-1.032l0.724-4.583c0.043-0.277,0.283-0.481,0.563-0.481h0.473c1.235,0,2.4,0,3.002,0.704C47.027,11.668,47.137,12.292,47,13.154z".../>..<path fill="#253B8

Chrome Cache Entry: 175

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	unknown
URL:	https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-deUq1UWVp-lCUOQgg7ieymhymmJ-kHZoVAlmcQ
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 176

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	32712
Entropy (8bit):	4.663834006496739
Encrypted:	false
SSDEEP:
MD5:	F6A8452A5AD740E14F7045ACB6B2950B
SHA1:	39586756F89FA75394F1678ED8827A1191F5D91D
SHA-256:	663A65DB56C4D05417660481BF645A603984F96FC9364633A1836AE817CC3A60
SHA-512:	DC44C14BDD8E784628ED3AA43F00DF31F13F6822C2CBA5B2E86DEE556C1E1AA2A07AB33D215911F38D76D966C4B9AB5EA3CB1829A134757C3B722226C3928EC0
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/1/cleverScripts_taxUpdaterV2.0.js
Preview:	/*.. @file - tax updater script.. * @description - updates tax amount without page refresh when zip code or cart changes.. /../.. @namespace window.cbCartNewState.. * @description - cart and configuration data returned from ajax call gets stored here.. /..window.cbCartNewState = {};..../.. @namespace window.cbTax.. * @description - namespace for functionality related to tax updater.. /..window.cbTax = window.cbTax \|\| {};..// flag to check if ajax call underway..window.cbTax.ready = true;../.. @function window.cbTax.universalBind.. * @param {Function} bindThis - function to bind.. * @param {Object \|\| null} bindTo - what context should it bind to? If none then pass null.. * @param {Array} [myArgs=[]] - what arguments should be passed to the bound function when it executes?.. * @returns {Function}.. */..window.cbTax.universalBind = function (bindThis, bindTo, myArgs) {.. return function () {.. return bindThis.apply(bindTo, myArgs);.. };..};..// interact name

Chrome Cache Entry: 177

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	4685
Entropy (8bit):	5.014159306357937
Encrypted:	false
SSDEEP:
MD5:	F6FD7EAA58F1FFB015934B66F3BFA9C7
SHA1:	140AC1BF7FA3F1DE8A77DD52F983F45C229F36B9
SHA-256:	042B6504B9208298A42CC5592559CFE70498CE666B25E8D8AED4BE2DE80A9083
SHA-512:	0699DC62577D1F0B74B4FAF8A307168BCE3089DB24DF56E0756ED92072774B6D60FA236B87CA9D06F62FB823F228C0422315A63B45A9AC29145099DB56CFC9DF
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/1/cleverCreditCardDetection_addOpacity.js
Preview:	$(document).ready(function(){.. try {.. function getInternetExplorerVersion() {.. var ie8Check = true; // Return value assumes true... if(navigator.appName == 'Microsoft Internet Explorer'){.. var ua = navigator.userAgent;.. var re = new RegExp("MSIE ([0-9]{1,}[\.0-9]{0,})");.. if(re.exec(ua) != null && parseFloat(RegExp.$1) == 8){.. ie8Check = false;.. }.. }.. return ie8Check;.. }.. if(getInternetExplorerVersion()){.. //CREDITCARD TYPE - START.. var creditcard_type = undefined;.. var creditcards = {.. visa: new RegExp("^4[0-9]$"),.. amex: new RegExp("^((34)\|(37))[0-9]$"),.. cup: new RegExp("^((62)\|(88))[0-9]$"),.. dc_cb: new RegExp("^(30[0-5])[0-9]$"),.. dc_int: new RegExp("^((30[0-5])\|(309)\|(36)\|(3[8-9]))[0-9]$"),.. dc_uc: new RegExp("^((54)\|(55))[0-9]$"),.. dc: new RegExp("^(6011\|622(12[6-9]\|1[3-9][0-9]\|[2-8][0-9]{2}\|9[0-1][0-9]\|92[0-5]\|64[4-9])\|65

Chrome Cache Entry: 178

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 48, 4-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	488
Entropy (8bit):	7.223211251391516
Encrypted:	false
SSDEEP:
MD5:	DE979570375260FFE026725F11134A7D
SHA1:	DACE6D31B04BC96366C04C57B8BF293A97D6DF1D
SHA-256:	CD050B38C25DC068CE8EDF748F7CBE0D3FA32F7EF61CB77EFCCB3180AC1FF4A4
SHA-512:	EED1CF5C0A3E07B00578AC067486808984D1C7EBFD9F85791A15817754CA28FC21B66B3D698D6BDBFC5378A5AAC51DAC16D3E310ACD8606BA173C382F6BB4AAB
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...0...0......,.....gAMA......a.....sRGB.........PLTE...Liq.....................=Z'.....tRNS....S-r...BB...VIDAT8...N.0.@.....8..-....]..V.b.,]C..c...m..8...[.......!..}C0.,.b.......vX......:...Q:%TI...E..GQ\|i..rs....p..8....a .......3..A\..%...B@.......C`.........P0..+...Ft.&...0..r....@.....`a......o...(..Pn.\..+..D ...R...>x..1.K....._+....R..m.J....}EN.p.p..... ..........b...f&.j.Y d...<x.$....V.._2D.Y...U[.;v]..vUd7..r.....IEND.B`.

Chrome Cache Entry: 179

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (64347)
Category:	downloaded
Size (bytes):	223683
Entropy (8bit):	5.454814460294955
Encrypted:	false
SSDEEP:
MD5:	ED4FA4EB31641234901881C752E61024
SHA1:	DBD32C0D8D3E063329D7A27E24499E63804A94FB
SHA-256:	85F407912384186334577F65BF6BB88045BD96F5222D7C696CC71303D65C826A
SHA-512:	E3ABF742E5AC3175A0DCD9799FB29EFFCFCB1B6BE294D10449421A77C9EC6A0FC12855566E9761150E38BDD0CEA1D369E4984C9EF618D9F7B212CBCE88EC4A8B
Malicious:	false
Reputation:	unknown
URL:	https://connect.facebook.net/en_US/fbevents.js
Preview:	/*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved... You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook... As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

Chrome Cache Entry: 180

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (21229)
Category:	downloaded
Size (bytes):	21230
Entropy (8bit):	5.307579290440548
Encrypted:	false
SSDEEP:
MD5:	0CD317A7B9C520801230E944F7D50E41
SHA1:	E3985FF0C2E8B1EAACB617C7C5AF5BEBFCBCEDA6
SHA-256:	6F08699117C1F15F6D35E7B4380D12D18A1881F075E177B5853B1017A3307544
SHA-512:	EA081268CBB1E95BE578EDDFC82E83AFF07F51D1863E58B1275D36C589998FA4434CAA00B70BFE82ED4DE5069125DCD8939BF85DD874FD64BF6BB988B811D0F5
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Preview:	var OneTrustStub=function(t){"use strict";var a,o,p=new function(){this.optanonCookieName="OptanonConsent",this.optanonHtmlGroupData=[],this.optanonHostData=[],this.genVendorsData=[],this.vendorsServiceData=[],this.IABCookieValue="",this.oneTrustIABCookieName="eupubconsent",this.oneTrustIsIABCrossConsentEnableParam="isIABGlobal",this.isStubReady=!0,this.geolocationCookiesParam="geolocation",this.EUCOUNTRIES=["BE","BG","CZ","DK","DE","EE","IE","GR","ES","FR","IT","CY","LV","LT","LU","HU","MT","NL","AT","PL","PT","RO","SI","SK","FI","SE","GB","HR","LI","NO","IS"],this.stubFileName="otSDKStub",this.DATAFILEATTRIBUTE="data-domain-script",this.bannerScriptName="otBannerSdk.js",this.mobileOnlineURL=[],this.isMigratedURL=!1,this.migratedCCTID="[[OldCCTID]]",this.migratedDomainId="[[NewDomainId]]",this.userLocation={country:"",state:""}};(m=g=g\|\|{})[m.Days=1]="Days",m[m.Weeks=7]="Weeks",m[m.Months=30]="Months",m[m.Years=365]="Years",(m=i=i\|\|{}).Name="OTGPPConsent",m[m.ChunkSize=4e3]="ChunkSize

Chrome Cache Entry: 181

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text
Category:	downloaded
Size (bytes):	1040
Entropy (8bit):	5.749039149797993
Encrypted:	false
SSDEEP:
MD5:	5B2B5A0DE3059FD560C737EC92E4E444
SHA1:	BA05F93BBAAB58F116591F0D01F588D06F046933
SHA-256:	3E4FA1E6C21DBFB337F6AA942079FFBEACE6EF4BA007AAD73B8EB57D59549F59
SHA-512:	96F9C46832F23DCD03B2E21A8BD0326F0CA353F0A12CF8C080389BEE5DB5108982246571212AF00DFD3004B9B2B691D925DBAFDCF64CB7CC450719FB6EEFE42F
Malicious:	false
Reputation:	unknown
URL:	https://update.easeus.com/default/js/ga.js
Preview:	(function(){. var dom=document.createElement('script');. dom.src='https://www.googletagmanager.com/gtag/js';. dom.async='async';. document.body.appendChild(dom);.})();.window.dataLayer = window.dataLayer \|\| [];.window.gtag=function(){dataLayer.push(arguments);}.gtag('js', new Date());.gtag('config', 'UA-217061-73');.gtag('config', 'G-XDLZ3JKB0Z');.//date change.$(function(){..var date=new Date();..var year=date.getFullYear();..$("#year").html('2004 - '+year);..//...facebook............!function(f,b,e,v,n,t,s)..{if(f.fbq)return;n=f.fbq=function(){n.callMethod?..n.callMethod.apply(n,arguments):n.queue.push(arguments)};..if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version='2.0';..n.queue=[];t=b.createElement(e);t.async=!0;..t.src=v;s=b.getElementsByTagName(e)[0];..s.parentNode.insertBefore(t,s)}(window, document,'script',..'https://connect.facebook.net/en_US/fbevents.js');..fbq('init', '239496765217947');..fbq('track', 'PageView');..//...facebook

Chrome Cache Entry: 182

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	59
Entropy (8bit):	3.7612657704003114
Encrypted:	false
SSDEEP:
MD5:	980C16696A6C7FB6C8242B74F5EDF52A
SHA1:	872854FDCD64A81655D447293D1E96AD0AD1C0BA
SHA-256:	5B719538163FA24625A0742209D09A4481C7589E767D9EA8BCB16008035F681A
SHA-512:	66AEF5D9B0D7C5B4D3BD91C87AA035FB5EB797A35755DAE5B6324941581186EFC4CC038DC3C99B0C3C5AA0C48F38B2E3C7F2437F112985CD92648AE937BAD2D3
Malicious:	false
Reputation:	unknown
URL:	https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Preview:	{"country":"US","state":"","stateName":"","continent":"NA"}

Chrome Cache Entry: 183

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1200 x 801, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	168657
Entropy (8bit):	7.983683209117171
Encrypted:	false
SSDEEP:
MD5:	0658B1C90E1A81774A426E7F9D81A32C
SHA1:	CA571A4B1A4BE36066C45C9A5CE1B18D6F6C9646
SHA-256:	3AE6114DE15241C4E75962D7112EAFD82301137E9FE3EA3C86549CEFB7B2F9BE
SHA-512:	CA8C55658B220C86EB2A29CE2BAD4B48C69D0034E93A4767E475875CBA5C8CE2A83A7C1E718B180B7999010F413229C25625EEB9B8651C16D0D80BADDDA5225D
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/images_2016/drw_win/screenshot/4.png
Preview:	.PNG........IHDR.......!.......H... .IDATx.....d.y.........L....0.D......).b0A."eIK.J.w..K.-..x.].=G.V....E9..@R$..$.. 2.<..s.t.U]...w.V.4.=.==3..Q]U7WO.......3::...\|.y.._.c"3..t.f.Tz-._.o..Gf.S^'......\C.R0.&EN......Q...9\|.k..v..v..9....\|..../...GF.sa@c.............j......U....r.jhh.s............:.t...V_.......+-.NiMs..[[...<......o..)......\|n..........B.P]}.......yN.....B............=mX.S.....\|w..&.......FwO...............j3...B.\f........je.+.r_.......0..,.......j.X......X............`......`U#.........F........U...................V5.,......pN..\.............^.....W..J....Q.w...<...:5.....W...z%...u.....y/.Xr..`%....S.6o..Y....:}...9.\|>........U...N.T..>...........j.'...._.............y...cY.cY..p]G.6m..;m....N.>i.]w.fm.U.7l.#..r..W.Z.......V...v.xS8.h.;......lmm)....R<.W*...(..N.R.X$./L.g9.. f.L~.....s...g.^.5.2...w.B..W^~iYB.e..:;;.{..jhh.....u..~......N...=7...]{...........]..Y..&.".......d....tc..i.{....x..B.BQ....^Q........b......

Chrome Cache Entry: 184

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1200 x 801, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	99407
Entropy (8bit):	7.948452875272019
Encrypted:	false
SSDEEP:
MD5:	5315C25CED0733464E1B00FE4955B0A4
SHA1:	E8D2085D74EEB65E561A3B401C6DC89C1A4D87A5
SHA-256:	53CFFBF97BA16C46B0B7294ACDC7EF44C8F505A08A1060402F65DD10D5021D5E
SHA-512:	6A8C6B17F48A3B813231A03D76857D426FC362FC394A3610F9CA631DCBCC18B9554901307AA401C0302B7752963C7591A77834A4E4588727956CB4BEA67364D2
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR.......!.....w.......IDATx...j.Q...."tS.....T.&J'CTZD"Ugk1.j+.f/@.w!x...:w.$i......^BJ....g.._....cuX...(........?......&......A.....m.{.........Y....m.n)..5.....`..).F!..c.20.`..C.~.........:...3....._.}.!...(...?.._m6.Z...=u.....3.....O......N1X...5. ..@&...Y..(.X.~........LB.......F.. ..@V.^....)V.......I1X,-.O.8...&'. .... .... .... .... .... .... .... .... .... ....t.lr{:.!....II)8..Z[\..t....<{.%..c.^Z...8....j".^.R/.-....b..T4.i.)]T..5taZ.....Z....JpW?..89L.d01.3..~..='.Lk%...\|..k.....mjvE/.e.....D.07y..7o.......tSC?........eS...Wx..G.....yO....w.V...^.........~.K....qi_t...jI........Cs=X..>.`..o..:>u.`..+.E...Xl..L:&A..{..q...M....A.F.......ws../>\....u..f.....w.........../..OQ..(.e..Rnr.LNO../,iH..~.]..M>=....(..^ye.....U....Wg......j...[cy.x.w....>.`PX............F....~IC/.p,.+i......0.......y.!.......{.....(A."..B7....%.{..].. ...@j..T}j?..IA5..P}.U. L...../.....A..Q..3c.s;...Q.......i.J...~....K..@;...*~").

Chrome Cache Entry: 186

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x717, components 3
Category:	dropped
Size (bytes):	16788
Entropy (8bit):	7.161061978744703
Encrypted:	false
SSDEEP:
MD5:	A6B7D56DDFCD048ECE92DE4666798AF5
SHA1:	1BA78262732C1982581506E0A9709B8C54D0DA29
SHA-256:	4E30A7BD35F13A166CD94A4EA550CBFE9D71520A6C216F316992F19454AB3685
SHA-512:	CDF7962F01469E3E07DDA185025291EE1B4C29043F81670CD7F37BD69D0F422C08518678896A7551698F2D281BC7C2BB02D32C7ABB38E6A186278C4E60040B75
Malicious:	false
Reputation:	unknown
Preview:	......JFIF..........................................................) .. )/'%'/9339GDG]]}............................................) .. )/'%'/9339GDG]]}...........".................................................e........................................................................................................................................................................................................................................................................................................................................................................................................................................................................n......#7.............................W`...1..k.............................`...p..}4..........................O`....0..........................O......'....P..............................,..z6.........................o........H........................`......@...l.........................;z...9q...........................8...

Chrome Cache Entry: 187

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	40
Entropy (8bit):	4.284183719779188
Encrypted:	false
SSDEEP:
MD5:	A716C5EBD8273F841D900D679658F7D9
SHA1:	126053DEFC548615FDB47233497E4DD074972817
SHA-256:	EE2D6E932261ACCD8FF68AE069BB98908FCA7D997917A7AC920BFBEF404D225C
SHA-512:	4898FB49FD831DEB6DA6C43C36598AEC272DE78CA2480A47B359AB52E0EB07DFBB48B41C8464F05ACD2175A5C373F0514D0E2AF1F2D9BFACDD80881931DAE822
Malicious:	false
Reputation:	unknown
URL:	https://update.easeus.com/default/js/ad_download.js
Preview:	http://update.easeus.com on tb 20220129!

Chrome Cache Entry: 188

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 50970
Category:	downloaded
Size (bytes):	15571
Entropy (8bit):	7.98254508678977
Encrypted:	false
SSDEEP:
MD5:	F90DAF8C8F47C6AFAB7D4E27466118B5
SHA1:	C4CCE50F1E6DE0968CF0697DF2CED2CBE00C292E
SHA-256:	2874BF6C90CEABE51494D06C9F9009D7D3C2031A4AB6AE7C15503DA2DCE40761
SHA-512:	161FF33EA23148A0FCF9FF275716407E44C9732B1E4A8E1941C62AFB36F5C6972C8CCFC123F8232D8E8DA42C6E547A587540CFF6B8E40FFD25D96A650225FC6E
Malicious:	false
Reputation:	unknown
URL:	https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js
Preview:	...........}.v.F.....4...h......q'...I&Nr.D...........dE.Z. .&.c.e^`^a......T\|K.g...6P(.e.\|{.........\|....G.02#..j\..~....e......:)G.LSU....J..Q...:+........\/.z]...>.t_...,..eq3.gyz3..,.r.=O.G.Y..]....=.......X.3..7....._..../....hF..g4..]...(.jz...4.S..'..87.#CMb....Uc.k...g....1r.}.4..6.6...n.1j...].c.3.(}...4...G...^.......l.w.....Q..~...tT.e6..#.U.t....\W.U..C.\|S.....ezS.?O..<[..CA..0....A.Q.....tc..o..lU.......uZ.............j....q.?..UqQ....4.(..f.a..g5..#.-...R...z....."=O.z.n6.)o......^$.b...N...,...O..,5.$U...N..7.......E1__.ym^......?..j1...M.@..L......[..,...:}.J.J...8....tY...Y....ru....."..n.q6.S.&.....r..tC;.r..o.U.c._.uV.B(K3__.I.o.K....2.NV....Ey5/ ....$... R.V.?.N.I)Z.<.o..Z.\..1MxL.T..M...eR....q`.......c&e.WiY..=.J..2..R'm.O+3/d.=.?/........'.o..In. ...t1..=.2.2.......$V.H4.q.e.%..8o.@..1.q.]},z.E.........\..8.V.*j.:....?..ia...j......e........PCsU..kQ\..o!..V..&]<~<...%..,.@..q...hynt}CBy5..b.C}.

Chrome Cache Entry: 194

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x595, components 3
Category:	downloaded
Size (bytes):	25836
Entropy (8bit):	7.860445221730069
Encrypted:	false
SSDEEP:
MD5:	46911A60A28FD02B07548B6A219352E5
SHA1:	7EFA007C67B772C6305278601CC7F4084831245D
SHA-256:	2ED953E07F9BE1C889FA0F8893BF816E0675F55648AD6B79B9F0E0EEF2B0FF74
SHA-512:	F429F1B7629046B26FC7FA30E54D692E7BA3D08C213C4DE615F003FAF7A9957742B83D2072153581E71DAC0591B832FF042A7129185A772F47F452EB2758BF29
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/images_2016/install_uninstall/thankyou-install-page_06.jpg
Preview:	......JFIF..........................................................) .. )/'%'/9339GDG]]}............................................) .. )/'%'/9339GDG]]}......S....".................................................e...................A.^~n~no.~~......///<.....................................................I`...2:{;{{....{{..........%..........5.z.zo...........................d.....,.@..@$5:.{.....o.................''./...Y.@7.................>nNN^NN^NNNl..d.....,.@..@$4.A}...ww...=.C.......??.\|...............;{.;{.;...9yy9yy..y9yy<P.. .@.L... ...$i...2.T.....C..w...........+....x.@..Y5.$...Fq.9......+C ..D.q.g..s.L.39f...]j.Z..OM..$4.APgBVDz.....?...k.z../..~g...c-.. ..k H...1...~y.FfYL....oz....c..1.c.)L.@. .A &.}.=.}...B..:.."..FMoz.....b.Z(.)(@I.2....1..0..d...d...KikYJd..A.2.....Oo.o..a.A..Y.C..!......2....2..D.2g3 .3......$..*..m.....$..d./.GG.G.....1.c?..<.......BVA..A.9..s....u... .d.@.\...Ui...H....%3.....<.3.g..1.....~~. ....J. ...s...K 2..!,.A..,.....

Chrome Cache Entry: 195

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 6233
Category:	downloaded
Size (bytes):	1930
Entropy (8bit):	7.8978426548475635
Encrypted:	false
SSDEEP:
MD5:	1B1A56D9C9FCF8ACAB07F238231461DF
SHA1:	72D6D8ECDB249B20852DC54D67530D0280515BC1
SHA-256:	73B167681AE290CAC469AFDE469076A7F222D5C5D2746122B2EAF5D7B4699E91
SHA-512:	FF87A93C5D6BB5E5647571F4EBE65C9E321D11659039DB41CD71549A1409AD0A65BDCE28AD722E304779083BAE388783F9FBAB02CE3DE5EEBC58423D8F68BB39
Malicious:	false
Reputation:	unknown
URL:	https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=53e320ce0000640005793e9d
Preview:	...........Ymo.........IK&..'{...m..8...E?..DI.P.BRN\...CJ.%Y./...#.3.>...r....?...~F.-..{ Ae..0.<~@h.3...4-..=..+cK..E..I.....J....9....)....P.=.ZE...JZ&AU....W6v.:L8R..'\|.MI%.e).......T.E.Oq>....oq>....q$T..R).p....F..4.J..L.D3cp.3.s.U.p..NR.Y.y.a..~.....6.(.)...X..{(.aSE.-..xE5.p.9..-.q..,N.................4....L.......\Il..6U.b............T... W..tK.0.=b.L.U.4<Z{.. r..#..0.LVX..V.-+.u....b..S.......z.J..+.Um"..P8Y....in..b..Y8.L._...KP.o.3h..CO...g2..a.K..;.z.u.q....M.M).:.I.uTn.,$g<.m8...@.....B..D'g^6.i..0....n.M.......4.....mz{>...$VB...m,..$\|.Y.=...b...cb......b..w@...S.OC.!."......m..om....~2.^EJ$.....e.b.......`......2A..0$.)q.hjl..A.xLB!.+v....Lr..l....!......]..^.<I.>_\|p.lI^..F..i..I.zD..`.s..E..wI...(QY......-.[.o.j....F....ck......T.2tD.K..u~w.j. !..D.BD+...S.yx?..o{...@...5c..S.e3..Q...9.I+!..f?.C0....:Rjao..CH...fv..f..i...l.....,Zb\.d.'.....uk.....F.].N...g\..2.....z/.J...[.{..a...f.lv.j..N.....g,...m==5..."Br.M..?&q...

Chrome Cache Entry: 196

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	310307
Entropy (8bit):	5.097244509943615
Encrypted:	false
SSDEEP:
MD5:	4A0B9A21E05CB13B3E38E692307DED64
SHA1:	45A850C5E067298BC1E40A6EAF74EB9843ED8CBA
SHA-256:	CE1A883D83B633C4A833650109731C242625B86DDEFEAC66C818D42E88EC78FD
SHA-512:	23EB16FFD362F4697B96912E59008159FDACAFAB4ADAC0FB4D327B7F3F31A059EC4C8564CA1A017491D5529DCF95FA5F51012BA98F3FF394439DE17902CDC7AA
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/default2/css/product.css
Preview:	.pro_table_box{padding:2.75rem 0}.pro_table_box.pd_top_0{padding-top:0}.pro_table_box.pd_bottom_0{padding-bottom:0}.globle_button{position:relative;display:inline-block;min-width:6.25rem;height:1.5rem;line-height:1.5rem;padding:0 .25rem;background-color:#0087ff;border:.05rem solid #0087ff;color:#fff;font-size:.55rem;transition:200ms;cursor:pointer}.globle_button.hidden{display:none}.globle_button span{display:inline-block;vertical-align:middle;font-size:.55rem;line-height:.6rem;text-align:left}.globle_button span font{display:block;font-size:.35rem}.globle_button del{font-size:.4rem;vertical-align:middle}.globle_button .small{font-size:.4rem}.globle_button .line{width:.025rem;overflow:hidden;height:.525rem;background-color:#fff;margin:0 .15rem}.globle_button.white{background-color:#fff;border-color:#fff;color:#59AEEE}.globle_button.white:hover{background-color:#59AEEE;color:#fff;border-color:#fff}.globle_button.orange{background-color:#ff9900;border-color:#ff9900}.globle_button.orange:

Chrome Cache Entry: 197

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (14301)
Category:	downloaded
Size (bytes):	14613
Entropy (8bit):	5.42072136912928
Encrypted:	false
SSDEEP:
MD5:	120B4FD6B9D87E3DEE1FD71FF82137B7
SHA1:	D86A86A69AB7477F25377E253242D305DA6493D2
SHA-256:	9F5B814F698DA2F9AF4DD56034A54C48E457EC1F1301828769FAFC493062D9F1
SHA-512:	3692A96DF177DE54FEF873130EF2CB2A6946F41AA3D4DC77A48C296975C02623FC43E26FE2AE22A134F7FF62BBA08C63B78DEADC034D0D9242576BF09B98CD3D
Malicious:	false
Reputation:	unknown
URL:	https://gum.criteo.com/syncframe?topUrl=update.easeus.com&origin=onetag
Preview:	<!DOCTYPE html>.<html>.<head>. <script type="text/javascript">. window.CONFIG_CSM_DOMAIN_NAME = "csm.us5.us.criteo.net";. window.CONFIG_CSM_RATIO = 100;. window.GUM_DOMAIN = "gum.criteo.com";. </script>. <script type="text/javascript">. !function(){"use strict";var i=function(t,e){return(i=Object.setPrototypeOf\|\|{__proto__:[]}instanceof Array&&function(t,e){t.__proto__=e}\|\|function(t,e){for(var n in e)e.hasOwnProperty(n)&&(t[n]=e[n])})(t,e)};function t(t,e){function n(){this.constructor=t}i(t,e),t.prototype=null===e?Object.create(e):(n.prototype=e.prototype,new n)}var e=function(){return(e=Object.assign\|\|function(t){for(var e,n=1,i=arguments.length;n<i;n++)for(var o in e=arguments[n])Object.prototype.hasOwnProperty.call(e,o)&&(t[o]=e[o]);return t}).apply(this,arguments)};function n(r,s,a,l){return new(a=a\|\|Promise)(function(t,e){function n(t){try{o(l.next(t))}catch(t){e(t)}}function i(t){try{o(l.throw(t))}catch(t){e(t)}}function o(e){e.done?t(e.valu

Chrome Cache Entry: 198

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 130 x 130, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	8019
Entropy (8bit):	7.943367401730539
Encrypted:	false
SSDEEP:
MD5:	010C28306B3E3905CE0E5524616DC64B
SHA1:	6247445E4C0B4E3B82FE39F0708B2B4E0BB43865
SHA-256:	6D9583339A385D245F2F4EDDBDB5B09D93D1D44B8DFCFBAD23B5359F2E1A52A9
SHA-512:	AA4E38C0BF94B202BF339495CBB262BD33D5D1BF14B31CEDD0B0B8A5FC4C2766580D79121907A8B5AC0DBE57ACF4AA4E069834BF97FDA3F7FE57B77A7ACB934E
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/images_2016/user/massimo-imperiali.png
Preview:	.PNG........IHDR....................2PLTE.....................................]E.`I...v\...}XC.....................w..l..k.mM...uV.W>.....cH.\|_..mF3...y...sZ...aJ{R?..b@2...hN....s>&.rN;.........-.....ya\:+....^@.sa.kX.....~.....................aO....j...L-....\|pU4&....`I98....mSH...QH....ziN@y^S.....r.ww.WWoC.D....tRNS..pD......p...2%X.....IDATx...{.X..']f......."..Jb..56!R.R..D..........L;.\|q.<.}9.=....O.<{.....?.....}....?.....?.A.^.X.....i.cZ...?=...?..'...<:z....g..u........v..G.>....S9.r...... s..yAl..-...^.=\|..P.}.c6O.d..W.x...2.....m................r.x......H.ppP...%04.e..h.r.f..j...9....'..Y.......A..)U`.f..7:.l.......,9.vS<?"...v.DA..^h..5[.nt..3f.,......@...B~k..@l.@... Q.]f:.P....k2.!\|..c.{M..G......d..H.....2D=S..f.`..~c.bv.2BO......,K....7E $.QM....0.wC.vdYL.s6c.m..g.....j.jH.O..<....U...-.A=..U._..\..ZM&M....[..7.....Oe.%.-.......>t..}.kB.QVXnC..n..I.6EO0........UYj9-%p.....E......$rD._./X..b6W.m.l.nC..

Chrome Cache Entry: 199

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	78
Entropy (8bit):	4.973815519839194
Encrypted:	false
SSDEEP:
MD5:	6B9A23537F5CE62E9B2EAF4515099139
SHA1:	9F066F0C17D6B9DAB21F261CE76A6C7F9D856BA0
SHA-256:	D3A361A23F326C43F6E2B11C27E63DB7BFF89E04048E17A752A297EAE7D2531C
SHA-512:	AA5C0B063FCAC345E88DC9EBF117232397283D90CCA6860048E422F1CAEE2121585A9E5D8797845CAD808A8C6CCF9596F24BAD3C21D38EE8EF758F5924BF5443
Malicious:	false
Reputation:	unknown
Preview:	{"id":"151","status":"OK","userid":"k--ytjRUWVp-lCUOQgg7ieymhymmJ2gI469hH0iQ"}

Chrome Cache Entry: 200

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 130 x 130, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	9099
Entropy (8bit):	7.952652418566953
Encrypted:	false
SSDEEP:
MD5:	F9473DC3A3A8DAEEAE92CBD8C68E65D2
SHA1:	8D8CDF8EA42EB9FB4FF3B61C2F0D97A4D230655A
SHA-256:	A8E298BCF5D3C6B4424F2DCE5453A78E29D6681552461B0D92879A34C739513A
SHA-512:	D6EDE60B9E9DE06832FE9625D6F9F92AA9362942D1A1144AFE4F9D9F6E65785388BCAA26091A47CACE2315BDFFF5833E0F549C0561CF26CE38F050D2CEE0C44D
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/images_2016/user/bahram.png
Preview:	.PNG........IHDR.....................PLTE.................................v{...wpy...WZi...lg.......DEU.......................u.........zb...............}...h....mW.yy..cZ....M7.........\|....rY.bGt....d...xUJ..RDB.zl.....p...............Y@}..eIA.......v...=,(..........ke\[LSf]RS...jt.......{nn^h~.ob.hW>AN.eU!.....yx.qngg......J62.u.....o>'.........v[\=4........w}+#"..............uZW.in....nmv..Z0...Q^v_cn..._N.......qj..C...........gy.v.....Yo.8......tRNS...Fl....y/..N.......L....!QIDATx...S.v......v..n.b"FQ..H..uP......a......lB..s.F....yv..OB.....Bh.w......752:....................c.v..C....K..F.^........>...-..............A........kk..'Iyy....I. ..$.!....[kT.o..oS..:=9m ..d"X...1...j......'.L0E.V&.....H6.......U.o.:M.>..<0...`..A9..........6.@.\v....4..!.6.(<...^....j.F..kb..re.0.# .@0.......*.xu.k....(........D.~.L.........'y. ^....@.A;...,. ...1X.!.H...2y....4b..9..B..pS.(P.\|(...8i.%..Bg.

Chrome Cache Entry: 203

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (42400), with no line terminators
Category:	downloaded
Size (bytes):	42400
Entropy (8bit):	5.515087228779611
Encrypted:	false
SSDEEP:
MD5:	2B355CF2255BA4890C5CA0439DDD1EC3
SHA1:	13C48BC129C6098549CC7DCB7608B3065672F700
SHA-256:	A6F5A90FD3690D5D6CD6D1FB979BE4200020B01FD9E1D8EC963B2E5B413E7E3C
SHA-512:	DA80FEC8A5760C406E2D1D283A6D2F0DC1C1D98EC830DF85C2D37ABFD6E9BD556FC457ABFD64EBB8B15B58A77048BB4B54CF879509FA3729398E79DF6CAD333A
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/default/js/ad_download.js
Preview:	"use strict";function _typeof(e){return(_typeof="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e})(e)}function _defineProperty(e,t,o){return t in e?Object.defineProperty(e,t,{value:o,enumerable:!0,configurable:!0,writable:!0}):e[t]=o,e}$(function(){function u(e){return"2co"==e.type?new RegExp("^https://buy.easeus.com").test(e.url):"cb"==e.type?new RegExp("^https://order.easeus.com").test(e.url)\|\|new RegExp("^https://www.cleverbridge.com").test(e.url)\|\|new RegExp("^https://order.easeus-software.com").test(e.url):"shareit"==e.type?new RegExp("^https://order.mycommerce.com").test(e.url)\|\|new RegExp("^https://order.shareit.com").test(e.url):"store"==e.type&&new RegExp("^https://store.easeus.com").test(e.url)}window.forAdUrlDataDeal=new function(){var e;this.source=((e=globleJs.GET("source")\|\|globleJs.GET("utm_source")\|\|cookie.getcookie("eas

Chrome Cache Entry: 204

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1205 x 868, 8-bit/color RGB, non-interlaced
Category:	dropped
Size (bytes):	41513
Entropy (8bit):	7.891312788703613
Encrypted:	false
SSDEEP:
MD5:	3FC337A73D330BC02EBA5A89F2633D8F
SHA1:	AA1031D678EB84FD4A194063723C15A141C486FE
SHA-256:	5B00D4EC0C238D5ED1ADA45D7F40C07C20860D2C4B578AA7FE6D70AA4487C9A7
SHA-512:	0A0D7108CB0A9B04FB8A4267A6B8D399DECD38D868F3259AF65EE989A7A9DFE44E17B960FAFBC73BEF51517C3381E47ABB02BA716E64D0DBC7D0E87563EDCFD8
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR.......d......b.k....IDATx....T.E.._.......HH..)e$.j.G.....9.~..x6...e........3.3...Q$..$....nf.."...."..d2.L.A..7.<.%..H....y.z}..{...4....`....3X.\|...J.3........NF..cm.H).....=....)......q.....r...o..o...~.[.Jv..l..>.1..~.d..`.RW...d..,.I...,..tw:)\....K..@).2.....$M...#.~.u......R..Q.....7.\}.Y\H..$.\|9.@D.$...i72.Ju......ra.Iv..u..@..<..>]6.H..m.2..j..w..@C..j....Xn...l..t..q...do.k~.P..._z,a......%..._.1._..0....4.O>.."....t..e..-N)a..I....h.6+.W..F6."..?.._?y\|............\|.\|jjjjjjjjjjjj.........~...W.=..._...........c..]...8.....N..1...PQ."./.'../T.]...2....Pi'.E.O.......tP*tSp(......K....9..gH...d..J..k.pG.$I.$........f7...gf^...o`.2.$I..b..T.+g......\|=...$I.$..cY...Ti{....\|.....>./l[YN....s.J.$I.ZVl.......@..6,%...H.>....>....>....>....>....>....>....>....>..(....j.R.V..E.M.....jG.P3.........^....H.$..e..N..mrz6.....~...y7...`....c.6..o.W~k..\|~yI..6...X.........)Wv.......0..y.M]G.U.....F..>\|.......e.P.$...?.=..p....0

Chrome Cache Entry: 205

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (2244), with CRLF line terminators
Category:	downloaded
Size (bytes):	4613
Entropy (8bit):	5.702798369386533
Encrypted:	false
SSDEEP:
MD5:	CF9AA42B6067FCEA3381DF5453E7083D
SHA1:	3B60345814691FA66CA8A90F07568D4C4759F0C0
SHA-256:	AB19B07C486F5456DC60D8406AFE79E4FDE62844DD00F5CBF1A834824A02482B
SHA-512:	A6F2F1AD5636690A419CCB24D2ABB02873DB63C92DAEBCF49B8C7864977CEE11B3DA3E23261B3BE04AEB481E99F7C294C296DDB2DF04E4628D4E1E1C12C30F1A
Malicious:	false
Reputation:	unknown
URL:	https://fledge.us.criteo.com/interest-group?data=fr0U3nxLZHNRUGdoYlpZbDBzZTFaV1IwS0NjekRxd013blo2VWV5Q3QvOVgvVkZaditlN21Da2k4SmFGWTZkT3NoT0dqNFA2ckJ2azZsZ3hRT2Fxb00zcHU3ZGJvRjNhZnNUZUtaZGxVbmVzOXpWcXVNUVNtWnVRZTVrZG4vRys3Y2ZkM0VzR3orZVRmQ3NHRUZsUjc3dy9icDBQU3dXQUdxa1RhZ3VMQVZZaGZIdEgyUGp6bEQ2bHMrS0JqVFl1T2l5Qy9NTU14aFVDWkpnaTVZcE5ocnQ1S1l3PT18
Preview:	<!DOCTYPE html>..<html lang="en">..<head>.. Chrome origin trial token -->.. <meta http-equiv="origin-trial" content="AnolOEEMEnMaCvmUcw/eijaA/Ntx4pke43TW8O1+XFxTL7yMSzmBnkPrjQ33sKmqvREEpLQOE72gUMzHLu9KiAoAAABseyJvcmlnaW4iOiJodHRwczovL2NyaXRlby5jb206NDQzIiwiZmVhdHVyZSI6IlByaXZhY3lTYW5kYm94QWRzQVBJcyIsImV4cGlyeSI6MTY5NTE2Nzk5OSwiaXNTdWJkb21haW4iOnRydWV9" >..</head>..<body>....<script>.. function getBswIg() {.. const elt = document.createElement("iframe");.. elt.allow = "join-ad-interest-group";.. elt.width = "0";.. elt.height = "0";.. elt.style.display = "none";.. elt.title = "BSW IG";.. elt.src = "https://dsp-paapi-sandbox.bsw-ig.criteo.com/paapi/dsp/html/index";.... document.body.appendChild(elt);.. }.... if (!navigator.joinAdInterestGroup) {.. console.log("No fledge for you!");.. } else {.. var igs = [{"owner":"https://fledge.us.criteo.com","name":"RJXR2XxzbG5XOU1VZVZxSmlSRXJ2VW5LaFhBPT18","li

Chrome Cache Entry: 208

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65455)
Category:	downloaded
Size (bytes):	368186
Entropy (8bit):	5.353385334994304
Encrypted:	false
SSDEEP:
MD5:	462AD7F82B929C5BEB1940C503DCE864
SHA1:	7E056CC8CF57D88D9552A622983E560E0CE93B18
SHA-256:	D8132D45EEF1F2500760399505FC221A79A3BBE60ED797BBC24599A650E69927
SHA-512:	7D6364138036207391735B23C900C78926FD6A75E122B8D95A03F4B559E125BCA7254265C3C37883DD2B680B27684601FE617310F0406C25E51BB8D36B813D3F
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js
Preview:	/** . * onetrust-banner-sdk. * v6.35.0. * by OneTrust LLC. * Copyright 2022 . */.!function(){"use strict";var o=function(e,t){return(o=Object.setPrototypeOf\|\|{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}\|\|function(e,t){for(var o in t)t.hasOwnProperty(o)&&(e[o]=t[o])})(e,t)};var k,e,r=function(){return(r=Object.assign\|\|function(e){for(var t,o=1,n=arguments.length;o<n;o++)for(var r in t=arguments[o])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e}).apply(this,arguments)};function c(i,s,a,l){return new(a=a\|\|Promise)(function(e,t){function o(e){try{r(l.next(e))}catch(e){t(e)}}function n(e){try{r(l.throw(e))}catch(e){t(e)}}function r(t){t.done?e(t.value):new a(function(e){e(t.value)}).then(o,n)}r((l=l.apply(i,s\|\|[])).next())})}function C(o,n){var r,i,s,e,a={label:0,sent:function(){if(1&s[0])throw s[1];return s[1]},trys:[],ops:[]};return e={next:t(0),throw:t(1),return:t(2)},"function"==typeof Symbol&&(e[Symbol.iterator]=function(){return this}),e;function t(t){

Chrome Cache Entry: 209

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	5194
Entropy (8bit):	3.976628767895142
Encrypted:	false
SSDEEP:
MD5:	63E737D3544164D2B7F4FBCA416AC807
SHA1:	030370AA38715E4C41589633F69D0BFE8255D46C
SHA-256:	5FA00D047ACD959697B9D7772C31DCD37BEC33C70C6FBF80AB8316205D1D286D
SHA-512:	31EE1BB536C0E50F5568A415EA3308367BFCFD11D2A6F7DFF1C8E3A982F7BE790C240A603CD4C6E187672824B8E5D07646049A28C6A88A7B001EB9A0142F312B
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Preview:	<svg height="16" width="136" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 136 14.6"><defs><clipPath id="a"><path fill="none" d="M53.76 0H136v14.6H53.76z"/></clipPath></defs><path d="M0 12.3V5.59h2.27a2.62 2.62 0 011.29.28 1.83 1.83 0 01.74.77 2.25 2.25 0 01.25 1.07 2.26 2.26 0 01-.25 1.08 1.77 1.77 0 01-.74.77 2.55 2.55 0 01-1.28.29H.66v-.72h1.59a1.81 1.81 0 00.87-.19 1.1 1.1 0 00.48-.5 1.73 1.73 0 00.15-.73A1.66 1.66 0 003.6 7a1.1 1.1 0 00-.48-.5 1.86 1.86 0 00-.88-.18H.81v6zm7.74.1a2.29 2.29 0 01-1.2-.32 2.29 2.29 0 01-.8-.91 3.06 3.06 0 01-.28-1.36 3.07 3.07 0 01.28-1.37 2.14 2.14 0 012-1.24 2.14 2.14 0 012 1.24A3.07 3.07 0 0110 9.81a3.06 3.06 0 01-.29 1.36 2.11 2.11 0 01-2 1.23zm0-.69a1.31 1.31 0 00.85-.27 1.6 1.6 0 00.5-.69 2.9 2.9 0 00.16-.94 2.85 2.85 0 00-.16-.94 1.67 1.67 0 00-.5-.71 1.37 1.37 0 00-.85-.26 1.35 1.35 0 00-.85.26 1.67 1.67 0 00-.5.71 2.85 2.85 0 00-.16.94 2.9 2.9 0 00.16.94 1.6 1.6 0 00.5.69 1.29 1.29 0 00.85.27zm4.43.59l-1.54-5h.82l1.08 3

Chrome Cache Entry: 211

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Category:	downloaded
Size (bytes):	211899
Entropy (8bit):	5.207056635451763
Encrypted:	false
SSDEEP:
MD5:	EBF7527E39565EC6FADB7D6B1AE4CAA2
SHA1:	737D451DD503A1CD748993C80F47417D8C9B2E60
SHA-256:	DC29E092ACE4CA00D8071BFA26A3946979228D264245B49BDA5CA39FD3C8C0C0
SHA-512:	86E40D8629C5BA444E46DC5FFC71F4F6936CCBDEA73AB222A5E835E00242A214994890016F517450C59D0BDCC1C511027388F818066B857E52524289DB0CA4E9
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/505/en/f49c248e335029a07740aada1ed3e301/cleverDesign505-easeus_2017-master_or_ppe.css
Preview:	#cleverContent .CBScopesubscriptionSelfService #cbPlanOverview .cbButton a,#cleverContent .CBScopesubscriptionSelfService #cbRenewDetails .cbButton a,#cleverContent .CBScopesubscriptionSelfService #cbPaymentOverview .cbButton a, #cleverContent .CBScopesubscriptionSelfService #cbRenewDetails .cbCurrentPlanSelector a, #cleverContent #cleverManageRecurringBilling .cleverManageRecurringBillingContent .cleverManageRecurringBillingContentLink a,#cleverContent .CBScopesubscriptionSelfService .cbActionButtons .cbButton input, #cleverContent .CBScopesubscriptionSelfService .cbActionButtons .cbButton a{display:-moz-inline-stack;display:inline-block;_overflow:hidden;vertical-align:top;vertical-align:auto;zoom:1;display:inline}#cleverContent .CBScopesubscriptionSelfService #cbPlanOverview div.blockHeadline:before,#cleverContent .CBScopesubscriptionSelfService #cbRenewDetails div.blockHeadline:before,#cleverContent .CBScopesubscriptionSelfService #cbPaymentOverview div.blockHeadline:before,#cleve

Chrome Cache Entry: 212

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 184 x 4105
Category:	downloaded
Size (bytes):	25821
Entropy (8bit):	7.979489061146458
Encrypted:	false
SSDEEP:
MD5:	616F2C74142AB021DDCBE042C70E3654
SHA1:	6860CE1313318E79D1B1DDD17F6F09B4F254FA43
SHA-256:	C981534E744FBE61985EFA1545E2F2C5A8456D3FF689963578A14E8E34F374CA
SHA-512:	FD4C8D6ED3973358FF25453F613D8C63A1E0974EA57DE68445ADF9001F79BD989E4F28A13892A209B7281D8FF7990F7CCA103618B9E5F4F76B53CD04D2E40DB8
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/images/clientDefaultStyle/spritePaymentIcons.gif
Preview:	GIF89a..........Y................cy.z...!@...........iii...ccc.....................^u.Mf..............K..ooo.......=.~..............NNN.n.....YYY222...JJJU........-J....vvv.9.9U...FFF...i...............F..a......r.......ppp...N.....fff.6.RRR...5Q...WWW+I.......sss......///ddd...._..+.....+]d........P..`..!!!......c]^.a!..1c.K..................+++.....\|B......%.....vX...4.^g..`...?../......g..............p.(....._.....................5........y.......~.....Xp.......p................>Y.......... ?.......\\\...l..v......>.....}}}AAA6..___9...............Oh.n..)G.F`.j..@..........0M.A\.........o...........Vm...Ha....'F....f..#B...w.....888..................<W.Rj...`...........v.......=......u.+.....yyy...7..!{..h.......q.....kkk.........!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.1-c001 79.a8d475349, 2023/03/23-13:05:45 "> <rdf:RDF xmlns:rdf="http://www.w3.org/

Chrome Cache Entry: 214

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2140), with no line terminators
Category:	downloaded
Size (bytes):	2140
Entropy (8bit):	5.254636976089087
Encrypted:	false
SSDEEP:
MD5:	08BF22ECDDF943878B504F0DCD78162E
SHA1:	E1A3609996AB28D606A6F072D5A2FF33A4DFFC36
SHA-256:	3B1B6D76F7E1932E294E178D3854FDE34F2647F65AC0B40F9373409CD6BE88F9
SHA-512:	AB099A2F30782C0862FF61B6DA0B4EFB8E3A6CED08EA93E77EEAD298B1C4A62CC638984B9EA7C271B1755D34EB413C716D16EF307EC956950C47AC1242F6C1B2
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/1/paymentFieldsImprovements.js
Preview:	!function(t){try{if(void 0===t)return;var n=!0,e=/(\w{1,4})/g,r=/^3[47]/,c=/(\d{1,4})?(\d{1,6})?(\d{1,5})?(\d{1,4})?(\d{1,4})?/,o=/^(36\|38\|30[0-5])/,a=/(\d{1,4})(\d{1,6})?(\d{1,4})?(\d{1,4})?(\d{1,4})?(\d{1,4})?/,i=new RegExp("^[A-Za-z]{2}[0-9A-Za-z]$"),u=/^GB.$/i,l=".paymentDirectDebitAccountNoSecure input",f=new RegExp("^[0-9]*$"),s=/\s$/,h="",g="focusout.format input.format change.format paste.format",m=function(){try{var n=t(".paymentDirectDebitBankIdentificationCode"),e=t("input[name=paymentDirectDebitBankIdentificationCode]");e.hasClass("inputTextError")\|\|n.hide(),function(n){try{var e=t(l);if(!e.length)return!1;var r=e.val().replace(/\s/g,"");if(u.test(r))return!0}catch(t){console.log(t)}}()?e.val(""):e.val("-")}catch(t){console.log(t)}},p=function(t,n,e){try{var r=t.match(n);return e&&(r=r.slice(1)),r.join(" ").trim()}catch(t){console.log(t)}},d=function(u){try{if(u.originalEvent.isComposing\|\|229===u.which)return;var l=t(u.currentTarget),g=l.val();if(g.match(/\s$/))return;var

Chrome Cache Entry: 215

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1200 x 1200, 4-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	3353
Entropy (8bit):	7.1889567151473
Encrypted:	false
SSDEEP:
MD5:	C556422CB45F8123589C333DAE7BD87B
SHA1:	77D25E3BED5561D9116A234796CCF3C895F625C3
SHA-256:	AE3FF66EA1BA56F4EA9FFD459E8B8FB64AEC00173773912F5B223E4C4CEF0435
SHA-512:	56189B1358941DD340CE857F60CFE9D04A077D13101DAE7BD1B85277E0D947F1502A37B6936122EF2271E75797E7F5308FB1B8663AFDCEAE71C5481422C1EE41
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR....................PLTE...............00...................pp.00.......tRNS..Jm........@.}.....IDATx...j.H...e!g.g.v......\|q...M......`..w0.KB....p.E2.\|.[...............>....2+.[.k..:....'.C._y......9..G.D..`...)....V.{.....%...TJ..a-...T.(kj....P.{.\.b.dMQL....^.k.55d.......h.V.!p.?V..>#..e..R..)K...6`)......M.D.=..K.C.Rs....8zz...1.^.j..s.d.lj.......(T...,..S....M2...3.\|.r.._>.....Z....E..w..JA...ML.XEI........z..8...(qZ..>k.5e$}^.........X.q.....'..L..Hr......=A.HP.h...H{l.a)...@.4.$t^v....Z!.....D..[.ZO..P.6....A..Bc..7X.C..L...H'...5f.......L.#..Rzo....Pz(.......k..$...R@b...!.#...J.....*..u..-Je.Fzv.z..<....6z.i.%d...d..Ri......7..........P..Y"....\...+......Z....?.........K....6m.....3.`....-..VA...k..{....~w.j..k]....R.e.-1..{....'.X..B.-U`....{.M..j(E....:.k.#......}N...7..rY$.[...u.B...(%..... .......`.F_.E....r7.{.....&......~..Uq39^...qZ.x..N."..&M.....pd..a2&.5T$.....Y.L...T..?..~f.6%...dB..\|X.WFm.9Xo,h.{._'..

Chrome Cache Entry: 216

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.75
Encrypted:	false
SSDEEP:
MD5:	ACBF9A7CE4CEEE750BD8DC1F1B6E87BF
SHA1:	F6E4C68741941059C91BEC50C81BDD34A10A2D49
SHA-256:	4E24D2212195573B73F3FE816FA0BC8F4F180D4A2B45FEB1C15FC42A9AA5719C
SHA-512:	24B65649139E30483BA98F03B8467BB2647E6477FB77866DCB6B4E9E5543A3CA9A27B08EF48298473564F94B22845635442731C8471A3269FF2BCE23CEF5CAEF
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAkqJxdj2mukJhIFDbbRMj8=?alt=proto
Preview:	CgkKBw220TI/GgA=

Chrome Cache Entry: 217

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (26970), with CRLF line terminators
Category:	downloaded
Size (bytes):	89110
Entropy (8bit):	5.169162748775907
Encrypted:	false
SSDEEP:
MD5:	3371320428C87CAFAF02A45F17E3E765
SHA1:	CAC4E6AB3CA702D1DF1C490B0D7DEF0A675997F9
SHA-256:	7E99ABF367CED212067A1DC5D84A5CEEBF6B8AA030C967B7251C23E675D12E71
SHA-512:	0326D920982E2B8713D3DE6D16FF6D56F4F8FC084C6BAFD578488BEABF1F1CCF4FFACDF735BF7BD13F365B2FD04E862B5BFCBBBD983F8E9909FFAD6032A0A58B
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/505/cleverScripts505-easeus_2017-master_or_ppe.js
Preview:	//// JS compiled on Mon Feb 28 2022 14:56:52 GMT+0000 (UTC)..//// Git Repo: https://git.chi.cleverbridge.com/client-sass-configs/505-easeus_2017..//// Git Branch: master..(function($){..$(document).ready(function(){$("#cleverGlobalizerCurrency select option").each(function(i){if($(this).val()===''){$(this).remove();}});$("#cleverGlobalizerCurrency select option").each(function(i){optionValueCurr=$(this).val();$(this).addClass("cbCurr-"+optionValueCurr);});$("#cleverGlobalizerLanguage select option").each(function(i){optionValueLang=$(this).val();$(this).addClass("cbLang-"+optionValueLang);});});......if($('html.ie8').length === 0 && jQuery.fn.jquery.split('.').map(function(i){return('0'+i).slice(-2)}).join('.') >= '01.12.00'){...(function(){var a,b,c,d,e,f={}.hasOwnProperty,g=function(a,b){function d(){this.constructor=a}for(var c in b)f.call(b,c)&&(a[c]=b[c]);return d.prototype=b.prototype,a.prototype=new d,a.__super__=b.prototype,a};d=function(){function a(){this.options_index=0,th

Chrome Cache Entry: 219

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 80 x 110, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	7229
Entropy (8bit):	7.9367689767001
Encrypted:	false
SSDEEP:
MD5:	22E570A8943ECE3E1ACBE294F03C3C70
SHA1:	16A20613A9D1159B004A74E0F588C7EA83FA0B15
SHA-256:	0F312713FCB0B6E131BC7260DA413A8A8322B3757DEF4F1E5DFAC4E30A2F1C05
SHA-512:	F0054D819C04F83FAE1B2DEEB49C8EA3D856A5D7C617CA64E42CE5A3DA610CFF00310D74D00C65FB7D446A81B9741A55B98F4A4CD4868A48DF9E69CFC1FF3FF4
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/505/bundle-110.png
Preview:	.PNG........IHDR...P...n......a.p....pHYs................MiCCPPhotoshop ICC profile..x.SwX...>..e.VB..l.."#....Y....a...@...V....HU...H...(.gA..Z.U\8....}z...........y.....&..j.9R.<:...OH.....H.. ....g......yx~t.?...o...p..$......P&W. ...".....R...T.......S.d.....ly\|B"......I>................(G$.@..`U.R,......@"......Y.2G.....v.X..@`...B,.. 8..C.... L..0.._p..H.....K.3.....w....!..l.Ba.).f.."...#.H..L.........8?......f.l....k.o">!.........N..._....p...u.k.[..V.h..]3...Z..z..y8.@...P.<......%b..0.>.3.o..~..@...z..q.@......qanv.R....B1n..#.....)..4.\,...X..P"M.y.R.D!.....2......w....O.N....l.~.....X.v.@~.-......g42y.......@+..........\...L....D..*.A..............a.D@.$.<.B.......A.T.:.............18....\..p..`........A...a!:..b.."......"aH4... ..Q"..r...Bj.]H#.-r.9.\@.... 2....G1...Q...u@......s.t4.]...k....=.....K.ut.}..c..1.f..a\..E`.X.&..c.X5V.5c.X7v....a..$......^...l...GXLXC.%.#....W...1.'"..O.%z...xb:..XF.&.!.!.%^'.._.H$...N.!%.2I.IkH.H-.S.>..i.L&.m.......

Chrome Cache Entry: 220

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1200 x 801, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	139462
Entropy (8bit):	7.979494412445
Encrypted:	false
SSDEEP:
MD5:	12ED924ABFD6376E0F359FBCEF8106CF
SHA1:	D48DDF596043AD738072106A36E924525F995016
SHA-256:	BF17DEC63CE119DE4E644C53EA56B708BE27E26C316822461E79F54B81E1294C
SHA-512:	E6351EFFC644B6A20A95C5D577E0FDFA187EF262207361CB3583DA04E0273BD394DE7989ABD27A22DA023FF31D7B0287149870CDD88E52149B0A8D3009778474
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/images_2016/drw_win/screenshot/3.png
Preview:	.PNG........IHDR.......!.......H... .IDATx....`\.a....}_,.%Y..EX.m.........R.bB..I...5I...x..=BI!MJ.-.BB.a..`......o...e..H..w.3.h43..F.H.?.kf.v.2Ws..s......T...D......x....s....B..@.Q............ .'..".....g.......(......o....~...hm....hnn..u$"""""""..XYY.JKf...f.b...d....V.~._...(....@{G.D...........@.......Y3..?......w._X.u.Z{.\........QLHJL@Zz:...w..q...n.CMm.D..........H.p8.p^1N..A.:x..D..........h.#5.......cul:HDDDDDDDD1....G....w.$""""""".X%.+.D..........(..XDDDDDDDD...`........QLc.EDDDDDDDD1............4.XDDDDDDDD...`........QLc.EDDDDDDDD1............4.XDDDDDDD....2.. .3.........&1.\edd +3.!.MY..ZPvV6.].^{...hni..E.......MY...HJL.gf..m.P....Q..y...../.^...`0.IpQ.l....n.Boo.X........hJ..HGRRb......o.Z..2..~....h.G.y(.%..b..d6....r..$8.....1)..XF.A..dx....}p....[\..K.^.../.B,.f.\........QT..)........p.../.`...ug."...III.......Z{...7d....A.EN.W..r;..........dxu..w..g.o....Xc.`.....fefi.O.<.-..F......PTT..W^.%K.j..kk..Eq.........`0

Chrome Cache Entry: 221

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (589)
Category:	downloaded
Size (bytes):	6462
Entropy (8bit):	5.013831915679803
Encrypted:	false
SSDEEP:
MD5:	E8B7C7949921A7D241EB2EC853F9BFDE
SHA1:	4F2ABDE2AA6394758787512751830C11E82ADD54
SHA-256:	EAF0B9712C737848E8FE97D2652ED4720B69325825FADFF00014F51228386D6D
SHA-512:	E4C0C438095A64DEC426E15D823AF05988176B11AD02F8D462A3F427A502D36E3BAEC7E48FCD4C443CA9ABAF8B0138757E8F8F6B129991A713905777BA0F7DA3
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/footer.php?callback=jQuery1113010335383759344308_1713547495892&_=1713547495893
Preview:	jQuery1113010335383759344308_1713547495892(`<div class="footer_2024">. <div class="wrap">. <div class="box_all">. <div class="cell logo_box">. <a class="logo" href="https://www.easeus.com/"> </a>. <div class="trustpilot-widget" data-locale="en-US" data-template-id="53aa8807dec7e10d38f59f32" data-businessunit-id="53e320ce0000640005793e9d" data-style-height="150px" data-style-width="100%" data-theme="dark"> <a href="https://www.trustpilot.com/review/easeus.com" target="_blank" rel="noopener">Trustpilot</a> </div>. </div>. <div class="cell">. <dl>. <dt>Company</dt>. <dd><a href="https://www.easeus.com/company/">Discover EaseUS</a></dd>. <dd><a href="https://www.easeus.com/easeus-reviews.html">Reviews & Awards</a></dd>. <dd><a href="https://www.easeus.com/company/news/">News Center</a></dd> -->. <dd><a href="https://www.easeus.com/company/index.html#Contact_EaseUS" rel="nofollow">Contact Ease

Chrome Cache Entry: 222

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1262), with no line terminators
Category:	downloaded
Size (bytes):	1262
Entropy (8bit):	5.015819041374806
Encrypted:	false
SSDEEP:
MD5:	D019BE6FD3537311B0E30F7F08F9A097
SHA1:	9DCE5AC9F6A3C5C473707F59572F9A3F3A77D76E
SHA-256:	EC961972C03D3035623BE7E0283D92EBF3083FA811EB90FBB98A668B42914659
SHA-512:	40A8DC564195551BAE5BF5A93F56C2ACC0718354E0AE0A751A148C5866962D3AD4FC1FB3B34B73446A72554C2CEA002D77C5E1A8D9F5B6B810E56F262F5BB74C
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/default/js/cleverbridge.js
Preview:	"use strict";$(function(){window.globleJs\|\|(window.globleJs={}),globleJs.buyPirceCb=new function(){this.init=function(){var c={};for(var e in $(".buy_set_cleverbridge_price").each(function(e){$(this).attr({"data-listid":e});var t=$(this).data("product"),i=$(this).data("coupon");c[e]={product:t,coupon:i}}),c){var t={client_id:"505",product_id:c[e].product};c[e].coupon&&(t.coupon=c[e].coupon),this.send(t,e)}},this.send=function(e,i){var c=this;$.ajax({url:"https://pricingapi.cleverbridge.com/prices",data:e,success:function(e){e=e[0];var t=$('.buy_set_cleverbridge_price[data-listid="'+i+'"]');if(c.no_currency(t,e))return!1;c.show_currency(t,e)&&c.set_price(t,e)}})},this.no_currency=function(e,t){var i=e.data("no_currency");if(i&&new RegExp(t.currency.iso).test(i))return!0},this.show_currency=function(e,t){var i=e.data("show_currency");return!i\|\|!!new RegExp(t.currency.iso).test(i)},this.set_price=function(e,t){var i=e.find(".data_price"),c=e.find(".data_list_price"),r=e.find(".data_save_p

Chrome Cache Entry: 223

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 47016, version 1.6554
Category:	downloaded
Size (bytes):	47016
Entropy (8bit):	7.995608195290075
Encrypted:	true
SSDEEP:
MD5:	55835483C304EAA8477FEA2C36ABBA17
SHA1:	9B18AE04F11FC74D27F281737B23B45A4BAD5937
SHA-256:	4C1C2E95835201077586A3698CD47806DD18DF10D32A1E6CB6AA9E47224A55E3
SHA-512:	E816266C0C453CED7D567A9B7C4958DF9C63F740105E4668B95C64A95A9073B5CACC06867E71EDD558C8F2F00F289D2440911430B6E8E0F6687E6CE3316869BA
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/1/opensans_normal.woff2
Preview:	wOF2...................@........................?FFTM.. . ....`..~.D..e........W.6.$..<..d.. ..>..p..\|[+r.@..o&R......Z.V5l.m.N.h.{+dg...#`..2.....CR.qJ..I.u....?..Bf).n.T....(A.B....8.-U6W-.......).S?....@......U8W.....o.},hQ...}-..b..'..J-..n..:..'..+D...D..AT..?+.J....f-.'FGR. ..f....)..m..7....EUIE..;....EgL...M.......)Ce!...i.5j#2............w.=..;I..;.1f...{.s.....q.....c..u.=...Y.X..{%K.[...h.r-(...q...,o...y....L..0...\|...\|.qhK..Z....D..1.E.r...!.R.. ...\|..J.e.nj..,..P{.M...as...r..2..0...{...a..E....JR..$...{.9...c..ff.a.9..y.....1tB..~.....%jh.d.o.N....X.4R!..s.........,..Q.....`..n.i..._....Q...X....T4..5./..+H.7..h]..E..o..t...\.....d(,:........P>x}....P.......J.....1..k.Rc..5........... `.r.....W....o...6S.h..`.VA6....!.D....I....-9...a..9^l........\3.m........!.25/..#b!..G......'.m.9C.S.....23..P..Z`.....].......c..dV....{..MK]3..a..a.a.1k..=..5'C.(R.(..+W).W6._.....&...w....9.!.{<I\|MB..fVGV]..or9-..?.......;..)..p.\|1.o....d.

Chrome Cache Entry: 224

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	4753
Entropy (8bit):	5.660889071976902
Encrypted:	false
SSDEEP:
MD5:	BF5F073AE076B3C1D4FD416B128E9CEC
SHA1:	9E5EA2008BF8BBC473798738A567EE8F60941B18
SHA-256:	9E413FE14135B1FE89832925DAD54FD79BEF183A189868BE478726D11F3942D1
SHA-512:	FFB13605DCADD56CE0AEE9AFCB4C2B006CB76203FCFC8A427A8758AD171F20A1EF79908BA285A4409588614A7E113CC6286B73FF031EE2F1F18B41F50E0140F1
Malicious:	false
Reputation:	unknown
Preview:	. {. "name": "otCookieSettingsButton",. "html": "PGRpdiBpZD0ib3Qtc2RrLWJ0bi1mbG9hdGluZyIgdGl0bGU9Ik1hbmFnZSBQcml2YWN5IFByZWZlcmVuY2VzIiBjbGFzcz0ib3QtZmxvYXRpbmctYnV0dG9uIG90LWhpZGUiPjxkaXYgY2xhc3M9Im90LWZsb2F0aW5nLWJ1dHRvbl9fZnJvbnQiPjxidXR0b24gdHlwZT0iYnV0dG9uIiBjbGFzcz0ib3QtZmxvYXRpbmctYnV0dG9uX19vcGVuIj48L2J1dHRvbj48L2Rpdj48ZGl2IGNsYXNzPSJvdC1mbG9hdGluZy1idXR0b25fX2JhY2siPjxidXR0b24gdHlwZT0iYnV0dG9uIiBjbGFzcz0ib3QtZmxvYXRpbmctYnV0dG9uX19jbG9zZSI+PCEtLT94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPy0tPiA8c3ZnIHJvbGU9InByZXNlbnRhdGlvbiIgdmlld0JveD0iMCAwIDI0IDI0IiB2ZXJzaW9uPSIxLjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+PGcgaWQ9IlBhZ2UtMSIgc3Ryb2tlPSJub25lIiBzdHJva2Utd2lkdGg9IjEiIGZpbGw9Im5vbmUiIGZpbGwtcnVsZT0iZXZlbm9kZCI+PGcgaWQ9IkJhbm5lcl8wMiIgY2xhc3M9Im90LWZsb2F0aW5nLWJ1dHRvbl9fc3ZnLWZpbGwiIHRyYW5zZm9ybT0idHJhbnNsYXRlKC0zMTguMDAwMDAwLCAtNzI1LjAwMDAwMCkiIGZpbGw9IiNmZmZmZmYiIGZpbGwtcnVsZT0ibm9uemVybyI+PGcgaWQ9Ikdyb3VwLTIiIHRyYW5zZm9ybT

Chrome Cache Entry: 225

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4179)
Category:	downloaded
Size (bytes):	202289
Entropy (8bit):	5.53615604894503
Encrypted:	false
SSDEEP:
MD5:	9141293395C7DBB757915536D181EC5B
SHA1:	A6FD38B085BA35B5F28BF59700C3DDC5F8ED602E
SHA-256:	0FCAC58C400754DF234F3876844F409BCF37ACA20434797380AA125D6CDE6A59
SHA-512:	CA27D0FDEE4E5228AF2A7BFC7E7CCAEE6BB6126920D2EF8F837FA2EDD0CA6D05FF20304650AB9EC6DC81C8644FFAA73960926B65F92D73230C46AFBB865B9F67
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/js?id=UA-217061-80
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__ogt_1p_data_v2","priority":2,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_autoEmailEnabled":true,"vtp_autoPhoneEnabled":false,"vtp_autoAddressEnabled":false,"vtp_isAutoCollectPiiEnabledFlag":false,"tag_id":6},{"function":"__ccd_ga_first","priority":1,"vtp_instanceDestinationId":"UA-217061-80","tag_id":9},{"function":"__rep","vtp_containerId":"UA-217061-80","vtp_remoteConfig":["map"],"tag_id":1},{"function":"__zone","vtp_childContainers":["list",["map","publicId","G-K6C7XLPKF5"]],"vtp_inheritParentConfig":true,"vtp_enableConfiguration":false,"tag_id":3},{"function":"__ccd_ga_last","priority":0,"vtp_instanceDestinationId":"UA-217061-80","tag_id":8}],. "predicates":[{"function":"_eq","arg0":["macro",0],"arg1":"gtm.js"},{"function":"_eq",

Chrome Cache Entry: 226

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	111
Entropy (8bit):	4.099277144642351
Encrypted:	false
SSDEEP:
MD5:	38227EA31F26CDC0269DA468A2F6CA6D
SHA1:	131E3EF364E2C24812508E7A81C9CB8422AA775D
SHA-256:	0A7C567B36A7BFB198D6F6FBB8B26C0C1FBC557CD4F0FD696835974EDD036F0A
SHA-512:	BA05B3EF2B78DA11134E1FDBADAA1113E11A9DF7148970B8B31A1264CC2A433686D96EF9D00C66AFF4BDAB37052AF3C246C659E4610A2D67FCF7EF106A771303
Malicious:	false
Reputation:	unknown
URL:	https://static.criteo.net/empty.html
Preview:	<!DOCTYPE html>.<html lang="en">. <head>. <title></title>. </head>. <body>. </body>.</html>.

Chrome Cache Entry: 227

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1205 x 868, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	68843
Entropy (8bit):	7.825980831233119
Encrypted:	false
SSDEEP:
MD5:	BE244EF2369C39591C78AD7E72E361C2
SHA1:	482AE49243399A3D3E8EEF139293A60DE99C64DC
SHA-256:	22896293E49A70B3585A375AE92936207F3B03D2753AA12F156FC73AEF287AD2
SHA-512:	93847DD639900F554028C28E7AA01259E495ABFE1C20C73C2F68506277D27E3AC3C4B8A364F240A71F87F31A986F461B19AC01DFD4C9092E1E3FC746D3E53381
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/images_2016/drw_win/screenshot/1.png
Preview:	.PNG........IHDR.......d......b.k.. .IDATx...\|T...fr..K P.....<.U..I...i.pZ/TO.B.........>.........z..`.=G....jkc..J.zi......\B.......Z{..3.g2..$..o...k...}.........]...>..O...#.........2..@..rBr..8.U...$@.$@.$@....B.0.~.3q^>V...i]5.....4.>..h...2.V.\|0....t...:....y8..f..>..6".Z....W%s.4-G=...a.9..W~i$v.~.....4.?h..x...a...]'.n.\..d..mU..B.iR..]5.+h....G.......u....:....~8Ezl{L......K...-...D.M..'.\|~./.lh...E.K.J.O....yR.'.+.y.......C.P.\|8.....<?..iY.}..c...FCx...L..>....i..P...g. uO..>._.9...t.R./.Q.....C.9.G.O.F....=\..Z.....R\L.Py.._..:....;#.K..\|/7.<..r...Gpz=t-.+._....]./.K...pqRl0...j(...=.q...M..V....p.u~O.\/<...>.S..,}..Dv..Q#x..z.lN.w.....Ws.....vA. W[....h.z..6..3.6c8.qK..)..:....0. .&...W..&..c.s..\|..8.v.\`}...%.....C.e.t&/.`......~.4_.~_.....C.?h9.fw.$@.$@.$@.$@.$@.$@....../.714....Ai.(_>D.:q..O.L..c......sT$@.$@.$@.$@.$@.$@......`.......~l...1..a....g....q.d..H..H..H..H..H..H`..8y.....ln;..E....cS.).....

Chrome Cache Entry: 228

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	1914
Entropy (8bit):	4.498407760441861
Encrypted:	false
SSDEEP:
MD5:	3578D56F4FA833A062040BE866B9FA05
SHA1:	819BFCA60E070EB6836217EE0FBD9460351B4148
SHA-256:	575FB62045D3DDAB8CA9504B65D488E84C294F12A88693CEEAB6AFA03038D3B6
SHA-512:	54B5FA1376236C39E1FCD42EB8B818D69C5C7F7B61128274569EDE5F44FCA8CFD2C843C04C19107FD23BC32B2161531A92022F778B479E99C16B4EA174AAF278
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/1/pubname.js
Preview:	$(window).on("load", function () {.. try {.. if ($('.CBScopecheckout.CBPagedefault, .CBScopecart.CBPagedefault').length) {.. var pz_data = {};.. var form = $('form[name=cleverForm]');.. var form_action = form.attr('action');.. var pub_name_present = $('form[name=cleverForm] input[name=x-partnerize_publisher_name]').length ? true : false;.. pz_data['form_clickref'] = (form_action && form_action.split('x-clickref=').length > 1) ? form_action.split('x-clickref=')[1].split('&')[0] : "";.. pz_data['client_id'] = "";.. pz_data['xparam_clickref'] = "";.... if (window.cbCart) {.. pz_data['client_id'] = window.cbCart.clientId;.... if (window.cbCart.xWebParameters) {.. if (window.cbCart.xWebParameters['x-clickref']) {.. pz_data['xparam_clickref'] = window.cbCart.xWebParameters['x-clickref'];.. }..

Chrome Cache Entry: 229

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1200 x 1200, 4-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	3393
Entropy (8bit):	7.127724930805111
Encrypted:	false
SSDEEP:
MD5:	0B13B7C81418BBFB4E2107A7F93FD1E9
SHA1:	EEFE6B37A701BA3AE3975D96665371B6A0969AFC
SHA-256:	5DFE4E0A0A02975CB3895E419ADA8029796D2B7B29E0554986B105935EFFD99B
SHA-512:	C2133A3C30208D5AED3F0DACB24FF431ECA39A4514B445ED243A9E0C95FC421A32235B334456E6E4E24F88539BA4EF808B01EFF92F26D49347A03C43E1DBEA1E
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/images_2016/install_uninstall/icon-install-page.png
Preview:	.PNG........IHDR....................PLTE...........................00.00.......pp../.....tRNS....m.J....$o4....IDATx..k.@.._s...#.d.n...sS....:x.().kJKG..2h.(..s.m....~H..=..v.}..I.d..{.t.@E....<........+.G.8.....8...0...@.s.9?{..8...z}..8o..,..... ..\cd\..@....G....4Y.T<..!5...EB...w.+........9..J..:.Q.?........bq.e9.....M.lx.M...Y..A.G<.q.Pa9.....Y..zh...m&@."+W@!.....@......K1...s.}d9..o.u..6....U.....{S])h.0..I...W....%.U...<....o.....U/d.5../..jg.........t...z.5g.<.%...R.m..gg.5.RS.Z%......q)......g.<.?..........]VoX...e.c[........'....,G...>".j..0.=.....Y9?E....rm.~X.=z...........~.......^.ud...M.O.J........Fe~F......`...#.Bo\6.....l.6=..K.v..7.......z..jZ7K.ua.a..v.+......g.>...>4.\...ol.K...m...}.Z...d...->..VL....-#..N.2...`.eg.\..@...X.._.U.]t.kk.1.R....!.C...wRJQ....N../Ib1.R......&,....e.@.......H.......A}.p......h..=4..wVy...@..m..ug..R.....d.....\Z.......7...+..o.n.3l.`:.fw.tB.k.Ib.K....3....\...{.k.....S.Xk%a......:......v.yC*...u.

Chrome Cache Entry: 231

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (524)
Category:	downloaded
Size (bytes):	4899
Entropy (8bit):	5.274079672884636
Encrypted:	false
SSDEEP:
MD5:	F68DB4590A0144B6BB512E2045D2C288
SHA1:	9E384A49A6DA9C248EC64FFD78004C87CAF0E406
SHA-256:	9D50897B08718313D92E87AD242780B5D5CAA1C75E209856A32BE49BDA31E781
SHA-512:	18B19DA1E5F6D66FB960811F552BDED92E48EBE54E185CFD8E877D78A8568966A05FD5D2CDB007870979A48CB88C1A1D0FDB71E21CCD1FEE87830D2E2E775B95
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/consent/2232f637-bdae-41d8-a919-951e65147c8b/OtAutoBlock.js
Preview:	!function(){function n(d){var g=[],a=[],f=function(c){for(var b={},e=0;e<z.length;e++){var h=z[e];if(h.Tag===c){b=h;break}var k=(r=h.Tag,t=x=l=void 0,l=-1!==(t=r).indexOf("http:")?t.replace("http:",""):t.replace("https:",""),-1!==(x=l.indexOf("?"))?l.replace(l.substring(x),""):l);if(c&&(-1!==c.indexOf(k)\|\|-1!==h.Tag.indexOf(c))){b=h;break}}var r,l,x,t;return b}(d);return f.CategoryId&&(g=f.CategoryId),f.Vendor&&(a=f.Vendor.split(":")),!f.Tag&&D&&(a=g=function(c){var b=[],e=function(h){var k=document.createElement("a");.k.href=h;h=k.hostname.split(".");return-1!==h.indexOf("www")\|\|2<h.length?h.slice(1).join("."):k.hostname}(c);y.some(function(h){return h===e})&&(b=["C0004"]);return b}(d)),{categoryIds:g,vsCatIds:a}}function A(d){return!d\|\|!d.length\|\|(d&&window.OptanonActiveGroups?d.every(function(g){return-1!==window.OptanonActiveGroups.indexOf(","+g+",")}):void 0)}function m(d,g){void 0===g&&(g=null);var a=window,f=a.OneTrust&&a.OneTrust.IsVendorServiceEnabled;a=f&&a.OneTrust.IsVendorS

Chrome Cache Entry: 233

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3034)
Category:	downloaded
Size (bytes):	265979
Entropy (8bit):	5.558453717917624
Encrypted:	false
SSDEEP:
MD5:	F7F1CC06C2C84AE6730187FFFCE2D00A
SHA1:	D2774583FD0ACFF2BC60FA69A75D6B90FD1353CD
SHA-256:	4A4159B4D480F6FE97777D4816872A900127D9A2801CE83E9387B7370532E783
SHA-512:	3566B49AE701AAEC4B9DBEEAEDDBC13815B6611A24D6A5BBBC6C9EF4EB7C0D227372263CA8DC30E75D99FBD23A69E9BEBD68FFEC276AD9CD9003F30400F7DC80
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/js?id=G-XDLZ3JKB0Z&l=dataLayer&cx=c
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0},{"vtp_signal":0,"function":"__c","vtp_value":0}],. "tags":[{"function":"__gct","vtp_trackingId":"G-XDLZ3JKB0Z","vtp_sessionDuration":0,"tag_id":1},{"function":"__ccd_em_outbound_click","priority":0,"vtp_includeParams":true,"vtp_instanceDestinationId":"G-XDLZ3JKB0Z","tag_id":3},{"function":"__ccd_em_download","vtp_includeParams":true,"vtp_instanceDestinationId":"G-XDLZ3JKB0Z","tag_id":5},{"function":"__ccd_em_video","vtp_includeParams":true,"vtp_instanceDestinationId":"G-XDLZ3JKB0Z","tag_id":6},{"function":"__ccd_em_site_search","vtp_searchQueryParams":"q,s,search,query,keyword","vtp_includeParams":true,"vtp_instanceDestinationId":"G-XDLZ3JKB0Z","tag_id":7},{"function":"__ccd_em_scroll","vtp_includeParams":true,"vtp_instanceDestinationId":"G-XDLZ3JKB0Z","tag_id":8},{"function"

Chrome Cache Entry: 234

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 63728, version 1.6554
Category:	downloaded
Size (bytes):	63728
Entropy (8bit):	7.958074940425133
Encrypted:	false
SSDEEP:
MD5:	08952B029E4DECBC8EF9FB553CAE8CEA
SHA1:	931F5105F0E909F90BDEA2E246A1A230809A699A
SHA-256:	DF0231AFFB521137BF135898B6CE4C2CE59A79E3E23068A673868366C7AC68BB
SHA-512:	453EAAC7086915CCBC83C9E5A4FA26DF5338C149FF80F3BA1D5B0C28BA6EB10696980162BA56430D5B62FA54B5D186CF6CF806084C2F1C944B95BFAE6509877A
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/1/opensans_semibold.woff2
Preview:	wOF2..............NL...............................8..F.`.....&..4.....t....6.$......6..V.. ..9..+...[R..)x.....L.........Z2...{.D...?j.P#.f?^.JA.,......P.....`3.................................................It}.T..=;.G..\|....K.)e).t...$Y).I<z...I.Y..S^.)J..Bm.d.....A,4.4..Z[.Q.8......k.WtTQ:j:3....;S.d..S9z.%I....>:...t..._.....z n.{..X_....]u.$..K...C. ..............F.F9......:....8.UT}..q1y...N..d.....n.0Q.(....4E.20FG.&..)25..2J....j..^8m...;e:r......]...s.8^.\.Q.0-5.HZ<.....yaf.)y...,\.v...I:.!.Xi..b.U.....jO.z..s..qKd.$)...s...;...a..<....`..qU....X]T...5.E5..:...QE..8j......N..(......Aj.FUk^Xj.FK.e.}q.A.(..y....Z..j..V1o.[....N^.v.....qb.]...\.V9.&k.n..!.....m!\.J........x..A%cN...LRe.6g....hZ..c_.n../......?..._.>..G#.1.....O......}.t...I[.F.....>.{..".%......]a*[..(.f..._#.a/..........7u....0.......%.&...m~u....-...9.a.q.t...]...H.Y..f.....p)E....].A..W.C..[.o........{.....n.I....j.....:w.D..........u...A.Q.P..C..\.......;:i

Chrome Cache Entry: 235

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (4550), with CRLF line terminators
Category:	dropped
Size (bytes):	14665
Entropy (8bit):	5.060876158063938
Encrypted:	false
SSDEEP:
MD5:	35A919FA134EC8AF561AFFEE793C8DD7
SHA1:	92ACEA34A17C3C654D23F3E915D93243165E5D93
SHA-256:	32CD37472578C5EB973CF1CB66B4699C7EDF7056C5FCE92682EC405E51CF1105
SHA-512:	8EFA92D586B336C31C9F65E7634A82C66F67321C5E20FEE59CC60A22BB799177DE3669FA84954034639C36A808D4D8624A82980E2164A44E9F06BA44ED52309C
Malicious:	false
Reputation:	unknown
Preview:	<ajaxXml><ajaxXmlAttributes /><ajaxXmlObject><ajaxProductItem><attribute.PRODUCT_POPUP_CART.106489><![CDATA[Advanced data recovery software to do format recovery and recover files emptied from Recycle Bin or lost due to partition loss or damage, software crash, virus infection, unexpected shutdown or any other unknown reasons. Go ahead, recover your lost files now! </attribute.PRODUCT_POPUP_CART.106489></ajaxProductItem><ajaxProductItem><attribute.PRODUCT_POPUP_CART.106499><![CDATA[EaseUS Partition Master Professional Edition is an ALL-IN-ONE partition solution and disk management utility. Go ahead, resize partitions without data loss now! </attribute.PRODUCT_POPUP_CART.106499></ajaxProductItem><ajaxProductItem><attribute.PRODUCT_POPUP_CART.113174><![CDATA[A reliable data backup & system disaster recovery software enables one click to back up system and restore it to the original state when disaster happens and performs comprehensive differential/incremental backup to save time and

Chrome Cache Entry: 236

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 130 x 130, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	7837
Entropy (8bit):	7.918437331183067
Encrypted:	false
SSDEEP:
MD5:	E845E3569987A220AFF3F54AE633F7F4
SHA1:	B7C65B3C87F0E0BACCEB0E13A066B17E31549F36
SHA-256:	0C941290C84EAD5FAAD4FA16FC884BC2A1F40D49F8EA0AAB66F732C9D1163087
SHA-512:	8298D071EBC6BB9EE72D539A2080CB00EFFD7C77BF43AB77859D9E7D985E33982D275EF98F70A6D586BDB2935355ECFC709E7555DA58FA6519374816AFACB565
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR....................bPLTE..............qO5...gF1U6 Z:$fF....9.........[..m...sM........8.................P&..@...]4.Y1.S).....5..:.._3..y.l@...\|Q..I&...rH.....aL:.d.Z...+.....S-..p.Z...xL...B..e>.L#.9...l.N,n6....rH...........m>.Q"...\8.h=qT=b.......F .{.sM.].e;...vZp-.w<..._.V3.{\....j.i......L....h;.....p..c....oV.sC.R.jV....qc?'D-..`F..z.<N....tRNS...Dt...<i...]..x...........IDATx...C.V..7.v.{.KG..........I........U......s.....E...p......^Sw.?X]}.............G.6..].-..[..Re.....W.{..w>...^/...Pd0.3YUeE.Q$p...+.=....,E..N..k.....m.fP.E.......?..[.&...z...'..............._.......q.a.?.....v/.@9d.m.A..\..vC..$...M.\|.....B..A@.FY.....k!)...... ....?...... ....:!bd.e"8....$iw..o...a......#..@'l...0.B.!..d.._g...Q.J.7.%...T.>.r.k.$).?>....4.....{;.gWU ,.X.......0u....l..`....Q.{..;.i...E...LFr]..vl.=..(..........p..V...RiI...S..H.Q.9...)AL.....^"......Z...7.@.......m.`.&l..H!.@".....y..E...9......T.......

Chrome Cache Entry: 237

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (33765), with CRLF, CR, LF line terminators
Category:	downloaded
Size (bytes):	113411
Entropy (8bit):	5.557151143653411
Encrypted:	false
SSDEEP:
MD5:	1673ACBE4244BFBB8389687BE1B42146
SHA1:	DD69059020E06707A95590AD8CE98961951841CC
SHA-256:	BCE82D0C4B0FA04A3B3D1A7367B2D8274DD65F21DA27BA3D4623270865ED1AAC
SHA-512:	4DBBD9CAAB3B4B80C492EDF7793C7B6270616E855DFF625CB95BE5431F74B3EFB9D6EF6470AAE22DDA67D110F41102BEE9A730DDDCF0C36CAE0223EF2AFE1BC4
Malicious:	false
Reputation:	unknown
URL:	https://order.easeus.com/505/purl-store?cart=206648&coupon=BZ5S-XQSJ&x-source=drwtrial_install_bundle
Preview:	<!DOCTYPE html>.. [if lt IE 7]><html class="ie ie6 lte9 lte8 lte7 cbLanguageEn cbCountryUs cbCurrencyUsd cbStateGa" lang="en"><![endif]-->. [if IE 7]><html class="ie ie7 lte9 lte8 lte7 cbLanguageEn cbCountryUs cbCurrencyUsd cbStateGa" lang="en"><![endif]-->. [if IE 8]><html class="ie ie8 lte9 lte8 cbLanguageEn cbCountryUs cbCurrencyUsd cbStateGa" lang="en"><![endif]-->. [if IE 9]><html class="ie ie9 lte9 cbLanguageEn cbCountryUs cbCurrencyUsd cbStateGa" lang="en"><![endif]-->. [if gt IE 9]><html class="cbLanguageEn cbCountryUs cbCurrencyUsd cbStateGa" lang="en"><![endif]-->. [if !IE]> ><html class="cbLanguageEn cbCountryUs cbCurrencyUsd cbStateGa" lang="en"> <![endif]-->.. <head>.. <title>EaseUS \| Data Recovery, Backup, Partition Manager & PC Utility Software</title>...<meta http-equiv="X-UA-Compatible" content="IE=EDGE" />...<base href="https://static-cf.cleverbridge.com">.<meta http-equiv="content-type" content="text/html; charset=utf-8" />.<script type="t

Chrome Cache Entry: 238

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 130 x 130, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	7090
Entropy (8bit):	7.918084393343216
Encrypted:	false
SSDEEP:
MD5:	BDFC6B4697D45927EA3129F4FA97011B
SHA1:	C449E242A7CCEE028FF968F92919E942BD32C9C3
SHA-256:	B8A887F19072987DFF2CB913FD4AFF8799EEF12B9F4EFEDFF85CF4A97F1A291C
SHA-512:	78A304DADDF6BEE1C9500EC6B40D84738F27E2AC08F8948F0E06A10601DC0A2D1628B55DD455C9D304A318A7183C2D98AB2BB82CCA2D020ADCF25763D5E33EDF
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR....................2PLTE.............`I.........]E.......v\.....}XC....................................................................................................z....~.......s..w..y..k..r..l..`.\|p..j.\|_.sa.ya.uV.ww.sZ.mM.kX.hN.cH.WW.aO.^@.aJy^S.QH.W>{R?mSHrN;iN@mF3b@2\:+I98U4&L-.>&.-.....v.N.....tRNS..*Dpp....................IDATx...dIu../.{.Y.M.....d#........F./.Xxa...Z.ygY^x.dY...a...4.3.]....F...T.R.....U......T..E.a......x...X,R.\|0....!/..a.Ds......^.u~...>...>....O.......w.._....g..7.....'_..J.n.!...sN..s.4.I.......{..?..M...._....6..C.5B......d...+_x.._.....r.x..[..Q..q...vl...._.o.....P.8\|.?.v.=..tN.p..1........{......r...5..i.82.\...z..b..w...\|.%.?...}.E..[ ./eF.M..s.LVC..1....G...+..{..."?]...J.....4.Pb.(...P..T&.0n.p#....?J.PB... .)T.tT.3.8}.......-.<.b.s,...<A..%!w.E...sD....A....(SO.V...GBF.?...>.Y../.%.K........[.....1..ay}}a..x`.Z~._.... .....dS...>4.)...v..}..jq'.w2?{t.9z....

Chrome Cache Entry: 239

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11532)
Category:	downloaded
Size (bytes):	229687
Entropy (8bit):	5.564619256252635
Encrypted:	false
SSDEEP:
MD5:	5992B0A03D1C03BDC9ABE1D118F92C87
SHA1:	67C991C9133945F0761011DF9D57C2347C127F4E
SHA-256:	D04582BD37831F093BC81BBF535214D44D1408C24A9B524C4049ECBF035A60BC
SHA-512:	90EC6108179302356DC2FA1AF408FE58FD0ED74625957A80EE60E09A224663024AAFB553C65BA8D7105A4B0749E16FEA40DACE34C2FA216F56CAC513D7C5FA24
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtm.js?id=GTM-M6R373J
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"69",. . "macros":[{"function":"__e"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"OnetrustActiveGroups"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"cleverbridgePage"},{"function":"__k","vtp_decodeCookie":true,"vtp_name":"OptanonConsent"},{"function":"__c","vtp_value":"! insert id"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"selected_device_licences"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"selected_licence_period"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"selected_auto_renewal"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"ecommerce.transaction_interval"},{"function":"__e"},{"function":"__u","vtp_component":"PATH","vtp_enableMultiQueryKeys":

Chrome Cache Entry: 242

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1200 x 1200, 4-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	4558
Entropy (8bit):	7.354497229945218
Encrypted:	false
SSDEEP:
MD5:	744068589E23ADBE34223A7091D01A8C
SHA1:	520C4BAD30358CBA04A78356C0F539F39406588C
SHA-256:	1467F75A15510C5C37843FD681A53927D0081041C47A4A3F4EC6EF2C6D5A066D
SHA-512:	F0B3BAE26177251AE096F134E9090D5575B105FA02EE9BF884FD9FB038D1E39255E5A4C13A343CD2C7FBA7B3247B6A62BD12D8E8595E89EA55FB11979B37A645
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/images_2016/icon-sale.png
Preview:	.PNG........IHDR....................0PLTE....P..........................r..gm./:../"S.....tRNS.8..\|.......GIDATx...An.@..`...H=J.r....T.9.z..YF.Q..P...2Q..r.ti.Q..`.f..#.c..._].]<}..u...g...B'O..x........X..c.c?.....g.A#.c.c?.i.G....C..j[.....)..@...5.o...R..`0or.6G....%..0..s.Zc..........:...s..1.....)8..N..().k.......u.#><.3....p.$'..4..).)8.".Zc...[.5.!....(.[....tJ....i.Q.Rs......5.......l......&:..S$.v.NE%..F.U7...K..\k..P....#..:#8.%.-..9.Yn.L..a.Q...r.$.b.\c...w._I...k....uFpNh.....r.S..7$Xm.Q.....!....5.F..%..X:.jq.%%....,..3.r...\...(i.P#..4.T1.r...p.......T... E......K.9}...Ljc.....1'J.(7.j..q6.....X./F..5"".u.vB.I.`9....J'.d).a.aT2.8..T.}....m....p..R.(.\(.i.Q".....3..lHL....-&.HQPm..R.w.2.p.Ewu\k......Q..P.1..'..f9.9...pIb...D....&....].#.'.tW....0E..bq.(.im...._]..,.)8w...pxF.pj@.1..=..:<s....I.e.q.F9 ..3......pT.C.MW.....vu..(.@!..RY.&....@D5"Zg..2.....+..8.X.#!....%.-..B....O"."j...F..Q......ko$,.(.P....BYu&.

Chrome Cache Entry: 244

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	746
Entropy (8bit):	4.812235289287829
Encrypted:	false
SSDEEP:
MD5:	05CB5B47ABC557794A7E728BD55E7C0F
SHA1:	0F1EA3A7D5DF2CC2C4241433A49231880D9AFC2C
SHA-256:	21DB90A1BAF6EFD1800133FC73FEE2351320E0611180D282C513BBD31CF2F015
SHA-512:	6021650911E3CB071BA8610FABD07F7964AF60A9E76FC5C3126829B8241519B268F328AE704966D5FDC92D11386A78796FD790D3F0C230E2FCAAA5E3102EB8F0
Malicious:	false
Reputation:	unknown
Preview:	[{"client_id":"505","product_id":"206648","coupon":"BZ5S-XQSJ","locale":"en-US","list_price":{"net":{"louserzed":"$208.90","value":208.9},"gross":{"louserzed":"$208.90","value":208.9},"vat":{"louserzed":"$0.00","value":0}},"discount":{"absolute":{"net":{"louserzed":"$83.56","value":83.56},"tax":{"louserzed":"$0.00","value":0},"gross":{"louserzed":"$83.56","value":83.56},"vat":{"louserzed":"$0.00","value":0}},"percentage":{"value":40,"louserzed":"40%"}},"currency":{"symbol":"$","iso":"USD"},"price":{"net":{"louserzed":"$125.34","value":125.34},"gross":{"louserzed":"$125.34","value":125.34},"vat":{"louserzed":"$0.00","value":0}},"product":{"name":"EaseUS Bundle-DRW&EPMF&TBHF"},"price_country":"US","vat_rate":{"value":0,"louserzed":"0%"}}]

Chrome Cache Entry: 245

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1920 x 640, 4-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	11283
Entropy (8bit):	7.971209670420663
Encrypted:	false
SSDEEP:
MD5:	A06926EFA7440C9B17245BEAA733A939
SHA1:	8F82B4EAEAA177B81F50B953FFC954DFE27957C6
SHA-256:	5D888C7F97358CFF7B9C452C1F244BC77BCE59E3F35B1A2DFD1D6880EFF3EB94
SHA-512:	A62C531A65967C652F2D8F4500E6BBAB8416C3F174C6F12167D918C78F257B93CDE4F7256B0F322978FA8B6C4A81907E0D0848A68EDA4519F1731B103AEC002E
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/images_2016/install_uninstall/thankyou-install-page_04.png
Preview:	.PNG........IHDR...............xR....PLTE...............+.r..+.IDATx.....0..a.j g.....0.4`A...;.`w.@\|.,J.....0q.....p.c.....a8vC..y. .4..YR.../.K.e.4.8...Y..j.~.rq.\|...fP..n..+u..q<y.Tu.A~.Hb...F........Uu.$.LU.X.J......Q..R...a`._J..j.T.....f.ltR.x.Z.fT....k.?\...G.x...4.Zr.`q....f.K;...t`..,.?......b,iQv&.........6.E.!....M..T(G..3...\....:..J`F.I....,`>5..L..[]..i.....ZAQ.`+.H....a.y'.......q.......b.....)i`..aZQ.,]...O.....CkJ..n.[...b..K.,.c;z'.*..bl.....{....\|..l)...g..&}..j.=3..m.p\|t.?..N[...A.W..x.....-3.....U..a...\|...p...m..g..p._.\|.]..>2.......k...=.9..l.K.E..U.H]..U5......Uw.8.....b5F.!...\Fk'...[...T......jQ......EE+....W...=.<......X..'..E.Z..)z..yV......&.5.T.-Z.5.... ..k&...i...+.5...DM:...8...fd......B.EkN...F:...p....Y....Z.A_...}uA.co%.0+XK.V).m..W...ld#.s.va.z.N...."=..KX....h-%..w`..5..N......9..Vv..`-)...;...;.j.....<W0....T..T...OG....x....h....vW.L.....9.iC.M.7.7s.mKs...Jg...w4..h.?_..2....G..%.i3j..X]...H..N.j.....

Chrome Cache Entry: 248

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (32060), with CRLF line terminators
Category:	downloaded
Size (bytes):	97365
Entropy (8bit):	5.373953876252342
Encrypted:	false
SSDEEP:
MD5:	9D91E4001B1AC25ADCA414CAA34A0BA0
SHA1:	6A23C9266D439AC3091254360F37FB876845DCA2
SHA-256:	492028C13F410AF64C9E545F15C3E3BAC47DEB97D038F58D444E6CEDFCF8F3DB
SHA-512:	95566C6B04C21E664EB2863461E54BC581ED6604D30CDEC4CE24CAE44C7A8C9D2EC77D3BF0C65DBEBBDB4062CABF99CD3BF7AA62BAFCCF19AA04838EE04A9122
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/1/jQueryV1.js
Preview:	/! jQuery v1.12.0 \| (c) jQuery Foundation \| jquery.org/license /..!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="1.12.0",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.c

Chrome Cache Entry: 252

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (524), with no line terminators
Category:	downloaded
Size (bytes):	524
Entropy (8bit):	5.323500175322566
Encrypted:	false
SSDEEP:
MD5:	2A5FB1B8D7EF60A041770041D47F712B
SHA1:	F4482229FD9DA3D5A6DDE7C3BBF1144A61D1EC6D
SHA-256:	0C73D68A7C11A7CF34905B40FEF248C51C46D164308851833277A96F032B935F
SHA-512:	14230889BFE8BF04AF972528C4028E402E15C2D308C84DA0ED1721C62F00D87789E8248558877974026C4ECBE7CFF17D999BA56A71466A2DED1857BBB63C982B
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzIS9wEJifiKR4tUQXwSBQ2RYZVOEgUNo7JM_RIFDZFhlU4SBQ2NUpXPEgUNn7zriRIFDQr5f58SBQ0ZEcvPEgUN6-vs5hIFDRcY6MwSBQ2qD8WgEgUNX8tI-BIFDayismsSBQ0T_LlpEgUNkWGVThIFDY5e_JYSBQ1f41_3EgUNkWGVThIFDdR5oLwSBQ2-MK1iEgUN2K2W9hIFDVCe-FESBQ1qnbnNEgUNkWGVThIFDeEQ_iESBQ1pLuqWEgUNkWGVThIFDSCyuCwSBQ2ntqrIEgUNnYgRmxIFDZFhlU4SBQ1GkqsbEgUNkWGVThIFDUJ10EwSBQ1Saac8?alt=proto
Preview:	CoYDCgcNkWGVThoACgcNo7JM/RoACgcNkWGVThoACgcNjVKVzxoACgcNn7zriRoACgcNCvl/nxoACgsNGRHLzxoECDwYAQoLDevr7OYaBAgJGAEKCw0XGOjMGgQIAxgBCgsNqg/FoBoECG0YAQoLDV/LSPgaBAhNGAEKCw2sorJrGgQIIRgBCgsNE/y5aRoECCIYAQoHDZFhlU4aAAoLDY5e/JYaBAgjGAEKCw1f41/3GgQIJBgBCgcNkWGVThoACgsN1HmgvBoECAMYAQoLDb4wrWIaBAgFGAEKCw3YrZb2GgQIHhgBCgsNUJ74URoECCEYAQoLDWqduc0aBAgiGAEKBw2RYZVOGgAKCw3hEP4hGgQIIxgBCgsNaS7qlhoECCQYAQoHDZFhlU4aAAoLDSCyuCwaBAgJGAEKCw2ntqrIGgQINBgBCgsNnYgRmxoECDUYAQoHDZFhlU4aAAoLDUaSqxsaBAg3GAEKBw2RYZVOGgAKCw1CddBMGgQIOxgBCgcNUmmnPBoA

Chrome Cache Entry: 254

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (37444)
Category:	downloaded
Size (bytes):	37516
Entropy (8bit):	5.220823604445704
Encrypted:	false
SSDEEP:
MD5:	5C7C77B92A17D16B230842E51AEA5B24
SHA1:	EF3AB26E73A8634103BE51DC1F04544A3EBCAE8F
SHA-256:	54B72FFA6F1231308E4597EAA9124BAE6BEA356DAEE51F7E3A3E41FD61F1A21F
SHA-512:	CC310D77CE4854D8357C26F94E320C049A274766AADF5E7B9750815EBC223C952122B937AF5A96B41EC4DE0F738D7F4BBD6DC862D80AF312E80F0749DF1AF330
Malicious:	false
Reputation:	unknown
URL:	https://update.easeus.com/default/webpack/dist/firebase.js
Preview:	/! For license information please see firebase.js.LICENSE.txt /.(()=>{var e={676:function(e,t){!function(e){"use strict";function t(e){return Array.prototype.slice.call(e)}function n(e){return new Promise((function(t,n){e.onsuccess=function(){t(e.result)},e.onerror=function(){n(e.error)}}))}function i(e,t,i){var o,r=new Promise((function(r,a){n(o=e[t].apply(e,i)).then(r,a)}));return r.request=o,r}function o(e,t,n){var o=i(e,t,n);return o.then((function(e){if(e)return new l(e,o.request)}))}function r(e,t,n){n.forEach((function(n){Object.defineProperty(e.prototype,n,{get:function(){return this[t][n]},set:function(e){this[t][n]=e}})}))}function a(e,t,n,o){o.forEach((function(o){o in n.prototype&&(e.prototype[o]=function(){return i(this[t],o,arguments)})}))}function s(e,t,n,i){i.forEach((function(i){i in n.prototype&&(e.prototype[i]=function(){return this[t][i].apply(this[t],arguments)})}))}function c(e,t,n,i){i.forEach((function(i){i in n.prototype&&(e.prototype[i]=function(){return o(t

Chrome Cache Entry: 255

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5140)
Category:	downloaded
Size (bytes):	67633
Entropy (8bit):	5.338598653458094
Encrypted:	false
SSDEEP:
MD5:	2A7A6626E0E3CE6F4C5001C2610F8E03
SHA1:	38C23AD1F21D990A0B1B7705B8053200BF7CF7A4
SHA-256:	2C88ADA3EFDCFFF93D0E8E1C7F49B5A789039A9B148AB880A9A51191BF74482C
SHA-512:	A275C72DEF3E7008F5C9FB132BCA2C9D62AB6D0510571E1CB082B128B611CCC72096D27BB596F88D35DCEA0C29E76954190B2D2F19D6CB1BF867E1B56FAC9B41
Malicious:	false
Reputation:	unknown
URL:	https://connect.facebook.net/signals/config/239496765217947?v=2.9.154&r=stable&domain=update.easeus.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Preview:	/*. Copyright (c) 2017-present, Facebook, Inc. All rights reserved... You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook... As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software... THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

Chrome Cache Entry: 256

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	740
Entropy (8bit):	4.792560370114999
Encrypted:	false
SSDEEP:
MD5:	86A9EB6421C2879F793F963823F13C17
SHA1:	61ED7CA3EFA5DD1327E800C97E642DFA19F2E6F7
SHA-256:	3509EE1385A2596AEF179B48073CB0C77ECB00F34509604D1EC46E1D3C772FBB
SHA-512:	140C451E71288EF92554F420F1E4B490577031A0CB174AAF38E493C3D7F10F58958BC24E6005FAB16B20F5E01D8C2A3E9E16B62D7E26546DBFC0C43C8D9BEFF4
Malicious:	false
Reputation:	unknown
URL:	https://pricingapi.cleverbridge.com/prices?client_id=505&product_id=179625&coupon=TDEF-7L87
Preview:	[{"client_id":"505","product_id":"179625","coupon":"TDEF-7L87","locale":"en-US","list_price":{"net":{"louserzed":"$158.90","value":158.9},"gross":{"louserzed":"$158.90","value":158.9},"vat":{"louserzed":"$0.00","value":0}},"discount":{"absolute":{"net":{"louserzed":"$63.56","value":63.56},"tax":{"louserzed":"$0.00","value":0},"gross":{"louserzed":"$63.56","value":63.56},"vat":{"louserzed":"$0.00","value":0}},"percentage":{"value":40,"louserzed":"40%"}},"currency":{"symbol":"$","iso":"USD"},"price":{"net":{"louserzed":"$95.34","value":95.34},"gross":{"louserzed":"$95.34","value":95.34},"vat":{"louserzed":"$0.00","value":0}},"product":{"name":"EaseUS Bundle-DRW&EPM&TBH"},"price_country":"US","vat_rate":{"value":0,"louserzed":"0%"}}]

Chrome Cache Entry: 257

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	3255
Entropy (8bit):	5.132365696555612
Encrypted:	false
SSDEEP:
MD5:	2123CC0295CA23C1AEFF61173123D4DE
SHA1:	F7D0E91B243B95B907D5F10182FFFE68446A5F68
SHA-256:	56F4A140A5C5AB3CACB1AEFBCEE7020CBB983C954576C16BB40A8C4B4A351583
SHA-512:	C646D2AF1B8FE1C270C76D63CE1D6A60C677E825C79B0B7C2FCFF15CA7F5898E2B3652BB6D18634DBD9CF077B7146CFCDC19FC0A8D0ED6A22F66B8C2D387F3F2
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/1/jquery.cookie.js
Preview:	./!.. jQuery Cookie Plugin v1.4.1.. * https://github.com/carhartl/jquery-cookie.. .. Copyright 2006, 2014 Klaus Hartl.. * Released under the MIT license.. */..(function (factory) {...if (typeof define === 'function' && define.amd) {....// AMD (Register as an anonymous module)....define(['jquery'], factory);...} else if (typeof exports === 'object') {....// Node/CommonJS....module.exports = factory(require('jquery'));...} else {....// Browser globals....factory(jQuery);...}..}(function ($) {.....var pluses = /\+/g;.....function encode(s) {....return config.raw ? s : encodeURIComponent(s);...}.....function decode(s) {....return config.raw ? s : decodeURIComponent(s);...}.....function stringifyCookieValue(value) {....return encode(config.json ? JSON.stringify(value) : String(value));...}.....function parseCookieValue(s) {....if (s.indexOf('"') === 0) {.....// This is a quoted cookie as according to RFC2068, unescape........s = s.slice(1, -1).replace(/\\"/g, '"').replace(/\\\\/g, '

Chrome Cache Entry: 258

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (35174), with no line terminators
Category:	downloaded
Size (bytes):	35360
Entropy (8bit):	5.36636516469766
Encrypted:	false
SSDEEP:
MD5:	BA9A1ADFA1E88F23290674F7AF1D8943
SHA1:	EE5DDA76B2DDFAE82DBF26F375AA5020EDC86653
SHA-256:	D69E3CA7AB2FFD6EF6E375926E6ADF82DEEA69005E4EBA565512F8E0D584C40C
SHA-512:	82E27B6E544707B85D06616869346DF7AC8ABF029B8FFF266E28B84844413300C9519554858CD56BCAABCD68ECB7695E10E57720898D7E0BABF62D7642C87E30
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/default/js/globle.js
Preview:	"use strict";function _typeof(t){return(_typeof="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t})(t)}!function(){var t,e;window.globle_user_id=localStorage.getItem("globle_user_id"),globle_user_id\|\|(globle_user_id="easeus-"+(new Date).getTime()+"-"+(e=1e6-(t=1e5)+1,Math.floor(Math.random()*e+t)),localStorage.setItem("globle_user_id",globle_user_id));var i;window.browser_category=(i=navigator.userAgent,/MSIE/.test(i)?"ie":window.ActiveXObject\|\|"ActiveXObject"in window?"ie11":/ubrowser/.test(i)?"uc":/bidubrowser/.test(i)?"baidu":/tencenttraveler/.test(i)?"qq":/maxthon/.test(i)?"maxthon":/Chrome/.test(i)?/OPR/.test(i)?"opera":/Edg/.test(i)?"edge":"chrome":/Firefox/.test(i)?"firefox":/Safari/.test(i)?"safari":"other");var n;window.operating_system=(n=navigator.userAgent,/windows\|win32\|win/i.test(n)?"windows":/macintosh\|mac os x/i.test(navi

Chrome Cache Entry: 259

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 48, 4-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	670
Entropy (8bit):	7.466564881348832
Encrypted:	false
SSDEEP:
MD5:	DA1649B66D2BB828ADA72F762AAFFA9E
SHA1:	911FE116DCEA854B4A5B3E5CB460EA89821FCC2C
SHA-256:	70D34335DD6787BE52B80F9AF547FEA4E06495CC71EEED6A9805391802F76929
SHA-512:	19C18D8BD0AFB5A6F6C935B01F3235285ED2E9394B531EFD0AE859E77E9C916FF3317C8F3B381A8A22FFF4BAC9AA5920D2BE3981D66B36D9E3D4FCF01ED6FDCB
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...0...0......,.....gAMA......a.....sRGB........!PLTELiq............................../..t....tRNS...i'..P.:/w......IDAT8...O.@....v..".7....d.O..D..d.@b.T...)a.d...v.Gy.e.{g.3 U..V\|.~..}.s..1....p.~!(1........A.1bi...X....Y..h.....:h..J.r..0,f....!.}.o...[@..nMC]...z.Z.zk....w.a{.8.K......O........Y)....xUNg...r.^......0`).....I.l....3......`.2....^...p.R.q]...=..S.HT_..}zA....8....:!{..~.}.._/H/y....Fc...~IOO........o0...d...^...B.....L@.."J....V#.t.O...f..l..?.'.y.=.@.....G.%.........R.2.).i.....[......M.j..i....:.Al.d..4q[E....p.......$.\.M..H....VOm.+.6.....k........dD..+....!...]7Ll.&~w...oc.........a.....IEND.B`.

Chrome Cache Entry: 262

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1920 x 640, 4-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	11101
Entropy (8bit):	7.960588110910148
Encrypted:	false
SSDEEP:
MD5:	38C855BD96A84AE353BD61B7A38D8D53
SHA1:	EF66AA00D02AB638BC4D1D421D1B1B29FC3DDE0A
SHA-256:	6994F3002FBDF71645F7BE0E205505268DBE85E422143524FA2F1D17F0926527
SHA-512:	1521EEE5633CF8B43D4B0BCAFB053DE8520E7D94DD1E82262CDB411E7916311A89C2BC4B609389730A59C60A17EF32B69D00038BC3ACEF86EE1209285DAB3573
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...............xR....PLTE...................+.IDATx...m.0..a...).....sX.....8A..`$w..... ..qwE....p.C.~'.x.1..!J.}....w.{.2...K..]..>JI.Q..v...{..z.......etsNzH.mg...T&=......6.....eW.Z......./.0..dg}Kj.....^Z..R.T.....Y..e2)..).....#.X..j...-`%.5kv...`q.Y...T....7-$_....5\k.r...,.d-...a`!C.o.0p8C./.0p<C.....h`vEk).W.3.V..1[..h....e..IU.7B.8....j40..j.M..Q.H..0.}...F8.9.v.8.......aI.}.".._...{,K.rL..v.C....-.3.....T.b<.j[.../9'...8@.....YSG.s...Rx..Wn....Siv.b..s....s...7..s>...\|.l..?..-..}..;eCX.i...k........bW.K.q.K:...z\..=..o..'{wc.8.C.X.5 Q...`-.....MwI...n6......5..;0H. .i.-...I4.[.f.0.....{..D]:.K0f.l...%U..p.%`k...h<..%.\.M3....T..J.%z-k.b{....... ZU.`...'..)...........'.)...:..zr0.'%.....&.c.9.h.......d..+Q..tm......XK.K..tM....q.;V$.^\M..../.k........"..2)q}G...._.../V.Y...KX.D0...J......-dYb!M.n..o.....R.Az..n...V.,.>X..t....;....s..........,.`I....=..1Y. M..!.o.7s.Z*.....~.......V.V./h_...R...xK...z....V........`...w<\

Chrome Cache Entry: 263

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (612), with CRLF line terminators
Category:	downloaded
Size (bytes):	614
Entropy (8bit):	4.79932866431442
Encrypted:	false
SSDEEP:
MD5:	5F217A43E1995B9F26EC49EA8550BB5B
SHA1:	038DFEE5160D000313C8F31C1971860F7A19D56E
SHA-256:	CA627788A3FC74267E159760A62DF941A6F9CAD0B5CFB4598442741FE62E5B37
SHA-512:	C0AC8F7B1FA1136245332C38A59D89B548DD6368A8C9BD9D56FCF697678D0EC2FED2E1AD561C74D503E7E6CECF7DABDF67518C8AD600A3B4F8CCD31B489882F4
Malicious:	false
Reputation:	unknown
URL:	https://update.easeus.com/default2/css/iconfont.css
Preview:	@font-face{font-family:'iconfont';src:url("/default/typeface/icon/iconfont.eot");src:url("/default/typeface/icon/iconfont.eot#iefix") format("embedded-opentype"),url("/default/typeface/icon/iconfont.woff") format("woff"),url("/default/typeface/icon/iconfont.ttf") format("truetype"),url("/default/typeface/icon/iconfont.svg#iconfont") format("svg");font-display:swap}.iconfont,:before,:after{font-family:"iconfont" !important;font-size:inherit;font-style:normal;-webkit-font-smoothing:antialiased;-webkit-text-stroke-width:0 0.05rem;-moz-osx-font-smoothing:grayscale;vertical-align:middle;display:inline-block}..

Chrome Cache Entry: 264

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	C source, ASCII text, with very long lines (48275)
Category:	downloaded
Size (bytes):	48503
Entropy (8bit):	5.222613194655436
Encrypted:	false
SSDEEP:
MD5:	B524230F01284E88B7AE7F2A45B64C89
SHA1:	7EDFD2FAB91BAA411902E8F8CBA32348C64DCC9E
SHA-256:	CFC3D0E832316EA085BFFEE5D69409502CD0DC24F9D327ABD072825F9D6C8A63
SHA-512:	0EE8B28B314B9BFF14B7FF4EB19D732A247BA89D46A1EE4844454C9E019C68EAA5C0304C83C6C826D56A027EBDE230E5476FDFB28998421F514EB1D46FD00568
Malicious:	false
Reputation:	unknown
URL:	https://dynamic.criteo.com/js/ld/ld.js?a=104435
Preview:	window.Criteo=window.Criteo\|\|{};window.Criteo.oneTagConfig={partnerId:104435,visitEventEnabled:true,fpIdentifier:undefined,waitForGum:true,dynamic:!0,gumDomain:"gum.criteo.com",privateModeDetectionEnabled:true,blockedSteps:[]};.!function(){"use strict";function s(e,t){var n,o,i=null===(n=window.Criteo)\|\|void 0===n?void 0:n.oneTagConfig;return null!==(o=i&&i[e])&&void 0!==o?o:t}var u,e,l="5.23.0";(e=u=u\|\|{})[e.None=0]="None",e[e.Cookie=1]="Cookie",e[e.LocalStorage=2]="LocalStorage";var a=(o.checkLocalStorageIsWritable=function(){try{if(!window.localStorage)return!1;var e="criteo_localstorage_check";return window.localStorage.setItem(e,e),window.localStorage.removeItem(e),!0}catch(e){return!1}},o.checkCookiesAreWritable=function(){var e=new o("criteo_write_test",1e4);e.setValueWithNoDomain("1");var t="1"===e.cookieValue;return e.removeWithNoDomain(),t},o.prototype.setCookieRead=function(){this.isCookieRead=!0},o.prototype.setValue=function(e,t){void 0===t&&(t=!0),this.cookieValue=e,this.

Chrome Cache Entry: 265

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 48, 4-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	241
Entropy (8bit):	6.201713823636385
Encrypted:	false
SSDEEP:
MD5:	95197F2276F306197402B25F27B9CCF7
SHA1:	240DA53D74BE7711E6B0E9402CE61B50BDE8FBF3
SHA-256:	4200EC77866F1F5EFD7256EC6FFFEE84296803702837E6DBDD81ED1F5C5D6CF5
SHA-512:	7F66F27488EE9B33FCF863B762D956E7FCB6DE100A16FA31A7151580F660F6BFB45FB0B1CD7C018A9064ADDB09790A1B796E40C33D570BB2DA46708CDE4EA94D
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/505/partition-manager_14.png
Preview:	.PNG........IHDR...0...0......,.....gAMA......a.....sRGB.........PLTELiq............@.......tRNS....o..s...pIDAT8.c`..f...0Fb.8 q\..r.....\..G.................r.......`.%p.............9....u.Q.%N..r.*..j......gv.Y....VlH.C..O....IEND.B`.

Chrome Cache Entry: 266

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 125796, version 1.0
Category:	downloaded
Size (bytes):	125796
Entropy (8bit):	6.3050349635786525
Encrypted:	false
SSDEEP:
MD5:	B0755E059A9F3ACEFA879554288C9D3F
SHA1:	0BC4849B74B8CA36DD9073B183B09CC9B5FC7014
SHA-256:	15A28684284A59D0CF8D1DCABC62869A52A94D36C2BC83ECC0399F9F3E313B5A
SHA-512:	D4F68AA419C995BD537B674FF6D80A20CB5D48594D969CBEE2C6B215210A9BC5DAA65824C4A9A9683D965E40B30288FC0DE12D7A4E9ED4C89461F766342CCCFE
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/1/cleverFont.woff
Preview:	wOFF.......d................................OS/2.......`...`...dcmap...h...d...d....gasp................glyf.......<...<.O..head.......6...6%=.`hhea...H...$...$.w..hmtx...l...\...\].).loca..............G.maxp...x... ... .17.name.............b.post...D... ... ...............................3...................................@...3.....@...@............... .................................H............. .....3......... ...................#........................................79..................79..................79......._.r........./.....#!"&=.463!2.....#!"&=.463!2.....#!"&=.463!2.........................................y.......................................o............7!5!..!5!...!5!.............oAA.FAA.fAA............d...../.?.O._...!".....3!26=.4&...#!"&=.463!2...!".....3!26=.4&...#!"&=.463!2...!".....3!26=.4&...#!"&=.463!2......<<.4<<"9(..(99(..(9L..<<.4<<"9(..(99(..(9L..<<.4<<"9(..(99(..(9.1<+.+<<+.+<y"00"."00".<.+<<+.<x"00"."00"..<+.<<*.+<y"00"."00"......}...w

Chrome Cache Entry: 267

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 250 x 40, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	1633
Entropy (8bit):	7.7697617906090075
Encrypted:	false
SSDEEP:
MD5:	D7105DA368F7C234DD449E89D85A6ADE
SHA1:	42216B26E904EE2920556B7C58C161D65EB1AD6A
SHA-256:	8ABA6BFB352AE79F050C281673374A80E6B85A4D28A2D36C3CDFEC7261257D6C
SHA-512:	77236484A9FA29598A27C526E424934BFB626381CEA11B3F78FC70CD3848DD430AA087E5B30EE996C351C330BF2CC85D8F76098C1F35106A1B7E0FE9A378F995
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/505/easeus-logo-14year.png
Preview:	.PNG........IHDR.......(........+....gAMA......a.....sRGB........uPLTELiq.8..8..8..8.)P..8..8..8..8..8..8..9..8..8................]g...........8........8.....8..O./h.q...P..X..8.I...8....wo)5...%tRNS......wC..S0.h.iQ.....>...'\.?...w.\W...YIDATh....:..C.B..T..V...q.@BBB..P..e.E.&A.........g...\......O...r.]?..Z.....?...5...}Z...Ax......../....9......N..\^..0pY............+..i.,k.m...~..D...=.].<...c.B-...6...~.....:........d..r.n...".yy.V.V....=..`.g.2{,...F..........Q.~0....#..s{yGC_..H..Bo..r...V...t&.]..M.......,......l..6.Li..c..].G.\|n.5.^L.a..c0{...J.o.....1v.z.:...+..b-. U.......[.C....../4O..~....\=.....Y.2w...).f.d...7[.k...J.......c.a...}.u....1..2UEXC...............J.?.g...n.z.c)nH...H.!/..R&?.I$S.h.Kc.....-M.-:.}.....&.b..5.}.Cq..h....Q./....._i......=..)..t.....X..e.DZ@o.J?593{.[GG8.(f#:$.:.(`<.z4......)....r.&.`./..?.wV3A.....K.U........B.)...3..>..BFt.F.h..A.4"2.).\....c...... .=..=.X.../]..&(...V....U.[......LaN{......S'..

Chrome Cache Entry: 268

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 61284, version 1.6554
Category:	downloaded
Size (bytes):	61284
Entropy (8bit):	7.99624444211847
Encrypted:	true
SSDEEP:
MD5:	681FFBEAEBF8D80A5D26A40A12204EB3
SHA1:	982E00555C23FC6CF0B665C6CF620ACAB0EA9A58
SHA-256:	42687D442F1A8BB8DA117BD3674F478AD960435C43B1DA927966A293EE5F7C7A
SHA-512:	E247A76FE321EC1DACE51E74CB6C8A01EDDE4CDC985305F35ADFF5EC90D969C9AF6294FE67A5D8471A38BFBF3A3AC8445366F9E8CF9B4D4893AB193C217CB127
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/1/opensans-bold-webfont.woff2
Preview:	wOF2.......d....................................?FFTM........h.`..V.0..e.....`..?.6.$..r..x.. .....O...?webf.[......6}:.' .I.)...~R.....w...l.y.. .m..?t......./I.2.w...$.)..b.....#..K....B.....Xp.i1..7....,..9.{.e..M.+..v....}...&d..#.....eJn........^w.&..8.\....=D......7....k...N'Z.S#e...7z.....,.3.p..V\|.LG..Q......d........V.....L.......~.....N..W.\|.m....W.. DO.........7.bJ./S.'.T....Z.2._..f..G....oJF.).0Ccy.c\.a.....,..q...<........{s,..Z...4..D.........!""./"x..8..8.x...9[.\|.....wjf6.><......7]..H.B7".I7g.2...D...n..k...'.........;.U......y.<...z@N..?c...+.RS.V..A.QA...`....--.....'.R..}M-..>c.n...IHB...z.f..v...@.....<...Q..E...G.&..,H.@Xq..j.U.W.$$....52s.\|.7.V..U.\Y...o.3..n..{w..)R......@d}.VzC.....M..i.}.b].(...F2.N..I....J.V...R.$J.$....0Kc4..Z..-z.x..O.....Bz_...B..%.p....1.0.H_Nx..{.2=..~o......uB......@..@h....'....@".$...aN{.r..Zo.1P......x..............W.v.....f...&!}......7.\..P....pgB-....#.\|..c.......WJ./h.....

Chrome Cache Entry: 269

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2165)
Category:	downloaded
Size (bytes):	189576
Entropy (8bit):	5.524560913064664
Encrypted:	false
SSDEEP:
MD5:	86F34F90AFE60E25C44AB94775E8068C
SHA1:	0A0DDAB8CBE1DA47057728EFAEDD8F29B9703891
SHA-256:	3040F0F108317A9DE8C2BBE360C9B49B28DAA54F3C88BFE52E0292B4743CACD6
SHA-512:	797A74AFE6209B9F38F8F36E0B7C606FEAF803CDA239914966BE838F511E8C228FAB06DE3239E13EC46A271120A7F13C99636E3C1B7C9292945EFD75AB3CAF0C
Malicious:	false
Reputation:	unknown
URL:	https://www.googletagmanager.com/gtag/js?id=UA-217061-73&l=dataLayer&cx=c
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"function":"__cid"}],. "tags":[{"function":"__rep","once_per_event":true,"vtp_containerId":["macro",1],"tag_id":1}],. "predicates":[{"function":"_eq","arg0":["macro",0],"arg1":"gtm.js"}],. "rules":[[["if",0],["add",0]]].},."runtime":[ [50,"__cid",[46,"a"],[36,[17,[13,[41,"$0"],[3,"$0",["require","getContainerVersion"]],["$0"]],"containerId"]]]. .].,"entities":{."__cid":{"2":true,"4":true,"3":true}...}..,"permissions":{."__cid":{"read_container_data":{}}...}....,"security_groups":{."google":[."__cid"..]...}....};...var aa,ba=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ca="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a},ea=function(a){for(var b=["object"==typeof globalThis&&globalThis,a,"o

Chrome Cache Entry: 271

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	4620
Entropy (8bit):	7.9514580272926585
Encrypted:	false
SSDEEP:
MD5:	3CE991F90DF72FE6CF8DB19930682816
SHA1:	8202420A062D1D8F72FFEF129780DE44D14FF69B
SHA-256:	29D40801922607C0563601EF6B3C30E595E13A471B580E473F6A4FED6CFC76D3
SHA-512:	5510FA942F978329B5EFD9FDC2A87BC337B0FB56DE812034157FD836DEA22C95F3028CF72333F7498B3232E2E964C7B03FD8C0B2ABC2C9F3314459D02C51FF4F
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/images_2019/index/header_2022/home-bottom-slogan.png
Preview:	RIFF....WEBPVP8L..../......$E..c..?w...$Gb.....oi1.m.@t.n.u.U..l...m............m..y..m.d...Pm...?.....`............~3.....@.....%\|e ....@@.7.O........<.m/.._>d.....)@..._rJ.......k9......J....bh.x....kW....MT....Lkve.^...T(N}.9....Q.a"-T.>g..Q.O..3......F.YeZ.R..Q4.M..\|w)D-D..-h..!..j.!...a.9.@...E..`.r..V.......5a.Rk..............l".."...2^.....n..yV.Vn.J..Uo;...'.:.%.....5z.Ow..W......C......o}.!"&.[.v...Mb._ a.J...D.).F.. ...)....n...?.dwE...hk..&..C..f...(.........H5 N..J'R...@...#.?........C.uhn4y.2..'..t.Tz.v....`..uD.'...mn..T..^E. p7.Y.0C8...%=qr..p...yD.'..^...l..{xx\|\|j...N..}~y}{{.c...F.d...Y....\|..&.[sEU#..1OVi.3..6..s..fq.sd.fr.....0GTi&.?sDXF[Z..v..d"......mmE..H..f......[.........'.].}......R..rq.P...ZD...}$... .%j....._.;Z...{...n.{..F.KM.Cf...A.Z...g.Q'.....Y....o..\>_(......ONJ.r.Ry...$..5.m+....z..Z...C`...h.2.[dc.....4...1T..r...Db...Uj..%..E.r.Z1h.....]K.....&......=.b..,.\...."^Ot..^.}gcQ...&1.V..do]p..

Chrome Cache Entry: 272

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	dropped
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:
MD5:	07FFF40B5DD495ACA2AC4E1C3FBC60AA
SHA1:	E8AC224BA9EE97E87670ED6F3A2F0128B7AF9FE4
SHA-256:	A065920DF8CC4016D67C3A464BE90099C9D28FFE7C9E6EE3A18F257EFC58CBD7
SHA-512:	49B8DAF1F5BA868BC8C6B224C787A75025CA36513EF8633D1D8F34E48EE0B578F466FCC104A7BED553404DDC5F9FAFF3FEF5F894B31CD57F32245E550FAD656A
Malicious:	false
Reputation:	unknown
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 273

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2343)
Category:	downloaded
Size (bytes):	52916
Entropy (8bit):	5.51283890397623
Encrypted:	false
SSDEEP:
MD5:	575B5480531DA4D14E7453E2016FE0BC
SHA1:	E5C5F3134FE29E60B591C87EA85951F0AEA36EE1
SHA-256:	DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
SHA-512:	174E48F4FB2A7E7A0BE1E16564F9ED2D0BBCC8B4AF18CB89AD49CF42B1C3894C8F8E29CE673BC5D9BC8552F88D1D47294EE0E216402566A3F446F04ACA24857A
Malicious:	false
Reputation:	unknown
URL:	https://www.google-analytics.com/analytics.js
Preview:	(function(){/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var n=this\|\|self,p=function(a,b){a=a.split(".");var c=n;a[0]in c\|\|"undefined"==typeof c.execScript\|\|c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length\|\|void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};function q(){for(var a=r,b={},c=0;c<a.length;++c)b[a[c]]=c;return b}function u(){var a="ABCDEFGHIJKLMNOPQRSTUVWXYZ";a+=a.toLowerCase()+"0123456789-_";return a+"."}var r,v;.function aa(a){function b(k){for(;d<a.length;){var m=a.charAt(d++),l=v[m];if(null!=l)return l;if(!/^[\s\xa0]*$/.test(m))throw Error("Unknown base64 encoding at char: "+m);}return k}r=r\|\|u();v=v\|\|q();for(var c="",d=0;;){var e=b(-1),f=b(0),h=b(64),g=b(64);if(64===g&&-1===e)return c;c+=String.fromCharCode(e<<2\|f>>4);64!=h&&(c+=String.fromCharCode(f<<4&240\|h>>2),64!=g&&(c+=String.fromCharCode(h<<6&192\|g)))}};var w={},y=function(a){w.TAGGING=w.TAGGING\|\|[];w.TAGGING[a]=!0};var ba=Array.isArray,c

Chrome Cache Entry: 274

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (803)
Category:	downloaded
Size (bytes):	44263
Entropy (8bit):	4.334209440767446
Encrypted:	false
SSDEEP:
MD5:	93F1DFF9D0D1C45CE1DA8A7BD7F4687F
SHA1:	076D8AF390B69DCEBB7E68A2B5281053DFE5B045
SHA-256:	E601A91D630CA0AF76EF9FD352BF745786B2EF117B2E93A40FDB53E565C7A620
SHA-512:	5E882F81438EC7C4A8FA6C5C6CCD975509782F0F0832653F347F322FE5B451DAAB80B8C56557203EAAE6DCE3A688237B2BB4A021270DD0E1372A0EC8C9979C9D
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/header.php?callback=jQuery1113010335383759344308_1713547495890&_=1713547495891
Preview:	jQuery1113010335383759344308_1713547495890(`<div class="header_2024">. <div class="wrap">. <a href="https://www.easeus.com/" class="logo" data-event_label="Public_TopNavigation" data-category="OtherButtonClick" data-event="Logo"> </a>. <div class="hd_content">. <div class="box1">. <ul class="list_box">. <li><a class="search" href="https://www.easeus.com/search.html" rel="nofollow" data-event_label="Public_TopNavigation" data-category="OtherButtonClick" data-event="Search"><span class="iconfont"></span></a></li>. <li class="wap"> <span class="t arr">Support</span>. <div class="list">. <div class="arr_bg"> </div>. <a class="li" href="https://www.easeus.com/support-center/" rel="nofollow" data-event_label="Public_TopNavigation" data-event="elearn_more_support_center">Support Center </a> <a class="li" href="https://www.easeus.com/download.htm" data-event_label="Public_TopNavigation" data-event="elea

Chrome Cache Entry: 275

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	downloaded
Size (bytes):	18130
Entropy (8bit):	4.458954025538228
Encrypted:	false
SSDEEP:
MD5:	AD67C7FA5D185CC6771AD0055285B6C5
SHA1:	AD73BF5F1FDA60B84AA207FFA246E0877E584B6A
SHA-256:	09C1A82648A61FE4667780A536C57A9D4B81CEBBEE2ACEEEED9D9C86B0FDF53E
SHA-512:	AE2BB61D9E14753BD289140316923B189D406EF7862F6F6054C3083F4EE7F99DF2311AE20532F0AFEDF064D7EF8E73F8F768309F0D03907F8B6F54C8253C79B4
Malicious:	false
Reputation:	unknown
URL:	https://update.easeus.com/thankyou/install-data-recovery-wizard-trial.htm
Preview:	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">.<html xmlns="http://www.w3.org/1999/xhtml">..<head>..<meta content="initial-scale=1.0,user-scalable=no,maximum-scale=1,width=device-width" name="viewport" />.<meta content="telephone=no" name="format-detection" />.<meta content="black" name="apple-mobile-web-app-status-bar-style" />.<meta content="yes" name="apple-mobile-web-app-capable" />.<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />.<title>Congratulations! Installation of EaseUS Data Recovery successful!</title>.<meta name="description" content="Thanks for installing EaseUS Data Recovery - the best data recovery software on the market." />.<meta name="keywords" content="data recovery software, windows data recovery, install EaseUS software successful" />.<link type="text/css" rel="stylesheet" href="https://www.easeus.com/default2/css/base.css" />.<link type="text/css" rel="stylesheet" href

Chrome Cache Entry: 277

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 21980
Category:	downloaded
Size (bytes):	6759
Entropy (8bit):	7.970766444142892
Encrypted:	false
SSDEEP:
MD5:	15864CE88FA79A3E954417D0C3396798
SHA1:	FB9C3441942954B8EF8D637CDB307CBBAE25DA56
SHA-256:	97FDE46829E88416162D1CF2BA9C0BDC0A5C45D826ECF44095782AFD7417C500
SHA-512:	AC2B648224C8DD20F4BF5DAE9A4347C57B9902AE554E84FD3506F8B3B1E7759B33CB937B04D509E1DF06E4CBBF133C09D98A06E6FE8D30F639E4B8619E778697
Malicious:	false
Reputation:	unknown
URL:	https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Preview:	...........\.R.H..?Oa4.niI.....L.EO.Q.....,A.V.d...H.h.'...H..{N..%.zf"f#.....'..;'..?.....y>.....$E..%./...l.o.7.V=q..%):,.LS/....q......v..a.}......".0.t..`yf.2]&.....8........&y.Eg..3..<...M..}..A8.).....?~8..xy}.....{..Y.K.........%....n.Q.e>.u.1..a.zA./..oo.........CN....5.d.cX5R'{.u..{....3.O...nn.._....,e./..M.H"......R.l$.....:.aJ.L.S.g...>#...-/$.<.g..i..[....O.............^..?.6...........g.u...............w8.w..v.=...........qog.w@..n.....%Y,o....r....%5Q......\..%Y1......!..SZ$....yyz....%...\.o.'I.1......`B.........>.<X......E......#..^..eP.....,`...E...H.4..G.v.T.A.J.Y...,....x.......!.B&.6...~0.....9.\|....4.HB.K .......,..J....!.\5+p.......94O...Ar....?..+K...>L7R..s...&.v.=+.{I..M.....D..Q..\T..%..H.....Qt..P.X...L#.g.H......O.xlu<X.........pD.lJ......(..!...V..E%.4N...z.J-...o.".~...BC....T.Qf.@..p...fS.../.R.....;3.a2.e.~>.2`Z.A..R$.X.......KZ\|..y.ei.GrI..d..P...e..d......(..(gF>k.P.>.H~.Wt...dP.KY.*".....{C515... .v.

Chrome Cache Entry: 279

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	68
Entropy (8bit):	4.200601260429725
Encrypted:	false
SSDEEP:
MD5:	C4A2B870062C2BB98C500BC1526C0498
SHA1:	528666CCDB12997358077BC8FCDBFB6B825C7788
SHA-256:	2AA4FA20701CDD6D8D56046069001186B5267E3EE7D0EF618AD2F4A683723E11
SHA-512:	2F1A3ABCD12125F7EF18D61A960901C0FD6F82DD02EA2B8041859E6D5F0A7F08DB17CC110DC6D8A3F7D0D1BA790C4BCCA2506D3C60EDFEB5CB29433E9F4F762E
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR....................IDATx.c`...............IEND.B`.

Chrome Cache Entry: 280

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	3.16293190511019
Encrypted:	false
SSDEEP:
MD5:	221D8352905F2C38B3CB2BD191D630B0
SHA1:	D804B495CB9B84B9007A25B5D85F9AE674004CDE
SHA-256:	89FE0EE6020314794FC2CFEACF3D10C31050CFE56F8EBDDF1ED0A33FBE941FA7
SHA-512:	CB3397776F5CA1D15D24786896B2478C6548D0B14DEC0832BFB16C4C419135300704F8A7A4DFBF56D625429C1598EE8110958648F25A3CCA09E6956C1FD3335F
Malicious:	false
Reputation:	unknown
URL:	https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k--h4cAkWVp-lCUOQgg7ieymhymmKcrFqHQAMwuQ
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 282

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 48 x 48, 4-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	467
Entropy (8bit):	7.130546716958971
Encrypted:	false
SSDEEP:
MD5:	068293066BA1B9A97004DB1D6145A975
SHA1:	0916231B6F36EE2A7B57C91AC292555C521492E0
SHA-256:	53EDDCBC7A970D8FCFB6B483223C2629B3F7F7BAD8EAA684742FF5E9102B4C57
SHA-512:	F4EF2C45E302AB99FC305CBEF344EB5292CB101E86B85D867BE6B5FA256460B4E8237DBA273E10041121C9EFEED02E7396F6E2A49FF1789EDC9CAE152768585C
Malicious:	false
Reputation:	unknown
URL:	https://static-cf.cleverbridge.com/mycontent/505/partition-manager_09.png
Preview:	.PNG........IHDR...0...0......,.....gAMA......a.....sRGB.........PLTELiq...........................d.......tRNS...$.H..w.#K.w...=IDAT8...N.0...i..a.6.5..l)B....'#[........ .....3q............J.m<..C.......h8M,..R....V........?..7..T.......1....f%....]pz.ZG.?......MX..D.....Fy.E.R.,.Be..&.fyg.(#,.0...P..+..a%C.4.r.D5'.N...k/.]....v..p..\|~g6..l..b.Yb.M,5fF...^.6..`......U.c...~........m.a..3YR..X.......)..,..b..8.B..!...........7.\..Z....IEND.B`.

Chrome Cache Entry: 283

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	28
Entropy (8bit):	4.137537511266052
Encrypted:	false
SSDEEP:
MD5:	8422EE712E445C0E76D6439925857CE8
SHA1:	5B41C57A5A2EC217E67123A4EE211A8B9B4253F0
SHA-256:	5C078E605C0F0E2CD8607D326345EFE4632006B250F41F0EF64237E0BF712CF9
SHA-512:	13D55732BBA44FB765EC425703D60E74EF07A54E4C227061A42A38DF1148523110E3851FBABA4CD021A7394542280498A347A953779730355B7D8ECF03EC222C
Malicious:	false
Reputation:	unknown
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwneqfM4jEJ4DxIFDbbRMj8SBQ14bxIZ?alt=proto
Preview:	ChIKBw220TI/GgAKBw14bxIZGgA=

Chrome Cache Entry: 284

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	497
Entropy (8bit):	4.684891921463926
Encrypted:	false
SSDEEP:
MD5:	B57C99C9D1E3C50B2114C6DB053D7FF0
SHA1:	ADA8ABFED92BA8A545BBD9D299D74D5972CC4AE8
SHA-256:	691DCDB24853A0F5CE4E6597E5713DEA66799B57FFE2C2A10F28F98E0B569B19
SHA-512:	0DAB6D06F386D922FB28F70F2590D4F9C361E7F4E5D5E581B98E59AAC12B266CBA596FFCCD87203B4330673EE4EC1D459A1ABDFC4B066D243A43B2BF7909F0EE
Malicious:	false
Reputation:	unknown
Preview:	<svg xmlns="http://www.w3.org/2000/svg"><path class="ot-floating-button__svg-fill" d="M14.588 0l.445.328c1.807 1.303 3.961 2.533 6.461 3.688 2.015.93 4.576 1.746 7.682 2.446 0 14.178-4.73 24.133-14.19 29.864l-.398.236C4.863 30.87 0 20.837 0 6.462c3.107-.7 5.668-1.516 7.682-2.446 2.709-1.251 5.01-2.59 6.906-4.016zm5.87 13.88a.75.75 0 00-.974.159l-5.475 6.625-3.005-2.997-.077-.067a.75.75 0 00-.983 1.13l4.172 4.16 6.525-7.895.06-.083a.75.75 0 00-.16-.973z" fill="#FFF" fill-rule="evenodd"/></svg>

Chrome Cache Entry: 285

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x430, components 3
Category:	dropped
Size (bytes):	16899
Entropy (8bit):	7.753445475584496
Encrypted:	false
SSDEEP:
MD5:	9A2D3CC62AD26F59E39FE8FC182E8B45
SHA1:	F8F4A1814FB116EED27AD6E90372F101E5C62DE4
SHA-256:	C21F732205CA684AEA5FEE39362E992A5D6F653FDEE9095ADC1DDBB83462AF44
SHA-512:	E3BF4E1CF1994A0F22DD6EE6E24D48AF89A17743BA15DAD4CA0AFC96CEE4E0CFA1BE1D713DB6C47908E5E4697FFC94EBD8811931A16D2BFF98DA45D2FCA6B604
Malicious:	false
Reputation:	unknown
Preview:	......JFIF..........................................................) .. )/'%'/9339GDG]]}............................................) .. )/'%'/9339GDG]]}..........."................................................0 . ..Y.d.X..........)..\..!."Y.X... .Md...K ......H.. . ..Y.d.X..........)..\..!."Y.X... .Md...K ......H.. . ..Y.d.X..........)..\..!."Y.X... .Md...K ......H.. . ..Y.d.X..........)..\..!."Y.X... .Md...K ......H.. . ..Y.d.X..........)..\..!."Y.X... .Md...K ......H.. . ..Y.d.X..........)..\..!."Y.X... .Md...K ......H.. . ..Y.d.X..........)..\..!."Y.X... .Md...K ......H.. . ..Y.d.X..........)..\..!."Y.X... .Md...K ......H.. . ..Y.d.X..........)..\..!."Y.X... .Md...K ......H.. . ..Y.d.X..........)..\..!."Y.X... .Md...K ......H.. . ..Y.d.X..........)..\..!."Y.X... .Md...K ......H.. . ..Y.d.X..........)..\..!."Y.X... .Md...K ......H.. . ..Y.d.X..........)..\..!."Y.X... .Md...K ......H.. . ..Y.d.X..........)..\..!."Y.X... .Md...K ......H.. . ..Y.d.X..........)..\..!.

Chrome Cache Entry: 286

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1200 x 1200, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	65727
Entropy (8bit):	7.94656269860503
Encrypted:	false
SSDEEP:
MD5:	FE1830F428CD8894B0D52FA3A03C8D52
SHA1:	418E83F18F6449D0AE95480FE3AB09A7E5206C19
SHA-256:	43F8DEA13B0EA434C82A4AC8331C054A7B42899AF4F9F5BD3185EF0772EE7C2A
SHA-512:	2E6EAD04F5938FE5E937EC8C31DC1FF728ED1B038D0642FBB5E85405AB97C2ED58EF1E621333D302902460BB292BF54FBDF2E80E0E3E3597C66A2B34971EA4FF
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...............C....OPLTE.....................................................................(.. W.."(" ..KQW.....WWW998.(q.........)...........)....5......<.............)..Hy.B{.).................$$$.l.;;;2..(M..s.CCCZZZ.].RRR.)t. '...NLJggg...#E......-...wwwooo.8..c.431.......r....).....%DX........L~....[;...1...C...................D.p..Mt.......)R....z.1.....4..".......,..5..~..i..3bx..8.=H+# ........!l.$...")N..+x....f\|..L...uZ2.d....e.....dO9....`....V.. 4>.......~&.....j1...M@/.g.....z)'..>c.M...em...... j...i...J.........d..qANp.12..B..^.2....{.....f.z}..`xr[.2..mb.g.........T...L.&..A2...5tRNS..],.M...v...i@7...#............:\.v.~U.Q+@...f.w.~.......IDATx....q.0..P..-..I=:.'....g.R$P..D3.B%...XH$.O......................................................... [=i.Y-0..,.....8..j........U.*..h.y.g.y<..b0.s...\N.v+.?.=Y....s.X,[c.5k....v.<N......F...o...C5.-.P.s..#.......>..Moo..{....5V....y.......{WZ.\|.......t....<a.Y......!.8P..X...

Chrome Cache Entry: 287

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	dropped
Size (bytes):	43
Entropy (8bit):	2.9889835948335506
Encrypted:	false
SSDEEP:
MD5:	B4491705564909DA7F9EAF749DBBFBB1
SHA1:	279315D507855C6A4351E1E2C2F39DD9CD2FCCD8
SHA-256:	4E0705327480AD2323CB03D9C450FFCAE4A98BF3A5382FA0C7882145ED620E49
SHA-512:	B8D82D64EC656C63570B82215564929ADAD167E61643FD72283B94F3E448EF8AB0AD42202F3537A0DA89960BBDC69498608FC6EC89502C6C338B6226C8BF5E14
Malicious:	false
Reputation:	unknown
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 289

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (11231)
Category:	downloaded
Size (bytes):	21866
Entropy (8bit):	4.993825454722558
Encrypted:	false
SSDEEP:
MD5:	FF0B470FEA1863B7594730B1E74199AD
SHA1:	5EC5122D9CE4D25069017D202728F9A887B7DBD4
SHA-256:	74C39B5EC5A61C19FF20D81C0418FABD61D6DEB6AC0C967DA28761D6B895FF7D
SHA-512:	8D8292C31D6D34E1AECD7AAE68DE2AC6921A7807165BD71AC3FD11284A272C33B6C9ABDBCD29E5203436A2C64A69C9ECB1BF7F629A698F970F2085DFEE4F77C0
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css
Preview:	#onetrust-banner-sdk{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}#onetrust-banner-sdk .onetrust-vendors-list-handler{cursor:pointer;color:#1f96db;font-size:inherit;font-weight:bold;text-decoration:none;margin-left:5px}#onetrust-banner-sdk .onetrust-vendors-list-handler:hover{color:#1f96db}#onetrust-banner-sdk:focus{outline:2px solid #000;outline-offset:-2px}#onetrust-banner-sdk a:focus{outline:2px solid #000}#onetrust-banner-sdk #onetrust-accept-btn-handler,#onetrust-banner-sdk #onetrust-reject-all-handler,#onetrust-banner-sdk #onetrust-pc-btn-handler{outline-offset:1px}#onetrust-banner-sdk .ot-close-icon,#onetrust-pc-sdk .ot-close-icon,#ot-sync-ntfy .ot-close-icon{background-image:url("data:image/svg+xml;base64,PHN2ZyB2ZXJzaW9uPSIxLjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IiB3aWR0aD0iMzQ4LjMzM3B4IiBoZWlnaHQ9IjM0OC4zMzNweCIgdmlld0JveD0iMCAwIDM0OC4zMzMgMzQ4LjMzNCIgc3R5bGU9ImVuYWJsZS1iYWNrZ3

Chrome Cache Entry: 292

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	60295
Entropy (8bit):	5.474502986194847
Encrypted:	false
SSDEEP:
MD5:	307C87905FA5D5B11953ED7F67950381
SHA1:	F900B3F5518887B44E6C565AF7F6D7CCE853DDC0
SHA-256:	B74420758DE35D9E305C4BE91525ACE39BC3961B99841AB0624834B863B7CD01
SHA-512:	E0A40C1756D9E8371B3B6AF6C4FC3814874DF7D871B0894E0E9823FD7E65CDE723E627F4C4D5CD545987768E47CE820B1DE1F360352BEF52D54488853EAD2C04
Malicious:	false
Reputation:	unknown
Preview:	. {. "name": "otPcCenter",. "html": "PGRpdiBpZD0ib25ldHJ1c3QtcGMtc2RrIiBjbGFzcz0ib3RQY0NlbnRlciBvdC1oaWRlIG90LWZhZGUtaW4iIGFyaWEtbW9kYWw9InRydWUiIHJvbGU9ImFsZXJ0ZGlhbG9nIiBhcmlhLWRlc2NyaWJlZGJ5PSJvdC1wYy1kZXNjIj48IS0tIENsb3NlIEJ1dHRvbiAtLT48ZGl2IGNsYXNzPSJvdC1wYy1oZWFkZXIiPjwhLS0gTG9nbyBUYWcgLS0+PGRpdiBjbGFzcz0ib3QtcGMtbG9nbyIgcm9sZT0iaW1nIiBhcmlhLWxhYmVsPSJDb21wYW55IExvZ28iPjwvZGl2PjxidXR0b24gaWQ9ImNsb3NlLXBjLWJ0bi1oYW5kbGVyIiBjbGFzcz0ib3QtY2xvc2UtaWNvbiIgYXJpYS1sYWJlbD0iQ2xvc2UiPjwvYnV0dG9uPjwvZGl2PjwhLS0gQ2xvc2UgQnV0dG9uIC0tPjxkaXYgaWQ9Im90LXBjLWNvbnRlbnQiIGNsYXNzPSJvdC1wYy1zY3JvbGxiYXIiPjxoMiBpZD0ib3QtcGMtdGl0bGUiPllvdXIgUHJpdmFjeTwvaDI+PGRpdiBpZD0ib3QtcGMtZGVzYyI+PC9kaXY+PGJ1dHRvbiBpZD0iYWNjZXB0LXJlY29tbWVuZGVkLWJ0bi1oYW5kbGVyIj5BbGxvdyBhbGw8L2J1dHRvbj48c2VjdGlvbiBjbGFzcz0ib3Qtc2RrLXJvdyBvdC1jYXQtZ3JwIj48aDMgaWQ9Im90LWNhdGVnb3J5LXRpdGxlIj5NYW5hZ2UgQ29va2llIFByZWZlcmVuY2VzPC9oMz48ZGl2IGNsYXNzPSJvdC1wbGktaGRyIj48c3BhbiBjbGFzcz0ib3QtbGktdGl0bGUiPkNvbnNlbn

Chrome Cache Entry: 293

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Category:	dropped
Size (bytes):	4286
Entropy (8bit):	4.189513611296472
Encrypted:	false
SSDEEP:
MD5:	DD4E2BA2D805AD81A3175C464589ACEB
SHA1:	9E9B8360DBC709DBCA37385A8784E19B4EC58F91
SHA-256:	AD8BC6C01299B96217FE9B66D7A646E7E20CD67EBE01EB7188DE5078B54B655F
SHA-512:	48F2947AE30CAB5FF4C4FCADC0BD89874EC7411A47E30A1BFDBE4A7FEFCF1C43F455F89D6BF9ADDBC22F567B58DEB167F794AAC6DA2B9D455933F16C3CC264CA
Malicious:	false
Reputation:	unknown
Preview:	...... .... .........(... ...@..... ..............................................................z.........Y...[...=.... .......?z...............................................................................................\|.........................M.........~......................................................................................"...!..............................f............................................................................................%.......!..........7...................8.....w..................................................................................,...!}.................................k.............................................................................`..._...X...e...g...f.............\|..............._%................................................................f...e...f...c...f...i...c...h...g...q]............................. ....~...j...............................................`...]...d...g...g...g...g...j...h...g

Chrome Cache Entry: 294

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 130 x 130, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	7396
Entropy (8bit):	7.920974894101115
Encrypted:	false
SSDEEP:
MD5:	038B4F5CE832DA60B53A10CA19CB705C
SHA1:	144D6A8691A93891287C2724FDD65D647CBCF3E1
SHA-256:	27B13F5A8717405CADC9F171F04BFECB1EA4FA4B0539B98EF65C9F7F72632B8C
SHA-512:	AF3982BDCC36A207F27B529655D2FE4C8A036146D675C47F3FC7F92C379F3C79C106BBE1EBAEE523782AF1A3041C5ABA73463E38CCBB71BE1DEE879334B834F4
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR....................zPLTE......61D9BOEQYN[......"..0"%<+-I0/Q:7VAB]IJdORpYUiKB\|bW.i_.si.{p.dZ.pg.{r..}...............................rz.`k.MY.6:.eO.yf.~q...............~....p.s_.hU.[K.PDuE4f8,]/ D...3D.-+..O@HJ;B.....~.}\|.pita`.........................................................~x.tl.lbqgVcs`e.ms.z...............................................................~tRNS.....................................................................D..X..............................................bC5#.j......IDATx...s]....\|....v8X.%H....Ml.a..p...e.I.'s1Ss;w.._93.'...t....c......L'...t.m....2`.6...^.o..k..U ....Tk....{.Z_.j.........f...>n.t..;.7....x...u..?..M7...?..M7.q..w...O<x.g....3.fa....^.../,........0../.;......a2...k...._............a.....1.9.......k.v...c..]}..%.ma.=....u.....~..m.~..;6.._V.;K..........P.CFI.......v...~.]....W........$...X.t....q......o~F.8W..+..0=.Oe#A..o....Ns..m;~_......rP........

Chrome Cache Entry: 296

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	16103
Entropy (8bit):	5.372297191266487
Encrypted:	false
SSDEEP:
MD5:	B5B08128335675376B5B561F85B5B8CE
SHA1:	51DDAC952F0D4389739179956225B9A3B0AB8FE7
SHA-256:	A888EA6D5D038815DFF899FBF323E33C68196968B44CECD2B30303E59D0E1154
SHA-512:	059F20C33AAAC46602CE06E0727E442B1BB225A24636DE618984B6EF522722792CE6D764AF42AB061A1C97464FC61F4E218804DB52997229EE51B22434E84D2D
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otFloatingRoundedIcon.json
Preview:	. {. "name": "otFloatingRoundedIcon",. "html": "PGRpdiBpZD0ib25ldHJ1c3QtYmFubmVyLXNkayIgY2xhc3M9Im90RmxvYXRpbmdSb3VuZGVkSWNvbiB2ZXJ0aWNhbC1hbGlnbi1jb250ZW50Ij48ZGl2IHJvbGU9ImFsZXJ0ZGlhbG9nIiBhcmlhLWRlc2NyaWJlZGJ5PSJvbmV0cnVzdC1wb2xpY3ktdGV4dCI+PCEtLSBDb29raWUgQnV0dG9uIC0tPjxkaXYgaWQ9Im9uZXRydXN0LWNvb2tpZS1idG4tY29udGFpbmVyIj48YnV0dG9uIGNsYXNzPSJvdC1saW5rLWJ0biIgaWQ9Im9uZXRydXN0LWNvb2tpZS1idG4iIHJvbGU9ImJ1dHRvbiIgYXJpYS1sYWJlbD0iQ29va2llcyI+PHN2ZyB3aWR0aD0iNjUiIGhlaWdodD0iNjUiIHZpZXdCb3g9Ii0yIC0yIDM1IDM1IiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjx0aXRsZT5Db29raWVzIEJ1dHRvbjwvdGl0bGU+PGcgZmlsbD0ibm9uZSIgZmlsbC1ydWxlPSJldmVub2RkIj48Y2lyY2xlIGN4PSIxNSIgY3k9IjE1IiByPSIxNi41IiBmaWxsPSIjMmUzNjQzIi8+PGNpcmNsZSBjeD0iMTUiIGN5PSIxNSIgcj0iMTQuNSIgZmlsbD0iI2ZmZiIvPjxjaXJjbGUgY3g9IjE1IiBjeT0iMTUiIHI9IjE0IiBmaWxsPSIjMmUzNjQzIi8+PHBhdGggZD0iTTI1IDE0Ljk1VjE1YzAgNS41MjMtNC40NzcgMTAtMTAgMTBTNSAyMC41MjMgNSAxNWMwLTQuODQyIDMuNDQyLTguODgxIDguMDEzLTkuODAzQTMuNSA

Chrome Cache Entry: 297

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (37026)
Category:	downloaded
Size (bytes):	37105
Entropy (8bit):	5.211798964088098
Encrypted:	false
SSDEEP:
MD5:	A6CF9BB482980C3C233776DB855F14D2
SHA1:	2192164FEC1D292D9FB1A01FE69B9CFA3029EB24
SHA-256:	E7F65FC4BF3EE8935F49DA454102685D3629BC341FF28FFB758A2951E0CCB71F
SHA-512:	166E027CA5B643499DFD4A048C8C8AFFDF3AE58A246E709161B5E63F0536DC1BDDEAC0DB63AE5550B06F14A1B5FF0703DF781B433FC6F2A67EBFDB0A1A39BA90
Malicious:	false
Reputation:	unknown
URL:	https://update.easeus.com/firebase-messaging-sw.js
Preview:	/! For license information please see firebase-messaging-sw.js.LICENSE.txt /.(()=>{var e={676:function(e,t){!function(e){"use strict";function t(e){return Array.prototype.slice.call(e)}function n(e){return new Promise((function(t,n){e.onsuccess=function(){t(e.result)},e.onerror=function(){n(e.error)}}))}function i(e,t,i){var o,r=new Promise((function(r,a){n(o=e[t].apply(e,i)).then(r,a)}));return r.request=o,r}function o(e,t,n){var o=i(e,t,n);return o.then((function(e){if(e)return new l(e,o.request)}))}function r(e,t,n){n.forEach((function(n){Object.defineProperty(e.prototype,n,{get:function(){return this[t][n]},set:function(e){this[t][n]=e}})}))}function a(e,t,n,o){o.forEach((function(o){o in n.prototype&&(e.prototype[o]=function(){return i(this[t],o,arguments)})}))}function s(e,t,n,i){i.forEach((function(i){i in n.prototype&&(e.prototype[i]=function(){return this[t][i].apply(this[t],arguments)})}))}function c(e,t,n,i){i.forEach((function(i){i in n.prototype&&(e.prototype[i]=function

Chrome Cache Entry: 298

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	5440
Entropy (8bit):	4.878140242537358
Encrypted:	false
SSDEEP:
MD5:	FED30753B3994348ACA7BEE9D42511C8
SHA1:	F7C8E4DAF3CB6BA233B36ECBEE42E6DB2A757828
SHA-256:	B692F02051F813EE741293DFE9CCAD6B79A8C50DB885930531A136726C08E52E
SHA-512:	6860496799127C9D6BA5DBDE63A8F597A698EBE399F61DFA490482DC19603013C0216540C6ED0C9505A505423A8CD6FB941C5DED6DB35F4C240C24239BAF2107
Malicious:	false
Reputation:	unknown
URL:	https://cdn.cookielaw.org/consent/2232f637-bdae-41d8-a919-951e65147c8b/2232f637-bdae-41d8-a919-951e65147c8b.json
Preview:	{"CookieSPAEnabled":false,"CookieSameSiteNoneEnabled":true,"CookieV2CSPEnabled":false,"MultiVariantTestingEnabled":false,"UseV2":true,"MobileSDK":false,"SkipGeolocation":false,"ScriptType":"PRODUCTION","Version":"6.35.0","OptanonDataJSON":"2232f637-bdae-41d8-a919-951e65147c8b","GeolocationUrl":"https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location","BulkDomainCheckUrl":"https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck","RuleSet":[{"Id":"892cf4cc-78fe-4970-a247-e70f647a8fea","Name":"US Federal States","Countries":[],"States":{"us":["co","ct","ut","ca","va"]},"LanguageSwitcherPlaceholder":{"de":"de","default":"en","fi":"fi","fr":"fr","es":"es"},"BannerPushesDown":false,"Default":false,"Global":false,"Type":"CPRA","UseGoogleVendors":false,"VariantEnabled":false,"TestEndTime":null,"Variants":[],"TemplateName":"MOR US","Conditions":[],"GCEnable":false,"IsGPPEnabled":false},{"Id":"a73ff2a4-4887-4d61-b9ca-5fa7424d9634","Name":"Opt-out","Countries":["hk","sg","au","mx

Chrome Cache Entry: 299

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 120 x 56, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	6083
Entropy (8bit):	7.959597788266821
Encrypted:	false
SSDEEP:
MD5:	551FF1177C1EB4E41CF3C2B56F1146D9
SHA1:	606A50BDB12B4A3EC6DC982D4F29256A05575BE0
SHA-256:	927780E3CFC514B7501C98ECE2A2FE319811FD59D97EF0620F8AF7F0209A77B6
SHA-512:	D7802BE18D69685596A5BFADA3E8B3C6163452BAF88F650D944D0E1607F52E739CB41A90C98E4E2AEC56603127F7B9D37993FA56196849561B29D342AB048D32
Malicious:	false
Reputation:	unknown
Preview:	.PNG........IHDR...x...8.....6<<.....tEXtSoftware.Adobe ImageReadyq.e<...eIDATx..].t....d2..{...$.@..$@T..$.......n....].........][..]......U[p..T.P..........3y.d.....o...$.6.............q.7.&..q..%.G5.m[..X).Y..JLL,.W.'G---e.Z\.....\|.U.,.%.k.hjj.'bcc.5\|.Pgg'.F}}=?...'..e#.X../>6.PW....n....T.........)'%...J.......8u...&.k...!.&.V......8##.]==...x..q...k.:....\|e.\|.(.%./]...O....[..l2.;...b..mG...._.e..8.....#U$...(.....U.q....f3.....(,.._...D...>p.. .u........>..kxv..qm.!.=.X{{.8u"V}....a.7[....;....sx..B...^....c.../.......;..kU.`&T"..=.[....qKP!....k..Tm-:...@.#!P.I....m.^.u...QS+..x.x........7I/'...T.+r...a.....T=.....dWej......>...I.&.$HX...F....T,.U...XT...Y..Y..m4..\|.v.:.."T:.......A o...L.8....c2...._..S..G.mG....A~....=w........u.E.y...m~..N.f..Y..%7..T......Q~.`.-..g.au.-y....co.A.2.x.'.......O........-..R^.Z..'...I..\|...l..go.BQ~...KE....".*e.\|.ua...eE..Q..........Z..F...V+..(.r."?{.....:.......A....qE.+NGJ..G......mmh.\|..?

Chrome Cache Entry: 300

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	881
Entropy (8bit):	4.8797551683097575
Encrypted:	false
SSDEEP:
MD5:	C036BEEFA1BADEBB6F55198E965BA83D
SHA1:	AD51BCDF8F7014A33E56E124E186596CD81A2D4C
SHA-256:	F4BB1011E4C63F91D91DFCAAFBF1EEBCEE8521D3E27FA37EB951F92C94F14F73
SHA-512:	B196AC46D677A60E332208EECA309CC0FE55E24F116B0B3BA24A34B5A953A086CD125A27DD36D47DB22EC3FEE35EE501D968C730359A8EA7BE8161A595C721B9
Malicious:	false
Reputation:	unknown
URL:	https://widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=53e320ce0000640005793e9d&locale=en-US
Preview:	{"businessUnit":{"stars":4.5,"trustScore":4.7,"displayName":"EaseUS","numberOfReviews":{"total":20563,"oneStar":1543,"twoStars":111,"threeStars":106,"fourStars":436,"fiveStars":18367},"websiteUrl":"http://www.easeus.com"},"businessEntity":{"stars":4.5,"trustScore":4.7,"displayName":"EaseUS","numberOfReviews":{"total":20563,"oneStar":1543,"twoStars":111,"threeStars":106,"fourStars":436,"fiveStars":18367},"websiteUrl":"http://www.easeus.com"},"reviews":null,"links":{"profileUrl":"https://www.trustpilot.com/review/easeus.com","evaluateUrl":"https://www.trustpilot.com/evaluate/easeus.com","evaluateEmbedUrl":"https://www.trustpilot.com/evaluate/embed/easeus.com","consumerWebPageUrl":null},"starsString":"Excellent","translations":{"reviews":"reviews","noReviews":"Be the first to <strong>review us</strong>"},"settings":{"customStylesAllowed":false,"syndicationEnabled":false}}

Chrome Cache Entry: 301

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	62
Entropy (8bit):	3.9237100146972455
Encrypted:	false
SSDEEP:
MD5:	3F386F5061436A0338A64E0910DB495D
SHA1:	599FE4A552C991A2B3CE5A1660732BF7B21FB901
SHA-256:	0AF3AAE90B7DE9FDCEEE2AB421378EA2F54C74BE81EF43FC6C1790A032755D80
SHA-512:	235479F42CBBE0A4B0100167FECE0D14C9B47D272B3BA8322BCFE8539F055BF31D500E7B2995CC968EBF73034E039F59C5F0F9410428663034BF119D74B5672C
Malicious:	false
Reputation:	unknown
URL:	https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=cW0baXiw9B__c4wNdQMJmfSlScIFqWt_
Preview:	GIF89a.............!..NETSCAPE2.0.....!.......,...........L..;

Chrome Cache Entry: 303

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	61514
Entropy (8bit):	7.9940725455615675
Encrypted:	true
SSDEEP:
MD5:	C1259258C2F2D2ED1F18A3F790333B73
SHA1:	E7D368C2CB6A7106D2611B7A9404254ED350C3DA
SHA-256:	4EA5EB89FC9D59208320585497C02DA0788C0BA0B69FE5AD28E1E10FC7D98C1C
SHA-512:	AEDF1CB0111B54D5A249EFDAD0C73B8D97D1C7CE4BD9AAB084468AE3976C5E25F8AFDFE95E9A02F23EAA6A27EC26FA5243158DD2D4AEB33AAF20694A730DFC3F
Malicious:	false
Reputation:	unknown
URL:	https://www.easeus.com/images_2016/awards.png
Preview:	RIFFB...WEBPVP8L5.../..+.'..m..~~..Z....._..\..pd.6m..g..........L.m.w.1.m..z.m...L..m}.....m-.6n.5@.E,. .....5..gb....I.........!.P.P...P.....D.b........@.........0C..8...H...RyE.N.P....0.......:t.g.t-..s.9-..9....T.......=<6pZ....bD0"n.o..O.y&.AO.#.8.)4.....s5..s.....q...I;.d..B......3..&..U...d...Y..a.Q.IlL.+f.W,.s..........$C...6\|.d&.1..=%?]:N.8.........a....(>.3%..K...O..V...FDs^.....M....;.v<... {.\|.'....E.......RA>..O....~[.\|.m8...t.........jmg...'.u.m..?.o.\| )Y.+...t.`<6.ri}.F-[W.6^..7..,..N..9..V........{q.7...U.B.].,?.Yxq..]*......7..`.......6..cC#.v\|...........&....x.._._.&y!..$Ir......0.w.#b..O...........)..O...b-[e..... i.m!I6..C\AQV.%.. I./..M[..6c..R.U...L.5..G..M.0.Sf.$ ..$...I".........4\..yr...2........;..\|......wf....-(n.....`P..V...j..3.$....4.Nj39........?u._.N...............y.w..?-....:.F...6...I....m.v.H.m.....w.q.H...Q.L...A%#... I....QT...fwY8......'[ml).~....UDIU.....".....%.1.YH(...=w.............T....G.

Static File Info

⊘No static file info

Description:	Adversaries may gain access to a system through a user visiting a website over the normal course of browsing. With this technique, the user's web browser is typically targeted for exploitation, but adversaries may also use compromised websites for non-exploitation behavior such as acquiring Application Access Token .
Tactics:	Initial Access
Data Sources:	Application Log: Application Log Content, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Process: Process Creation
Platforms:	Linux, macOS, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://www.easeus.com/thankyou/install-data-recovery-wizard-trial.htm?linkid=brand_install_drwtrial%5C

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 148

Chrome Cache Entry: 149

Chrome Cache Entry: 151

Chrome Cache Entry: 152

Chrome Cache Entry: 153

Chrome Cache Entry: 154

Chrome Cache Entry: 155

Chrome Cache Entry: 156

Chrome Cache Entry: 157

Chrome Cache Entry: 159

Chrome Cache Entry: 160

Chrome Cache Entry: 161

Chrome Cache Entry: 163

Chrome Cache Entry: 164

Chrome Cache Entry: 165

Chrome Cache Entry: 166

Chrome Cache Entry: 167

Chrome Cache Entry: 168

Chrome Cache Entry: 170

Chrome Cache Entry: 174

Chrome Cache Entry: 175

Chrome Cache Entry: 176

Chrome Cache Entry: 177

Chrome Cache Entry: 178

Chrome Cache Entry: 179

Chrome Cache Entry: 180

Chrome Cache Entry: 181

Chrome Cache Entry: 182

Chrome Cache Entry: 183

Chrome Cache Entry: 184

Chrome Cache Entry: 186

Windows Analysis Report
https://www.easeus.com/thankyou/install-data-recovery-wizard-trial.htm?linkid=brand_install_drwtrial%5C