Windows Analysis Report
https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock

Overview

General Information

Sample URL:	https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock
Analysis ID:	1431509
Infos:

Detection

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for dropped file

Multi AV Scanner detection for dropped file

Drops PE files

Found iframes

HTML body contains password input but no form action

HTML body with high number of embedded SVGs detected

HTML title does not match URL

PE file contains an invalid checksum

PE file contains executable resources (Code or Archives)

PE file does not import any functions

PE file overlay found

Stores files to the Windows start menu directory

Classification

Signatures

AV Detection

Antivirus detection for dropped file

Source: C:\Users\user\Downloads\Unconfirmed 761557.crdownload

Avira: detection malicious, Label: TR/Encoder.diukz

Multi AV Scanner detection for dropped file

Source: C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE (copy)	Virustotal: Detection: 14%	Perma Link
Source: C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE (copy)	ReversingLabs: Detection: 18%
Source: C:\Users\user\Downloads\Unconfirmed 761557.crdownload	ReversingLabs: Detection: 18%
Source: C:\Users\user\Downloads\Unconfirmed 761557.crdownload	Virustotal: Detection: 14%	Perma Link

Found iframes

Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-MVB48PL
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-MVB48PL
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/649810871?random=1714036509589&cv=11&fst=1714036509589&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v885466289za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fstarmicronics.com%2Fsupport%2Fdownload%2Fstarprnt-intelligence-software-setup-exe-file-v3-6-0a%2F&hn=www.googleadservices.com&frm=0&tiba=StarPRNT%20Intelligence%20Software%20Setup%20EXE%20File%20V3.6.0a%20-%20Global%20Support%20Center&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=35269872.1714036510&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: Iframe src: https://starmicronics.com/support/?__wpdmlo=2832&&REFERRER=https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-MVB48PL
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/649810871?random=1714036509589&cv=11&fst=1714036509589&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v885466289za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fstarmicronics.com%2Fsupport%2Fdownload%2Fstarprnt-intelligence-software-setup-exe-file-v3-6-0a%2F&hn=www.googleadservices.com&frm=0&tiba=StarPRNT%20Intelligence%20Software%20Setup%20EXE%20File%20V3.6.0a%20-%20Global%20Support%20Center&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=35269872.1714036510&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config

HTML body contains password input but no form action

Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML body with high number of embedded SVGs detected

Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock

HTTP Parser: Total embedded SVG size: 364194

HTML title does not match URL

Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock

HTTP Parser: Title: StarPRNT Intelligence Software Setup EXE File V3.6.0a - Global Support Center does not match URL

Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock

HTTP Parser: <input type="password" .../> found

Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No favicon
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No favicon
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No favicon
Source: https://starmicronics.com/support/?__wpdmlo=2832&&REFERRER=https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No favicon
Source: https://starmicronics.com/support/?__wpdmlo=2832&&REFERRER=https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No favicon

Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No <meta name="author".. found
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No <meta name="author".. found
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No <meta name="author".. found

Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No <meta name="copyright".. found
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No <meta name="copyright".. found
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No <meta name="copyright".. found

Source:

Binary string: wextract.pdb source: StarPRNT_PSA_3.6a_setup.EXE, 0000000D.00000000.1704133237.0000000000531000.00000020.00000001.01000000.00000006.sdmp, Unconfirmed 761557.crdownload.0.dr, bc1c1098-2c1a-48d8-a5a8-03f400a2a42a.tmp.0.dr

Source: chromecache_243.1.dr	String found in binary or memory: Math.round(p);v["gtm.videoCurrentTime"]=Math.round(q);v["gtm.videoElapsedTime"]=Math.round(f);v["gtm.videoPercent"]=r;v["gtm.videoVisible"]=t;return v},Qj:function(){e=zb()},sd:function(){d()}}};var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)
Source: chromecache_243.1.dr	String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var h=iA(a,c,e);M(121);if("https://www.facebook.com/tr/"===h["gtm.elementUrl"])return M(122),!0;if(d&&f){for(var m=Jb(b,g.length),n=0;n<g.length;++n)g[n](h,m);return m.done}for(var p=0;p<g.length;++p)g[p](h,function(){});return!0},lA=function(){var a=[],b=function(c){return pb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_243.1.dr	String found in binary or memory: e\|\|f\|\|g.length\|\|h.length))return;var n={Xg:d,Vg:e,Wg:f,Ih:g,Jh:h,ye:m,Ab:b},p=D.YT,q=function(){IC(n)};if(p)return p.ready&&p.ready(q),b;var r=D.onYouTubeIframeAPIReady;D.onYouTubeIframeAPIReady=function(){r&&r();q()};I(function(){for(var t=H.getElementsByTagName("script"),u=t.length,v=0;v<u;v++){var w=t[v].getAttribute("src");if(LC(w,"iframe_api")\|\|LC(w,"player_api"))return b}for(var x=H.getElementsByTagName("iframe"),y=x.length,A=0;A<y;A++)if(!CC&&JC(x[A],n.ye))return tc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_323.1.dr, chromecache_310.1.dr	String found in binary or memory: return b}yC.J="internal.enableAutoEventOnTimer";var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)
Source: chromecache_243.1.dr	String found in binary or memory: var NB=function(a,b,c,d,e){var f=Jz("fsl",c?"nv.mwt":"mwt",0),g;g=c?Jz("fsl","nv.ids",[]):Jz("fsl","ids",[]);if(!g.length)return!0;var h=Fz(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);M(121);if("https://www.facebook.com/tr/"===m)return M(122),!0;h["gtm.elementUrl"]=m;h["gtm.formCanceled"]=c;null!=a.getAttribute("name")&&(h["gtm.interactedFormName"]=a.getAttribute("name"));e&&(h["gtm.formSubmitElement"]=e,h["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!uy(h,vy(b, equals www.facebook.com (Facebook)

Source: chromecache_248.1.dr	String found in binary or memory: http://api.jqueryui.com/position/
Source: chromecache_315.1.dr	String found in binary or memory: http://hilios.github.io/jQuery.countdown/)
Source: chromecache_346.1.dr	String found in binary or memory: http://hubs.ly/H0702_H0
Source: chromecache_248.1.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_248.1.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_315.1.dr	String found in binary or memory: http://masonry.desandro.com
Source: chromecache_315.1.dr	String found in binary or memory: http://robert-fleischmann.de)
Source: chromecache_315.1.dr	String found in binary or memory: http://tutorialzine.com/2011/09/shuffle-letters-effect-jquery/
Source: chromecache_318.1.dr, chromecache_329.1.dr	String found in binary or memory: http://www.hubspot.com
Source: chromecache_243.1.dr, chromecache_310.1.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_243.1.dr, chromecache_310.1.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_244.1.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=378607
Source: chromecache_244.1.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=449857
Source: chromecache_244.1.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=470258
Source: chromecache_244.1.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=589347
Source: chromecache_244.1.dr	String found in binary or memory: https://bugs.jquery.com/ticket/13393
Source: chromecache_244.1.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=136851
Source: chromecache_244.1.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=137337
Source: chromecache_244.1.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: chromecache_244.1.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=687787
Source: chromecache_323.1.dr, chromecache_243.1.dr, chromecache_310.1.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_358.1.dr, chromecache_281.1.dr	String found in binary or memory: https://cdn1.iconfinder.com/data/icons/hawcons/32/698558-icon-47-note-important-512.png
Source: chromecache_234.1.dr	String found in binary or memory: https://clients1.google.com/complete/search
Source: chromecache_244.1.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: chromecache_244.1.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#common-serializing-idioms
Source: chromecache_244.1.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#resolved-values
Source: chromecache_244.1.dr	String found in binary or memory: https://drafts.csswg.org/selectors/#relational
Source: chromecache_338.1.dr, chromecache_229.1.dr, chromecache_341.1.dr, chromecache_319.1.dr, chromecache_259.1.dr, chromecache_343.1.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_338.1.dr, chromecache_229.1.dr, chromecache_341.1.dr, chromecache_319.1.dr, chromecache_259.1.dr, chromecache_343.1.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEz0dL_nz.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEz4dL_nz.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEz8dL_nz.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzMdL_nz.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzQdL_nz.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzwdL_nz.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc-CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc0CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc1CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc2CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc3CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc5CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc-CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc0CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc1CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc2CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc3CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc5CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc-CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc0CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc1CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc2CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc3CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc5CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic-CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic0CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic1CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic2CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic3CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic5CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxEIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxFIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxGIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxHIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxLIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxMIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xEIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xFIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xGIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xHIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xLIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBxc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCBc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCRc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCxc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufA5qW54A.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufB5qW54A.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufO5qW54A.woff2)
Source: chromecache_224.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFU0U1Z4Y.woff2)
Source: chromecache_224.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFUkU1Z4Y.woff2)
Source: chromecache_224.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2)
Source: chromecache_224.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFVUU1Z4Y.woff2)
Source: chromecache_224.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUU1Z4Y.woff2)
Source: chromecache_224.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWkU1Z4Y.woff2)
Source: chromecache_223.1.dr, chromecache_301.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_290.1.dr	String found in binary or memory: https://github.com/john-doherty/swiped-events
Source: chromecache_244.1.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/557)
Source: chromecache_244.1.dr	String found in binary or memory: https://github.com/jquery/sizzle/issues/157)
Source: chromecache_244.1.dr	String found in binary or memory: https://github.com/jquery/sizzle/issues/299)
Source: chromecache_244.1.dr	String found in binary or memory: https://github.com/jquery/sizzle/pull/225
Source: chromecache_244.1.dr	String found in binary or memory: https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
Source: chromecache_303.1.dr	String found in binary or memory: https://github.com/microsoft/clarity
Source: chromecache_302.1.dr	String found in binary or memory: https://github.com/selectize/selectize.js
Source: chromecache_223.1.dr, chromecache_301.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_223.1.dr, chromecache_301.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_244.1.dr	String found in binary or memory: https://github.com/whatwg/html/issues/2369
Source: chromecache_350.1.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_350.1.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.32.0/LICENSE
Source: chromecache_310.1.dr	String found in binary or memory: https://google.com
Source: chromecache_310.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_244.1.dr	String found in binary or memory: https://html.spec.whatwg.org/#nonce-attributes
Source: chromecache_244.1.dr	String found in binary or memory: https://html.spec.whatwg.org/#strip-and-collapse-whitespace
Source: chromecache_244.1.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#category-listed
Source: chromecache_244.1.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#concept-fe-disabled
Source: chromecache_244.1.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#concept-option-disabled
Source: chromecache_244.1.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/scripting.html#selector-disabled
Source: chromecache_244.1.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/scripting.html#selector-enabled
Source: chromecache_244.1.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/syntax.html#attributes-2
Source: chromecache_244.1.dr	String found in binary or memory: https://infra.spec.whatwg.org/#strip-and-collapse-ascii-whitespace
Source: chromecache_315.1.dr	String found in binary or memory: https://isotope.metafizzy.co
Source: chromecache_244.1.dr	String found in binary or memory: https://jquery.com/
Source: chromecache_244.1.dr	String found in binary or memory: https://jquery.org/license
Source: chromecache_318.1.dr	String found in binary or memory: https://js-na1.hs-scripts.com/22657350.js
Source: chromecache_346.1.dr	String found in binary or memory: https://js.hs-analytics.net/analytics/1714036500000/22657350.js
Source: chromecache_329.1.dr	String found in binary or memory: https://js.hs-banner.com/v2
Source: chromecache_346.1.dr	String found in binary or memory: https://js.hs-banner.com/v2/22657350/banner.js
Source: chromecache_346.1.dr	String found in binary or memory: https://js.hsadspixel.net/fb.js
Source: chromecache_346.1.dr	String found in binary or memory: https://js.hscollectedforms.net/collectedforms.js
Source: chromecache_346.1.dr	String found in binary or memory: https://js.usemessages.com/conversations-embed.js
Source: chromecache_296.1.dr	String found in binary or memory: https://jsfiddle.net/6spj1059/
Source: chromecache_244.1.dr	String found in binary or memory: https://jsperf.com/getall-vs-sizzle/2
Source: chromecache_260.1.dr	String found in binary or memory: https://knowledgebase.ajaxsearchpro.com/other/javascript-api
Source: chromecache_310.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_323.1.dr, chromecache_243.1.dr, chromecache_310.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_244.1.dr	String found in binary or memory: https://promisesaplus.com/#point-48
Source: chromecache_244.1.dr	String found in binary or memory: https://promisesaplus.com/#point-54
Source: chromecache_244.1.dr	String found in binary or memory: https://promisesaplus.com/#point-57
Source: chromecache_244.1.dr	String found in binary or memory: https://promisesaplus.com/#point-59
Source: chromecache_244.1.dr	String found in binary or memory: https://promisesaplus.com/#point-61
Source: chromecache_244.1.dr	String found in binary or memory: https://promisesaplus.com/#point-64
Source: chromecache_244.1.dr	String found in binary or memory: https://promisesaplus.com/#point-75
Source: chromecache_290.1.dr	String found in binary or memory: https://stackoverflow.com/questions/16348031/disable-scrolling-when-touch-moving-certain-element
Source: chromecache_243.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_243.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_252.1.dr	String found in binary or memory: https://swiperjs.com
Source: chromecache_323.1.dr, chromecache_243.1.dr, chromecache_310.1.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_310.1.dr	String found in binary or memory: https://www.google.com
Source: chromecache_246.1.dr	String found in binary or memory: https://www.google.com/pagead/1p-user-list/649810871/?random
Source: chromecache_310.1.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_323.1.dr, chromecache_243.1.dr, chromecache_310.1.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_243.1.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_243.1.dr	String found in binary or memory: https://www.youtube.com/iframe_api

PE file contains executable resources (Code or Archives)

Source: Unconfirmed 761557.crdownload.0.dr

Static PE information: Resource name: RT_RCDATA type: Microsoft Cabinet archive data, many, 194613639 bytes, 6 files, at 0x2c +A "Data_x64.cab" +A "Data_x86.cab", ID 12446, number 1, 9721 datablocks, 0x1503 compression

PE file does not import any functions

Source: bc1c1098-2c1a-48d8-a5a8-03f400a2a42a.tmp.0.dr

Static PE information: No import functions for PE file found

PE file overlay found

Source: bc1c1098-2c1a-48d8-a5a8-03f400a2a42a.tmp.0.dr

Static PE information: Data appended to the last section found

Source: classification engine

Classification label: mal56.win@23/282@0/55

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: C:\Windows\System32\rundll32.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown

Process created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1956,i,18249929711046413500,14323128779850085663,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5580 --field-trial-handle=1956,i,18249929711046413500,14323128779850085663,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE "C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE "C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE"
Source: unknown	Process created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Source: unknown	Process created: C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE "C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE"
Source: unknown	Process created: C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE "C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE"
Source: unknown	Process created: C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE "C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1956,i,18249929711046413500,14323128779850085663,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5580 --field-trial-handle=1956,i,18249929711046413500,14323128779850085663,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source:

PE file contains an invalid checksum

Source: bc1c1098-2c1a-48d8-a5a8-03f400a2a42a.tmp.0.dr

Static PE information: real checksum: 0xb9dd996 should be: 0x77da

Drops PE files

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE (copy)	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\Downloads\bc1c1098-2c1a-48d8-a5a8-03f400a2a42a.tmp	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\Downloads\Unconfirmed 761557.crdownload	Jump to dropped file

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Source: C:\Windows\System32\rundll32.exe

Process information set: NOOPENFILEERRORBOX

Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
172.253.124.101	unknown	United States	15169	GOOGLEUS	false
74.125.138.157	unknown	United States	15169	GOOGLEUS	false
172.217.215.104	unknown	United States	15169	GOOGLEUS	false
188.40.94.206	unknown	Germany	24940	HETZNER-ASDE	false
107.178.240.143	unknown	United States	15169	GOOGLEUS	false
69.173.151.100	unknown	United States	26667	RUBICONPROJECTUS	false
104.16.78.142	unknown	United States	13335	CLOUDFLARENETUS	false
13.107.213.41	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.251.15.94	unknown	United States	15169	GOOGLEUS	false
104.16.138.209	unknown	United States	13335	CLOUDFLARENETUS	false
35.190.80.1	unknown	United States	15169	GOOGLEUS	false
20.110.205.119	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
74.125.138.156	unknown	United States	15169	GOOGLEUS	false
52.20.157.23	unknown	United States	14618	AMAZON-AESUS	false
64.233.177.94	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
104.18.80.204	unknown	United States	13335	CLOUDFLARENETUS	false
13.107.21.237	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.45.184.134	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.107.42.14	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
104.18.242.108	unknown	United States	13335	CLOUDFLARENETUS	false
108.177.122.104	unknown	United States	15169	GOOGLEUS	false
64.233.185.103	unknown	United States	15169	GOOGLEUS	false
64.233.176.95	unknown	United States	15169	GOOGLEUS	false
3.225.218.10	unknown	United States	14618	AMAZON-AESUS	false
104.19.175.188	unknown	United States	13335	CLOUDFLARENETUS	false
64.233.176.94	unknown	United States	15169	GOOGLEUS	false
142.250.105.113	unknown	United States	15169	GOOGLEUS	false
68.67.161.208	unknown	United States	29990	ASN-APPNEXUS	false
104.16.110.254	unknown	United States	13335	CLOUDFLARENETUS	false
23.239.22.30	unknown	United States	63949	LINODE-APLinodeLLCUS	false
35.244.159.8	unknown	United States	15169	GOOGLEUS	false
35.212.19.192	unknown	United States	19527	GOOGLE-2US	false
172.64.153.27	unknown	United States	13335	CLOUDFLARENETUS	false
64.233.176.154	unknown	United States	15169	GOOGLEUS	false
104.16.160.168	unknown	United States	13335	CLOUDFLARENETUS	false
104.16.111.254	unknown	United States	13335	CLOUDFLARENETUS	false
104.18.244.108	unknown	United States	13335	CLOUDFLARENETUS	false
16.12.64.98	unknown	United States	unknown	unknown	false
172.253.124.97	unknown	United States	15169	GOOGLEUS	false
139.162.178.190	unknown	Netherlands	63949	LINODE-APLinodeLLCUS	false
68.67.181.211	unknown	United States	29990	ASN-APPNEXUS	false
104.244.42.67	unknown	United States	13414	TWITTERUS	false
104.244.42.195	unknown	United States	13414	TWITTERUS	false
173.194.219.84	unknown	United States	15169	GOOGLEUS	false
151.101.2.217	unknown	United States	54113	FASTLYUS	false
34.98.64.218	unknown	United States	15169	GOOGLEUS	false
104.21.27.152	unknown	United States	13335	CLOUDFLARENETUS	false
64.233.176.101	unknown	United States	15169	GOOGLEUS	false
64.233.185.95	unknown	United States	15169	GOOGLEUS	false
96.7.224.9	unknown	United States	20940	AKAMAI-ASN1EU	false
104.17.223.152	unknown	United States	13335	CLOUDFLARENETUS	false
104.16.117.116	unknown	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.16

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://starmicronics.com/support/?__wpdmlo=2832&&REFERRER=https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	false		high
https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	false		high
about:blank	false	Avira URL Cloud: safe	low

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 08:14:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	002DCEDDDD6653F8F3C79E2D6C90C519	0946A8439D871D05C6D39D3E17CDBC615AA4A60A	92F1C3A7819F495FB41FF7B2764541C675A26BA9A2F269E7849102547757325A
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 08:14:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	51D02ADFC39CDCFB007FEE6A4262357A	EFD4D61B52094D122D7B8D66FBD44EE61E14FE09	707811DD1CE3745C882BBB466BDF9B5D89010632A8DE2443F7BE20781358E902
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	0F702F7A5B4B11E68E507395D19EEF13	DA80CCF1503366E10A76A29047B07E9965407F67	79652BB69D29CF71E72A9C9EF3FE3531513AE678DF4252D5B8B78D80DB681ABE
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 08:14:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	DF51A05BA3129AD65326F23641E0B431	CE6169E319BD033DA30D44CA58899DCF01FD2618	2FD33B9CE130222E84EFE207C693C42272A6B3486930CECB72DA70FA59BBBCB4
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 08:14:54 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	B391DD4A6AC24CAEE2DAAABFE37D95A3	0B3DA54BF6E418B47E822E34803EF96668C17C25	CF0F4E1A63228F14D62EDF4E2EA9C1BEBFB2CB7D63849DC9485F423DF6942E81
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 08:14:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	6E5B36E3E5348D85ABDE79E69A25FED4	E4A002D15181581A3A124F2A8499A2411DDC7289	6C143CBF9EC0F29C43A93F60D4CF6346F8697389484130463E276EA5C7A98981
C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE (copy)	PE32 executable (GUI) Intel 80386, for MS Windows	0E411D9B8373D3D2FE3F705103E37D1F	E003EA06692145E1D0D84B82EA3E9B7A2811E910	084A02780ABB415031633A116A2887C1AE53BD79F53A340865A6A65CC600EAAE
C:\Users\user\Downloads\Unconfirmed 761557.crdownload	PE32 executable (GUI) Intel 80386, for MS Windows	0E411D9B8373D3D2FE3F705103E37D1F	E003EA06692145E1D0D84B82EA3E9B7A2811E910	084A02780ABB415031633A116A2887C1AE53BD79F53A340865A6A65CC600EAAE
C:\Users\user\Downloads\bc1c1098-2c1a-48d8-a5a8-03f400a2a42a.tmp	PE32 executable (GUI) Intel 80386, for MS Windows	B01BD02D710198427B364B678611457C	764B99E37B2BC0CBF44754CE42B00BF37458A7CD	77D0E087DAC29B2CDA6577465E0E33583740F2E2C7FF1E517BB8A3C747066005
Chrome Cache Entry: 217	ASCII text, with very long lines (10287), with no line terminators	8456FF924AFC1C7B79F8E9C61D4EDB50	69381F72090B4A2B76385DCBE86A5CE33A042820	BC9CE60ECD8AD81F4255BAEC05CEE96D4A32F484F1CC6975E11AC87A5DE667F2
Chrome Cache Entry: 218	Unicode text, UTF-8 text, with very long lines (1646)	B46C6C561749D353DED2332C13A5E8EB	4C5AD91CCB661A5E48F9C502C06B326878F4F715	6F708315EC1E5F14FCF831768764AAD338D6507AC1E5F11C155C820487052544
Chrome Cache Entry: 219	RIFF (little-endian) data, Web/P image	5C44202DC244675AA135AD1528898C81	65487A2E9F48A5FFBB406DA5474D9DD6DC984571	C05382EB8DBCEB2519B907BC5D58A6C4571FF764F48DD25F0BBF248C87DA6C7D
Chrome Cache Entry: 220	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=14, height=5304, bps=182, PhotometricIntepretation=RGB, manufacturer=SONY, model=ILCA-99M2, orientation=upper-left, width=7952], baseline, precision 8, 2560x1708, components 3	CA12F1E71EFC02B8A9A914A0329AB8B9	C04F1CE5ACBEE1E410B25E9C2CF00B7B040C6520	9003359281258789B4940F1A844881122596CBB42AEBAB9706D29F9B6A150C22
Chrome Cache Entry: 221	ASCII text, with very long lines (15977), with no line terminators	EE858E15DB40066634AE2D7C3959FBF0	82D919C1C636BBAD55AE555CE661F9C34A3A7CFC	DC869996CBC8F47CAB9AEB9523F81A7F420207A2601CCE9BA45E9B7E0E261452
Chrome Cache Entry: 222	ASCII text, with very long lines (6180)	65A4CDF8F8C613EA8F766101EEA8E667	575C45FCEDDA87ED4402543B8CBAC6FFEC4034D4	1C67D8CE90160A6586CFD2C2A936959738F5B1843EBDFBAC4325C4D1A9B61224
Chrome Cache Entry: 223	ASCII text, with very long lines (59729)	466028B5FCB807DD28FFC6FBDE0F86CF	BEFE5D063BE56580CF32B813DEC80B0556683517	2DDC752C921C073E6558C329F8392D42D6FBDA4C690FCBA532A66392D3EA0B87
Chrome Cache Entry: 224	ASCII text, with very long lines (634)	7DE5D66D666D5AF11D791103793411A0	C99AB77CC42DA535830F6532F8DBAC353982A5F1	9DA5021AF60AD21941DFA0BA57085436EF111383C7FF9ACA07F513EC487DB074
Chrome Cache Entry: 225	JSON data	D1724D9EEBF0799B85E4BB9F8E5C0B39	8E6534B28DF9C254C649F36F24ADECD99374790C	32B523DAEB39F68AD4CC934ED3BBAE20D1005071B095C750952D147BFA9CA1E1
Chrome Cache Entry: 226	JSON data	9174064947D0C622D589FD44A3B4ED27	014F73D382114F43E4140E64DB48C59DC2D22A1F	F6B7CE9C0AB4157E86D319A392B9D3BE7FFD6F88C6C997114C285BB541F893F4
Chrome Cache Entry: 227	ASCII text, with very long lines (65447)	826EB77E86B02AB7724FE3D0141FF87C	79CD3587D565AFE290076A8D36C31C305A573D18	CB6F2D32C49D1C2B25E9FFC9AAAFA3F83075346C01BCD4AE6EB187392A4292CF
Chrome Cache Entry: 228	ASCII text, with very long lines (15961), with no line terminators	E5F76602909279F990D104B79623A683	980F336436E38E9DC1D6D39C2C09134A8C8BF36E	33CA03F332C1CC086BA1D3A37100BC3E177F04E5AECF2F34D0723FC2DB219EC8
Chrome Cache Entry: 229	ASCII text, with very long lines (483)	9EB2D3C87FEB6BB2FFA63B70532B1477	38F226335A05AB0E30497BC7419EB5E243A9E26C	37BAB6CD583982E8EFF58501A99D7C5C4D63664C1CA34F9E3B7CF526C5B73AE2
Chrome Cache Entry: 230	RIFF (little-endian) data, Web/P image, VP8 encoding, 250x100, Suserng: [none]x[none], YUV color, decoders should clamp	A08F5041D2775E4E8C3EA71DC455982A	981756B379106454EB0F96E15BDA3F06E1D01280	1C2BD987477F9EEAF2D1AD2C8B5685746AEE56A9DC4FF8056494C41D93D0E3E7
Chrome Cache Entry: 231	ASCII text, with very long lines (604)	6279B419A83F9FFE7B097E06D5A52D96	36483C841BBC1DFC70C677598A5DC4261B32F7E7	3B232FD3391577C47F0D3526236110819B3ACFB39BF955BD03D47ADE8D336DAC
Chrome Cache Entry: 232	RIFF (little-endian) data, Web/P image, VP8 encoding, 2560x1708, Suserng: [none]x[none], YUV color, decoders should clamp	7D1A38704D915ABEF6A4F4FFD22F7174	6ABFDA9E4501C4A8AE637363D7DF781B63E7DF95	8EE2DD460ABC2A658D4032A5AE917A0DB26159062E0B1A633C5DD62E7252BC68
Chrome Cache Entry: 233	RIFF (little-endian) data, Web/P image	B7AE3CF6997A31AF1BFEFAF0B8B11A5D	8DE5A7E75176664075DE5BD88E21E15A7F82BA2F	897705F507575AD2F526ED5192A0AA10A79112FC28537FD9CE538D33E5985079
Chrome Cache Entry: 234	ASCII text, with very long lines (531)	EDE07E4FE9B732C21A0E8F33B3E7AB48	21206F5CB54726DAAA9EDAB5509BDFCCCB434F53	2E5B202110F883E9274FB789BE462AE0A56085DCB9A8C94FC83415389767C379
Chrome Cache Entry: 235	ASCII text, with very long lines (30299), with no line terminators	317FBC87772718EB181EC7FEBA35E148	E08708D82FBA6BDB5D2A6826CC5099662F7DAAB1	12C3F7BC60C99D1B6B634D6CD16FBB0E26AE75DDDA15D7A6E5106CD5DAD83F14
Chrome Cache Entry: 236	Unicode text, UTF-8 text, with very long lines (12279), with no line terminators	463BD919EA09394D4C874F252AB1FA76	30F0919C55EC15D901D01A834EC317D68EF4067C	304BB178716A5FB955D240295EB0B15A07076ECCD91E33DAD17F50B663E418A0
Chrome Cache Entry: 237	ASCII text, with very long lines (65536), with no line terminators	94907139EFE6DDE4F2639466021636B9	C3F8AF7B780FC81F6B61FB61F2FDBD2CE1A07D1D	F38F3F1166CCFCB610F09D29BE836B44531B19AC356A69B9F0913A22E8F1816D
Chrome Cache Entry: 238	ASCII text, with very long lines (10019)	4601BA55044413706C2022CB6C1C3D05	5103EC2FBB389568EBF5CFE4FD721F3DF2FF7AEC	FE513EF974B767510D0A2B9F1B4D3AFA53185B89AB617C869E5E3D6DB960192C
Chrome Cache Entry: 239	ASCII text, with very long lines (3720)	3E31A0DDB1F910FC672D22E6435B95ED	F478FD262840BFB394DA94A2F5DD95EED4991194	34BBD1C367FFC7D80FCFF86C7E5F8777E70F4911BB324E8ECFC7DD3604A96E68
Chrome Cache Entry: 240	ASCII text, with very long lines (482)	1795F0284AA5741A3E115DB8F9791092	128AC981EB9556C0D683D8D5C325E061607BDB68	4D8235578135B33D1EA97C9F7870DBABE89697B7A1CDA00763FF131E22075BDF
Chrome Cache Entry: 241	ASCII text	42A6B2B9A7942E134CAC80759C1B0B09	7C0E1073F50C72F2E3ACF926CD4AE93F5CEFFFA8	E605DC38BEA0089B9A60F9B4F95E5AE69CA6ECE16589980D0DD1D5BDD640F6AC
Chrome Cache Entry: 242	GIF image data, version 89a, 1 x 1	30FF837320ECCA46B0E915ED4B5B71DA	54541243DCD4F29CF859DAA0CE5EDF6495771660	2F8847DDDD520CAB371DD2E596EA27F647FBF18DCDA0DADC2E7A8EC6AF7614AB
Chrome Cache Entry: 243	ASCII text, with very long lines (8045)	3542CDE509857DABD2B8546E307DBD06	C4BE0CB97C7631E4ED68F71403FFD74870472188	2BEA9CDA99F24F9475212F0C5656F90E9DECECB8AAB67A17E3A66B6944FE2167
Chrome Cache Entry: 244	ASCII text	16623E9F7CD802CF093C325C511A739C	B364DBD40E67076A03E9D7B061C9B2624D081E31	1E7F83052E1E3442C4397CED9555033CD1D3F08444D85960683BCF91C8433CDB
Chrome Cache Entry: 245	ASCII text, with very long lines (681), with no line terminators	F5945DB2F3337FD9F1CBEF5B07B2A493	8A11439D56AF9FB27836BB5F2A30AEB35B93BB5A	A8642BCD147BA3528345F5BD17F788CD524931E093255B2C1C8344677A1AB505
Chrome Cache Entry: 246	ASCII text, with very long lines (2761), with no line terminators	2CD14FFD479335D1C1A6F2A19E0C6DF3	327D8247DAA3773AF02878932CDB514222C3731F	DB05C6C94D31E14EC514B53D029491623D6E7568267FF1C94A868B93FC2E86D7
Chrome Cache Entry: 247	ASCII text, with very long lines (5745), with no line terminators	F36AA4EDD9D240C790817A3E9CDE8B6E	88471F0611C88DF67A427C5280E52373E3574CC2	1D09F28A1B8FE73D31FDFA9F4855913C7F877BF51E74648887FD67AB156583A1
Chrome Cache Entry: 248	Unicode text, UTF-8 text, with very long lines (8189)	C4E68A0F3463C0BD3C39EAB38815E881	0CE58644E9F3C5063A11453FF287C5EC096465A7	CA7DCE2391845E8AEC7DA135F33FABD10F74EED28A532AC66FD01F761FCFB42F
Chrome Cache Entry: 249	HTML document, Unicode text, UTF-8 text, with very long lines (2070)	80D24417184A538C3A1E0E82F284AA90	141A68DB88398DAEDF931D8D951905CBE217AFBC	FE24FE55CEC32F2116B1C1228B8D2A9839E9112ED5A6C3803AB1308424E084BF
Chrome Cache Entry: 250	ASCII text, with very long lines (58274), with no line terminators	6922E2FF3E8E46C7BFB51DC30455AC3D	1ED619F36D219AFB529B82D3F93E573D92A98FFC	99C21D0245FF09BE92C0CA4C39ED1927EFC3931EE22341C10B748529B90ED323
Chrome Cache Entry: 251	ASCII text, with no line terminators	F3B629B5644761EBB0CA2F29BDDF9C4B	57A903CA5AB5A3EAF0318EF7377CB9D31EE57623	6DEB40105B0DF0E85EB6E10D6C27973E3C77968F515240F26784856E1E2C1A66
Chrome Cache Entry: 252	ASCII text, with very long lines (16214)	A2431BC290CF34E330E11EC4CFCE1247	32A53342901FEF5F4F4DBB26A555E730F84437A4	C57E64FCB72BDDAFA9C38DE574441C3E69AC6C961DF96B0CAD34DA83658BD196
Chrome Cache Entry: 253	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	969F23DE148B14FDEFDF3548D63DD990	0AB169CA1DF5A5262B8BC897C60F52103C33C5EF	EA65DF48F2E409F00DCBB8EA3355AC3E16659165309F7AA4E807AF89DD2EA0BE
Chrome Cache Entry: 254	ASCII text, with very long lines (790)	FCB6ED974F036F68A198BA618B0BC91A	49C68D4D6D6FA96515E72DB2073CBE8A25FC701B	6F74CD5AFBFE6FAB11489DFCC70FB996CCD7B3DC935927D7402AA285D9692207
Chrome Cache Entry: 255	JSON data	9174064947D0C622D589FD44A3B4ED27	014F73D382114F43E4140E64DB48C59DC2D22A1F	F6B7CE9C0AB4157E86D319A392B9D3BE7FFD6F88C6C997114C285BB541F893F4
Chrome Cache Entry: 256	SVG Scalable Vector Graphics image	F9E6D4D201259762065789A693CFA315	778513272AEC767B52EEE216703243AB4EE1EEFC	BE41640F6CDB70787068A4B38E6563007F379D5982C44A946730711A39FDD812
Chrome Cache Entry: 257	ASCII text, with very long lines (4272)	072D3F6E5C446F57D5C544F9931860E2	EE6AA3D65B474309376468B24BB6F829A4514809	2CB546FBDDA7995D374FFFA4B2F6530BBCF57D014639DDF76DE45DF43D593045
Chrome Cache Entry: 258	ASCII text	17E5445570C60B3DC2F1DC3369E392A1	9813014F479E91EF9AA89140DBA3CF4FE1D847B6	ABAC84B1A096B61CC908C2951434231FC508212EDC9CB71F2B75965DBADBC821
Chrome Cache Entry: 259	ASCII text, with very long lines (57884)	F4AF7E5EC05EBB0F08D43E2384266ABC	A1869E155E92FA178B9C3AE6DFF787DF57F195C6	FAFC4160788BECA657EC3E3041976281FB6D54A0E82BB4D22A433F7C6BB8B1D6
Chrome Cache Entry: 260	ASCII text, with very long lines (559)	B14CCE9AE2CFDC08978B56418D86FA0C	42C7CC3DECEC62ABFACA49643C71BD48709961FE	51E3FB7CF77A4A6BC61DD566D9D6DF2E4976345DBB35BB5AD8D68EAAB5B978C5
Chrome Cache Entry: 261	ASCII text, with no line terminators	94D041D462DB321CDB888066586F2068	717D2F9DA7FB9F9E2BF2058A8177A0344F8A8647	B8166C5475DF6A64AB2456E95F64564164ED697D258E8BFED8CEBCA40EFD6FA5
Chrome Cache Entry: 262	ASCII text, with very long lines (58274), with no line terminators	6922E2FF3E8E46C7BFB51DC30455AC3D	1ED619F36D219AFB529B82D3F93E573D92A98FFC	99C21D0245FF09BE92C0CA4C39ED1927EFC3931EE22341C10B748529B90ED323
Chrome Cache Entry: 263	ASCII text, with very long lines (18774), with no line terminators	DD731FAEA661293A7146ED72A5FD6F79	2E57A8B7A2D5106EFF4F54C050359BF9C6FAB22E	3C4CF7B34847C301C6BEC870D6011AA787FEF7595EE747E36FA1E9D17678E422
Chrome Cache Entry: 264	Unicode text, UTF-8 text, with very long lines (49273)	FB2E085CDC32D0BC97C24A8A82C12946	194A95809592E6984151A465946EF7EDB7A47959	6CC4C722A50B4152194B13E7E3C8A1A5A5F23B17988F8FA85404394EFC5C0984
Chrome Cache Entry: 265	SVG Scalable Vector Graphics image	2277DC0140F06A9A09FE2ECA0576F84F	57026C6137539FA2C23CF9CF0346DE8DB6E9F1C7	1CB22490749704CA93C8719F5FA3C3C7F56316C14F6118D4D7680848D9F39692
Chrome Cache Entry: 266	ASCII text, with very long lines (15977), with no line terminators	EE858E15DB40066634AE2D7C3959FBF0	82D919C1C636BBAD55AE555CE661F9C34A3A7CFC	DC869996CBC8F47CAB9AEB9523F81A7F420207A2601CCE9BA45E9B7E0E261452
Chrome Cache Entry: 267	ASCII text, with very long lines (59701)	51A8390B47AA0582CF2D9C96C5ADDEE2	B16A640874025D085C38119A1A02A3460F83F2DE	98CECF88A23542FA047CE46EEDB650B5C5128761ED4386C0977B847094DDFA20
Chrome Cache Entry: 268	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 1920x1280, components 3	D0A9A3A290BB5A818D991E0319CE959D	CD865A1ACA35B8467894DA861489F0170E391946	17C7C5B5D66D237455CD3AE0346E5B9B81CE09DC35CED5D25719044714CC007F
Chrome Cache Entry: 269	PNG image data, 534 x 150, 8-bit/color RGBA, non-interlaced	BE6328DF5C89C4E2B10DFDDFE21DDC5A	E82504790B161584C1375ACB2A047C86F8EE35C5	5A69C8C376A8E35B77544A1FD9F362D4CB13A26960642D4E5806FD1B92C30EBC
Chrome Cache Entry: 270	ASCII text	8FC639CDD841EC2987A79E75248BE87E	9C836CAAE98DFA4617023BE88AA655989CDD1600	E6C8FF5E4C1EC048AC11B192935874F330120DC5A39C668E3A46259C4AF12B64
Chrome Cache Entry: 271	ASCII text, with very long lines (4957)	3E18D1D442871C5794516B73DDEEC92E	8A91711433D6A8B3A88142B57A67A76C98163505	54332F1E6CF0AA349C504422F066EA1C1EE5D3152EBC96944CDAFE72961DCD0D
Chrome Cache Entry: 272	RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1280, Suserng: [none]x[none], YUV color, decoders should clamp	2FE9D0C8A1524352217764898693EE60	6A33811F487374832CDA3CF8E3B27B542A1DCC21	82265F5E63D336AD33B8E3BB1EDE1466EE3F58E9139C3511A3B4177D7C9CA9AB
Chrome Cache Entry: 273	ASCII text, with very long lines (38203)	D3FF60FBE508762BF74199399E020BC1	271B8BDF7D24D9D1308047A955B803CEDC117BDA	66C5073BB5B13EC03106E31457B230EEF5FC1698D24536A61FF5A5F4313269DE
Chrome Cache Entry: 274	RIFF (little-endian) data, Web/P image	3962F160A774E20C986E6EB2C1C6FED3	F73856E9CE26019B4EC51BBFCD7902AF41B8B7AE	5F2713981FC481BFF78722791074A8039540F5B7B798C4AB12ACAA8B0FE9E001
Chrome Cache Entry: 275	ASCII text, with very long lines (40266)	7ED27D9A197CBD089D57C5434B5FEE28	7EEE970A3D486F1BF8B0B566F5EEC765F53D3F34	28ABAB0E81DCEEBAB466C855E82B8CFC06F9E138FF78FB45AE102A6A36BE0E5D
Chrome Cache Entry: 276	ASCII text	A5BF64D5859EE94A3E8E93D592D6D2A0	049EB63B42DBB820B06870A430F523BF06880721	25825611ADE7CEAED7DF3862EC56DC91AD1D2BE539966EF7BBE84306E51CFB08
Chrome Cache Entry: 277	Unicode text, UTF-8 text, with very long lines (38582), with no line terminators	92F8C01350C630F414F5D0B015AD6864	EAB40AB4E77F92F2FB17684AAF44B579A51B8034	17B79ECE7EF9D1454A90156690D33D64387B67A7A7548FC826012512E287A937
Chrome Cache Entry: 278	ASCII text, with very long lines (15598), with no line terminators	3A867C1EA947834B92530F9D57FA799A	D2705C0D01DFB0C20F2A53F306101A5FFA5E6CE0	EE03159A1EE2D979A8F7D9AFBDF9D29FD7597EE9D38A2EE3E323DD99300C511D
Chrome Cache Entry: 279	ASCII text, with very long lines (12347), with no line terminators	AFFBCF7277C78E6AE8AFCE266C235F8E	F6657932C4BF7A5F23244B141D4A1A3621951C71	B57E78FD7FFF69F7C2A1B48402C3A4313E87459526183230BFA5925B577A8819
Chrome Cache Entry: 280	ASCII text, with very long lines (65536), with no line terminators	B875E19AE672BBB0196CEC751ACCE60F	299E5E8A10613E22063186029D9F9D5811AD196D	406D11B3561BEC7919C64CD6B6BCD412F452080FBD9202A8C92CAEF022D21D05
Chrome Cache Entry: 281	ASCII text, with very long lines (4122)	A9DE403E4934F3A71D4D078B4E9F69AF	9D7A4EAD9E09EECAA72F391BDE295B076B629115	A8EF29A021E6B4CB0F0C8A554E48BE3A73E330B0451253055AA998EADCF73F91
Chrome Cache Entry: 282	ASCII text, with very long lines (10792)	CA65972650F93F5AA4203C41C6BD4F93	D2DBE866238EA58A35B5816526368E039364A5BA	ABE1C841EE9E4143A0B1B8A971E56CB029C3ABC4E5CF406CFAC1D68F4279A4FD
Chrome Cache Entry: 283	GIF image data, version 89a, 1 x 1	B4491705564909DA7F9EAF749DBBFBB1	279315D507855C6A4351E1E2C2F39DD9CD2FCCD8	4E0705327480AD2323CB03D9C450FFCAE4A98BF3A5382FA0C7882145ED620E49
Chrome Cache Entry: 284	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	969F23DE148B14FDEFDF3548D63DD990	0AB169CA1DF5A5262B8BC897C60F52103C33C5EF	EA65DF48F2E409F00DCBB8EA3355AC3E16659165309F7AA4E807AF89DD2EA0BE
Chrome Cache Entry: 285	ASCII text, with very long lines (5781)	138F6F001EEB4B815B272755270F6E8E	48DD48B7D384B6453CAD62C457D863E0848FE7F1	316A940E4C553C8E577E39B1407F182C4357FFD2302D417205830EB8771C1EA5
Chrome Cache Entry: 286	ASCII text	9ABEEE4EC31E36147F43FDB381C6FD4C	01CEF8EADCF8E0FA6BB0B78EF064794FB5DBFF15	E8CC80BE6C43744AD0FA84933313CC74406E594583A351ED53963E6DBC72FCF1
Chrome Cache Entry: 287	PNG image data, 534 x 150, 8-bit/color RGBA, non-interlaced	D56505CF6ADA2A5319E283C1034156E6	FFE69745594C25B780F9F7C59838FA049E112EDF	23136DC3A66336B11CC802AEC85F7F217C20A32C613EA962089349E40F344B28
Chrome Cache Entry: 288	ASCII text, with very long lines (65536), with no line terminators	6EBE41C763A5E85F95427CCFC8A5D6AF	93DFB2CBF2611A3B60F7DB6413C98B8857587B76	83929A28D24C5571F82C02BAA51EEBB64FC862719E370622EE03FB6311DEC34D
Chrome Cache Entry: 289	SVG Scalable Vector Graphics image	A5B173ACBF095AF45F7D80B93A7D671A	63E215FB7F3689E409C887E003DE843B0155394E	C91741F8E67DEE084F2704B80ED96793B9CE64A05347699B37A07AE80B9BF8A0
Chrome Cache Entry: 290	ASCII text, with very long lines (580)	BB442478A67A2DD793C6C5F38C805097	4B1838B154279FF33BA4BBDDE61B81E1066CC2A8	71769BB37C1AD9D179DD220A03AF0F7609476BAF28BB3EE2F9C4B5E434D94E58
Chrome Cache Entry: 291	ASCII text, with very long lines (682)	4AB7A5E22B8BD2E84353635965D92458	0F3B5BE0C00B027A783BD297341C036985514BEB	9528930DCE212BDCB97DAD8EB6C87603A33CB54315C0CBCEB37023D752DBAF9C
Chrome Cache Entry: 292	ASCII text, with very long lines (65536), with no line terminators	9323FD320E12C4D0D865A254138147D4	93218FBF674488BE2FECCEBF36055C6FC1D8A1EE	49EBAF0BFAD5AAF0C66DE0BB84A2C7D1E32F33ADD8D6CB75897AE56CB07BCDA9
Chrome Cache Entry: 293	ASCII text, with very long lines (65449)	6C81F02AD0BF8E12A66C18CAB188D029	ABD239F02966B2D324B0512C203BDBAF82A4ED7A	9E0156DD49C03744E79BBEA60EEBBBB94B5811C1B71B91F5FB38A8270DEDFBAF
Chrome Cache Entry: 294	SVG Scalable Vector Graphics image	A5B173ACBF095AF45F7D80B93A7D671A	63E215FB7F3689E409C887E003DE843B0155394E	C91741F8E67DEE084F2704B80ED96793B9CE64A05347699B37A07AE80B9BF8A0
Chrome Cache Entry: 295	RIFF (little-endian) data, Web/P image	5EE6DA6ECF98BABE2E758CD34A5B8578	9EF7E7F15DE175024ECD3198BD6FD7D28BAC343C	C281DB52E76F65927C55B1431EB01C9BF43B2326DD4CE2DE40EB49FF44DB39A9
Chrome Cache Entry: 296	ASCII text, with very long lines (2052)	1E1AB2E366E3F988DD88EEA3D1EF873D	405BC138D61A378B4A11ED2DE2F345E31BCE6438	7B60162C61975A0E69E84375F5252ACC1707F791A4CCFFF8CFF0ABD048D1B869
Chrome Cache Entry: 297	ASCII text, with very long lines (482)	1795F0284AA5741A3E115DB8F9791092	128AC981EB9556C0D683D8D5C325E061607BDB68	4D8235578135B33D1EA97C9F7870DBABE89697B7A1CDA00763FF131E22075BDF
Chrome Cache Entry: 298	ASCII text, with very long lines (65492)	B3E033421BB841CCE3D122FC6E00D0AE	D5CE5C0D82C06663AB5865C234B68AAAA4C2A3EB	8F3778819F0379FF33A687F9AE7DAB7CBDF28739873126BFB981D4D682A09A92
Chrome Cache Entry: 299	ASCII text, with no line terminators	D3516D7FB557E49A3EDB48AD27709699	D54A337E83B0FE3F6243B664A7BFE6E9E1168E20	C0EAB4096E914D4581D17C17744186A67508838CE993960931A976900C710155
Chrome Cache Entry: 300	ASCII text	F9D429183DA3884029CA2BDF7DAC6E59	7267A642D1E5B99E50049FDE5AE16A92197ADCE1	925F2FFB7B49A93B36740141DDFBD7487D8EF3DE84F2C9C8BE4CEC4E584B0C18
Chrome Cache Entry: 301	ASCII text, with very long lines (65297)	50703EBFC29F534AD6E432826F1C25E3	F19941F9FD95E8A9BDF9DB599BB3D8714D41465A	4D371899ABA195B1F0CBA3A70DE300FB5B327A322CFBE3A30D77AF8456D8494E
Chrome Cache Entry: 302	Unicode text, UTF-8 text, with very long lines (32022)	781069234E4B5E1E65EC52BE36A02D60	96CBCA5A48E9FD0F4EC2EA8EA407E3D5E750FE29	D9D7569F8A4AEB17823989198C5588085E6160879E909DE72024B37202AAB408
Chrome Cache Entry: 303	Unicode text, UTF-8 text, with very long lines (62300), with CRLF line terminators	B31E76D22DA4399DB4B8C8ECCD35DC2B	B36D4554849D3F05DF0363366BE9133D35EACA98	5BA7B351020430E304E1C38988858E13690202831484697551E56FED5826004E
Chrome Cache Entry: 304	ASCII text, with very long lines (5084), with no line terminators	3AE35D8607FF85B5BF021F42F1D6C85E	BB9EBBA3DAB7B3F3F8E424B41A6247AC6AD697F0	CA4F41299BB14B1AA37AC0274D37E45B227EBF7B94A1FE3C6B3788D192160DF7
Chrome Cache Entry: 305	JSON data	99914B932BD37A50B983C5E7C90AE93B	BF21A9E8FBC5A3846FB05B4FA0859E0917B2202F	44136FA355B3678A1146AD16F7E8649E94FB4FC21FE77E8310C060F61CAAFF8A
Chrome Cache Entry: 306	ASCII text, with very long lines (1320)	4A35EACE68F0BB872BFC9EF24B0ABEC9	ACE30D4F21965064B3EF57E6B0311803339D77CF	00952715C953D7E8A330645295C52002B898C5D06C8F75E389C611F9B5D7968D
Chrome Cache Entry: 307	ASCII text, with CRLF, LF line terminators	A34947B19B0696B2994C569EA3453A8C	C3A46788C499BFE9BD43B5A046FA9CEAAE55944E	36E3550E63567F7FEEF3CC48A8550FC6DAAC77A502D29E70209625579F8D3DCF
Chrome Cache Entry: 308	PNG image data, 534 x 150, 8-bit/color RGBA, non-interlaced	72A07CF32F5602ABA723A3E839CBAF01	41D1410D7539DEED4A2355B61315CC8F3A620FD5	657A80288172D9133E8E38AE474EED5E5CFB4AD034C4D145369C9055E9D1277F
Chrome Cache Entry: 309	data	A8127C1A87BB4F99EDBEEC7C37311DCD	9997A1745F48BDD233DBE9BD8164DAA53EBA105B	F313D12EA6124BD28FC4A6B7163D253BB83D5AEAB5EDCE594880C5C3DF475CBC
Chrome Cache Entry: 310	ASCII text, with very long lines (4179)	7C5E74582FA1E310C065A9F5295A9D39	9E2B82B79E350B1C672F8FF3A06EEB384DA79827	A093FF779E6DEB8244FF11629DFF013570CCFF4D4A0660ECE91BC7DB7B80663E
Chrome Cache Entry: 311	ASCII text, with very long lines (25905), with no line terminators	2CA6F6F4AA2B924D55AE7B500F98651B	9D110BE35F2946DBAAEC472E2310A630E542D30B	751C3152934BF2DF8EC036AD72CD8100C1B5260B539070D0F0A1F6BE91AFF5D9
Chrome Cache Entry: 312	Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261	E8A427E15CC502BEF99CFD722B37EA98	A9922842A120A7F1EACED667480C5E185A106D69	D0B4256ABED72481585662971262EABEE345C19F837AF00D7CE24239D3B40EEF
Chrome Cache Entry: 313	SVG Scalable Vector Graphics image	2277DC0140F06A9A09FE2ECA0576F84F	57026C6137539FA2C23CF9CF0346DE8DB6E9F1C7	1CB22490749704CA93C8719F5FA3C3C7F56316C14F6118D4D7680848D9F39692
Chrome Cache Entry: 314	ASCII text, with very long lines (65502)	0CE18F9CA64E6FDCAC07EC7E97DAC4C7	603AF3E02F381A658F135EB80F4EEF78CC7E750D	D1A7F655B0B8BE63EC6BC38B04028198BA32B8AAB86C194A2B628E80C59ACA2A
Chrome Cache Entry: 315	ASCII text, with very long lines (45047)	6C087AABA5BCB76BC96366600B854E20	6DE8049F8F4E6C83300BE31FFA9E54D652F10F1A	03CA8C38633872B885F1E54E729C4597DA2F1C52D06F9A5289DDDA7CA3A9930C
Chrome Cache Entry: 316	ASCII text, with very long lines (65536), with no line terminators	CD67903EBD52E129241C908BCAA3FB73	2D9AE0E892E6875DFC7E7C540B8BB234D182BF0B	51DEDDCE2061E92E3F5354E9A1CFB6C44A34779EA37509E7FCD222A9AF116CE2
Chrome Cache Entry: 317	Unicode text, UTF-8 text, with very long lines (65392), with no line terminators	020909A609CF986B4A8A88CFB577A8DB	B433B99760F44C8A494A5C13A07AA1A9933D0179	5C76DD89A767AFD512CE6C6370424F39A632EBB736C16AC37952FBFD97575448
Chrome Cache Entry: 318	ASCII text, with very long lines (64782)	A0556A689E9EB9EF82F93BCB9F4F0126	F797CED27DA50A8AA4C56668CE48406C18DFAAD0	5E70BE24989D37C652B1EC8E348B748C2B8DC4D955B1C5E335D1BD889F048C3D
Chrome Cache Entry: 319	ASCII text, with very long lines (56994)	500D1A92F875B1D96D37A3A3F8F0438C	703603273F5D5D52EB456D6385E1A68294FBD568	C9B46437D7418E1712DAAAD6D73FA17C2C6AFB5681770C90339C25428415B7FD
Chrome Cache Entry: 320	RIFF (little-endian) data, Web/P image	5EE6DA6ECF98BABE2E758CD34A5B8578	9EF7E7F15DE175024ECD3198BD6FD7D28BAC343C	C281DB52E76F65927C55B1431EB01C9BF43B2326DD4CE2DE40EB49FF44DB39A9
Chrome Cache Entry: 321	ASCII text, with very long lines (4874), with no line terminators	7919CA8229EBE371C45D0645B29F3B61	82A135658D97162988F7A11B744D4361361DB156	888CD7F695AB5698D4D3AB51322FB5F332D2FE94C20C2DADC499C6256253CF52
Chrome Cache Entry: 322	ASCII text	8E57921336BB5F390CB9B4DB4A33E41F	AD2372A142B39C8B32160E9FB9838EF6EA48EBE3	2E16D3482C9AF8083F75E27705CAB999E0E99A26C97C023687CF77BBA37F3131
Chrome Cache Entry: 323	ASCII text, with very long lines (4115)	5DAB0384C20E1CAF6B84A07559885750	EFF4D8207AE515E4678B08382A02ECD18A61B780	B5C160364B9BEB29FD2DF05EB864A5E5C4AE20C5DFAD6D5318CF786EF41AF9A1
Chrome Cache Entry: 324	Unicode text, UTF-8 text, with very long lines (34438), with no line terminators	20B3B806E556954DBACAF87D635D399D	B8CA733F807CDCBA0C6E6F84705273560DDE055E	6DCEECF8EAA03968E40B767206BE8A36A13D7444557FCED227454AE4F100E5C9
Chrome Cache Entry: 325	ASCII text, with very long lines (19732)	45F978120A537B249DFAC36306ED5471	9EEBC1E6FE55D9737D0E91BDFA3976B344EA2A09	67AC597BED179B5842D996FAD80472C6B9514EDDE408ADE8B892161BCF9E9C88
Chrome Cache Entry: 326	ASCII text, with very long lines (25022)	34B5FAE9DB5182404C995687D1D6E8EB	FE8738807466AF35FF711F253CD8883FF1B89331	E0127EBE9681CE89B2CE6DE5293E1F064C0E6447B803A1CFF70E3D447242E68B
Chrome Cache Entry: 327	ASCII text, with very long lines (7642), with no line terminators	7B3962774FE8614AFD5672BC55AA6548	655F87D96BFA760845A84121E4663F70F4BF047D	062E068FAFFAF5C6ED7C923C5F0156948BC1FC5D618A412A9EB2C4EC97EA6A6B
Chrome Cache Entry: 328	ASCII text, with very long lines (534)	A79A0624531051961187A2E21C395D8D	46F15669A49B870282C90EE91027C9962A487D29	58F1402F55F106C9481D4B033143573155CB27E6729A47B76A5EBE67CAD3841B
Chrome Cache Entry: 329	ASCII text, with very long lines (64993)	DB13CC1307DF539832D1A2BBEB7DFBA3	6B44954B27B3BB9A7D830725E9633CF439680F97	5703E6B59758BB4FAB3CF1D851D96F3412C38BF47E397B6A15DF6C517D2F2726
Chrome Cache Entry: 330	ASCII text, with very long lines (1558), with no line terminators	C79764E6BD4BA420F16A5EF92BEAE7D0	9C5EDE0C9ACB2FB5416B47565EC034401ACC83A2	DAC141C64894144FC9A5157AA822127CCC8504CBFD962190729A01855C96E58D
Chrome Cache Entry: 331	ASCII text, with very long lines (65536), with no line terminators	B679F61ACB2FBFB5A533A78B36E04AC9	240AC04F8E81F0B2755F61D13114F95659A6E990	5901A99695083ACBDA14F9E4341AAAB50795DA1271CC081F331E219D7E84AF64
Chrome Cache Entry: 332	GIF image data, version 89a, 1 x 1	B4491705564909DA7F9EAF749DBBFBB1	279315D507855C6A4351E1E2C2F39DD9CD2FCCD8	4E0705327480AD2323CB03D9C450FFCAE4A98BF3A5382FA0C7882145ED620E49
Chrome Cache Entry: 333	ASCII text, with very long lines (3757)	328EBFD01781DE6FE0F18F59CA04861C	334FEA12D6D0D4DE5F19F0F1DB467B444B0D67C3	0BC32C16A963F587D3D0D69DA37F1DDF1269221FC7DF0907F420624614AB2963
Chrome Cache Entry: 334	Web Open Font Format (Version 2), TrueType, length 18856, version 1.0	9B52BD7BB49D1D47F2B0401B0CB4AF35	65BC8C65415DC29F93986ED868B2C111DC5D5F82	C87FCAC153783EA615F856AD1C0E12791952C39B8DDDE7F11FA3D47C0A3B3998
Chrome Cache Entry: 335	RIFF (little-endian) data, Web/P image	B83C603CC0BE95A6620189DF28C50506	2357205754206C1B7AFDCC6B18C32321063D8933	9FC4F8346CF7E798340B6C681F1D43E9AF3D45C9713B89A340357E4488C83953
Chrome Cache Entry: 336	PNG image data, 534 x 150, 8-bit/color RGBA, non-interlaced	13F93A5AD7CD395D18D3161164F4EE42	53E4D036A9BAD64AD858BE6630EC6614310FEAD6	CB92DB2162C965CF35A0A9DE836007AB5614FA5C6AAB120CEAA620576D9481D0
Chrome Cache Entry: 337	ASCII text, with very long lines (65496)	42BBF67213EC1E2A75D1BD5DEFDA28C7	25F80D81EE4C8B15227F2A4AE9BC5FC41F29F132	5C7A9C0438BA5908E5C3186077746F896F7A8C294D2DBEE9BF8F3273C6073289
Chrome Cache Entry: 338	ASCII text, with very long lines (65317)	6CB5A85B30082E3D59D7E371E002CE8D	0C639634F474B4601A7937F440096185F3A9D8D3	01B035EFB5DFA529C512F82962ED633328222DA6F33C224244806D4798C67349
Chrome Cache Entry: 339	GIF image data, version 89a, 1 x 1	2A3B7D8FC1252DB803D74A95F1E43AED	73C0B78BEE118A8598B8F1D5076FB955CB20669E	43AFA76E16F4C2FC1689B892593F4920BDBEDB89BE6B0677E4EE906FA82D639E
Chrome Cache Entry: 340	ASCII text, with very long lines (6597), with no line terminators	79AC386449F32D4BBF042BD5C212C16F	6E760AEC868433DC0BE89A1978CDFCECA457FB55	26C42DF287813790DF345A644F60E78FE3E84D5AA39AE35333EEDC6DBAEA90AA
Chrome Cache Entry: 341	ASCII text, with very long lines (26516)	55AB7F65F6025CF7F088DD2E5897BB29	66B2C37C3F7BE5F83F33AB07087645168FC1851F	4B8B06E8EDFAB1DD4475C13EE021E4F582B075677A9018E2F0BA56CC3FC2F0B6
Chrome Cache Entry: 342	JSON data	D1724D9EEBF0799B85E4BB9F8E5C0B39	8E6534B28DF9C254C649F36F24ADECD99374790C	32B523DAEB39F68AD4CC934ED3BBAE20D1005071B095C750952D147BFA9CA1E1
Chrome Cache Entry: 343	ASCII text, with very long lines (65317)	6CB5A85B30082E3D59D7E371E002CE8D	0C639634F474B4601A7937F440096185F3A9D8D3	01B035EFB5DFA529C512F82962ED633328222DA6F33C224244806D4798C67349
Chrome Cache Entry: 344	ASCII text, with very long lines (8171), with no line terminators	DDA652DB133FDDB9B80A05C6D1B5C540	60C8514C57A5DB2980C4B046B0DD479BD427357B	C1A9A3E223BAD631DFF12D33B5499EB145CB08D8621C20D9D73870E78D97AFE4
Chrome Cache Entry: 345	GIF image data, version 89a, 1 x 1	2A3B7D8FC1252DB803D74A95F1E43AED	73C0B78BEE118A8598B8F1D5076FB955CB20669E	43AFA76E16F4C2FC1689B892593F4920BDBEDB89BE6B0677E4EE906FA82D639E
Chrome Cache Entry: 346	ASCII text, with very long lines (542)	1117946F029EE377FA6462B378B1637B	8F61DB492D9424E10655D1621ACEE8C1C6CD7B01	89CA677F8AEE43FDF50871BBEB96956B41218ACA74EF457DC556CFB35C529066
Chrome Cache Entry: 347	SVG Scalable Vector Graphics image	F9E6D4D201259762065789A693CFA315	778513272AEC767B52EEE216703243AB4EE1EEFC	BE41640F6CDB70787068A4B38E6563007F379D5982C44A946730711A39FDD812
Chrome Cache Entry: 348	ASCII text, with very long lines (535)	334FD15FA7759A1829292798961A26C1	07ED1977890E28DBA9C11C834136C28BA6B4A959	41FCA71A0A6CC238B8F63AD0DBF60D0AF90CD752168236887D6558BF68A449BE
Chrome Cache Entry: 349	ASCII text, with very long lines (65502)	0CE18F9CA64E6FDCAC07EC7E97DAC4C7	603AF3E02F381A658F135EB80F4EEF78CC7E750D	D1A7F655B0B8BE63EC6BC38B04028198BA32B8AAB86C194A2B628E80C59ACA2A
Chrome Cache Entry: 350	Unicode text, UTF-8 text, with very long lines (60127)	25031E6856D324A6F928920B809BB784	8FD80D939C38AC6564167E3F922A385421200F98	A87FCABEE27652552D5EB2FC3CB61D2FA44408EA6AD7033598775F591236C290
Chrome Cache Entry: 351	ASCII text, with very long lines (65536), with no line terminators	C2B7C918E866C23B79B255542318F5F5	BAE5F2F59C68A28EF330DAED48680B10C60825F2	5AC83E3B8386638A7638CE4ECFA007FC552039C6610A73C245924AEB061F33C7
Chrome Cache Entry: 352	ASCII text, with very long lines (2070)	79D6C2E13327F687F54C722C6976793A	D6698DC5ACFB59F562D6E30704F7DFE816809D9C	53226852204291B4F0384F90089B0243950AA1DEA9325B501510DE22EE17EC5C
Chrome Cache Entry: 353	ASCII text, with very long lines (6625), with no line terminators	FD7EF2E4737ACD74FD0DCDC3B515E304	0D792B33F12A48EE8AAAF2560A63A5682470645B	1D52E1AC7D3BC25A8B0FFC257153F9DD50249F96FE9A4DF5E0D771241A69062C
Chrome Cache Entry: 354	PNG image data, 250 x 100, 8-bit colormap, non-interlaced	7FD6817BC39E67A9D11F3A499A38C9BC	74FC6A512CE2A28249AEF63A48B1FD4085FC5AB9	11241CA2509BC46304AB0C14D570166BB1ED5787F54006E6D8FB38EC50373A3D
Chrome Cache Entry: 355	ASCII text, with very long lines (12198), with no line terminators	3819C3569DA71DAEC283A75483735F7E	ECD40A5CC6F0B76200C454CA880210DC301CFAB8	214674CC77ABA35AB3567B88E2739FD08E8E96C61D279559AD61874069683EA0
Chrome Cache Entry: 356	ASCII text, with very long lines (13479)	9FFEB32E2D9EFBF8F70CAABDED242267	3AD0C10E501AC2A9BFA18F9CD7E700219B378738	5274F11E6FB32AE0CF2DFB9F8043272865C397A7C4223B4CFA7D50EA52FBDE89
Chrome Cache Entry: 357	ASCII text, with very long lines (540)	34B8AB3DCA4437298A22D2D31400D328	1E50F6FB32323847A8C4695A5996440D61B12CBB	F639E13A115A2851C103A41A498A1C85F84B699D1FE15665A494CA61E44749E5
Chrome Cache Entry: 358	ASCII text, with very long lines (4122)	A9DE403E4934F3A71D4D078B4E9F69AF	9D7A4EAD9E09EECAA72F391BDE295B076B629115	A8EF29A021E6B4CB0F0C8A554E48BE3A73E330B0451253055AA998EADCF73F91
Chrome Cache Entry: 359	ASCII text, with very long lines (17779)	D14BFA1EB5039AA635F9A4467A4FC042	B82EEB957C8B9E844C1B742C66A71C1AEEABF4EE	9A327CFFB8B44972CEEE4F7EB456EC508CA5975C96889D091C4EF2A1CD395889
Chrome Cache Entry: 360	HTML document, ASCII text, with no line terminators	C83301425B2AD1D496473A5FF3D9ECCA	941EFB7368E46B27B937D34B07FC4D41DA01B002	B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
Chrome Cache Entry: 361	JSON data	99914B932BD37A50B983C5E7C90AE93B	BF21A9E8FBC5A3846FB05B4FA0859E0917B2202F	44136FA355B3678A1146AD16F7E8649E94FB4FC21FE77E8310C060F61CAAFF8A
Chrome Cache Entry: 362	GIF image data, version 89a, 1 x 1	30FF837320ECCA46B0E915ED4B5B71DA	54541243DCD4F29CF859DAA0CE5EDF6495771660	2F8847DDDD520CAB371DD2E596EA27F647FBF18DCDA0DADC2E7A8EC6AF7614AB

AV Detection

Antivirus detection for dropped file

Source: C:\Users\user\Downloads\Unconfirmed 761557.crdownload

Avira: detection malicious, Label: TR/Encoder.diukz

Multi AV Scanner detection for dropped file

Source: C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE (copy)	Virustotal: Detection: 14%	Perma Link
Source: C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE (copy)	ReversingLabs: Detection: 18%
Source: C:\Users\user\Downloads\Unconfirmed 761557.crdownload	ReversingLabs: Detection: 18%
Source: C:\Users\user\Downloads\Unconfirmed 761557.crdownload	Virustotal: Detection: 14%	Perma Link

Found iframes

Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-MVB48PL
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-MVB48PL
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/649810871?random=1714036509589&cv=11&fst=1714036509589&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v885466289za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fstarmicronics.com%2Fsupport%2Fdownload%2Fstarprnt-intelligence-software-setup-exe-file-v3-6-0a%2F&hn=www.googleadservices.com&frm=0&tiba=StarPRNT%20Intelligence%20Software%20Setup%20EXE%20File%20V3.6.0a%20-%20Global%20Support%20Center&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=35269872.1714036510&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: Iframe src: https://starmicronics.com/support/?__wpdmlo=2832&&REFERRER=https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-MVB48PL
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/649810871?random=1714036509589&cv=11&fst=1714036509589&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v885466289za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fstarmicronics.com%2Fsupport%2Fdownload%2Fstarprnt-intelligence-software-setup-exe-file-v3-6-0a%2F&hn=www.googleadservices.com&frm=0&tiba=StarPRNT%20Intelligence%20Software%20Setup%20EXE%20File%20V3.6.0a%20-%20Global%20Support%20Center&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=35269872.1714036510&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config

HTML body contains password input but no form action

Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML body with high number of embedded SVGs detected

Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock

HTTP Parser: Total embedded SVG size: 364194

HTML title does not match URL

Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock

HTTP Parser: Title: StarPRNT Intelligence Software Setup EXE File V3.6.0a - Global Support Center does not match URL

Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock

HTTP Parser: <input type="password" .../> found

Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No favicon
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No favicon
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No favicon
Source: https://starmicronics.com/support/?__wpdmlo=2832&&REFERRER=https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No favicon
Source: https://starmicronics.com/support/?__wpdmlo=2832&&REFERRER=https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No favicon

Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No <meta name="author".. found
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No <meta name="author".. found
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No <meta name="author".. found

Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No <meta name="copyright".. found
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No <meta name="copyright".. found
Source: https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock	HTTP Parser: No <meta name="copyright".. found

Source:

Source: chromecache_243.1.dr	String found in binary or memory: Math.round(p);v["gtm.videoCurrentTime"]=Math.round(q);v["gtm.videoElapsedTime"]=Math.round(f);v["gtm.videoPercent"]=r;v["gtm.videoVisible"]=t;return v},Qj:function(){e=zb()},sd:function(){d()}}};var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)
Source: chromecache_243.1.dr	String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var h=iA(a,c,e);M(121);if("https://www.facebook.com/tr/"===h["gtm.elementUrl"])return M(122),!0;if(d&&f){for(var m=Jb(b,g.length),n=0;n<g.length;++n)g[n](h,m);return m.done}for(var p=0;p<g.length;++p)g[p](h,function(){});return!0},lA=function(){var a=[],b=function(c){return pb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_243.1.dr	String found in binary or memory: e\|\|f\|\|g.length\|\|h.length))return;var n={Xg:d,Vg:e,Wg:f,Ih:g,Jh:h,ye:m,Ab:b},p=D.YT,q=function(){IC(n)};if(p)return p.ready&&p.ready(q),b;var r=D.onYouTubeIframeAPIReady;D.onYouTubeIframeAPIReady=function(){r&&r();q()};I(function(){for(var t=H.getElementsByTagName("script"),u=t.length,v=0;v<u;v++){var w=t[v].getAttribute("src");if(LC(w,"iframe_api")\|\|LC(w,"player_api"))return b}for(var x=H.getElementsByTagName("iframe"),y=x.length,A=0;A<y;A++)if(!CC&&JC(x[A],n.ye))return tc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_323.1.dr, chromecache_310.1.dr	String found in binary or memory: return b}yC.J="internal.enableAutoEventOnTimer";var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)
Source: chromecache_243.1.dr	String found in binary or memory: var NB=function(a,b,c,d,e){var f=Jz("fsl",c?"nv.mwt":"mwt",0),g;g=c?Jz("fsl","nv.ids",[]):Jz("fsl","ids",[]);if(!g.length)return!0;var h=Fz(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);M(121);if("https://www.facebook.com/tr/"===m)return M(122),!0;h["gtm.elementUrl"]=m;h["gtm.formCanceled"]=c;null!=a.getAttribute("name")&&(h["gtm.interactedFormName"]=a.getAttribute("name"));e&&(h["gtm.formSubmitElement"]=e,h["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!uy(h,vy(b, equals www.facebook.com (Facebook)

Source: chromecache_248.1.dr	String found in binary or memory: http://api.jqueryui.com/position/
Source: chromecache_315.1.dr	String found in binary or memory: http://hilios.github.io/jQuery.countdown/)
Source: chromecache_346.1.dr	String found in binary or memory: http://hubs.ly/H0702_H0
Source: chromecache_248.1.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_248.1.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_315.1.dr	String found in binary or memory: http://masonry.desandro.com
Source: chromecache_315.1.dr	String found in binary or memory: http://robert-fleischmann.de)
Source: chromecache_315.1.dr	String found in binary or memory: http://tutorialzine.com/2011/09/shuffle-letters-effect-jquery/
Source: chromecache_318.1.dr, chromecache_329.1.dr	String found in binary or memory: http://www.hubspot.com
Source: chromecache_243.1.dr, chromecache_310.1.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_243.1.dr, chromecache_310.1.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_244.1.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=378607
Source: chromecache_244.1.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=449857
Source: chromecache_244.1.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=470258
Source: chromecache_244.1.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=589347
Source: chromecache_244.1.dr	String found in binary or memory: https://bugs.jquery.com/ticket/13393
Source: chromecache_244.1.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=136851
Source: chromecache_244.1.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=137337
Source: chromecache_244.1.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: chromecache_244.1.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=687787
Source: chromecache_323.1.dr, chromecache_243.1.dr, chromecache_310.1.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_358.1.dr, chromecache_281.1.dr	String found in binary or memory: https://cdn1.iconfinder.com/data/icons/hawcons/32/698558-icon-47-note-important-512.png
Source: chromecache_234.1.dr	String found in binary or memory: https://clients1.google.com/complete/search
Source: chromecache_244.1.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: chromecache_244.1.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#common-serializing-idioms
Source: chromecache_244.1.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#resolved-values
Source: chromecache_244.1.dr	String found in binary or memory: https://drafts.csswg.org/selectors/#relational
Source: chromecache_338.1.dr, chromecache_229.1.dr, chromecache_341.1.dr, chromecache_319.1.dr, chromecache_259.1.dr, chromecache_343.1.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_338.1.dr, chromecache_229.1.dr, chromecache_341.1.dr, chromecache_319.1.dr, chromecache_259.1.dr, chromecache_343.1.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEz0dL_nz.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEz4dL_nz.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEz8dL_nz.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzMdL_nz.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzQdL_nz.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzwdL_nz.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc-CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc0CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc1CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc2CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc3CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc5CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc-CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc0CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc1CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc2CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc3CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc5CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc-CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc0CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc1CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc2CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc3CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc5CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic-CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic0CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic1CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic2CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic3CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic5CsTKlA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxEIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxFIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxGIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxHIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxLIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxMIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xEIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xFIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xGIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xHIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xLIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBxc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCBc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCRc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCxc4EsA.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufA5qW54A.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufB5qW54A.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2)
Source: chromecache_286.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufO5qW54A.woff2)
Source: chromecache_224.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFU0U1Z4Y.woff2)
Source: chromecache_224.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFUkU1Z4Y.woff2)
Source: chromecache_224.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2)
Source: chromecache_224.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFVUU1Z4Y.woff2)
Source: chromecache_224.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUU1Z4Y.woff2)
Source: chromecache_224.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWkU1Z4Y.woff2)
Source: chromecache_223.1.dr, chromecache_301.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_290.1.dr	String found in binary or memory: https://github.com/john-doherty/swiped-events
Source: chromecache_244.1.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/557)
Source: chromecache_244.1.dr	String found in binary or memory: https://github.com/jquery/sizzle/issues/157)
Source: chromecache_244.1.dr	String found in binary or memory: https://github.com/jquery/sizzle/issues/299)
Source: chromecache_244.1.dr	String found in binary or memory: https://github.com/jquery/sizzle/pull/225
Source: chromecache_244.1.dr	String found in binary or memory: https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
Source: chromecache_303.1.dr	String found in binary or memory: https://github.com/microsoft/clarity
Source: chromecache_302.1.dr	String found in binary or memory: https://github.com/selectize/selectize.js
Source: chromecache_223.1.dr, chromecache_301.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_223.1.dr, chromecache_301.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_244.1.dr	String found in binary or memory: https://github.com/whatwg/html/issues/2369
Source: chromecache_350.1.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_350.1.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.32.0/LICENSE
Source: chromecache_310.1.dr	String found in binary or memory: https://google.com
Source: chromecache_310.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_244.1.dr	String found in binary or memory: https://html.spec.whatwg.org/#nonce-attributes
Source: chromecache_244.1.dr	String found in binary or memory: https://html.spec.whatwg.org/#strip-and-collapse-whitespace
Source: chromecache_244.1.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#category-listed
Source: chromecache_244.1.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#concept-fe-disabled
Source: chromecache_244.1.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#concept-option-disabled
Source: chromecache_244.1.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/scripting.html#selector-disabled
Source: chromecache_244.1.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/scripting.html#selector-enabled
Source: chromecache_244.1.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/syntax.html#attributes-2
Source: chromecache_244.1.dr	String found in binary or memory: https://infra.spec.whatwg.org/#strip-and-collapse-ascii-whitespace
Source: chromecache_315.1.dr	String found in binary or memory: https://isotope.metafizzy.co
Source: chromecache_244.1.dr	String found in binary or memory: https://jquery.com/
Source: chromecache_244.1.dr	String found in binary or memory: https://jquery.org/license
Source: chromecache_318.1.dr	String found in binary or memory: https://js-na1.hs-scripts.com/22657350.js
Source: chromecache_346.1.dr	String found in binary or memory: https://js.hs-analytics.net/analytics/1714036500000/22657350.js
Source: chromecache_329.1.dr	String found in binary or memory: https://js.hs-banner.com/v2
Source: chromecache_346.1.dr	String found in binary or memory: https://js.hs-banner.com/v2/22657350/banner.js
Source: chromecache_346.1.dr	String found in binary or memory: https://js.hsadspixel.net/fb.js
Source: chromecache_346.1.dr	String found in binary or memory: https://js.hscollectedforms.net/collectedforms.js
Source: chromecache_346.1.dr	String found in binary or memory: https://js.usemessages.com/conversations-embed.js
Source: chromecache_296.1.dr	String found in binary or memory: https://jsfiddle.net/6spj1059/
Source: chromecache_244.1.dr	String found in binary or memory: https://jsperf.com/getall-vs-sizzle/2
Source: chromecache_260.1.dr	String found in binary or memory: https://knowledgebase.ajaxsearchpro.com/other/javascript-api
Source: chromecache_310.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_323.1.dr, chromecache_243.1.dr, chromecache_310.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_244.1.dr	String found in binary or memory: https://promisesaplus.com/#point-48
Source: chromecache_244.1.dr	String found in binary or memory: https://promisesaplus.com/#point-54
Source: chromecache_244.1.dr	String found in binary or memory: https://promisesaplus.com/#point-57
Source: chromecache_244.1.dr	String found in binary or memory: https://promisesaplus.com/#point-59
Source: chromecache_244.1.dr	String found in binary or memory: https://promisesaplus.com/#point-61
Source: chromecache_244.1.dr	String found in binary or memory: https://promisesaplus.com/#point-64
Source: chromecache_244.1.dr	String found in binary or memory: https://promisesaplus.com/#point-75
Source: chromecache_290.1.dr	String found in binary or memory: https://stackoverflow.com/questions/16348031/disable-scrolling-when-touch-moving-certain-element
Source: chromecache_243.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_243.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_252.1.dr	String found in binary or memory: https://swiperjs.com
Source: chromecache_323.1.dr, chromecache_243.1.dr, chromecache_310.1.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_310.1.dr	String found in binary or memory: https://www.google.com
Source: chromecache_246.1.dr	String found in binary or memory: https://www.google.com/pagead/1p-user-list/649810871/?random
Source: chromecache_310.1.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_323.1.dr, chromecache_243.1.dr, chromecache_310.1.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_243.1.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_243.1.dr	String found in binary or memory: https://www.youtube.com/iframe_api

PE file contains executable resources (Code or Archives)

Source: Unconfirmed 761557.crdownload.0.dr

PE file does not import any functions

Source: bc1c1098-2c1a-48d8-a5a8-03f400a2a42a.tmp.0.dr

Static PE information: No import functions for PE file found

PE file overlay found

Source: bc1c1098-2c1a-48d8-a5a8-03f400a2a42a.tmp.0.dr

Static PE information: Data appended to the last section found

Source: classification engine

Classification label: mal56.win@23/282@0/55

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: C:\Windows\System32\rundll32.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown

Process created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1956,i,18249929711046413500,14323128779850085663,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5580 --field-trial-handle=1956,i,18249929711046413500,14323128779850085663,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE "C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE "C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE"
Source: unknown	Process created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Source: unknown	Process created: C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE "C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE"
Source: unknown	Process created: C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE "C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE"
Source: unknown	Process created: C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE "C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1956,i,18249929711046413500,14323128779850085663,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5580 --field-trial-handle=1956,i,18249929711046413500,14323128779850085663,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source:

PE file contains an invalid checksum

Source: bc1c1098-2c1a-48d8-a5a8-03f400a2a42a.tmp.0.dr

Static PE information: real checksum: 0xb9dd996 should be: 0x77da

Drops PE files

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\Downloads\StarPRNT_PSA_3.6a_setup.EXE (copy)	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\Downloads\bc1c1098-2c1a-48d8-a5a8-03f400a2a42a.tmp	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\Downloads\Unconfirmed 761557.crdownload	Jump to dropped file

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Source: C:\Windows\System32\rundll32.exe

Process information set: NOOPENFILEERRORBOX

Jump to behavior

ID:	1431509
Product:	CloudBasic
Start time:	11:14:22
Start date:	25.04.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted URLs

Windows Analysis Report https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted URLs

Windows Analysis Report
https://starmicronics.com/support/download/starprnt-intelligence-software-setup-exe-file-v3-6-0a/#unlock