Play interactive tour

Edit tour

Analysis Report https://lb.artipbox.net/adServer/Service.svc/sync?uuids=UVJacWtMV1hpL0tnM0FDS2tjN2xTbnhqZEo1YWkzZDRvRjZ5YnJCZzFZbkp3NDRlU3Jhc3JZbTRxWGN5TXVNcyxRUlpxa0xXWGkvS2czQUNLa2M3bFNueGpkSjVhaTNkNG9GNnlickJnMVluSnc0NGVTcmFzclltNHFYY3lNdU1z&t=1606644641953

Overview

General Information

Sample URL:	https://lb.artipbox.net/adServer/Service.svc/sync?uuids=UVJacWtMV1hpL0tnM0FDS2tjN2xTbnhqZEo1YWkzZDRvRjZ5YnJCZzFZbkp3NDRlU3Jhc3JZbTRxWGN5TXVNcyxRUlpxa0xXWGkvS2czQUNLa2M3bFNueGpkSjVhaTNkNG9GNnlickJnMVluSnc0NGVTcmFzclltNHFYY3lNdU1z&t=1606644641953
Analysis ID:	324347
Most interesting Screenshot:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

No high impact signatures.

Classification

Startup

System is w10x64

chrome.exe (PID: 4792 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://lb.artipbox.net/adServer/Service.svc/sync?uuids=UVJacWtMV1hpL0tnM0FDS2tjN2xTbnhqZEo1YWkzZDRvRjZ5YnJCZzFZbkp3NDRlU3Jhc3JZbTRxWGN5TXVNcyxRUlpxa0xXWGkvS2czQUNLa2M3bFNueGpkSjVhaTNkNG9GNnlickJnMVluSnc0NGVTcmFzclltNHFYY3lNdU1z&t=1606644641953' MD5: C139654B5C1438A95B321BB01AD63EF6)

chrome.exe (PID: 2996 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1540,5898755889624346109,3772175596100600458,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1708 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)

cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknown

DNS traffic detected: queries for: lb.artipbox.net

Source: 78534e51-9ab1-4a08-8e2e-e3d7ddbf0fa0.tmp.1.dr, manifest.json0.0.dr	String found in binary or memory: https://accounts.google.com
Source: 78534e51-9ab1-4a08-8e2e-e3d7ddbf0fa0.tmp.1.dr, manifest.json0.0.dr	String found in binary or memory: https://apis.google.com
Source: 78534e51-9ab1-4a08-8e2e-e3d7ddbf0fa0.tmp.1.dr	String found in binary or memory: https://clients2.google.com
Source: manifest.json0.0.dr	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 78534e51-9ab1-4a08-8e2e-e3d7ddbf0fa0.tmp.1.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: manifest.json0.0.dr	String found in binary or memory: https://content.googleapis.com
Source: 78534e51-9ab1-4a08-8e2e-e3d7ddbf0fa0.tmp.1.dr, a6676356-829e-47a6-abfd-985f31e20c33.tmp.1.dr, 7633e7e8-f178-4d87-b79a-6500afed1d72.tmp.1.dr	String found in binary or memory: https://dns.google
Source: manifest.json0.0.dr	String found in binary or memory: https://feedback.googleusercontent.com
Source: 78534e51-9ab1-4a08-8e2e-e3d7ddbf0fa0.tmp.1.dr	String found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.dr	String found in binary or memory: https://fonts.googleapis.com;
Source: 78534e51-9ab1-4a08-8e2e-e3d7ddbf0fa0.tmp.1.dr	String found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.0.dr	String found in binary or memory: https://fonts.gstatic.com;
Source: manifest.json0.0.dr	String found in binary or memory: https://hangouts.google.com/
Source: History.0.dr	String found in binary or memory: https://lb.artipbox.net/adServer/Service.svc/sync?uuids=UVJacWtMV1hpL0tnM0FDS2tjN2xTbnhqZEo1YWkzZDRv
Source: 78534e51-9ab1-4a08-8e2e-e3d7ddbf0fa0.tmp.1.dr	String found in binary or memory: https://ogs.google.com
Source: manifest.json.0.dr	String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: 78534e51-9ab1-4a08-8e2e-e3d7ddbf0fa0.tmp.1.dr	String found in binary or memory: https://play.google.com
Source: manifest.json.0.dr	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: 78534e51-9ab1-4a08-8e2e-e3d7ddbf0fa0.tmp.1.dr	String found in binary or memory: https://ssl.gstatic.com
Source: messages.json41.0.dr	String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.dr	String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: 78534e51-9ab1-4a08-8e2e-e3d7ddbf0fa0.tmp.1.dr, manifest.json0.0.dr	String found in binary or memory: https://www.google.com
Source: manifest.json.0.dr	String found in binary or memory: https://www.google.com/
Source: manifest.json0.0.dr	String found in binary or memory: https://www.google.com;
Source: 78534e51-9ab1-4a08-8e2e-e3d7ddbf0fa0.tmp.1.dr	String found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: 78534e51-9ab1-4a08-8e2e-e3d7ddbf0fa0.tmp.1.dr	String found in binary or memory: https://www.gstatic.com
Source: manifest.json0.0.dr	String found in binary or memory: https://www.gstatic.com;

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714

Source: classification engine

Classification label: clean0.win@27/159@2/5

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-5FC3FA7F-12B8.pma

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\a882b7e5-502f-4c3d-991b-a32966285613.tmp

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://lb.artipbox.net/adServer/Service.svc/sync?uuids=UVJacWtMV1hpL0tnM0FDS2tjN2xTbnhqZEo1YWkzZDRvRjZ5YnJCZzFZbkp3NDRlU3Jhc3JZbTRxWGN5TXVNcyxRUlpxa0xXWGkvS2czQUNLa2M3bFNueGpkSjVhaTNkNG9GNnlickJnMVluSnc0NGVTcmFzclltNHFYY3lNdU1z&t=1606644641953'
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1540,5898755889624346109,3772175596100600458,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1708 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1540,5898755889624346109,3772175596100600458,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1708 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading3	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection1	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol1	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol2	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://lb.artipbox.net/adServer/Service.svc/sync?uuids=UVJacWtMV1hpL0tnM0FDS2tjN2xTbnhqZEo1YWkzZDRvRjZ5YnJCZzFZbkp3NDRlU3Jhc3JZbTRxWGN5TXVNcyxRUlpxa0xXWGkvS2czQUNLa2M3bFNueGpkSjVhaTNkNG9GNnlickJnMVluSnc0NGVTcmFzclltNHFYY3lNdU1z&t=1606644641953	0%	Avira URL Cloud	safe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

Source	Detection	Scanner	Label	Link
lb.artipbox.net	0%	Virustotal		Browse

URLs

Source	Detection	Scanner	Label
https://dns.google	0%	URL Reputation	safe
https://dns.google	0%	URL Reputation	safe
https://dns.google	0%	URL Reputation	safe
https://dns.google	0%	URL Reputation	safe
https://lb.artipbox.net/adServer/Service.svc/sync?uuids=UVJacWtMV1hpL0tnM0FDS2tjN2xTbnhqZEo1YWkzZDRv	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
uk-lb-ad-01-1088271668.eu-west-1.elb.amazonaws.com	34.240.67.55	true	false		high
googlehosted.l.googleusercontent.com	216.58.215.225	true	false		high
clients2.googleusercontent.com	unknown	unknown	false		high
lb.artipbox.net	unknown	unknown	false	0%, Virustotal, Browse	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://dns.google	78534e51-9ab1-4a08-8e2e-e3d7ddbf0fa0.tmp.1.dr, a6676356-829e-47a6-abfd-985f31e20c33.tmp.1.dr, 7633e7e8-f178-4d87-b79a-6500afed1d72.tmp.1.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://clients2.googleusercontent.com	78534e51-9ab1-4a08-8e2e-e3d7ddbf0fa0.tmp.1.dr	false		high
https://feedback.googleusercontent.com	manifest.json0.0.dr	false		high
https://lb.artipbox.net/adServer/Service.svc/sync?uuids=UVJacWtMV1hpL0tnM0FDS2tjN2xTbnhqZEo1YWkzZDRv	History.0.dr	false	Avira URL Cloud: safe	unknown

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
34.240.67.55	unknown	United States	16509	AMAZON-02US	false
216.58.215.225	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false

Private

IP
192.168.2.1
127.0.0.1

General Information

Joe Sandbox Version:	31.0.0 Red Diamond
Analysis ID:	324347
Start date:	29.11.2020
Start time:	11:45:21
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 2m 42s
Hypervisor based Inspection enabled:	false
Report type:	light
Cookbook file name:	browseurl.jbs
Sample URL:	https://lb.artipbox.net/adServer/Service.svc/sync?uuids=UVJacWtMV1hpL0tnM0FDS2tjN2xTbnhqZEo1YWkzZDRvRjZ5YnJCZzFZbkp3NDRlU3Jhc3JZbTRxWGN5TXVNcyxRUlpxa0xXWGkvS2czQUNLa2M3bFNueGpkSjVhaTNkNG9GNnlickJnMVluSnc0NGVTcmFzclltNHFYY3lNdU1z&t=1606644641953
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	11
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@27/159@2/5
Cookbook Comments:	Adjust boot time Enable AMSI
Warnings:	Show All Exclude process from analysis (whitelisted): backgroundTaskHost.exe, SgrmBroker.exe, svchost.exe TCP Packets have been reduced to 100 Created / dropped Files have been reduced to 100 Excluded IPs from analysis (whitelisted): 52.147.198.201, 104.42.151.234, 172.217.168.67, 172.217.168.78, 172.217.168.14, 172.217.168.45, 74.125.173.136, 173.194.151.123, 172.217.168.74, 216.58.215.234, 172.217.168.10, 172.217.168.42, 51.104.144.132, 104.79.90.110, 2.20.142.209, 2.20.142.210 Excluded domains from analysis (whitelisted): au.download.windowsupdate.com.edgesuite.net, arc.msn.com.nsatc.net, r3---sn-4g5ednsy.gvt1.com, clientservices.googleapis.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, arc.msn.com, clients2.google.com, redirector.gvt1.com, audownload.windowsupdate.nsatc.net, watson.telemetry.microsoft.com, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, fs.microsoft.com, accounts.google.com, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, a767.dscg3.akamai.net, www.googleapis.com, r3.sn-4g5ednsy.gvt1.com, r5---sn-4g5edn7y.gvt1.com, skypedataprdcoleus16.cloudapp.net, blobcollector.events.data.trafficmanager.net, clients.l.google.com, skypedataprdcolwus16.cloudapp.net, r5.sn-4g5edn7y.gvt1.com Report size getting too big, too many NtCreateFile calls found. Report size getting too big, too many NtOpenFile calls found. Report size getting too big, too many NtQueryVolumeInformationFile calls found. Report size getting too big, too many NtWriteVirtualMemory calls found.

Simulations

Behavior and APIs

No simulations

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	451603
Entropy (8bit):	5.009711072558331
Encrypted:	false
SSDEEP:	12288:ZHfRTyGZ6lup8Cfrvq4JBPKh+FBlESBw4p6:NfOCzvRKhGvwJ
MD5:	A78AD14E77147E7DE3647E61964C0335
SHA1:	CECC3DD41F4CEA0192B24300C71E1911BD4FCE45
SHA-256:	0D6803758FF8F87081FAFD62E90F0950DFB2DD7991E9607FE76A8F92D0E893FA
SHA-512:	DDE24D5AD50D68FC91E9E325D31E66EF8F624B6BB3A07D14FFED1104D3AB5F4EF1D7969A5CDE0DFBB19CB31C506F7DE97AF67C2F244F7E7E8E10648EA8321101
Malicious:	false
Reputation:	low
Preview:	BDic.... ....6...."..Z..4g....6.2...{/...3...5....AF 1363.AF nm.AF pt.AF n1.AF p.AF tc.AF SM.AF M.AF S.AF MS.AF MNR.AF GDS.AF MNT.AF MH.AF MR.AF SZMR.AF MJ.AF MT.AF MY.AF MRZ.AF MN.AF MG.AF RM.AF N.AF MV.AF XM.AF DSM.AF SD.AF G.AF R.AF MNX.AF MRS.AF MD.AF MNRB.AF B.AF ZSMR.AF PM.AF SMNGJ.AF SMN.AF ZMR.AF SMGB.AF MZR.AF GM.AF SMR.AF SMDG.AF RMZ.AF ZM.AF MDG.AF MDT.AF SMNXT.AF SDY.AF LSDG.AF LGDS.AF GLDS.AF UY.AF U.AF DSGNX.AF GNDSX.AF DSG.AF Y.AF GS.AF IEMS.AF YP.AF ZGDRS.AF XGNVDS.AF UT.AF GNDS.AF GVDS.AF MYPS.AF XGNDS.AF TPRY.AF MDSG.AF ZGSDR.AF DYSG.AF PMYTNS.AF AGDS.AF DRZGS.AF PY.AF GSPMDY.AF EGVDS.AF SL.AF GNXDS.AF DSBG.AF IM.AF I.AF MDGS.AF SMY.AF DSGN.AF DSLG.AF GMDS.AF MDSBG.AF SGD.AF IY.AF P.AF DSMG.AF BLZGDRS.AF TR.AF AGSD.AF ZGBDRSL.AF PTRY.AF ASDGV.AF ASM.AF ICANGSD.AF ICAM.AF IKY.AF AMS.AF PMYTRS.AF BZGVDRS.AF SDRBZG.AF GVMDS.AF PSM.AF DGLS.AF GNVXDS.AF AGDSL.AF DGS.AF XDSGNV.AF BZGDRS.AF AM.AF AS.AF A.AF LDSG.AF AGVDS.AF SDG.AF LDSMG.AF EDSMG.AF EY.AF DRSMZG.AF PRYT.AF LZ

C:\Users\user\AppData\Local\Google\Chrome\User Data\2c300af9-f046-48f0-99cf-3d475403a45d.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	162522
Entropy (8bit):	6.082327250423582
Encrypted:	false
SSDEEP:	3072:8vdCAPHKb1o/hF5RzweKvf14PnpqITFcbXafIB0u1GOJmA3iuRr:4o4HW1oZF5BtK1eng6aqfIlUOoSiuRr
MD5:	559771C7632FE6093E486B5F39879F1E
SHA1:	3C93C6FABA4A961C461C4A19C842936E9E44BF7C
SHA-256:	10DF722C85360BE509FB357421EE3DDFAE37EF78B14DB182FF32347F6C724E9D
SHA-512:	F554568692DFF1EC94CA09EEAA7C6382B32582E73F57B92C4A165C248BB45A757996BB3BA75BBAFCC293FF21DDBACB364EE4F4E31638506A32C9B292A761D378
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.606679169497338e+12,"network":1.606646771e+12,"ticks":95487357.0,"uncertainty":2565429.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016607996"},"plugins":{"metadata":{"adobe-flash-player":{"displ

C:\Users\user\AppData\Local\Google\Chrome\User Data\940fe341-ff0d-4362-ad13-cf4ae8406642.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	92068
Entropy (8bit):	3.748429672146586
Encrypted:	false
SSDEEP:	384:j7XUQaJjOKFwnN8rNv4E3nkSfH6nGDWrB2o6xnW+ahrtMmZOFG0MYnOC+0NV1Et+:Nqlp26fHIez+oSo3bqkKmcQbd
MD5:	AA9059747F325BDAE5A6B2EDAA80EB19
SHA1:	5909E8919BA398764AE20690D5840AFA727E8762
SHA-256:	6519476CAEF38D67CAD53E6672362C4734B4A9BBEB53AC1EB732E3B037BB9CDC
SHA-512:	2187D5208D4D797F2673B219D6BF94DD78E4995E78E1613740C7853614BBF4DF3F7D7A54C17896B1FCF9BA9A03F286177429F71869CB8820CAECDD8E2EFAB6FC
Malicious:	false
Reputation:	low
Preview:	.g.................C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6......M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0........C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n...k8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.

C:\Users\user\AppData\Local\Google\Chrome\User Data\9e19c289-8062-45bd-9322-5b021d281c8b.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	162522
Entropy (8bit):	6.082327199891302
Encrypted:	false
SSDEEP:	3072:8+QCAPHKb1o/hF5RzweKvf14PnpqITFcbXafIB0u1GOJmA3iuRr:NB4HW1oZF5BtK1eng6aqfIlUOoSiuRr
MD5:	E6347B4F2A746C4F451FF768A619200D
SHA1:	E2E84B25EE46BC3B7ED1A1E5A71BD268776FB7F2
SHA-256:	A4789A748528EB7F7E47D489E45ACB2BF50A8ADD1785F2150D645D11F9124A9D
SHA-512:	475FF944ECDB66181867AE1F34FA43CC50D8F55C940B6238B64179DE6D78C217481D3058E0801E3314E431FD93368122AC75D3C430BAF19AF5D09B84F27BC9AE
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.606679169497338e+12,"network":1.606646771e+12,"ticks":95487357.0,"uncertainty":2565429.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016607996"},"plugins":{"metadata":{"adobe-flash-player":{"displ

C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	120
Entropy (8bit):	3.254162526001658
Encrypted:	false
SSDEEP:	3:FkXft0xE1G1mstft0xE1G1mstft0xE1n:+ftIE1G1mkftIE1G1mkftIE1n
MD5:	E9224A19341F2979669144B01332DF59
SHA1:	F7F760C7104457DF463306A7F7BAE0142EFCEB5B
SHA-256:	47DD519C226D23F203ACAE0EC44DF9BB6208828E24F726E1602EA52F63C3E2BE
SHA-512:	4184302DEB5009D767FECFC150F580DD57D5CF9CF3BFEB7E52C9F3340E5E6499251B9F0DFF37F0454411FED9046880E0A9204312D021294256372C916B8155AC
Malicious:	false
Reputation:	low
Preview:	sdPC....................s}.....M..2.!..%sdPC....................s}.....M..2.!..%sdPC....................s}.....M..2.!..%

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\26e4ccdc-389f-4997-b210-bd37e5cf0554.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5032
Entropy (8bit):	4.974018778273796
Encrypted:	false
SSDEEP:	96:nnbF04pcVlRok0JCKL8gkiS1YbOTQVuwn:nna4pcDQ4KlkFU
MD5:	96F194ABC3CAD71CA26D3D0B9C6A388B
SHA1:	4694BDA06198FD2B615EDFABCF3F3AF99E9B08FB
SHA-256:	DA03B3CF16AD48E9859C3EF494539BE94FDE316E591522D7488DFFDD623F2840
SHA-512:	CA3D8E1A917D196B3F76A1CFDF5D71F3B181BA349D3567DC8D3C139CDAB5056A4103119121C7CB0541F128D0D2BA1CF52557B83A6C565C8041739690B2253AA8
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13251152767842656","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\39f7fb18-288a-46d5-aea4-687d656f86a1.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	16936
Entropy (8bit):	5.579875861291904
Encrypted:	false
SSDEEP:	384:rMVtWLlVKXa1kXqKf/pUZNCgVLH2HfD6rUiyo44D:dLlSa1kXqKf/pUZNCgVLH2HfurU1o4Q
MD5:	6252BE69DE4A7C4D51098BA86228968A
SHA1:	807E3C3029346375E8C20E1A1100559335ED6D41
SHA-256:	65C994965D7953B794D9DE3B34B90259189FB270A067762A3B73B296CA771C54
SHA-512:	D6C36344B435392CB32805C36C68F84CB9D688FA9D2F97D52A55ECA2D901E601CE101766C1CD126F2373FB8C06CAE8640737E82F5697D0CD5EA268DBEB6DF843
Malicious:	false
Reputation:	low
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13251152767631242","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\76e99487-2166-4d15-9487-d2708c672173.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5629
Entropy (8bit):	5.188085207138385
Encrypted:	false
SSDEEP:	96:nnbb046xNQVT01QEcVlRok0JCKL8gkiS1YbOTQVuwn:nns46gVwcDQ4KlkFU
MD5:	65D0C6EF3F3726AC3A612D077D5DF078
SHA1:	3B5BCE010C2C0ADBB0C976E6C642F0768B4AD5AD
SHA-256:	AB0E6BC14E2EC584998D2C772D64F11DFC01FA72C15BAC8F8368C56AE590E4B3
SHA-512:	6E1A390FF133E236E72747299031705AFAA65F3A55CF5A304974E5D50E8AC5A2D7CF874D22B9342D721B35C46439CFD16BB1A1A6AA21B4C280B041D95015DA0D
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13251152767842656","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\78534e51-9ab1-4a08-8e2e-e3d7ddbf0fa0.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4219
Entropy (8bit):	4.871684703914691
Encrypted:	false
SSDEEP:	48:YXsJjMH+5s7YMHBKsvxMHVzspxMHbsIHt/soBDysKqnsllzMHpDCLsWJMHLsNuMg:RG+ZGJG+GTTD7IGpD+G7Gp2GnG4GVhH
MD5:	EDC4A4E22003A711AEF67FAED28DB603
SHA1:	977E551B9ED5F60D018C030B0B4AA2E33B954556
SHA-256:	DD2C9F43F622F801FCC213CDE8E3E90EF1D0D26665AE675449A94CEC7EB1D453
SHA-512:	84D3930579FD73C7D86144D5CDC636436955BA79759273C740D2D72BC4847F2F7F165BBCA3EB2E4DFB01777D6A5F141623278C1BF74615C5A491092CE3FD1602
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248543677350473","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543677350474","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31344},"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248543501474403","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543501474403","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31656},"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248543501454993","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543501454994","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":39369},"server":"https://www.googleapis.com","supports_spdy":true},

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	331
Entropy (8bit):	5.22400062012046
Encrypted:	false
SSDEEP:	6:JEP9QWM+q2PWXp+N23iKKdK9RXXTZIFUtwgEBzEAG1ZmwygEBzEAQWMVkwOWXp+m:Jg2+va5Kk7XT2FUtwgkEj1/ygkE9V5fv
MD5:	668A23FA7ED9A285845454393D47901E
SHA1:	4E9BDF265C231B888781C970DF47A962249D0E60
SHA-256:	F8218C4148FCC7928613A6C978178182247C38E6E5E9D22659E012F840E8397A
SHA-512:	0E204242ACA0478C79606F84F479CC2D8A31F32F651E40561332AC4149D33B6B8FDF1CF35EA06779AF77B8511EE0B8B51E6E375C2A0B5C9CB29487B344046F19
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:18.217 9ac Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2020/11/29-11:46:18.219 9ac Recovering log #3.2020/11/29-11:46:18.219 9ac Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	315
Entropy (8bit):	5.200450942543489
Encrypted:	false
SSDEEP:	6:JE0l+q2PWXp+N23iKKdKyDZIFUtwgE6lF3JZmwygEi43VkwOWXp+N23iKKdKyJLJ:J8va5Kk02FUtwg1lF3J/yg2F5f5KkWJ
MD5:	1732ADE019F8EB3223C6928CA588F927
SHA1:	0D2228AA3914E2F875D4839513211025DA096A26
SHA-256:	17232CEEC7D43E0476C6EB6C869A76C743B5B1F39A6821C7C98EBD10D14BA897
SHA-512:	82077BDA496CAC2DE9DFD35FE255E5311231897E12149FA04685B769AAC7BC88A54A0653FE432E5024EF247474CC1CEC86370E82C4CE758D0932C82F7E7232A4
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:18.306 1e8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2020/11/29-11:46:18.308 1e8 Recovering log #3.2020/11/29-11:46:18.309 1e8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	modified
Size (bytes):	12288
Entropy (8bit):	1.4029806710363542
Encrypted:	false
SSDEEP:	24:TLyqJLbXaFpEO5bNmISHn06UwLq66yR53BlfK3ydtIl9JgAZOZD/m:TekLLOpEO5J/Kn7Uuq66AlUydgJNOZm
MD5:	6ABDA447AF59905D8A51FF0F5BF679CF
SHA1:	50C5652487CD714C085B97EDDA5720128519D0C9
SHA-256:	5ACDE7CA5DDEB0638AEFF6B19DB27DF94F741D8713002A68F3AA758C593174E2
SHA-512:	8FF46338F923459C89BD08DFA3F60961570898A9A345BC889EAD32CF9B050A8FC19434C65AFF7E8CA16EA7255D1E30C1BBBF931951E087E7F31BE9B6CDA3BE7E
Malicious:	false
Reputation:	low
Preview:	SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	12836
Entropy (8bit):	0.9690110795058804
Encrypted:	false
SSDEEP:	24:BcLgAZOZD/yvqLbJLbXaFpEO5bNmISHn06UwA8:B8NOZyq5LLOpEO5J/Kn7Un8
MD5:	8DBAC8C14C59CA24FFAC6ACD54E025A0
SHA1:	0C25F1E6BB6420C3201447B8CF3DBD210C61609F
SHA-256:	F9BBEC8D9E7D19A10AA4BA997FB91E9FBBB9ED0DAA2EF7A3BE72EB3E0616C4FF
SHA-512:	9837DE07E59ECD315F357ECDB3578A7218459AA4971ADBB09E7ECF89C17EC624D2E07088F45D8A97CA2AC220055528C22AC6F8681842CD5961949ED14BDA738C
Malicious:	false
Reputation:	low
Preview:	............f...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	1763
Entropy (8bit):	4.464469031725575
Encrypted:	false
SSDEEP:	24:34SWgEqalrlAFFRBPlPV56B1tbclHY+Hlf/FDlFRBPlPV5bBlL:347hxCRSBbclHY+Hlf/prRDTL
MD5:	8A2209C1B8E21AE5BE6516E48A55D276
SHA1:	91D4AAD6EA9D2CF07D049651C7C1C23DE8A67723
SHA-256:	605F61D544B7803F0B5BEDA86F744D46BB4EF2EB53A963956E26E6D3D825ECBD
SHA-512:	D8EB3000F8BEEA0A15567AA9D9DCC0FB9F0FE3F041F04CAE6A5CABA256A46CF25432BADA36C4BBF591BC5CC976FB9F5E7EF9686E0C4F5F22318B6AC80BB33419
Malicious:	false
Reputation:	low
Preview:	SNSS....................................................!.............................................1..,.......$...d35c4bde_9fb1_45d0_bc0d_9ce93d4560d4......................?...................................................................................5..0.......&...{524A03AB-861D-4591-9B4E-BDD69F9D425A}................\|...............https://lb.artipbox.net/adServer/Service.svc/sync?uuids=UVJacWtMV1hpL0tnM0FDS2tjN2xTbnhqZEo1YWkzZDRvRjZ5YnJCZzFZbkp3NDRlU3Jhc3JZbTRxWGN5TXVNcyxRUlpxa0xXWGkvS2czQUNLa2M3bFNueGpkSjVhaTNkNG9GNnlickJnMVluSnc0NGVTcmFzclltNHFYY3lNdU1z&t=1606644641953....4...0.......(...................................h.......`...............P...............X...............P.......4.4%D...5.4%D...................................................h.t.t.p.s.:././.l.b...a.r.t.i.p.b.o.x...n.e.t./.a.d.S.e.r.v.e.r./.S.e.r.v.i.c.e...s.v.c./.s.y.n.c.?.u.u.i.d.s.=.U.V.J.a.c.W.t.M.V.1.h.p.L.0.t.n.M.0.F.D.S.2.t.j.N.2.x.T.b.n.h.q.Z.E.o.1.Y.W.k.z.Z.D.R.v.R.j.Z.5.Y.n.J.C.Z.z.F.Z.b.k.p.3.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	8
Entropy (8bit):	1.8112781244591325
Encrypted:	false
SSDEEP:	3:3Dtn:3h
MD5:	0686D6159557E1162D04C44240103333
SHA1:	053E9DB58E20A67D1E158E407094359BF61D0639
SHA-256:	3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
SHA-512:	884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
Malicious:	false
Reputation:	low
Preview:	SNSS....

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	164
Entropy (8bit):	4.391736045892206
Encrypted:	false
SSDEEP:	3:FQxlXayz/t2Hmwg0EOZL7Ao4uhFkEuRLKyC5Ei5+Gg:qT5z/t2qoEwhXeLKB
MD5:	0A906A9A542CDF08FF50DAAF1D1E596E
SHA1:	B97D6274196F40874A368C265799F5FA78C52893
SHA-256:	EB9CABBF5FDA1AD535300B0110EAA4068A083248BA928A631C9278545935426D
SHA-512:	8795E905B711ADE6B1C4B402D50AF491B64D157AA738669482DDBFC30E857DF970BFFB774A925F3F4A0802BD27AFAF939CE140894FF09B67FB9C0BB83ED4491A
Malicious:	false
Reputation:	low
Preview:	.f.5................i.Wd...............Sgdaefkejpgkiemlaofpalmlakkmbjdnl.declarative_rules.declarativeContent.onPageChanged.[]..F..................F................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	320
Entropy (8bit):	5.248559145099278
Encrypted:	false
SSDEEP:	6:JVIqG3+q2PWXp+N23iKKdK8aPrqIFUtwgVI0WZmwygVIDVkwOWXp+N23iKKdK8a4:JV/G3+va5KkL3FUtwgVA/ygVwV5f5Kkc
MD5:	353721E7B1C03BB42C51FAE49F14C39A
SHA1:	81B435B68D84CEEE7EE91F00033AC37B0AFE833C
SHA-256:	ECA4A385672E4C0D6C3DDEDE9E629FC18752A7867D27BBDBBB96A71AE87B98F7
SHA-512:	2EC2782E1FE4DB8AD111D64FE77FF82CAEB7DF09B7D8F8710103DD2040A2457C5C4EDF1B45EEB629466A13D7D24FFAF1715FE44C26F78E8A79D772E1C9F6436B
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:07.887 170c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2020/11/29-11:46:07.889 170c Recovering log #3.2020/11/29-11:46:07.889 170c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	570
Entropy (8bit):	1.8784775129881184
Encrypted:	false
SSDEEP:	6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWW
MD5:	D4BA0AE0BB0B9FAFF3DA6F35FDBC3C8A
SHA1:	FB3E9DEC7F35A9B1D94E54A5659DD0DE484055E7
SHA-256:	99DEF1B557F19F04C1AFFC6F247D0451F33FC10EC42E73792223C3215AC98BE6
SHA-512:	86FD07C34B9ABD4C52BA19EAE291936F92BC6D38A75C021EDC1DEDBC15617669876180CD99F959C62476D82EC6BB9F5FE4C6CB4D82CB037EFB76D99A4D3D9C51
Malicious:	false
Reputation:	low
Preview:	.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	317
Entropy (8bit):	5.218640223554611
Encrypted:	false
SSDEEP:	6:JV3AWFlyq2PWXp+N23iKKdK8NIFUtwgV3Uxj1ZmwygV3fpRkwOWXp+N23iKKdK8n:JV3AOyva5KkpFUtwgV3wJ/ygV3fpR5fa
MD5:	FF4BDBAEC7C13CF06AFC0BCF2AD4E19B
SHA1:	ADD2427F5A26FAB020D1DFB6338BC35BA3DCB71E
SHA-256:	5E80226B800A9AE1EB3CA4AE2897079146AE236993964D729804B4CED71DDB24
SHA-512:	B80BC2DCC03C780AE4C05E14D615B046434D886B16E79B991273D8ACDBF6A1D0AC2C0736E8C10CAF30A9AA45A6612B8B7155F948BA719098173717B059EF4265
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:09.900 734 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2020/11/29-11:46:09.903 734 Recovering log #3.2020/11/29-11:46:09.904 734 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_1\_metadata\computed_hashes.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	17938
Entropy (8bit):	6.061511031838911
Encrypted:	false
SSDEEP:	384:ahlZ97TC4hNLFkQF/4H/vo3c93yaM5ZAVGnLMeP3rrBsuzfccHyfXRH0MVEPT:ahlvS2Fk5ooNM5Zg+YePRgpXRHLVA
MD5:	58E0F46E53B12F255C9DCFD2FC198362
SHA1:	24E3904DED013ED70FFC033CFA4855FBB6C41C19
SHA-256:	F82EEF4F80D86F5DEF0F40F91FFB6453E1706CA5FD8A7172EDB19C4B17E2F330
SHA-512:	1AC83CDFF124E4C0281FBBFC0A919AA177F1524AB85434D82E5A87DDDF7CAC26A761C5E6249566626054C62D6B0F46A51AAC1F6E64C260F50832AE1D5F0A49BC
Malicious:	false
Reputation:	low
Preview:	{"file_hashes":[{"block_hashes":["vyABSKu1ssLnoQtj8Nqw6CjEthL33alh0QYBLzRg9+E=","DGWrOFQ2mF53Fk3FM5jLCV5sKg1DgRTF750mXhpKaoM=","f8vmSL13lL5/sEk/UBo2z9BTE1au+kMnftvxebWlLfQ=","g6BagkGM3fYVfhX6pe9v+WIhrxb6KJyr1H8KEdf3iQc=","6GdjKPovCi9TAL74Kj/R6GzGC1RVsWCb0lMtrG41ElU=","vttVT0ok78296FZBpoJgEIMmZmATBpKLrC5wr6RiPIg=","5dwwmOMAg6GXh2x6hn99MsZgiXJCxgTnwFdiMmcl2/0=","lQFxytI8i5cYLqNLbSnc45XXd/jEIuKwO1nAvNh5/WE=","qETF6aAOXwVcduPggf/FGrY8l2ALwdIswKxFJWG2JpQ=","+fjs95t/ESSgtcK9SzZOIcY/aemUr2I/yYI07esfjbk=","H+r4m51qI4G0z8YtAibc3/AGYvPK9qT14BbGvmM4/y4=","Qz4vtomAqVrAeKIcJ/zbVi5yDpFiY+F7tP/FTdoAKwU=","k110zqa69JMO5T4RH/nBdkCVX9I/98Gd7K2dnRuyFyg=","+QrRx4Pz8wbz4ef9ch1Q2aAQDZbv0r64NMyj9z0qaaE=","6q/tcYekY7TN66ZdPx4ALLcteRLQJqFy0wgcIqL6fFU=","djipPPtOAFsToDpKDbadLJLGQiCzTkN2qsRbzvKijBo=","uHEm1DVxHADroGNWHjmdfpdNUgtHXDQ0zfTmdqtJgYo=","1C2E0Gz2nqKFG3ghcQEVyiTYI4rTYNnrpsHQY9J7BfI=","swYZ8T85/4tzx26dfC0RKxMiHwnjqJoxtn0Mb8NdcjI=","AuXwavx8SOtkgFhnRlnM4roIw243Ryh2ktL0QZRDLoE=","oG0S5XUkjBtAHts9X+uQt5MTsf

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	23474
Entropy (8bit):	6.059847580419268
Encrypted:	false
SSDEEP:	384:7dNc1NC6IcafusK4H1IIGRlhKlkIALQWdynQh2RX4K6M1tVztzr7XSNyzH:7dOscSRKc1nGRSkIhEw6M1tf7SNyb
MD5:	6AE2135EA4583C2F06CDEBEA4AE70FA4
SHA1:	DCEB26C7F02D53B5F214305F4C75B4A33A79CDC2
SHA-256:	03AA1944CB3C4F39E20B6361571BC45DFBEBD3FFDA3D8F148CC6ECB29958F903
SHA-512:	B5945E67D9F73DD1982D687E5C6D9B5D6B3886C8050363A259755C76AC0F93651F3425FA7C21AA6A13977AC1C8C9322F998F131648CB8909096058D4F0D23312
Malicious:	false
Reputation:	low
Preview:	{"file_hashes":[{"block_hashes":["DOZdV3jFvk12AM2JNDYKo3KZrIVRprmJ+sVGWkqqE4Q=","rVElW3Hu3T52SzDDUqGT5YiJTBGUv2h3pNuBKFlhZ1U=","X/3fg4KZxgQ1jBr5QGq0F5JnflgE27UErd88mrxTcxs=","VibLbpy0ig+5INMOU71fTYN76iaka2XVpmm1qAKYsX8=","EChCwCbQHbHQ7oDdGT2qNyiRJ0yck2YC2emNGq4whtE="],"block_size":4096,"path":"_locales/iw/messages.json"},{"block_hashes":["xklkoZ7iSU1+7cd6DAtEmUC5lPFd+EgcbnzxkOiFwlk=","3KbsvoxKY/3AwqgF2aAdVQRpMhsNVRkQ3rx2A6Z2Z+Y=","o9+tsohquaCMj+70zeinRG/hBhA2uLoDl/WoC1uokME=","xV/K8xucyWJELVT8Cqn+ugFjobBVmg8pnmACF+2PP4Y=","p/mvJm2wuCl32Rx3it654MljKAsMe3S9IDEabc1A8mE=","j8mPrTb5oOsBTj2Fer78JE6xG6+kR64Cvu2SW8d3j/k=","nqSRpGQ3USU2bZJsZ+AzBmFOyann8omwJrhEWFZDTXc=","eTcQyJUuNuF9yCga/fXGyFCj/pysSceanhBzksdx23s=","Wj7faqnspelXKMvnduxHn1XUBG8TEOqyns7/oUihekM=","VtBwXoadI3EP336rAiL33Gz19KGqtN+RYdKnMKAXoLw=","iDgLXQqXJp8nCZxgLuC9LXM45DGfufvGnXvmHsn18wc=","g+RfdDfrWTUK0Pkcsbot7NJ4SC9wVRV/dVVMuHAtEj8=","2oC4HcCuXu3VjFf6wnKlznt9uqQNaebcuWpm/mWj69U=","aMUIpuFqPMiieSaWhIktCK62v2P3OZQAWupWsYzCnvk=","L

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	19
Entropy (8bit):	1.8784775129881184
Encrypted:	false
SSDEEP:	3:FQxlX:qT
MD5:	0407B455F23E3655661BA46A574CFCA4
SHA1:	855CB7CC8EAC30458B4207614D046CB09EE3A591
SHA-256:	AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
SHA-512:	3020F7C87DC5201589FA43E03B1591ED8BEB64523B37EB3736557F3AB7D654980FB42284115A69D91DE44204CEFAB751B60466C0EF677608467DE43D41BFB939
Malicious:	false
Reputation:	low
Preview:	.f.5...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	369
Entropy (8bit):	5.261834669611117
Encrypted:	false
SSDEEP:	6:J/7z+q2PWXp+N23iKKdK25+Xqx8chI+IFUtwgE5ZmwygEvAtVkwOWXp+N23iKKdP:J/7Kva5KkTXfchI3FUtwga/ygNT5f5KN
MD5:	DE4E2CE0D8D00486B568A5FE6831F9D0
SHA1:	58CD0778DC4730D73125762487E6741D72CDDC29
SHA-256:	7CAD145E04E3AB920795DE6B555D5A9DF8F93D498159A6272D5D6DE49E2E2AAB
SHA-512:	4E77562A513E16005AE334D0C8A3A480A402A7441F851850D7F7C11C5B42449920E7134145BAC78B7E077B28DD323B2648AC37DA88B5156C1CD926AB98B03347
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:17.905 1e8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2020/11/29-11:46:18.006 1e8 Recovering log #3.2020/11/29-11:46:18.007 1e8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	355
Entropy (8bit):	5.252332069106513
Encrypted:	false
SSDEEP:	6:J/wN+q2PWXp+N23iKKdK25+XuoIFUtwg/n5Zmwyg/ntVkwOWXp+N23iKKdK25+Xp:J/hva5KkTXYFUtwg/5/yg/T5f5KkTXHJ
MD5:	E65F9DB1CC6FD1F3E71237144E5136F2
SHA1:	1D80FF7242381C527E6B9AFEFBE57B86066CBF84
SHA-256:	206A9A7B27F9876DE12AD56BD47769976CDC132148B82336968AD0926D684278
SHA-512:	674D68E84DE75B895F9FCBCFEEB0C206D3B3021BEEB5C6392261E8E8F97219411995492AA3A6CDC983410B169F3851B78AB2E6409325D84FDA9DF27A95766B9C
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:17.894 1e8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2020/11/29-11:46:17.895 1e8 Recovering log #3.2020/11/29-11:46:17.895 1e8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	327
Entropy (8bit):	5.265050063379159
Encrypted:	false
SSDEEP:	6:J/F+q2PWXp+N23iKKdKWT5g1IdqIFUtwg/YlXZmwyg/SlN9VkwOWXp+N23iKKdKn:J/Qva5Kkg5gSRFUtwg/yX/yg/SlND5fz
MD5:	B2D5FA8C705C53A6E6B1C028420FD36A
SHA1:	4A035CA6200C4F42388215484A1CF23AD809102B
SHA-256:	F1A8569AE2CBBD0D3B2224BF7821B4FF43EDB650E7992CB5DF37124DAA6FA698
SHA-512:	69D564F18E4C0257E0856C2EB565BB34B50923B6D01653DC5056D24A2DBB115EEC514D4EFABAFBA0A40C6E4534A78B87092795861BC40BC9F08FFEA0B0BA0EAE
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:17.774 1e8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2020/11/29-11:46:17.782 1e8 Recovering log #3.2020/11/29-11:46:17.788 1e8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	32768
Entropy (8bit):	0.25921373601219866
Encrypted:	false
SSDEEP:	12:TL+A/+f1bnbNBEwkjSQebqyPV5wShNuQnIGI/skXDbnbNBEwkjSQebqyPV5wA:TLx4RBPlPV57uewPRBPlPV5p
MD5:	ECDD80324711B5B54574DAA55F359DCD
SHA1:	70FA02EB868ACBB725C70AD56D775E55666F013E
SHA-256:	1572B129DBB08C893EFEF97EF1A4443A8DE6F176042EFC185CF720D48773FC3E
SHA-512:	474F23A4B8D80E844E69044018BB96E2C416933B929DA2AF9B6B769967409ECD8136C393B92E79548984458F0AF7FB43C72413CC9FE67E24F9B79851CA4D3A2D
Malicious:	false
Reputation:	low
Preview:	SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	1362
Entropy (8bit):	5.866994145590329
Encrypted:	false
SSDEEP:	24:BbHniHXtZPsfjniHXtJfBpjtIpLanz45+KOIY78BJgskfa9yBDgRBPlPV58U:ZHnoXXcnoXX1yMtOUoRkU
MD5:	EF38F6834D3D25A555B7ADC29547C4BE
SHA1:	C36044CB6D35E031D60628A8A6F15956104F8941
SHA-256:	B16BD32823BD4551EAB2A67F498F94AB8E7C30A77A88E91670D21CCAAC52F05C
SHA-512:	8C44782011E02ED62A6AAE0608C182838F74FB858D634D3125E112880623BB394B98B0C67C23AFDDA29D27AFEC1F3484DCE961B1C8E364EC3A66B621CCF70867
Malicious:	false
Reputation:	low
Preview:	..........."......1606644641953..adserver..artipbox..https..lb..net..service..svc..sync..t..uuids...uvjacwtmv1hpl0tnm0fds2tjn2xtbnhqzeo1ywkzzdrvrjz5ynjczzfzbkp3ndrlu3jhc3jzbtrxwgn5txvncyxrulpxa0xxwgkvs2czqunla2m3bfnuegpksjvhatnkng9gnnlickjnmvlusnc0ngvtcmfzclltnhfyy3lndu1z*........1606644641953......adserver......artipbox......https......lb......net......service......svc......sync......t......uuids........uvjacwtmv1hpl0tnm0fds2tjn2xtbnhqzeo1ywkzzdrvrjz5ynjczzfzbkp3ndrlu3jhc3jzbtrxwgn5txvncyxrulpxa0xxwgkvs2czqunla2m3bfnuegpksjvhatnkng9gnnlickjnmvlusnc0ngvtcmfzclltnhfyy3lndu1z..2...".....0.........1.........2........3.........4........5.........6........9.........a..........b..........c...........d..........e...........f........g........h.........i...........j........k........l.........m........n..........o.........p..........q........r...........s..............t............u.........v...........w........x.........y.........z...:n.........................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	33356
Entropy (8bit):	0.04747596494984346
Encrypted:	false
SSDEEP:	6:VNSqNuNHFNzNG7NlN0NNfg9bNFlWCj/lApZEl3n:VNSqNuNlNzNG7NlN0NNfqLBj/kM3n
MD5:	490C50E87D3160018AF9E30F62E4CFF5
SHA1:	32ABCF112305F45F41D94AEF60B38DE268F625D0
SHA-256:	5704A89B9BFB4589D482E18D3E2685772688F43E2F18FAB9439E3AFF8DAF3DD2
SHA-512:	C2FEDBB96BAC2E80AAE88B5E587413EFD84C78362F9E746549FE048E78DDF90943CEC990E1A9C55137E2C3C60EDD815633D2EEC7ECBBB8729841549C12354769
Malicious:	false
Reputation:	low
Preview:	............a.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	2955
Entropy (8bit):	5.453822416733018
Encrypted:	false
SSDEEP:	48:aOmGS5Re4i5a7D5MvY8dbnvTVjVNbQSefgGQNrS0U9RdiN9/J:+wa7FMLdbvTVjVNbQ5fgGYrS0dJ
MD5:	1110F124DB63DA055E3EB1F933951FB9
SHA1:	ED7AA7149D6FDB3D40DB423899AF30D0602A8B03
SHA-256:	B146542E3FB7EB8B4C324CD2DEDF8117DDDFBCCCC4D717F9FB2466E177B6FD31
SHA-512:	1949D3DAC33D656A0CBA7A7084F1D25DDFD7A8ED70E5BEEAA93F6741EBF3D0B04C0CF9F87F07203077A5946E1B2AC744A91BB2E6215CD20C16C89AFACC60E5FE
Malicious:	false
Reputation:	low
Preview:	.....*............8META:chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm.............Y_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.HangoutSinkDiscoveryService;.{"cache":{"sinks":{},"g":{},"h":null},"manualHangouts":{}}.a_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.IdGenerator.cast.RequestIdGenerator..372940000.H_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.LogManager...["[2020-11-29 11:46:19.09][INFO][mr.Init] MR instance ID: 1d8dfafe-923c-4f5a-b30e-fd305bbe71ec\n","[2020-11-29 11:46:19.09][INFO][mr.Init] Native Cast MRP is disabled.\n","[2020-11-29 11:46:19.09][INFO][mr.Init] Native Mirroring Service is enabled.\n","[2020-11-29 11:46:19.09][INFO][mr.PersistentDataManager] removeTemporary_: 163 chars used\n","[2020-11-29 11:46:19.09][INFO][mr.PersistentDataManager] initialize: 163 chars used, 67 other chars\n","[2020-11-29 11:46:19.09][INFO][mr.CastProvider] Query enabled: true\n","[2020-11-29 11:46:19.09][INFO][mr.CloudProvider]

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	329
Entropy (8bit):	5.228954247387859
Encrypted:	false
SSDEEP:	6:JVMcFt+q2PWXp+N23iKKdK8a2jMGIFUtwgV/pZmwygVZt3VkwOWXp+N23iKKdK8N:JVXova5Kk8EFUtwgV/p/ygVJ5f5Kk8bJ
MD5:	F87791D447D3879D7CDA91594726EAE2
SHA1:	26F8B4EB56FC390A8DC118F08B90A3E16DA5D90F
SHA-256:	DAE082A697B4AF503B84EDBD780B7EDFA5D7C70A7754643BF92F234BF9CA5DBB
SHA-512:	AE14A20B38001D9078AD14F56892B5E8CCA17D0932488067EA20183B78185327F8982E5C5886A5DBB49263B8DCFC7930041E3456528DF453FE2A2A4172BC4327
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:07.669 dd8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2020/11/29-11:46:07.672 dd8 Recovering log #3.2020/11/29-11:46:07.674 dd8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	334
Entropy (8bit):	5.226050490439452
Encrypted:	false
SSDEEP:	6:JVOEq2PWXp+N23iKKdKgXz4rRIFUtwgVNZmwygV/kwOWXp+N23iKKdKgXz4q8LJ:JVOEva5KkgXiuFUtwgVN/ygV/5f5Kkgi
MD5:	E16C3B1490A3FBF163C29874CA8561AD
SHA1:	2E6523CE2DC4F53CB8701320E8AB88E751619335
SHA-256:	8251EE8DE6FB04DEDD5C40C039532D32E59D461F88B304386F6C98909BB53B52
SHA-512:	9747101B877A5CC1A0162850DB6AD5878787A1C086D4CA0F2C4665F9078427EFABADA8A4D1152B886219CF80A66F75162D25A2F6277C14F2389037E11FCF1640
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:07.918 1670 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2020/11/29-11:46:07.919 1670 Recovering log #3.2020/11/29-11:46:07.919 1670 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	114
Entropy (8bit):	1.9837406708828553
Encrypted:	false
SSDEEP:	3:5ljljljljljl:5ljljljljljl
MD5:	1B4FA89099996CE3C9E5A0A9768230E8
SHA1:	9026E1E0906E3B3FE0E414EE814CC5A042807A04
SHA-256:	537818AAFD0902A8B2D58B483674391E33E762B5E1E8CD226D873098CCE9C8F9
SHA-512:	4279C9380ACC5AB329EC6BCDA10CCF0A7437CEF63845B63E741CE517042CFE83340D2D362DD6B9E039BF55E61F484CCF72B8FD8477D1D0292E0B879CB949461B
Malicious:	false
Reputation:	low
Preview:	..&f.................&f.................&f.................&f.................&f.................&f...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	320
Entropy (8bit):	5.181821062886822
Encrypted:	false
SSDEEP:	6:JVGI+q2PWXp+N23iKKdKrQMxIFUtwgVCoXWZmwygVCoiVkwOWXp+N23iKKdKrQMT:JVGI+va5KkCFUtwgVCL/ygVCbV5f5Kkf
MD5:	36A87EA368E68B02CD114D47F0E29FE8
SHA1:	BAC2DA8605089E9B60F273162336B282AFDF8174
SHA-256:	847E6AB15EAA07042FAAEF828BFE6EA80DB66797E0F5F6CF455014443716791E
SHA-512:	078337265C3A07B1533FF0F244B0AD8975459588A84F7AF17FA58AAEA0B29D600AB36A4B90A991313E262B78B4CFED8749866956BBC85455BEBFB4E5E4CF60CA
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:07.819 170c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2020/11/29-11:46:07.821 170c Recovering log #3.2020/11/29-11:46:07.821 170c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	345
Entropy (8bit):	5.231770185140409
Encrypted:	false
SSDEEP:	6:JVIHrFN+q2PWXp+N23iKKdK7Uh2ghZIFUtwgVG5ZmwygVdVkwOWXp+N23iKKdK7w:JVArFIva5KkIhHh2FUtwgV6/ygVj5f5m
MD5:	504986A21303D8FA4F0411EE89A29D66
SHA1:	3EC729FD4CC8A3F0B58B12BB3EDB838FDC6C7F7F
SHA-256:	A1A7CA88EB541AF3E08258CF7DD34C9464EA82D9A9FD9F938AF2B7E59278BBE4
SHA-512:	24673369BA96FD51A0CBBA50F58475104FDFE6E09BE4773C470152514777325A7ADF71E2F241B4384263ABE61328D1DA05A63E0788FBAD571032BB86BE1D274E
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:07.628 518 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2020/11/29-11:46:07.633 518 Recovering log #3.2020/11/29-11:46:07.634 518 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\7633e7e8-f178-4d87-b79a-6500afed1d72.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	420
Entropy (8bit):	4.985305467053914
Encrypted:	false
SSDEEP:	6:YHpoNXR8+eq7JdV5qQlsDHF4xj70PpqQEsDHF4R8HLJ2AVQBR70S7PMVKJw1K3Ky:YHO8sdBsB6MAsBdLJlyH7E4f3K33y
MD5:	C401B619D9D8E0ADABC25A47EE49CFBA
SHA1:	C9D3B816DD3FBCD98E9C0A32CEC7B501EFC0BBDA
SHA-256:	8F5D75F5EF9876E8D30CE477509F735B50C4D87DBEDB433BE8EDBE6D4B3CB82F
SHA-512:	BC12F16CB95CB0AD708C6BBD005EF863A8552613E612F1084086E0F8262752E1B5144D044F0D141CE8462CC33343C36B517A5CC778751680485D8F88FB51B862
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248543490879170","port":443,"protocol_str":"quic"},{"advertised_versions":[73],"expiration":"13248543490879171","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	296
Entropy (8bit):	0.19535324365485862
Encrypted:	false
SSDEEP:	3:8E:8
MD5:	C4DF0FB10C4332150B2C336396CE1B66
SHA1:	780A76E101DE3DE2E68D23E64AB1A44D47A73207
SHA-256:	18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
SHA-512:	51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
Malicious:	false
Reputation:	low
Preview:	.'..(...................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	430
Entropy (8bit):	5.268855107045314
Encrypted:	false
SSDEEP:	12:JVGU+va5KkFFUtwgVGL/ygVGVUhV5f5KkOJ:JIVa5KkfgrIegIVmf5KkK
MD5:	A6D777BAA9BAADF01FC49DE1023937F0
SHA1:	4854F7929CE1892E25ADBD794231183361E06DDC
SHA-256:	4D437ADC5950901295AEDD8818AB284908C1157AD61B73335E79501885E94ABF
SHA-512:	89483DDFF2AC30D3C20D58D305A9DB1819D90D630EF2F375A2C2A1E602D18BD7978C4A484FEBC7F2BF3BEC026D6E7FCDF514A28A5F5080BED0567F6E3EEE3BB0
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:07.860 170c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2020/11/29-11:46:07.861 170c Recovering log #3.2020/11/29-11:46:07.862 170c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	429
Entropy (8bit):	5.306560422220628
Encrypted:	false
SSDEEP:	12:JVCyva5KkmiuFUtwgVCLjZ/ygVCLjlR5f5Kkm2J:J9a5KkSgrUf0gUflf5Kkr
MD5:	54D6F06FD4AB1BFA355D2CA60C26AD15
SHA1:	5E43D4C0EBB3C34363E49626C25EBF42A6A3204D
SHA-256:	8EA1A4CC05CED8AD699CA74918172CB5AFFEB5F8DB0D2DD95A9378BA510E0D63
SHA-512:	858F251456D73CBFF9DFF58ACDEA4B10236A8A13A090BD778A2494F32CC1AFBB9370AE8BB5CFEC4F6852076C76A3C44CEFE56D916B702384C237E684E158AF36
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:07.912 734 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2020/11/29-11:46:07.914 734 Recovering log #3.2020/11/29-11:46:07.914 734 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	19
Entropy (8bit):	1.9837406708828553
Encrypted:	false
SSDEEP:	3:5l:5l
MD5:	E556F26DF3E95C19DBAECA8F5DF0C341
SHA1:	247A89F0557FC3666B5173833DB198B188F3AA2E
SHA-256:	B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
SHA-512:	055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
Malicious:	false
Reputation:	low
Preview:	..&f...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	418
Entropy (8bit):	5.24669301726462
Encrypted:	false
SSDEEP:	6:JXMAq2PWXp+N23iKKdKusNpZQMxIFUtwgXMvXZmwygXMvFkwOWXp+N23iKKdKusx:Jnva5KkMFUtwgUX/ygUF5f5KkTJ
MD5:	016CF7E97B3FCF186CBEFE5FD985A698
SHA1:	9F31941AFCB3F36D558B7E600EF903195D85858A
SHA-256:	BDE26E8777F68D907D5A2694CBC51A3BE2416D1BD5DC0DB4D9005C02290C9389
SHA-512:	5B6B34F3437A8F2545F7CCECA4CB298A62FC28ED824C251D49B62348B33A4DB3405D01563D4B76F44005C63439F74C9C4DCCF4C79226BF2F9652F1243C089464
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:23.917 11e4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/MANIFEST-000001.2020/11/29-11:46:23.919 11e4 Recovering log #3.2020/11/29-11:46:23.919 11e4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	296
Entropy (8bit):	0.19535324365485862
Encrypted:	false
SSDEEP:	3:8E:8
MD5:	C4DF0FB10C4332150B2C336396CE1B66
SHA1:	780A76E101DE3DE2E68D23E64AB1A44D47A73207
SHA-256:	18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
SHA-512:	51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
Malicious:	false
Reputation:	low
Preview:	.'..(...................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	430
Entropy (8bit):	5.207731410853882
Encrypted:	false
SSDEEP:	12:Jhva5KkkGHArBFUtwgHG/ygH65f5KkkGHAryJ:JNa5KkkGgPgrHjgHkf5KkkGga
MD5:	861E821DD2CF1687998B629CECBC327D
SHA1:	1D1F8C278FA3D77F4BEA9915C7B4D8DD6C3BF2FA
SHA-256:	4927B9FAF48E9A75D0E1038A4A42E385098FFBD7956F687F630284148AD7A348
SHA-512:	88A0DB9F6987AFCB42D14A20A056E09B47987765DC6D01B2E7BAFDF1B6BC24475F92EF4A06E1243F93D5E8D41509C90FA1AF401B8A0FB24F348FD7268E1F4F55
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:18.064 1670 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/MANIFEST-000001.2020/11/29-11:46:18.066 1670 Recovering log #3.2020/11/29-11:46:18.066 1670 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	429
Entropy (8bit):	5.234428563014205
Encrypted:	false
SSDEEP:	12:JUva5KkkGHArqiuFUtwgQ5/ygQT5f5KkkGHArq2J:Jea5KkkGgCgrQUgQFf5KkkGg7
MD5:	06760E9FDE86EC1BC56C48A463A5DB8D
SHA1:	DA8791EBD3AB4E912A9ED1A1A34681EBC94697C4
SHA-256:	2523308B6CCD583D84939ABB3A5D953F03607968A371C8A2EF522492C731E43B
SHA-512:	A8B405A6C01E61891A077679AEE3D30FEBCF14B0B86B38175735E0075BA5DB62C148ADB4C2257A97EC736B66DC0411D7A8CCD59EF8F680698355CF09B7E71515
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:18.098 e78 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/MANIFEST-000001.2020/11/29-11:46:18.099 e78 Recovering log #3.2020/11/29-11:46:18.099 e78 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	19
Entropy (8bit):	1.9837406708828553
Encrypted:	false
SSDEEP:	3:5l:5l
MD5:	E556F26DF3E95C19DBAECA8F5DF0C341
SHA1:	247A89F0557FC3666B5173833DB198B188F3AA2E
SHA-256:	B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
SHA-512:	055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
Malicious:	false
Reputation:	low
Preview:	..&f...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	415
Entropy (8bit):	5.184316824552525
Encrypted:	false
SSDEEP:	12:JQva5KkkGHArAFUtwge/ygF5f5KkkGHArfJ:Jia5KkkGgkgr7gXf5KkkGgV
MD5:	498CF81F431340F3DD6F6155E72DC696
SHA1:	31D561281782EFD9BFFD85605A2DE7A4A5CE538A
SHA-256:	244759FF81427E4FDE9045AB5FC362733A69546F9F1C46115088237C7E35BE92
SHA-512:	C51A49E04605531C9073AA06AE1FCF0C12FB0466FD93A20764F3FC5EFCA400662F314C896DBCBC50774CC1ED6E452D277E865E8C3F7EFEBE6FB270AAFDA889DC
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:33.301 dd8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/MANIFEST-000001.2020/11/29-11:46:33.302 dd8 Recovering log #3.2020/11/29-11:46:33.303 dd8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\a6676356-829e-47a6-abfd-985f31e20c33.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	420
Entropy (8bit):	4.954960881489904
Encrypted:	false
SSDEEP:	12:YHO8sdvBVSsB6M/BVSsBdLJlyH7E4f3K33y:YXsdvjX6gjXdL3yH7n/iy
MD5:	F4FEFEEEC722772F9DC0FCE1B52D79B5
SHA1:	00EECFA3B37113D30E7D43BE4383C540F3D93D4D
SHA-256:	D33E13C12004A700F246D8C73709114A881609D658E045D54DE36874728D07F0
SHA-512:	41E61EC89366800FD5F4DD704E53B47DE29411B9088B46349A0A350758D08569C14DCC70CF8D6A6FE6D049CB6D32F2B091153E8148A1B5857BD7AF13492071BE
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248543498399332","port":443,"protocol_str":"quic"},{"advertised_versions":[73],"expiration":"13248543498399332","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	38
Entropy (8bit):	1.9837406708828553
Encrypted:	false
SSDEEP:	3:sgGg:st
MD5:	45A8ECA4E5C4A6B1395080C1B728B6C9
SHA1:	8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E
SHA-256:	DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
SHA-512:	8EE91A3A1E77459273553F6A776C423A8EE95DB9DCFA897771814B7AD13FD84F06BB2B859F22B6DDA384B39EAA91F1819F170BABED6DA16BDBCF5BCB06CF2124
Malicious:	false
Reputation:	low
Preview:	..F..................F................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	321
Entropy (8bit):	5.285271092009644
Encrypted:	false
SSDEEP:	6:JVOoAQL+q2PWXp+N23iKKdKpIFUtwgVqQG1ZmwygVNwQLVkwOWXp+N23iKKdKa/o:JVOo4va5KkmFUtwgVI1/ygVNz5f5KkaQ
MD5:	C34A6EB94607FC3312DF11270467B473
SHA1:	F6392115843703E779D8C4276B08BF1A6B276F2F
SHA-256:	D2F0C4DD3F448CCFE1FDA109B3C9CA1F099BCE0000B6D65CADA7174B61ACF4FE
SHA-512:	757879A29713E4BB477CBA1F9976F839B797221B776143C3D695B67FB782A4CFD45E1ECF19801D5713527B92EC5754FA35EEA702113F5A13D0E63D07C232AA53
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:07.633 6c8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2020/11/29-11:46:07.636 6c8 Recovering log #3.2020/11/29-11:46:07.637 6c8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	402
Entropy (8bit):	5.3107727436414445
Encrypted:	false
SSDEEP:	12:JTLva5KkkOrsFUtwgTgZ/ygTgz5f5KkkOrzJ:JTLa5Kk+grTpgT2f5Kkn
MD5:	7460461AA89197FF0B598B4BF061C5AC
SHA1:	1A98A26B3D3A01200C3BBC8560BB99364F396162
SHA-256:	0AAF9A7B3F98AD8577FC8DBC03D0485EB5F43006D57C274B1EF7B0664D8C5670
SHA-512:	A47B5FE679D2F225280D981EC8165DFE83C0718A02A6C543A15806D56D49703FCDB5C53F349192A3FBD0FCF15AF9EA44581DD8DC588F61511E86C274D5A3BCBA
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:19.086 11e4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/MANIFEST-000001.2020/11/29-11:46:19.088 11e4 Recovering log #3.2020/11/29-11:46:19.088 11e4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	12
Entropy (8bit):	3.188721875540867
Encrypted:	false
SSDEEP:	3:wFat:wat
MD5:	F849F0BA48DCCD1B887A7EACF56E9AEE
SHA1:	C181FF06F8DADCF3B62F84EE7293CA8AA262F269
SHA-256:	E162A2F8AE322A3219723016D509D46A1172779F4D08348D578F46DEDB01D2DD
SHA-512:	D53C4ECAA30DC2CF7E59012E0C92956623BC7730C1EFBB4DB86F8D9D16A879503C0AB6BDCC319C45B081C77E52415AEFD22819D86053A4552AF60933771F0A19
Malicious:	false
Reputation:	low
Preview:	....T`HJ?..

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\adc1d7a2-47da-4676-8b0b-ef1fa295b85e.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	modified
Size (bytes):	22614
Entropy (8bit):	5.535207382876399
Encrypted:	false
SSDEEP:	384:rMVtjLlVKXa1kXqKf/pUZNCgVLH2HfD6rU8HGQnTPk44/:WLlSa1kXqKf/pUZNCgVLH2HfurUwGQnm
MD5:	7A67389C1FE65A064C7E796C7977890E
SHA1:	16470BABB1A3666EE4C197B8E8170350CA49BB84
SHA-256:	303DBE76BEBAEB494E4A0F39508E128023D8DCBBFC9A35AED8F4A4D0C38E2E3E
SHA-512:	846BE98923CA4D0047380EC80D16DFB61E0C96D37B1767DB8F8E077140D66C2BDD9EC5F98EB623449D83BC88EC05456A960E735039EB0C07E24B47F61180AC7A
Malicious:	false
Reputation:	low
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13251152767631242","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b66fdef5-299b-48c6-a9ea-8f0fe6afa4f9.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	22613
Entropy (8bit):	5.53536278011094
Encrypted:	false
SSDEEP:	384:rMVtjLlVKXa1kXqKf/pUZNCgVLH2HfD6rU8HGRnTPL44i:WLlSa1kXqKf/pUZNCgVLH2HfurUwGRnC
MD5:	857C390C5AFD02C64338A14F5F145FFA
SHA1:	095A92BC963126E1F9BE4E1F74D0B5E4087CFCF2
SHA-256:	42BA8104DD1CA53C270A2E9C446C229F47F7B3CEE4B3ADC53661C21F24FD3E2B
SHA-512:	F3E431478DFBE5B0647F1B51A6B18EDE3EA216F407F4164636B985043F3F93AC506E9B838BC012CCBCD6FCA43B6F3559018C0E422B04DC7BF4FC9B65BAFD5540
Malicious:	false
Reputation:	low
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13251152767631242","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b6a652f2-057a-4f97-a688-45c951388087.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	1037
Entropy (8bit):	5.5637323669259215
Encrypted:	false
SSDEEP:	24:YI6H0UhVsTG1KUerkq/HeUeXby2qUeXv667wU+RUenHQ:YI6UUhVseKUewqPeUer2Uef6kwU+Uenw
MD5:	E0D7060D626EFE97368F6AD84273BFE4
SHA1:	BDCBF7BCD967A88A25F9DF450571808AB4AD40AB
SHA-256:	0084B87022EE42069F4E4889858689CD7C5F71699744009BDA43E1858B97BA9D
SHA-512:	6AA4B3023EAC67B963F84DB8CCF3FF6EAE8BA19FA24C5D73107914927A52D3AE6CA9E18334778010F0166831E6E8955675B681D701F2EDC461A768CCAF5AD3DF
Malicious:	false
Reputation:	low
Preview:	{"expect_ct":[],"sts":[{"expiry":1633014077.350499,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601478077.350503},{"expiry":1633014077.22511,"host":"nAuqgR4iEWti7SOdT3UHPl6rmZU/DeaIm38P2O2OkgA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478077.225114},{"expiry":1633014092.4175,"host":"0J7rAWV0ouCFYJ9XrkDiKnAO1SshXJmLJE1SS3V8kDM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478092.417504},{"expiry":1633014091.91938,"host":"5EdUoB7YUY9zZV+2DkgVXgho8WUvp+D+6KpeUOhNQIM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478091.919383},{"expiry":1638215170.186897,"host":"8/RrMmQlCD2Gsp14wUCE1P8r7B2C5+yE0+g79IPyRsc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1606679170.1869},{"expiry":1633014077.462534,"host":"+ccWXqaoHJ9hfuXbleKV6FQUrBlyXAJ31BdqjNQJpHs=","mode":"force-https","sts_include_subdomains":false,"sts_obser

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c6baa5c9-fe6e-4ba6-b34b-1a96679d2a6c.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:L:L
MD5:	5058F1AF8388633F609CADB75A75DC9D
SHA1:	3A52CE780950D4D969792A2559CD519D7EE8C727
SHA-256:	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
SHA-512:	0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
Malicious:	false
Reputation:	low
Preview:	.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	16
Entropy (8bit):	3.2743974703476995
Encrypted:	false
SSDEEP:	3:1sjgWIV//Rv:1qIFJ
MD5:	6752A1D65B201C13B62EA44016EB221F
SHA1:	58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B
SHA-256:	0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
SHA-512:	9CFD838D3FB570B44FC3461623AB2296123404C6C8F576B0DE0AABD9A6020840D4C9125EB679ED384170DBCAAC2FA30DC7FA9EE5B77D6DF7C344A0AA030E0389
Malicious:	false
Reputation:	low
Preview:	MANIFEST-000004.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	136
Entropy (8bit):	4.564043338068273
Encrypted:	false
SSDEEP:	3:tVPFDTfUSLx2dwG1ZmwvK4DTfUSL7lVV8n4DTfUSL6tmWGv:J/x2KG1Zmwyg/7lVVSg/5tv
MD5:	14BC777A90DDFADDEBDFC3F9363BFC2D
SHA1:	CF2F49010BA264BDEC7F28FC55A7FC55D16F35B6
SHA-256:	65E0138BC300D200580C3AE63921F7191B44F95CBBC1FAD2FF448C1022F124FE
SHA-512:	051019905D2CE3FA37837498A6A590E67B1F4480C2C6EBE6C09ABB04B2E8F76B0B42F63DF89A749139D12E7BB8CD6D1C7E5BEC3AA3475374AA7CDA5BA43678D2
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:17.422 9ac Recovering log #3.2020/11/29-11:46:17.489 9ac Delete type=0 #3.2020/11/29-11:46:17.490 9ac Delete type=3 #2.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MPEG-4 LOAS
Category:	dropped
Size (bytes):	50
Entropy (8bit):	5.028758439731456
Encrypted:	false
SSDEEP:	3:Ukk/vxQRDKIVmt+8jzn:oO7t8n
MD5:	031D6D1E28FE41A9BDCBD8A21DA92DF1
SHA1:	38CEE81CB035A60A23D6E045E5D72116F2A58683
SHA-256:	B51BC53F3C43A5B800A723623C4E56A836367D6E2787C57D71184DF5D24151DA
SHA-512:	E994CD3A8EE3E3CF6304C33DF5B7D6CC8207E0C08D568925AFA9D46D42F6F1A5BDD7261F0FD1FCDF4DF1A173EF4E159EE1DE8125E54EFEE488A1220CE85AF904
Malicious:	false
Reputation:	low
Preview:	V........leveldb.BytewiseComparator...#...........

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	338
Entropy (8bit):	5.200329392346266
Encrypted:	false
SSDEEP:	6:JEcOq2PWXp+N23iKKdKfrzAdIFUtwgEcXZmwygEtYkwOWXp+N23iKKdKfrzILJ:JMva5Kk9FUtwg9/yg55f5Kk2J
MD5:	0129563332A7C79A86ABED2F02C8AE0D
SHA1:	F2FF0FE63CBBF047D683E650A51C3EC6A92566E6
SHA-256:	75FF193DB7E3CB0A40BB844F1594D336B0770CC6A2C67877E9348F1415ECAC13
SHA-512:	C081C2339968718B59015896930DFB9D796099162B7F90103503A3ACEBE0C8CEC6799D487D783E2844E4EC73B79900ACB995CE9EB04E8E734E21BE89C6052296
Malicious:	false
Reputation:	low
Preview:	2020/11/29-11:46:18.389 11e4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2020/11/29-11:46:18.389 11e4 Recovering log #3.2020/11/29-11:46:18.390 11e4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	106
Entropy (8bit):	3.138546519832722
Encrypted:	false
SSDEEP:	3:tbloIlrJ5ldQxl7aXVdJiG6R0RlAl:tbdlrnQxZaHIGi0R6l
MD5:	DE9EF0C5BCC012A3A1131988DEE272D8
SHA1:	FA9CCBDC969AC9E1474FCE773234B28D50951CD8
SHA-256:	3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
SHA-512:	CEA946EBEADFE6BE65E33EDFF6C68953A84EC2E2410884E12F406CAC1E6C8A0793180433A7EF7CE097B24EA78A1FDBB4E3B3D9CDF1A827AB6FF5605DA3691724
Malicious:	false
Reputation:	low
Preview:	C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	13
Entropy (8bit):	2.8150724101159437
Encrypted:	false
SSDEEP:	3:Yx7:4
MD5:	C422F72BA41F662A919ED0B70E5C3289
SHA1:	AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632
SHA-256:	02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
SHA-512:	86010ED2B2EEBDCC5A8A076B37703669C294C6D1BFAAEA963E26A9C94B81B4C53EC765D9425E5B616159C43923F800A891F9B903659575DF02F8845521F8DC46
Malicious:	false
Reputation:	low
Preview:	85.0.4183.121

C:\Users\user\AppData\Local\Temp\31c6bdf1-a776-4970-8a93-a73e3fe7f942.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Google Chrome extension, version 3
Category:	dropped
Size (bytes):	768843
Entropy (8bit):	7.992932603402907
Encrypted:	true
SSDEEP:	12288:cK2ED9wjXNC1Gse83ru82/u0eKhgxuPFrDXgtbPz54Pm1D0fBmfH1sBrJ9mTiDga:cK2ED9I48seur0/uZKCuPNbgtbz6m1ob
MD5:	A11D5CAF6BF849AEB84B0C95B1C3B7CF
SHA1:	27F410CCBD75852C01C7464A1FD7EF8C29BE3916
SHA-256:	D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
SHA-512:	086C124DE3A01BE467647F3BCB4EA05105F690AB45417A0E3D38935ABA9E2381DF59AF98D0FFF7823CEFD5390B48807352E135AC70977AED7B413A8CC48FB590
Malicious:	false
Reputation:	low
Preview:	Cr24..............0.."0....H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L\|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.\|1..n.<Fb..f..Q1.....s..2..{.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-eu...b.........6W..>Nuw9..R{c...Nq.H.K..A!....`v.k+..?.5.>v.....;.._~....tp....x.q.V...7.m.O.~.{!.o/q.'..BK..4./?'.....L..fH&.._<..&.p.k^..\s...:1y..F.N.+...X.PO@Mo....X.G1:..Y.@;..j..........=ae...0.......DU....n...n.;.Ipr..Q....:... <.....a.Y....{ei........0..0....H............0.......Mbh=.[O}.+..U.KHF(n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;\|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$......l-m.............m....ni...`..W.....R.p.b.+...+.\k.R$e~.J\.&c%.d...M..j..V.%...+1F....D....X\.1ct.<........E.B.+.i@...8..^...&YR...I.o...,.....[0Y0....H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. D.'.N@.(..GK....m...A.0.."

C:\Users\user\AppData\Local\Temp\5199ccfa-b44c-41d5-a060-dad3eb124a98.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:L:L
MD5:	5058F1AF8388633F609CADB75A75DC9D
SHA1:	3A52CE780950D4D969792A2559CD519D7EE8C727
SHA-256:	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
SHA-512:	0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
Malicious:	false
Reputation:	low
Preview:	.

C:\Users\user\AppData\Local\Temp\a882b7e5-502f-4c3d-991b-a32966285613.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Google Chrome extension, version 3
Category:	dropped
Size (bytes):	300953
Entropy (8bit):	7.973503294353402
Encrypted:	false
SSDEEP:	6144:0sb1v/4nxPbqqBbWbFsw+wh3bC5NFv++S/hup0XcaxlnJ9:7l/4nxPZbOFsw+y3d+S6WnX
MD5:	1FE8E0AEB768437A23CEEAE6053E5822
SHA1:	5529A275644B729009E22035F6125879450F4ABB
SHA-256:	25A2F515CEC98CF2ACF11B34C59723D76820A4B5734E223D7EBEA55E5A851468
SHA-512:	45C8EEC35301495EB9DCE36B32F1CA2E9A7B167CAB52D3E026E2617134067C38CCE1463DEC18C1657A6984FBB8F342336E29E8BF6280C0533CB67CA56812320A
Malicious:	false
Reputation:	low
Preview:	Cr24..............0.."0....H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L\|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.\|1..n.<Fb..f..Q1.....s..2..{.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-eu...b...............L.18..Y.~..%...~._......O\..p,...eY.0=.!..+.SoZA7...:t.G...VZ<..d....MN.......T..{1\.T...P,...i...NrD...e.2..u....5......1.n.Zu.E...!..XR..j.:.E.gUw.-s7:T.c_...(.i..iU.).M=yF<..`......F...@)..IK.. b.4.o..mC'...N.@OtT...`.&\|.8.M;...........0..0....H............0.......).'..b.$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.\|b.l....{.K@]6.LlP/....](.A...........e..;.<LQ0{^....=m.V.#....a.NL......%...p.@.4....Q.Fw...dUoCq....Rl.G.,2.....[..T'.........."ct.).s#.(/.D..C..4..RKf.W....[0Y0....H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...H0F.!...L..\.j.1.d.....==v.....-

C:\Users\user\AppData\Local\Temp\bc588aac-5e1e-4d26-863a-e77add352dbf.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:L:L
MD5:	5058F1AF8388633F609CADB75A75DC9D
SHA1:	3A52CE780950D4D969792A2559CD519D7EE8C727
SHA-256:	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
SHA-512:	0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
Malicious:	false
Reputation:	low
Preview:	.

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\bg\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	886
Entropy (8bit):	4.799570700992651
Encrypted:	false
SSDEEP:	12:1HEJMLkSlwZGGMLkSlwZ+WYpU34f145Gb+dgoxTyO8ZpU34f1L0frhmJ03OyIDEK:1HE7n4gn8WYpYrbhz8ZpotHOPjsrdaD
MD5:	0F604F138A921EE7270C45E520621C30
SHA1:	E2BA940AF44609BEAC49B603EB1C379E43F4AAEB
SHA-256:	A149D52858570C9544E33B183915556230B7F66CF4ABAD4DDB00B1409476FBE1
SHA-512:	D87C8C7D0C998B37E34B7E4E6F5212FF4A0588C15F1273A55CD36B4A6FB13B7FDAE4F3B23EA469E7ACAF22B8BF53EB67476D897B96CA5C15C113EC078071A69D
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "........ . ... ........ .. Chrome".. },.. "app_name": {.. "message": "........ . ... ........ .. Chrome".. },.. "craw_app_unavailable": {.. "message": "........... .... ...... .. .............".. },.. "craw_connect_to_network": {.. "message": "...., ........ .. . ......".. },.. "iap_unavailable": {.. "message": "........... .... ...... .. .......... ....... .. .........".. },.. "jwt_retrieve_failed": {.. "message": "............ .. .... .. .... .......... ...., ........ ...... ..-......".. },.. "please_sign_in": {.. "message": "...., ...... . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\ca\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	705
Entropy (8bit):	4.576619033098666
Encrypted:	false
SSDEEP:	12:1HEJ0gbbGG0gbb+WYpU34g3YbiLO+dgyGFoO8ZpU34+puiPmb03OyFJKtOi2V2Te:1HE5baib6WYpm31Lt0Z8Zp8pxOaKtwVl
MD5:	DDD77BA67108D8D88D66E35AA72A8048
SHA1:	F9C217728E756728B788C969F5101484D0557065
SHA-256:	3DB4D2B1586C020EC679C09148DB226DBB23857D326BECBB6CC48976036C391F
SHA-512:	6CA88083CECF6166503A1441BE8BB726CF08DEA8CFD61F1E81A970FE623284039FB9A530990E8E2008A4B1128399022AFE4F517E85CC7B069B670F5BA659F4F6
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Sistema de pagaments de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagaments de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Ara mateix aquesta aplicaci. no est. disponible.".. },.. "craw_connect_to_network": {.. "message": "Connecteu-vos a una xarxa.".. },.. "iap_unavailable": {.. "message": "La funci. Pagaments a l'aplicaci. no est. disponible actualment.".. },.. "jwt_retrieve_failed": {.. "message": "No s'ha pogut completar la transacci.. Torneu-ho a provar m.s tard.".. },.. "please_sign_in": {.. "message": "Inicieu la sessi. a Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\cs\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	663
Entropy (8bit):	4.771803710371731
Encrypted:	false
SSDEEP:	12:1HEJfZGGfZ+WYpU34OBh+dgN/O8ZpU34j05U03OyN+/sFfmSYWc:1HEl4G8WYpdt8Zpq5TOT0FfmR
MD5:	B587AF92ECD087AAE3EF210364960844
SHA1:	AD78B31888863D3F0EC0D8CDCA316EDE9EBD7543
SHA-256:	9796A230BA459EF31E3D102B02575B73D6F1C812BF11F4D1E55B17C17891D2C5
SHA-512:	D2771ABB1174C3B6AF70BA1640837DE1B28137319307841B12A7D03C0A605AAECFC93069026A3906B289BAE12D33F4457FB54D7D27ABC5DC674C5C4C1E9F7CB1
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "app_name": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplikace v sou.asn. dob. nen. dostupn..".. },.. "craw_connect_to_network": {.. "message": "P.ipojte se pros.m k s.ti.".. },.. "iap_unavailable": {.. "message": "Platby v aplikaci aktu.ln. nejsou k dispozici.".. },.. "jwt_retrieve_failed": {.. "message": "Transakci nebylo mo.n. dokon.it. Zkuste to znovu pozd.ji.".. },.. "please_sign_in": {.. "message": "P.ihlaste se do Chromu.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\da\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	642
Entropy (8bit):	4.533570611298554
Encrypted:	false
SSDEEP:	12:1HEJJMKKFZGGJMKKFZ+WYpU34OHu+dgxlCZO8ZpU34J4Wu03OyNz31m8tbYzD:1HErMKfqMKVWYpM6lL8ZpDNOOQ84D
MD5:	639CEF5231701AE13F81DBB67730BB95
SHA1:	E249FE0C70B0F85B033730719B6D1B30F0B04431
SHA-256:	6C71F9D37006245D0E2E956D6D2C1815FFEB43236DD3D427A02F8DD348AC93C5
SHA-512:	D040D25ADD9666050544F9173EF61E044F7EBBAE8C528FC4077880734141205AAE60566668E6854D0B9C8D59924E22D1665D2C93085ED7F7E1F4DA91B951F09E
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Betalinger i Chrome Webshop".. },.. "app_name": {.. "message": "Betalinger i Chrome Webshop".. },.. "craw_app_unavailable": {.. "message": "Appen er ikke tilg.ngelig i .jeblikket.".. },.. "craw_connect_to_network": {.. "message": "Opret forbindelse til et netv.rk.".. },.. "iap_unavailable": {.. "message": "Betaling i appen er ikke tilg.ngelig i .jeblikket.".. },.. "jwt_retrieve_failed": {.. "message": "Transaktionen kunne ikke gennemf.res. Pr.v igen senere.".. },.. "please_sign_in": {.. "message": "Log ind p. Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\de\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	701
Entropy (8bit):	4.598783840405771
Encrypted:	false
SSDEEP:	12:1HEJQ1ZGGQ1Z+WYpU34pCEMT+dgJMlCTO8ZpU34p6FK603Oy91Lj8SYJ6K:1HEzWWYp3Bewv8Zp7k4OALIhj
MD5:	6E1B49ABC0AA5C1E2764E48EB1EA256A
SHA1:	604E76C89D4763C002C51908CEFE8C11AF7CBBE5
SHA-256:	B692DB1A249223E62E62DE9725334039419B5942AF715669F0F0F4BDEDAC5733
SHA-512:	EE527D48178D09D66120C0D1EA2584A7397404109A074AC09487D6AE8507A593193B31D3197C2418A162BB3E7DCC46FA5844D4951BB09650FC2A4AA10EAB8110
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome Web Store-Zahlungen".. },.. "app_name": {.. "message": "Chrome Web Store-Zahlungen".. },.. "craw_app_unavailable": {.. "message": "Die App ist momentan nicht verf.gbar.".. },.. "craw_connect_to_network": {.. "message": "Bitte stellen Sie eine Verbindung zu einem Netzwerk her.".. },.. "iap_unavailable": {.. "message": "In-App-Zahlungen sind momentan nicht m.glich.".. },.. "jwt_retrieve_failed": {.. "message": "Die Transaktion konnte nicht abgeschlossen werden. Bitte versuchen Sie es sp.ter erneut.".. },.. "please_sign_in": {.. "message": "Bitte melden Sie sich in Chrome an.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\el\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	875
Entropy (8bit):	4.920210350678433
Encrypted:	false
SSDEEP:	24:1HEw+aZ+6WYpbWZe80A08ZpCGyDVWlOBINZXD:WguYpCZnpEZb6fD
MD5:	41BB0DB6EC99E4664C6E2247EC704151
SHA1:	BF2268F9A77218384F1F73951F98829296318452
SHA-256:	90FC75C419D7359C2241F54562177252655526F3074E7E419E36F5C473843842
SHA-512:	738F7C254825E0D00D4BDF909FA6957D5A6027BCBCDF76F1385210FA5F908C2C94C038B6DF4309C68774C96B84447079AAF514F46519E60876BE4A8F4ABC9E6C
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "........ ... Chrome Web Store".. },.. "app_name": {.. "message": "........ ... Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": ". ........ .... .. ..... ... ..... ..........".. },.. "craw_connect_to_network": {.. "message": ".......... .. ... .......".. },.. "iap_unavailable": {.. "message": ".. ........ ..... ......... ... ..... ..... .. ...... ...........".. },.. "jwt_retrieve_failed": {.. "message": "... .... ...... . .......... ... ........... ......... .... .........".. },.. "please_sign_in": {.. "message": ".......... ... Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\en\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	617
Entropy (8bit):	4.481995064086158
Encrypted:	false
SSDEEP:	12:1HEJ6GG6+WYpU34OuFpR+dgGfFZO8ZpU34aEGFpR03OyZnLAOtiCsHTYdD:1HEVSWYpVp0JS8Zp5KpaOGAOthFD
MD5:	64CBD0878A320F70E8F9DC2AD540C8DE
SHA1:	E95BC23E053C078BA4C269B2F75C22159450C2F2
SHA-256:	E99F26D0540E2C71802716B24668D9B4611E9BC429CD681606963E095D18EDFD
SHA-512:	10BAF5423314EF0352FD56D3649CF73713BE8D5EE8A2E21E7E02AAA46EE92635A1EEF87DC62D3E999A1B3704720C51D3281FB28CB9523395EB5A21C4AB3C6DCA
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome Web Store Payments".. },.. "app_name": {.. "message": "Chrome Web Store Payments".. },.. "craw_app_unavailable": {.. "message": "App currently unavailable.".. },.. "craw_connect_to_network": {.. "message": "Please connect to a network.".. },.. "iap_unavailable": {.. "message": "In-App Payments is currently unavailable.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed. Please try again later.".. },.. "please_sign_in": {.. "message": "Please sign into Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\en_GB\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	617
Entropy (8bit):	4.481995064086158
Encrypted:	false
SSDEEP:	12:1HEJ6GG6+WYpU34OuFpR+dgGfFZO8ZpU34aEGFpR03OyZnLAOtiCsHTYdD:1HEVSWYpVp0JS8Zp5KpaOGAOthFD
MD5:	64CBD0878A320F70E8F9DC2AD540C8DE
SHA1:	E95BC23E053C078BA4C269B2F75C22159450C2F2
SHA-256:	E99F26D0540E2C71802716B24668D9B4611E9BC429CD681606963E095D18EDFD
SHA-512:	10BAF5423314EF0352FD56D3649CF73713BE8D5EE8A2E21E7E02AAA46EE92635A1EEF87DC62D3E999A1B3704720C51D3281FB28CB9523395EB5A21C4AB3C6DCA
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome Web Store Payments".. },.. "app_name": {.. "message": "Chrome Web Store Payments".. },.. "craw_app_unavailable": {.. "message": "App currently unavailable.".. },.. "craw_connect_to_network": {.. "message": "Please connect to a network.".. },.. "iap_unavailable": {.. "message": "In-App Payments is currently unavailable.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed. Please try again later.".. },.. "please_sign_in": {.. "message": "Please sign into Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\es\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	696
Entropy (8bit):	4.469493700399435
Encrypted:	false
SSDEEP:	12:1HEJHlbGGHlb+WYpU34ubdDH+dgxbFxTO8ZpU34lPbdlVo03OyFJhwtOLLY6xjD:1HEvaC6WYpcDeEFxq8ZpNl5OahwtyD
MD5:	B4B479436878DA0B032F1B656B310637
SHA1:	F525EDB5B376CE665280DB32EFE3684CE6DC10DC
SHA-256:	3B3DEB56AD7A5F85ED5AB944172B715A5F5F49E3C5A0F7915DB879BF8ACCFEE0
SHA-512:	56C5CCA31DFF155E608723EFEBE01B421DFA3AB43EDFB586778BD76C6EB1AAF57CF904BDE0EA0FB5E912CCB445788136DE319653A882DC2E844046847D201B0D
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Esta aplicaci.n no est. disponible en este momento.".. },.. "craw_connect_to_network": {.. "message": "Con.ctate a una red.".. },.. "iap_unavailable": {.. "message": "Los pagos en la aplicaci.n no est.n disponibles en este momento.".. },.. "jwt_retrieve_failed": {.. "message": "No se ha podido completar la transacci.n. Vuelve a intentarlo m.s tarde.".. },.. "please_sign_in": {.. "message": "Inicia sesi.n en Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\es_419\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	667
Entropy (8bit):	4.49547663693789
Encrypted:	false
SSDEEP:	12:1HEJHlbGGHlb+WYpU34ubdDH+dgxbFxTO8ZpU34GLO03OyFJ2tOLLYiJD:1HEvaC6WYpcDeEFxq8Zp4LlOa2t4D
MD5:	807730218B74CA040AD8DD01E5B2E0D8
SHA1:	ADA0042296C448DCD5C2B22F520C9304526FE9AD
SHA-256:	2823F6DDBF6905D9F4459091A85073644E64B5F7AAAA7FC435495C50DC5ECE68
SHA-512:	5ED86C91A0A435417CB0EDF984AA4DF2177BE37C27D0C805147CEB11ABF75C642416443DB88049A538F63BED9CCCBA95973DAC795498A1A7E022DD6ED3620402
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Esta aplicaci.n no est. disponible en este momento.".. },.. "craw_connect_to_network": {.. "message": "Con.ctate a una red.".. },.. "iap_unavailable": {.. "message": "En este momento, Pagos En-Apps no est. disponible.".. },.. "jwt_retrieve_failed": {.. "message": "No se pudo completar la transacci.n. Vuelve a intentarlo m.s tarde.".. },.. "please_sign_in": {.. "message": "Accede a Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\et\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	609
Entropy (8bit):	4.483029436148137
Encrypted:	false
SSDEEP:	12:1HEJfPGGGfPG+WYpU34Ze7z+dgrW9O8ZpU34ZwZz03OyQQUe1YgoLIR:1HEdvqlWYpTeObk8ZpT/O3QU1LIR
MD5:	B5DF9CEA0A2FEAE9816F8D41470D744E
SHA1:	65C86CD677A68FF7E11A789EAB078FB932A9E157
SHA-256:	AD75B59775C8F6688FFA9F0453868999996E04B9EE9645721765D1C731D04578
SHA-512:	10C30393C29829FFC535559C57B31EBDCC370ABB5C2ED2A6F04E9CC5590FB8587DAB330E4E9367F3E762314EFE913802B98821136D17E9B9A437B56885F259F8
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome'i veebipoe maksed".. },.. "app_name": {.. "message": "Chrome'i veebipoe maksed".. },.. "craw_app_unavailable": {.. "message": "Rakendus pole praegu saadaval.".. },.. "craw_connect_to_network": {.. "message": "Looge .hendus v.rguga.".. },.. "iap_unavailable": {.. "message": "Rakendusesisesed maksed ei ole praegu saadaval.".. },.. "jwt_retrieve_failed": {.. "message": "Tehingut ei saa l.pule viia. Proovige hiljem uuesti.".. },.. "please_sign_in": {.. "message": "Logige Chrome'i sisse.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\fi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	673
Entropy (8bit):	4.6221501785662396
Encrypted:	false
SSDEEP:	12:1HEJRuzGGRuz+WYpU34ujSBu+dgYO8ZpU34J+Bu03Oy0EyOxAxWeY5HN:1HEFcWYpPNa8ZpD+FO4zxAWHN
MD5:	50EF678CECF0C82675B9DF64CC3CF72E
SHA1:	F9D9A994530C86C1A99B6D104E86666AB56AD4DA
SHA-256:	7F5B921E0D0B01D8D3287D3293729BFFF07ABC7DBCB1227134823A404DF29E83
SHA-512:	62A96C70F496CEA0FF0765E4ED7E014F1A2C7B394F7438C887C094C62885F5B9CD2822B0A9BB83C45471076CA5CF47954C0D5C46D4B45AA7AD5910D57CD2AF44
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome Web Storen maksut".. },.. "app_name": {.. "message": "Chrome Web Storen maksut".. },.. "craw_app_unavailable": {.. "message": "Sovellus ei ole t.ll. hetkell. k.ytett.viss..".. },.. "craw_connect_to_network": {.. "message": "Muodosta verkkoyhteys.".. },.. "iap_unavailable": {.. "message": "Sovelluksen sis.iset maksut eiv.t ole t.ll. hetkell. k.ytett.viss..".. },.. "jwt_retrieve_failed": {.. "message": "Tapahtumaa ei voi suorittaa loppuun. Yrit. my.hemmin uudelleen.".. },.. "please_sign_in": {.. "message": "Kirjaudu sis..n Chromeen.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\fil\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	692
Entropy (8bit):	4.519947404204655
Encrypted:	false
SSDEEP:	12:1HEJADlbGGADlb+WYpU34hTUT+dgHfZAFFZO8ZpU34hTjzeT03OytnmHQnJvYHf9:1HEYah6WYp7TUSoxOS8Zp7TOsO4wXX2w
MD5:	0CA8EE1D816E684D781E7DF18C18455D
SHA1:	F711596B4049CBAA99296AD3755CCC0E79D47051
SHA-256:	CA9739F4FA8514C8669AE6221842B1F5D148BD80492888CECBA7410CB32225A8
SHA-512:	3BE7CA9E781E0D0BF17F3E894FD75CF7FCCCB0BEEB9A0FC7C17D3F5BC142B662ACFDC7254AA75D2AF9933D0FB70057297E29E8A5815F29469906F9DC8F33902E
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Mga Pagbabayad sa Chrome Web Store".. },.. "app_name": {.. "message": "Mga Pagbabayad sa Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Kasalukuyang hindi available ang app.".. },.. "craw_connect_to_network": {.. "message": "Mangyaring kumonekta sa isang network.".. },.. "iap_unavailable": {.. "message": "Kasalukuyang hindi available ang Mga Pagbabayad na In-App.".. },.. "jwt_retrieve_failed": {.. "message": "Hindi makumpleto ang transaksyon. Pakisubukang muli sa ibang pagkakataon.".. },.. "please_sign_in": {.. "message": "Mangyaring mag-sign in sa Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\fr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	708
Entropy (8bit):	4.573921094123133
Encrypted:	false
SSDEEP:	12:1HEJALf/nbGGALf/nb+WYpU34Owdgbyb+dgdQjO8ZpU34ITQpGnbyb03Oynha3Gg:1HE4Hna1Hn6WYpNdgpY8ZpSTQwnBOshi
MD5:	BE3C2C2BF4551641D84A60EC9F1E6E15
SHA1:	AAB0C8097A5B35FA40F2B137E1889677CB105B40
SHA-256:	DDDDAA9A83C34BF2874CBBE0214351C15E2620C0DC3863B2B79C4ACF9C2A4637
SHA-512:	4F263F78B61075525FA94493FB5C6297A53395F61E630E2DE81F14393BD2D5B3E687F35BF321C1009C0AF9A230A0C49D188F68AA7F2E4F61F3358596A86A6C2D
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Paiements via le Chrome.Web.Store".. },.. "app_name": {.. "message": "Paiements via le Chrome.Web.Store".. },.. "craw_app_unavailable": {.. "message": "Application indisponible pour le moment.".. },.. "craw_connect_to_network": {.. "message": "Veuillez vous connecter . un r.seau.".. },.. "iap_unavailable": {.. "message": "Les paiements via l'application ne sont pas disponibles pour le moment.".. },.. "jwt_retrieve_failed": {.. "message": "Impossible de finaliser la transaction. Veuillez r.essayer plus tard.".. },.. "please_sign_in": {.. "message": "Veuillez vous connecter . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\hi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	955
Entropy (8bit):	4.664681647654927
Encrypted:	false
SSDEEP:	24:1HEs07J0JWYp9vnCSVLP8Zp6CsOjSvzdlmLzSLm:Wh7qgYp1CMLUph1jSv3mLzSLm
MD5:	8CFF82EB516A180F2BFA22DA0B18D9E7
SHA1:	87053836FFDB4103302D17D221BC76C8DB842A28
SHA-256:	EA0020B530B3E047559248C076B54E90EFEF6A233DA130D5F43445C25BCB2008
SHA-512:	DEADC807AE4F254A4A73D31A12C2BC274D0E2E25413A36DCEF565B155BA72037BD3A14B5067A8B0325A86CB126C3B223A7DDFC66D5981CB48F1975E962AFBBE6
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome ... ..... ......".. },.. "app_name": {.. "message": "Chrome ... ..... ......".. },.. "craw_app_unavailable": {.. "message": "......... .. ... ...... .... ...".. },.. "craw_connect_to_network": {.. "message": "..... ....... .. ...... .....".. },.. "iap_unavailable": {.. "message": "..-.. ...... ... ...... .... ...".. },.. "jwt_retrieve_failed": {.. "message": "...-... .... .... .... .. .... ..... ... ... ... .. ..... .....".. },.. "please_sign_in": {.. "message": "..... Chrome ... .... .. .....".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\hr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	633
Entropy (8bit):	4.602004893403632
Encrypted:	false
SSDEEP:	12:1HEJGiimxmbZGGGiimxmbZ+WYpU34OBOEuhopIO+dgcapZO8ZpU34GiiZrMrQphc:1HE4H4TH8WYpNjTta28ZpQVLP0SOv3XD
MD5:	5A777479C6072C009FF6EEEDD167B205
SHA1:	D4B509E3AD07A7EABEB32E7EF06166D5A60D4B54
SHA-256:	1650A45BF772FA06F99EB68015FD356B8BCC1DD4AEE0A4213C626BA2216D9D43
SHA-512:	8E13AD3DF747E6F082D813E4BC5321F1AB1A6D8C203EB9E0A01EF8B5B496DE74F5FCAE956239C85A18DD26399847177325FAADD84C60AC507818E9F26BBB533D
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Pla.anja u web-trgovini Chrome".. },.. "app_name": {.. "message": "Pla.anja u web-trgovini Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplikacija trenuta.no nije dostupna.".. },.. "craw_connect_to_network": {.. "message": "Pove.ite se s mre.om.".. },.. "iap_unavailable": {.. "message": "Pla.anje u aplikaciji trenuta.no nije dostupno.".. },.. "jwt_retrieve_failed": {.. "message": "Transakcija nije dovr.ena. Poku.ajte ponovo kasnije.".. },.. "please_sign_in": {.. "message": "Prijavite se na Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\hu\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	710
Entropy (8bit):	4.727128297637916
Encrypted:	false
SSDEEP:	12:1HEJVJiGGVJi+WYpU34Hpo9O+dgMmfgijO8ZpU34Huo9O03OyeFRLpzS0suYBIAd:1HEVrk5WYpQzTUg/8ZpwoXODpFGIAd
MD5:	C3AD6A15FC6370A3D3E18A313AB22237
SHA1:	E1FB9248DA5E0607882DBCC1819DE5B67F8614F5
SHA-256:	F895E3D151B52E817531C21F877689109B92EC2DA5F0F1A677CC8219A6315373
SHA-512:	F3DEDD20971FCAC9FED5C403E6452C0562148BFD08F81128161F83459A2686127590E997B584F89FA250666C9A82EB3F0C561DA0CCFA1444DC1796DA4404AA09
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome Internetes .ruh.z Fizet.si rendszere".. },.. "app_name": {.. "message": "Chrome Internetes .ruh.z Fizet.si rendszere".. },.. "craw_app_unavailable": {.. "message": "Az alkalmaz.s jelenleg nem .rhet. el.".. },.. "craw_connect_to_network": {.. "message": "K.rj.k, csatlakozzon egy h.l.zathoz.".. },.. "iap_unavailable": {.. "message": "Az alkalmaz.son bel.li fizet.s jelenleg nem .rhet. el.".. },.. "jwt_retrieve_failed": {.. "message": "A tranzakci.t nem siker.lt befejezni. Pr.b.lja .jra k.s.bb.".. },.. "please_sign_in": {.. "message": "Jelentkezzen be a Chrome-ba.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\id\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	617
Entropy (8bit):	4.445455113766944
Encrypted:	false
SSDEEP:	12:1HEJs25bGGs25b+WYpU34ORBHAeSJ+dgkmO8ZpU34s22C/SzFAs03OyN4KolFYjt:1HEBaA6WYpaHFH8ZptOYODhuD
MD5:	8B27E83CA394C9D73B58C33910881F01
SHA1:	007F3DFA6CACB4D96D5C057930A8D45241F9908F
SHA-256:	EE050F8DE5EC6F49D4B8E5CE1A432BDE43B4EAFA0963C045D8A097AB622D96E8
SHA-512:	EF1ACFADA29E971E6468804D63AE490C7046B20B946B39F572BC1FF5BAB480C93F97C85E5DC3484EC1A0C3A4CA35FBBF3C217102A9EA269B7AE353C17C5CFFBA
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Pembayaran Chrome Webstore".. },.. "app_name": {.. "message": "Pembayaran Chrome Webstore".. },.. "craw_app_unavailable": {.. "message": "Aplikasi tidak tersedia saat ini.".. },.. "craw_connect_to_network": {.. "message": "Sambungkan ke jaringan.".. },.. "iap_unavailable": {.. "message": "Pembayaran Dalam Aplikasi saat ini tidak tersedia.".. },.. "jwt_retrieve_failed": {.. "message": "Transaksi tidak dapat diselesaikan. Coba lagi nanti.".. },.. "please_sign_in": {.. "message": "Harap masuk ke Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\it\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	622
Entropy (8bit):	4.505455493845955
Encrypted:	false
SSDEEP:	12:1HEJsqd/bGGsqd/b+WYpU34OcX4+dgUvIO8ZpU34vq703OynjbeQfL6CYsD:1HEXd/aKd/6WYpZrv58ZpskOsjhDD
MD5:	DCA488BB7ACBBDC0FF63246899F85933
SHA1:	9408CEF9B8C2EB24E66700E7CD6405A232803EDE
SHA-256:	43267C5F695BCD2A31360D6B03699EFD27D9F53215479042642F42F8612EB7BB
SHA-512:	484793E3F366EBBCC59625BDA5BEAF4B4A0FB58E9CAEB9700BC5A7B74F7ED13B51E72AF46ACD609C137AF84E776FEC3ECF9B256C58F7B5731C8871D3DCD0ACDB
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Pagamenti Chrome Web Store".. },.. "app_name": {.. "message": "Pagamenti Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "App al momento non disponibile.".. },.. "craw_connect_to_network": {.. "message": "Collegati a una rete.".. },.. "iap_unavailable": {.. "message": "La funzione Pagamenti In-App non . al momento disponibile.".. },.. "jwt_retrieve_failed": {.. "message": "Impossibile completare la transazione. Riprova pi. tardi.".. },.. "please_sign_in": {.. "message": "Accedi a Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\ja\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	778
Entropy (8bit):	5.228857160227492
Encrypted:	false
SSDEEP:	12:1HEJ07uGG07u+WYpU34DB+dgnsVztO8ZpU34MwiB03Oypv/Ik589dwttYmSH:1HEcnDNWYp1kxU8Zp2wiqOoIk589QnSH
MD5:	5FB01096BE49765965AE2148455ADD74
SHA1:	BA73186A0A0D81A20D2830432DEDA52A0527C9A1
SHA-256:	C6BE17C57BB3500A02F98F8A218B120F63D4F29BAE2A960210DC14656D37CBE3
SHA-512:	4A365178D73EA46C9FC6E7A28D1EF13FD89F8E42239231D9DDFE9BF2CA68713C015FC4C76AE25A6497D9287EF693E4A317596AF5A4063B863828F0C13BD15043
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome ........".. },.. "app_name": {.. "message": "Chrome ........".. },.. "craw_app_unavailable": {.. "message": ".................".. },.. "craw_connect_to_network": {.. "message": "................".. },.. "iap_unavailable": {.. "message": ".......................".. },.. "jwt_retrieve_failed": {.. "message": "........................................".. },.. "please_sign_in": {.. "message": "Chrome ............".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\ko\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	669
Entropy (8bit):	5.2871011966880666
Encrypted:	false
SSDEEP:	12:1HEJ1GG1+WYpU34K3aT+dgh8d0HTO8ZpU34KaNkaT03OyhMcg/QeHTY/YeHx:1HEajWYpc3aSl0Hq8Zpc6kasOeMcgIeY
MD5:	087B93BE3016C3C7CBB1753C38E337EF
SHA1:	01F9EAB9C8E614DDAC5AE7CAEB564E4803586753
SHA-256:	F49A563FD4545BE61DBB720325E4DF86E2C6674F9EBC53C24E190F291E44E364
SHA-512:	4B9301150BD8601D1D70DD6F4403762D7D7D538DD97E088B73A5281820D017987F8607385DFD1D14DF49E68F99F399B1A700D39BFB71CBFA1265E1033F84F752
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome . ... ..".. },.. "app_name": {.. "message": "Chrome . ... ..".. },.. "craw_app_unavailable": {.. "message": ".. .. ... . .....".. },.. "craw_connect_to_network": {.. "message": "..... ......".. },.. "iap_unavailable": {.. "message": ".. .. ... ... . .....".. },.. "jwt_retrieve_failed": {.. "message": "... .... ...... ... .. ... ....".. },.. "please_sign_in": {.. "message": "Chrome. .......".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\lt\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	686
Entropy (8bit):	4.727132438660756
Encrypted:	false
SSDEEP:	12:1HEJpqHnkGGpqHnk+WYpU346M+dgV6O8ZpU34WzSWz03OyFMm/FYx:1HELqHtKqHPWYpM3A8ZpwGzOCu
MD5:	FC774504DD2DCE69B8DD55AFC02AF58D
SHA1:	1D31DC3F3DA200AC24026B2F542BB30B52CE6B16
SHA-256:	6F976F9ED367A7B85CE9B1DE0CB3B228E9E983E3FBBA4D3CD35A59BCA58EDBBC
SHA-512:	8A832DFCB0326D731FDC7D0D33F59724239A1BAB6E9780C8032925E411C184062F71710D217B9F4FA079D5247BED051897EBA12AE2A7AEE148C903B445D736D7
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": ".Chrome. internetin.s parduotuv.s mok.jimo sistema".. },.. "app_name": {.. "message": ".Chrome. internetin.s parduotuv.s mok.jimo sistema".. },.. "craw_app_unavailable": {.. "message": "Programa .iuo metu negalima.".. },.. "craw_connect_to_network": {.. "message": "Prisijunkite prie tinklo.".. },.. "iap_unavailable": {.. "message": "Mok.jimai programoje .iuo metu negalimi.".. },.. "jwt_retrieve_failed": {.. "message": "Nepavyko u.baigti operacijos. V.liau bandykite dar kart..".. },.. "please_sign_in": {.. "message": "Prisijunkite prie .Chrome..".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\lv\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	699
Entropy (8bit):	4.685697694118083
Encrypted:	false
SSDEEP:	12:1HEJFhVbGGFhVb+WYpU34wDoz+dgGedBO8ZpU34wF03OyNrEuIjYGYID:1HENQKkWYp2Doy/em8Zp2WOZuIBYID
MD5:	4FDBF2298A69836E8F76B3374E20DDA7
SHA1:	445DFC32C1D748D3B100D1211D2A2ABCD26C5834
SHA-256:	5E3FEFF17B28742EE0D5882D94C7A31D13CDB1D9C1524FE69F045AB109B2A173
SHA-512:	5058F9AE32F655DE90BB4FEA9FA2D75494D3E11E7AB6EA54F6A78D8AF12CC386B1CC789DB9C1308C716DFBBCC04697676D57CBC5922125532E0555D765E7A187
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome interneta veikala maks.jumu sist.ma".. },.. "app_name": {.. "message": "Chrome interneta veikala maks.jumu sist.ma".. },.. "craw_app_unavailable": {.. "message": "Lietotne pagaid.m nav pieejama.".. },.. "craw_connect_to_network": {.. "message": "L.dzu, izveidojiet savienojumu ar t.klu.".. },.. "iap_unavailable": {.. "message": "Maks.jumi lietotn.s pa.laik nav pieejami.".. },.. "jwt_retrieve_failed": {.. "message": "Transakciju nevar.ja pabeigt. L.dzu, v.l.k m..iniet v.lreiz.".. },.. "please_sign_in": {.. "message": "L.dzu, pierakstieties p.rl.k. Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\nb\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	644
Entropy (8bit):	4.587522520391651
Encrypted:	false
SSDEEP:	12:1HEJhiOGGhiO+WYpU34OHSN+dgFjdGFZO8ZpU34JgdN03OyN3L8AebYiD:1HEDiHIitWYpCYJ8ZpD1OcL8TD
MD5:	8DF502C935CB5F2C61F7B9EFD6426CF5
SHA1:	31D25CF9B1DC6CDBA07203C107AA1233987D6FFF
SHA-256:	AB56E763119222142A2A69B694238E7C2069F03D909623B7DA25BEAB87494A8A
SHA-512:	3E3F4C956863355282B2C6F31419950A325490027FC839D3881897B7B102DE35953DDD33F417AD8BD89544801A1B378D436C871A592F428DE236BA9B682F5B5B
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome Nettmarked-betalinger".. },.. "app_name": {.. "message": "Chrome Nettmarked-betalinger".. },.. "craw_app_unavailable": {.. "message": "Appen er utilgjengelig for .yeblikket.".. },.. "craw_connect_to_network": {.. "message": "Du m. koble til et nettverk.".. },.. "iap_unavailable": {.. "message": "Betaling i app er ikke tilgjengelig for .yeblikket.".. },.. "jwt_retrieve_failed": {.. "message": "Transaksjonen kunne ikke fullf.res. Pr.v p. nytt senere.".. },.. "please_sign_in": {.. "message": "Du m. logge p. Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\nl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	642
Entropy (8bit):	4.477340419637416
Encrypted:	false
SSDEEP:	12:1HEJJQGkbGGJQGkb+WYpU34OQKJT+dgiXUmvFZO8ZpU34g7JT03OyjnpSglzYMD:1HErxkaqxk6WYptndXI8ZpTOQ7D
MD5:	F7739EB95F617BFC907FD1D245B49329
SHA1:	D7E6850E8EE0743726BB9CBFE0CDC68F2272D188
SHA-256:	D614E1F67703BC80B0DBEB0896C87E31466E3E3E668A41364EEA7478A8049CB2
SHA-512:	F3E5386F3A70FE8E55FF4CD64F4A6B988F9B3890A6155EBAFCCB09DE128A538DCC1083A3B3CD83977A87B7C20CBCFDA15E072591631784196B004C18917231BF
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Betalingen via Chrome Web Store".. },.. "app_name": {.. "message": "Betalingen via Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "App momenteel niet beschikbaar.".. },.. "craw_connect_to_network": {.. "message": "Maak verbinding met een netwerk.".. },.. "iap_unavailable": {.. "message": "In-app-betalingen is momenteel niet beschikbaar.".. },.. "jwt_retrieve_failed": {.. "message": "De transactie kan niet worden voltooid. Probeer het later opnieuw.".. },.. "please_sign_in": {.. "message": "Log in bij Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\pl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	666
Entropy (8bit):	4.731175547924324
Encrypted:	false
SSDEEP:	12:1HEJbiVbGGbiVb+WYpU34OBHlBi9+dgQUg6O8ZpU34bdbfiIu03OyFLQz9NnuOYk:1HE5iVauiV6WYpIAYr8ZpxFiaOEt50D
MD5:	B0329570F687126C3D9D26FD4279A107
SHA1:	DCF852F8E558C9445AE3598B814226D8C756932B
SHA-256:	9A50EB2C558B250F198F3D1EED232056D3BF8C4463DCEFF37D99579381C84118
SHA-512:	CFB4EC0E5FFD21EC85F7EB47F9B2D394C7C7F59B7BA425B8B0FC8C38D9B844AFA12E3003FED3A588BF694547B4316A891FA26C5EB75CBD473FBE57759F37B9ED
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "P.atno.ci w sklepie Chrome Web Store".. },.. "app_name": {.. "message": "P.atno.ci w sklepie Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Aplikacja jest obecnie niedost.pna.".. },.. "craw_connect_to_network": {.. "message": "Po..cz si. z sieci..".. },.. "iap_unavailable": {.. "message": "P.atno.ci w ramach aplikacji s. teraz niedost.pne.".. },.. "jwt_retrieve_failed": {.. "message": "Nie uda.o si. zrealizowa. transakcji. Spr.buj ponownie p..niej.".. },.. "please_sign_in": {.. "message": "Zaloguj si. w Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\pt_BR\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	667
Entropy (8bit):	4.5430939640446315
Encrypted:	false
SSDEEP:	12:1HEJsc/bGGsc/b+WYpU34OLw+dgn/KzO8ZpU34FjIBMwGRO03OyFK46XEn6IkYNX:1HEb/a8/6WYp4mZ8Zp7cKlOZ46U6IptD
MD5:	F39681D5543FB19D168EEBE59277C73B
SHA1:	B279538A6B837A0930CD4CD86200792B58E10454
SHA-256:	619631AA6317854DF7FE928288E3A13B2AEAEFAB2F2B46F019F68856E1B02B1E
SHA-512:	E4F93BC1FEC189B3CFC7BC9B68DD2E4CBF54495D98C58053FCBCCD31CB6951AA4D5C008B9044EF98CD5040518918A810ED22D200FA267D1AB34564DA021B363C
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Pagamentos da Chrome Web Store".. },.. "app_name": {.. "message": "Pagamentos da Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Aplicativo indispon.vel no momento.".. },.. "craw_connect_to_network": {.. "message": "Conecte-se a uma rede.".. },.. "iap_unavailable": {.. "message": "No momento, os Pagamentos no aplicativo n.o est.o dispon.veis.".. },.. "jwt_retrieve_failed": {.. "message": "N.o foi poss.vel concluir a transa..o. Tente novamente mais tarde.".. },.. "please_sign_in": {.. "message": "Fa.a login no Google Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\pt_PT\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	661
Entropy (8bit):	4.57627334449273
Encrypted:	false
SSDEEP:	12:1HEJsZUkbGGsZUkb+WYpU34OAE+dgqxKzO8ZpU34rEpBPPO03OyFK46XEn6IkYLD:1HEmUka5Uk6WYpFvdxZ8ZpSTPPlOZ46I
MD5:	EFCAC911642CA7FAF70B8807891387D4
SHA1:	9F603B7AE7A06D83540B4C6B2EF5955C8ECB7C26
SHA-256:	0327B23F28CEC110209093E1305FF1EFE550C04AE977C31A3E1D5AFB2098BD7F
SHA-512:	72F337AE3BBB1B53C75CB0BD10A2322DF520A9F02E69B641EC6DB50907EFD89BE16576D3FA891BB1C100195522C19C1DB947C7ABB1B2974B2759D52E36E89501
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Pagamentos via Chrome Web Store".. },.. "app_name": {.. "message": "Pagamentos via Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Aplica..o atualmente indispon.vel.".. },.. "craw_connect_to_network": {.. "message": "Ligue-se a uma rede.".. },.. "iap_unavailable": {.. "message": "Os Pagamentos na Aplica..o est.o atualmente indispon.veis.".. },.. "jwt_retrieve_failed": {.. "message": "N.o foi poss.vel concluir a transa..o. Tente novamente mais tarde.".. },.. "please_sign_in": {.. "message": "Inicie sess.o no Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\ro\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	668
Entropy (8bit):	4.650567255288544
Encrypted:	false
SSDEEP:	12:1HEJqJrJZGGqJrJZ+WYpU344HIx2Z+dgrVPlZO8ZpU34qT7hI3O03Oy/r6rjJSZR:1HEC4D8WYpKow8WV68ZpKhoOWr6rj8CY
MD5:	AC696B33EC1AFDAE3A4A3E2029E92CCB
SHA1:	2B1D6F49C25A082C876E98C71DF96CAF4D1A1681
SHA-256:	E7829B9A2FC8F518340A97A09C537608DB005EB265B670581682728E0FB0DA41
SHA-512:	A4CCFF6C003083889C3305C4A3E466E76D242746543367E5555A694A6921C93017494BF55E8D09BB693A6EB540E8B12A1773E8A5EB6A3C0FFD97188BB712B4A7
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Pl..i prin Magazinul web Chrome".. },.. "app_name": {.. "message": "Pl..i prin Magazinul web Chrome".. },.. "craw_app_unavailable": {.. "message": ".n prezent, aplica.ia nu este disponibil..".. },.. "craw_connect_to_network": {.. "message": "Conecteaz.-te la o re.ea.".. },.. "iap_unavailable": {.. "message": "Pl..ile .n aplica.ie nu sunt disponibile momentan.".. },.. "jwt_retrieve_failed": {.. "message": "Tranzac.ia nu s-a putut finaliza. .ncearc. din nou mai t.rziu.".. },.. "please_sign_in": {.. "message": "Conecteaz.-te la Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\ru\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	783
Entropy (8bit):	4.868660175371157
Encrypted:	false
SSDEEP:	24:1HElOJHZMq4uOJHZMq8WYpdWJ/YGHq8ZptNWgOIF5x07ZqD:WlT7uTgYp6hvptNe85e7UD
MD5:	7A151C71B963B0547E30005DF632B5A2
SHA1:	AB9D0B08786AF05AEAE7DAD971934B82C21D38D5
SHA-256:	6FE9E5A1B0C425766582273747F85911C40D8EE125CD609209BA1E3C706EF6E8
SHA-512:	37699BF04408A5EC4FED3321188B6FECC04D1D713305DABE1BE826D131DA180D1B92C138428BA2411E551B01F75B3A4C2597BB83DB4C59782C169642A5BE6F12
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "......... ....... ........-........ Chrome".. },.. "app_name": {.. "message": "......... ....... ........-........ Chrome".. },.. "craw_app_unavailable": {.. "message": ".......... ...........".. },.. "craw_connect_to_network": {.. "message": "............ . .....".. },.. "iap_unavailable": {.. "message": "....... ..... .......... ...........".. },.. "jwt_retrieve_failed": {.. "message": "......... ....... ......... ....... ......".. },.. "please_sign_in": {.. "message": "....... . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\sk\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	671
Entropy (8bit):	4.731089071117101
Encrypted:	false
SSDEEP:	12:1HEJfZGGfZ+WYpU34ORO+dgmmCO8ZpU34yH7u2Z03OyNnSyfuoCTYCUAi0D:1HEl4G8WYpetPmD8ZpcH7aO0bf72UeD
MD5:	C3DC2B3DC1DFF033F0687C6FF017BA39
SHA1:	E50BBB328E2A500BED3590DBBC1F7378443A7C03
SHA-256:	E2CD4F04332E33D5C733CACEADE0512ADDC1401A0EC36549FC53B066BB99A220
SHA-512:	52938FC8450D5B59241434ADBEEE982C12613DBCF9AF44371784B6A6FB78B9E0D01D1095692F3A1EAE5B042A193092B5D75631261FC2BF28014E42AB0DB6DC86
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "app_name": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplik.cia moment.lne nie je dostupn..".. },.. "craw_connect_to_network": {.. "message": "Pripojte sa k sieti.".. },.. "iap_unavailable": {.. "message": "Platby v aplik.cii moment.lne nie s. k dispoz.cii.".. },.. "jwt_retrieve_failed": {.. "message": "Transakciu nebolo mo.n. dokon.i.. Sk.ste to znova nesk.r.".. },.. "please_sign_in": {.. "message": "Prihl.ste sa do prehliada.a Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\sl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	642
Entropy (8bit):	4.54448147529131
Encrypted:	false
SSDEEP:	12:1HEJGcyvmbZGGGcyvmbZ+WYpU34OBOEtf+dgca1ZO8ZpU34GcQArERff03OyNrzo:1HE4cyY4TcyY8WYpNoWa1w8ZpQcQ6Af9
MD5:	E9FD187A41491AB6CB1A62D1FB704C31
SHA1:	F158189AB73A614C84FA42C0CA21595591A1D418
SHA-256:	744BE9A108C755A6FBCADF571F8A319B75E9076F47BA0C62A1354134DD78DDFE
SHA-512:	AE05D6AE24CF4687C3F3A1E185386D945BFEFD1FB1A383D34204738F07E6ED910CE4C5F22CFE800FC2C45B16829EDEB6669B4257620730AC5C77D443B6E61E4B
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Pla.ila v spletni trgovini Chrome".. },.. "app_name": {.. "message": "Pla.ila v spletni trgovini Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplikacija trenutno ni na voljo.".. },.. "craw_connect_to_network": {.. "message": "Pove.ite se z omre.jem.".. },.. "iap_unavailable": {.. "message": "Pla.ila v aplikacijah trenutno niso na voljo.".. },.. "jwt_retrieve_failed": {.. "message": "Transakcije ni bilo mogo.e dokon.ati. Poskusite znova pozneje.".. },.. "please_sign_in": {.. "message": "Prijavite se v Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\sr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	812
Entropy (8bit):	4.85495461699779
Encrypted:	false
SSDEEP:	24:1HEKsb59sbTWYplx4Xud8Zpy1mNOM4YDYD:WKu59uyYplOuSpyYkM4JD
MD5:	903D486DA74BB1A637D94C8ABF8A3462
SHA1:	4036AEDC1823F9EC05BF3B0CBC5594C86AC26065
SHA-256:	0EF65E44921254DDEEEB7DC1DDC8A9ED8A9E0F5B7B8152EE9A0121E2023932D4
SHA-512:	4B6166335370284E1E69572A34C79838C887A8174A35C29B066DEF8FFAF8C450AAFBC7E0E0AE6F26D742B6D367893E224D693799501A6E95102DF26960FAB7B4
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "....... . Chrome ...-..........".. },.. "app_name": {.. "message": "....... . Chrome ...-..........".. },.. "craw_app_unavailable": {.. "message": ".......... .. ........ ...........".. },.. "craw_connect_to_network": {.. "message": "........ .. .......".. },.. "iap_unavailable": {.. "message": "....... . .......... .. ........ ...........".. },.. "jwt_retrieve_failed": {.. "message": ".... ...... ........ ............ ........ ...... ........".. },.. "please_sign_in": {.. "message": "......... .. . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\sv\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	649
Entropy (8bit):	4.551181507608622
Encrypted:	false
SSDEEP:	12:1HEJJMkbGGJMkb+WYpU34OACwz+dgNPGFZO8ZpU34JgpXLSb03OyNzfUzVYLdID:1HErMkaqMk6WYpTOcb8ZpDgdZOOfOKID
MD5:	79733424BB4B9547D18D8395A4221CBF
SHA1:	28B49907E1DB3D1FB5850DA4167A010E2288D082
SHA-256:	401FF6EE0C8B1EB757F78890D00456054C844609C4C5E5F02489AF731199AB9F
SHA-512:	A4AE283BEDF5750798724D232FEC3737EA04F456E1C87532602D7048BB5E7E5A7042F0A08C4FCEB6466D68EFD8BEE9DDD7D6D78789B7ED46B2A917167EC30E4D
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Betalning via Chrome Web Store".. },.. "app_name": {.. "message": "Betalning via Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Appen .r inte tillg.nglig f.r tillf.llet.".. },.. "craw_connect_to_network": {.. "message": "Anslut till ett n.tverk.".. },.. "iap_unavailable": {.. "message": "Betalning i appen .r inte tillg.ngligt f.r n.rvarande.".. },.. "jwt_retrieve_failed": {.. "message": "Transaktionen kunde inte slutf.ras. F.rs.k igen senare.".. },.. "please_sign_in": {.. "message": "Logga in i Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\th\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	1099
Entropy (8bit):	4.643153117378751
Encrypted:	false
SSDEEP:	24:1HEKa1dDa1/WYp6UFi72SmlG8ZpyactrW2SAObUFgFgGCwFSnbmSLD:WK2DNYp6U4y3bpyLxwbU+OG7FMbmW
MD5:	D59DE8DC9C5331BD40CE319F89F71BE0
SHA1:	93EF48DBAD9870C892E70CB6CD12B9550BA7627C
SHA-256:	450702399CCDB6E9E70B493032BA20C953FAE351337C1A9B4EBE633AA45FC965
SHA-512:	01A09B24EAA206EC38B5C8759BBA210FE0A008427223A88C8AE80A85B2D3DD6C70BA56302F23F997DCE267CBB72007D43472081F5F4DAC1DE03DBB0F85EBE3C6
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "............... Chrome .........".. },.. "app_name": {.. "message": "............... Chrome .........".. },.. "craw_app_unavailable": {.. "message": ".............................".. },.. "craw_connect_to_network": {.. "message": ".........................".. },.. "iap_unavailable": {.. "message": "...............................................".. },.. "jwt_retrieve_failed": {.. "message": "........................................ ........................".. },.. "please_si

C:\Users\user\AppData\Local\Temp\scoped_dir4792_1581748373\CRX_INSTALL\_locales\tr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	650
Entropy (8bit):	4.71592316245003
Encrypted:	false
SSDEEP:	12:1HEJ9Y8GG9Y8+WYpU34wWT+dgGb0GO8ZpU34wryd7T03OygpxtfgCOYGbPKG:1HE0jWYpyRnG8Zpyr/ORVfgfPn
MD5:	060C95DFAFF0EF7D6F54FD0F8423A10F
SHA1:	C48DD8EE033E7FFDEA9B64A802C8772F6353674C
SHA-256:	CCE914437100AD00567D4434FEA53E5326FB1AE851969AD60554C2A95FAC525F
SHA-512:	AC3D66631B6BB4A331ED22D7685F888037F13C7D70ECBB940E3FD4EA620A1EA503AE03D0CFD2DEEB93ECCD528D037536F5E30B5F5CAFC4FCD7236E5A7F3CCAFC
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome Web Ma.azas. .demeleri".. },.. "app_name": {.. "message": "Chrome Web Ma.azas. .demeleri".. },.. "craw_app_unavailable": {.. "message": "Uygulama .u anda kullan.lam.yor.".. },.. "craw_connect_to_network": {.. "message": "L.tfen bir a.a ba.lan.n.".. },.. "iap_unavailable": {.. "message": "Uygulama ..i .demeler .u anda kullan.lamaz.".. },.. "jwt_retrieve_failed": {.. "message": "..lem tamamlanamad.. L.tfen daha sonra tekrar deneyin.".. },.. "please_sign_in": {.. "message": "L.tfen Chrome'da oturum a..n.".. }..}..

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Nov 29, 2020 11:46:10.882556915 CET	49714	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:10.889226913 CET	49716	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:10.919775009 CET	443	49714	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:10.919879913 CET	49714	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:10.920026064 CET	49714	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:10.928103924 CET	443	49716	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:10.928199053 CET	49716	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:10.928379059 CET	49716	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:10.957217932 CET	443	49714	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:10.957958937 CET	443	49714	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:10.958000898 CET	443	49714	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:10.958033085 CET	443	49714	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:10.958089113 CET	49714	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:10.967082024 CET	443	49716	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:10.968194962 CET	443	49716	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:10.968236923 CET	443	49716	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:10.968267918 CET	443	49716	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:10.968307018 CET	49716	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:10.998198986 CET	49714	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:11.005009890 CET	49714	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:11.006002903 CET	49716	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:11.007214069 CET	49716	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:11.007510900 CET	49714	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:11.011126995 CET	49714	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:11.042382002 CET	443	49714	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:11.042416096 CET	443	49714	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:11.042526007 CET	49714	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:11.042712927 CET	49714	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:11.044611931 CET	443	49714	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:11.044925928 CET	443	49716	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:11.044951916 CET	443	49716	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:11.045022964 CET	49716	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:11.045068979 CET	49716	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:11.045913935 CET	443	49716	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:11.046016932 CET	49716	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:11.049551964 CET	443	49714	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:11.049645901 CET	443	49714	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:11.049680948 CET	443	49714	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:11.049721956 CET	49714	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:11.049814939 CET	49714	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:11.127547979 CET	443	49714	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:11.132251024 CET	49714	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:11.169536114 CET	443	49714	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:11.171210051 CET	443	49714	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:11.214883089 CET	49714	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:11.228811026 CET	49714	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:11.267024994 CET	443	49714	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:11.267055988 CET	443	49714	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:11.267081022 CET	443	49714	34.240.67.55	192.168.2.3
Nov 29, 2020 11:46:11.267204046 CET	49714	443	192.168.2.3	34.240.67.55
Nov 29, 2020 11:46:18.536772966 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.558162928 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.558257103 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.558533907 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.579683065 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.592943907 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.593025923 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.593070984 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.593101025 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.593122959 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.593260050 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.621440887 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.621601105 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.621705055 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.642947912 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.642990112 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.643150091 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.644064903 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.644922018 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.644963980 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.645003080 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.645031929 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.645052910 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.645112991 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.645967007 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.646004915 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.646064043 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.647058964 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.647099972 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.647159100 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.647255898 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.648200035 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.648260117 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.648288012 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.648349047 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.649178028 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.649224997 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.649249077 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.649353027 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.650249958 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.650293112 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.650317907 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.650350094 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.651309967 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.651359081 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.651391029 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.651417971 CET	49733	443	192.168.2.3	216.58.215.225
Nov 29, 2020 11:46:18.652508020 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.652549028 CET	443	49733	216.58.215.225	192.168.2.3
Nov 29, 2020 11:46:18.652595997 CET	49733	443	192.168.2.3	216.58.215.225

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Nov 29, 2020 11:46:03.439366102 CET	64185	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:03.466651917 CET	53	64185	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:04.116033077 CET	65110	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:04.151669025 CET	53	65110	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:05.161936045 CET	58361	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:05.189095020 CET	53	58361	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:06.435451031 CET	63492	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:06.462784052 CET	53	63492	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:07.544194937 CET	60831	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:07.571306944 CET	53	60831	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:09.154464960 CET	60100	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:09.181746006 CET	53	60100	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:10.437484026 CET	49563	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:10.464828014 CET	53	49563	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:10.687586069 CET	51352	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:10.731771946 CET	53	51352	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:10.834239006 CET	59349	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:10.838685989 CET	57084	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:10.845515966 CET	58823	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:10.849534988 CET	57568	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:10.878334999 CET	53	59349	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:10.881129980 CET	53	58823	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:10.881766081 CET	53	57084	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:10.895447969 CET	53	57568	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:11.133969069 CET	50540	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:11.177711010 CET	53	50540	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:11.312670946 CET	54366	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:11.356396914 CET	53	54366	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:18.471761942 CET	50713	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:18.515311956 CET	53	50713	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:19.835728884 CET	60633	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:19.871187925 CET	53	60633	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:28.190644979 CET	61292	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:28.219270945 CET	53	61292	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:37.973773003 CET	63619	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:38.034638882 CET	53	63619	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:40.181086063 CET	64938	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:40.217195988 CET	53	64938	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:40.897126913 CET	61946	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:40.924555063 CET	53	61946	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:41.727968931 CET	64910	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:41.763885975 CET	53	64910	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:42.438754082 CET	52123	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:42.465944052 CET	53	52123	8.8.8.8	192.168.2.3
Nov 29, 2020 11:46:53.230359077 CET	56130	53	192.168.2.3	8.8.8.8
Nov 29, 2020 11:46:53.267585993 CET	53	56130	8.8.8.8	192.168.2.3

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Nov 29, 2020 11:46:10.845515966 CET	192.168.2.3	8.8.8.8	0xe7e3	Standard query (0)	lb.artipbox.net	A (IP address)	IN (0x0001)
Nov 29, 2020 11:46:18.471761942 CET	192.168.2.3	8.8.8.8	0x155f	Standard query (0)	clients2.googleusercontent.com	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Nov 29, 2020 11:46:10.881129980 CET	8.8.8.8	192.168.2.3	0xe7e3	No error (0)	lb.artipbox.net	uk-lb-ad-01-1088271668.eu-west-1.elb.amazonaws.com		CNAME (Canonical name)	IN (0x0001)
Nov 29, 2020 11:46:10.881129980 CET	8.8.8.8	192.168.2.3	0xe7e3	No error (0)	uk-lb-ad-01-1088271668.eu-west-1.elb.amazonaws.com		34.240.67.55	A (IP address)	IN (0x0001)
Nov 29, 2020 11:46:10.881129980 CET	8.8.8.8	192.168.2.3	0xe7e3	No error (0)	uk-lb-ad-01-1088271668.eu-west-1.elb.amazonaws.com		52.210.45.228	A (IP address)	IN (0x0001)
Nov 29, 2020 11:46:18.515311956 CET	8.8.8.8	192.168.2.3	0x155f	No error (0)	clients2.googleusercontent.com	googlehosted.l.googleusercontent.com		CNAME (Canonical name)	IN (0x0001)
Nov 29, 2020 11:46:18.515311956 CET	8.8.8.8	192.168.2.3	0x155f	No error (0)	googlehosted.l.googleusercontent.com		216.58.215.225	A (IP address)	IN (0x0001)

HTTPS Packets

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
Nov 29, 2020 11:46:10.958033085 CET	34.240.67.55	443	192.168.2.3	49714	CN=*.artipbox.net, OU=r&d, O=Artimedia, L=Kiryat Ono, C=IL CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon May 06 02:00:00 CEST 2019 Mon Nov 06 13:23:45 CET 2017	Wed May 05 14:00:00 CEST 2021 Sat Nov 06 13:23:45 CET 2027	771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-13-18-51-45-43-27-21,29-23-24,0	b32309a26951912be7dba376398abc3b
Nov 29, 2020 11:46:10.958033085 CET	34.240.67.55	443	192.168.2.3	49714	CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon Nov 06 13:23:45 CET 2017	Sat Nov 06 13:23:45 CET 2027		b32309a26951912be7dba376398abc3b
Nov 29, 2020 11:46:10.968267918 CET	34.240.67.55	443	192.168.2.3	49716	CN=*.artipbox.net, OU=r&d, O=Artimedia, L=Kiryat Ono, C=IL CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon May 06 02:00:00 CEST 2019 Mon Nov 06 13:23:45 CET 2017	Wed May 05 14:00:00 CEST 2021 Sat Nov 06 13:23:45 CET 2027	771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-13-18-51-45-43-27-21,29-23-24,0	b32309a26951912be7dba376398abc3b
Nov 29, 2020 11:46:10.968267918 CET	34.240.67.55	443	192.168.2.3	49716	CN=GeoTrust RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US	CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US	Mon Nov 06 13:23:45 CET 2017	Sat Nov 06 13:23:45 CET 2027		b32309a26951912be7dba376398abc3b

Code Manipulations

Statistics

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exe PID: 4792 Parent PID: 2764

General

Start time:	11:46:06
Start date:	29/11/2020
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://lb.artipbox.net/adServer/Service.svc/sync?uuids=UVJacWtMV1hpL0tnM0FDS2tjN2xTbnhqZEo1YWkzZDRvRjZ5YnJCZzFZbkp3NDRlU3Jhc3JZbTRxWGN5TXVNcyxRUlpxa0xXWGkvS2czQUNLa2M3bFNueGpkSjVhaTNkNG9GNnlickJnMVluSnc0NGVTcmFzclltNHFYY3lNdU1z&t=1606644641953'
Imagebase:	0x7ff77b960000
File size:	2150896 bytes
MD5 hash:	C139654B5C1438A95B321BB01AD63EF6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Analysis Process: chrome.exe PID: 2996 Parent PID: 4792

General

Start time:	11:46:08
Start date:	29/11/2020
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1540,5898755889624346109,3772175596100600458,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1708 /prefetch:8
Imagebase:	0x7ff77b960000
File size:	2150896 bytes
MD5 hash:	C139654B5C1438A95B321BB01AD63EF6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Disassembly

Reset < >

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report https://lb.artipbox.net/adServer/Service.svc/sync?uuids=UVJacWtMV1hpL0tnM0FDS2tjN2xTbnhqZEo1YWkzZDRvRjZ5YnJCZzFZbkp3NDRlU3Jhc3JZbTRxWGN5TXVNcyxRUlpxa0xXWGkvS2czQUNLa2M3bFNueGpkSjVhaTNkNG9GNnlickJnMVluSnc0NGVTcmFzclltNHFYY3lNdU1z&t=1606644641953

Overview

General Information

Detection

Signatures

Classification

Startup

Malware Configuration

Yara Overview

Sigma Overview

Signature Overview

Networking:

System Summary:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

URLs from Memory and Binaries

Contacted IPs

Public

Private

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTPS Packets

Code Manipulations

Statistics

Behavior

System Behavior

Analysis Process: chrome.exe PID: 4792 Parent PID: 2764

General

Analysis Process: chrome.exe PID: 2996 Parent PID: 4792

General

Disassembly