Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Analysis Report http://mark.weinberg.pmioffll.com/r/?id=kl195820,Z201958,I192058&rd=www.ambrrey.com/588:19%20PMt71919n2021?e=#Mark.Weinberg@agf.com

Overview

General Information

Sample URL:http://mark.weinberg.pmioffll.com/r/?id=kl195820,Z201958,I192058&rd=www.ambrrey.com/588:19%20PMt71919n2021?e=#Mark.Weinberg@agf.com
Analysis ID:338141

Most interesting Screenshot:

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

URL contains potential PII (phishing indication)

Classification

Startup

  • System is w10x64
  • chrome.exe (PID: 5560 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'http://mark.weinberg.pmioffll.com/r/?id=kl195820,Z201958,I192058&rd=www.ambrrey.com/588:19%20PMt71919n2021?e=#Mark.Weinberg@agf.com' MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 4640 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1588,7652527513034620381,14458896377220717861,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1720 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: http://mark.weinberg.pmioffll.com/r/?id=kl195820,Z201958,I192058&rd=www.ambrrey.com/588:19%20PMt71919n2021?e=#Mark.Weinberg@agf.comSample URL: PII: Mark.Weinberg@agf.com
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdicJump to behavior
Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKX-Powered-By: PHP/7.2.34Content-Type: text/html; charset=UTF-8Content-Length: 217Content-Encoding: gzipVary: Accept-EncodingDate: Mon, 11 Jan 2021 16:54:53 GMTServer: LiteSpeedX-Turbo-Charged-By: LiteSpeedData Raw: 1f 8b 08 00 00 00 00 00 00 03 65 90 31 0f c2 20 10 85 77 13 ff 03 76 d2 98 80 98 18 ad a2 0e ea 68 74 70 71 a4 2d 86 9a b6 34 70 8a fd f7 1e a1 71 11 86 0b c7 f7 8e f7 10 a3 e3 e5 70 bb 5f 4f 44 43 5d ed 86 03 f1 ab 4a 16 78 26 b8 04 94 50 a9 9d 60 b1 22 c4 74 bc 15 99 29 3a a4 c2 16 2e b7 65 0b 04 ba 56 6d 13 50 1f 60 4f f9 96 b1 9b f4 a3 de d2 92 d6 4a b2 25 89 f7 9e ca 3a b3 56 75 34 37 35 5b ac 56 6b 9e 92 eb 19 96 3c e5 69 33 9f cd f9 1e 27 6d a2 89 a0 d4 d2 69 94 fa b2 29 8c a7 95 c9 25 94 a6 a1 a1 4d dd 2b 73 60 c7 7c d2 f3 7f 90 55 0f 7c 55 03 b4 6e cd 58 32 45 1b d3 a0 44 5e b0 e8 32 e4 67 7d 24 cc 18 7e e4 0b 1a 1b 02 8d 21 01 00 00 Data Ascii: e1 wvhtpq-4pqp_ODC]Jx&P`"t):.eVmP`OJ%:Vu475[Vk<i3'mi)%M+s`|U|UnX2ED^2g}$~!
Source: global trafficHTTP traffic detected: GET /r/?id=kl195820,Z201958,I192058&rd=www.ambrrey.com/588:19%20PMt71919n2021?e= HTTP/1.1Host: mark.weinberg.pmioffll.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: unknownDNS traffic detected: queries for: mark.weinberg.pmioffll.com
Source: Current Session.0.drString found in binary or memory: http://mark.weinberg.pmioffll.com
Source: History.0.drString found in binary or memory: http://mark.weinberg.pmioffll.com/r/?id=kl195820
Source: manifest.json0.0.dr, 78fed78d-eb0e-4888-99f5-876a0eff6a27.tmp.2.dr, 9be8f6a0-3d9d-405d-904a-676af39e2e8d.tmp.2.drString found in binary or memory: https://accounts.google.com
Source: manifest.json0.0.dr, 78fed78d-eb0e-4888-99f5-876a0eff6a27.tmp.2.dr, 9be8f6a0-3d9d-405d-904a-676af39e2e8d.tmp.2.drString found in binary or memory: https://apis.google.com
Source: 78fed78d-eb0e-4888-99f5-876a0eff6a27.tmp.2.dr, 9be8f6a0-3d9d-405d-904a-676af39e2e8d.tmp.2.drString found in binary or memory: https://clients2.google.com
Source: manifest.json0.0.drString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 78fed78d-eb0e-4888-99f5-876a0eff6a27.tmp.2.dr, 9be8f6a0-3d9d-405d-904a-676af39e2e8d.tmp.2.drString found in binary or memory: https://clients2.googleusercontent.com
Source: manifest.json0.0.drString found in binary or memory: https://content.googleapis.com
Source: 17b5a66f-ccc4-45dd-b5f4-79d778dd271a.tmp.2.dr, ce16432d-c31f-4dd7-876c-46b19a2654ff.tmp.2.dr, 78fed78d-eb0e-4888-99f5-876a0eff6a27.tmp.2.dr, 9be8f6a0-3d9d-405d-904a-676af39e2e8d.tmp.2.drString found in binary or memory: https://dns.google
Source: manifest.json0.0.drString found in binary or memory: https://feedback.googleusercontent.com
Source: 9be8f6a0-3d9d-405d-904a-676af39e2e8d.tmp.2.drString found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.googleapis.com;
Source: 78fed78d-eb0e-4888-99f5-876a0eff6a27.tmp.2.dr, 9be8f6a0-3d9d-405d-904a-676af39e2e8d.tmp.2.drString found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.gstatic.com;
Source: manifest.json0.0.drString found in binary or memory: https://hangouts.google.com/
Source: 78fed78d-eb0e-4888-99f5-876a0eff6a27.tmp.2.dr, 9be8f6a0-3d9d-405d-904a-676af39e2e8d.tmp.2.drString found in binary or memory: https://ogs.google.com
Source: manifest.json.0.drString found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: 78fed78d-eb0e-4888-99f5-876a0eff6a27.tmp.2.dr, 9be8f6a0-3d9d-405d-904a-676af39e2e8d.tmp.2.drString found in binary or memory: https://play.google.com
Source: 78fed78d-eb0e-4888-99f5-876a0eff6a27.tmp.2.drString found in binary or memory: https://r1---sn-4g5e6nsk.gvt1.com
Source: 78fed78d-eb0e-4888-99f5-876a0eff6a27.tmp.2.drString found in binary or memory: https://redirector.gvt1.com
Source: manifest.json.0.drString found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: 78fed78d-eb0e-4888-99f5-876a0eff6a27.tmp.2.dr, 9be8f6a0-3d9d-405d-904a-676af39e2e8d.tmp.2.drString found in binary or memory: https://ssl.gstatic.com
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: Current Session.0.drString found in binary or memory: https://www.ambrrey.com/588:19%20PMt71919n2021?e=Mark.Weinberg
Source: manifest.json0.0.dr, 78fed78d-eb0e-4888-99f5-876a0eff6a27.tmp.2.dr, 9be8f6a0-3d9d-405d-904a-676af39e2e8d.tmp.2.drString found in binary or memory: https://www.google.com
Source: manifest.json.0.drString found in binary or memory: https://www.google.com/
Source: manifest.json0.0.drString found in binary or memory: https://www.google.com;
Source: 78fed78d-eb0e-4888-99f5-876a0eff6a27.tmp.2.dr, 9be8f6a0-3d9d-405d-904a-676af39e2e8d.tmp.2.drString found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: 78fed78d-eb0e-4888-99f5-876a0eff6a27.tmp.2.dr, 9be8f6a0-3d9d-405d-904a-676af39e2e8d.tmp.2.drString found in binary or memory: https://www.gstatic.com
Source: manifest.json0.0.drString found in binary or memory: https://www.gstatic.com;
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: classification engineClassification label: clean0.win@35/163@6/5
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-5FFD016A-15B8.pmaJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Temp\5f030b73-d58b-4ee8-8e87-a561b3debed7.tmpJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'http://mark.weinberg.pmioffll.com/r/?id=kl195820,Z201958,I192058&rd=www.ambrrey.com/588:19%20PMt71919n2021?e=#Mark.Weinberg@agf.com'
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1588,7652527513034620381,14458896377220717861,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1720 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1588,7652527513034620381,14458896377220717861,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1720 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdicJump to behavior

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management InstrumentationPath InterceptionProcess Injection1Masquerading3OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network MediumEncrypted Channel2Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsProcess Injection1LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothNon-Application Layer Protocol3Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationApplication Layer Protocol4Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Binary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureScheduled TransferIngress Tool Transfer2SIM Card SwapCarrier Billing Fraud

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://mark.weinberg.pmioffll.com/r/?id=kl195820,Z201958,I192058&rd=www.ambrrey.com/588:19%20PMt71919n2021?e=#Mark.Weinberg@agf.com0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
www.ambrrey.com1%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
https://dns.google0%URL Reputationsafe
https://dns.google0%URL Reputationsafe
https://dns.google0%URL Reputationsafe
https://dns.google0%URL Reputationsafe
http://mark.weinberg.pmioffll.com/r/?id=kl1958200%Avira URL Cloudsafe
https://www.ambrrey.com/588:19%20PMt71919n2021?e=Mark.Weinberg0%Avira URL Cloudsafe
http://mark.weinberg.pmioffll.com0%Avira URL Cloudsafe
http://mark.weinberg.pmioffll.com/r/?id=kl195820,Z201958,I192058&rd=www.ambrrey.com/588:19%20PMt71919n2021?e=0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
mark.weinberg.pmioffll.com
63.250.38.72
truefalse
    		unknown
    googlehosted.l.googleusercontent.com
    		172.217.23.1
    		truefalse
      		high
      clients2.googleusercontent.com
      		unknown
      		unknownfalse
        		high
        www.ambrrey.com
        		unknown
        		unknownfalseunknown

        Contacted URLs

        NameMaliciousAntivirus DetectionReputation
        http://mark.weinberg.pmioffll.com/r/?id=kl195820,Z201958,I192058&rd=www.ambrrey.com/588:19%20PMt71919n2021?e=false
        • Avira URL Cloud: safe
        		unknown

        URLs from Memory and Binaries

        NameSourceMaliciousAntivirus DetectionReputation
        https://dns.google17b5a66f-ccc4-45dd-b5f4-79d778dd271a.tmp.2.dr, ce16432d-c31f-4dd7-876c-46b19a2654ff.tmp.2.dr, 78fed78d-eb0e-4888-99f5-876a0eff6a27.tmp.2.dr, 9be8f6a0-3d9d-405d-904a-676af39e2e8d.tmp.2.drfalse
        • URL Reputation: safe
        • URL Reputation: safe
        • URL Reputation: safe
        • URL Reputation: safe
        		unknown
        http://mark.weinberg.pmioffll.com/r/?id=kl195820History.0.drfalse
        • Avira URL Cloud: safe
        		unknown
        https://clients2.googleusercontent.com78fed78d-eb0e-4888-99f5-876a0eff6a27.tmp.2.dr, 9be8f6a0-3d9d-405d-904a-676af39e2e8d.tmp.2.drfalse
          		high
          https://www.ambrrey.com/588:19%20PMt71919n2021?e=Mark.WeinbergCurrent Session.0.drfalse
          • Avira URL Cloud: safe
          		unknown
          http://mark.weinberg.pmioffll.comCurrent Session.0.drfalse
          • Avira URL Cloud: safe
          		unknown
          https://feedback.googleusercontent.commanifest.json0.0.drfalse
            		high

            Contacted IPs

            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs

            Public

            IPDomainCountryFlagASNASN NameMalicious
            172.217.23.1
            		unknownUnited States
            		15169GOOGLEUSfalse
            239.255.255.250
            		unknownReserved
            		unknownunknownfalse
            63.250.38.72
            		unknownUnited States
            		22612NAMECHEAP-NETUSfalse

            Private

            IP
            192.168.2.1
            127.0.0.1

            General Information

            Joe Sandbox Version:31.0.0 Red Diamond
            Analysis ID:338141
            Start date:11.01.2021
            Start time:17:53:58
            Joe Sandbox Product:CloudBasic
            Overall analysis duration:0h 3m 32s
            Hypervisor based Inspection enabled:false
            Report type:light
            Cookbook file name:browseurl.jbs
            Sample URL:http://mark.weinberg.pmioffll.com/r/?id=kl195820,Z201958,I192058&rd=www.ambrrey.com/588:19%20PMt71919n2021?e=#Mark.Weinberg@agf.com
            Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
            Number of analysed new started processes analysed:17
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • HCA enabled
            • EGA enabled
            • AMSI enabled
            Analysis Mode:default
            Analysis stop reason:Timeout
            Detection:CLEAN
            Classification:clean0.win@35/163@6/5
            Cookbook Comments:
            • Adjust boot time
            • Enable AMSI
            Warnings:
            Show All
            • Exclude process from analysis (whitelisted): BackgroundTransferHost.exe, backgroundTaskHost.exe, SgrmBroker.exe, svchost.exe
            • TCP Packets have been reduced to 100
            • Created / dropped Files have been reduced to 100
            • Excluded IPs from analysis (whitelisted): 104.42.151.234, 216.58.207.131, 172.217.22.205, 172.217.23.78, 172.217.20.238, 173.194.187.70, 173.194.188.234, 216.58.207.138, 172.217.20.234, 172.217.23.10, 172.217.23.42, 172.217.23.74, 172.217.22.202, 172.217.22.234, 104.79.90.110, 51.11.168.160, 13.107.4.50, 51.103.5.159, 92.122.213.194, 92.122.213.247, 20.54.26.129, 172.217.20.227, 173.194.151.103
            • Excluded domains from analysis (whitelisted): arc.msn.com.nsatc.net, r1---sn-4g5e6nsk.gvt1.com, clientservices.googleapis.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, wns.notify.windows.com.akadns.net, a1449.dscg2.akamai.net, arc.msn.com, par02p.wns.notify.windows.com.akadns.net, clients2.google.com, redirector.gvt1.com, emea1.notify.windows.com.akadns.net, r1.sn-4g5e6ne6.gvt1.com, audownload.windowsupdate.nsatc.net, update.googleapis.com, watson.telemetry.microsoft.com, elasticShed.au.au-msedge.net, img-prod-cms-rt-microsoft-com.akamaized.net, www.gstatic.com, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, r5.sn-4g5ednsk.gvt1.com, google.com, client.wns.windows.com, fs.microsoft.com, accounts.google.com, ris-prod.trafficmanager.net, r1.sn-4g5e6nsk.gvt1.com, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, c-0001.c-msedge.net, www.googleapis.com, afdap.au.au-msedge.net, r5---sn-4g5ednsk.gvt1.com, ris.api.iris.microsoft.com, au.au-msedge.net, r1---sn-4g5e6ne6.gvt1.com, blobcollector.events.data.trafficmanager.net, au.c-0001.c-msedge.net, clients.l.google.com, skypedataprdcolwus16.cloudapp.net
            • Report size getting too big, too many NtCreateFile calls found.
            • Report size getting too big, too many NtOpenFile calls found.
            • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
            • Report size getting too big, too many NtWriteVirtualMemory calls found.

            Simulations

            Behavior and APIs

            No simulations

            Joe Sandbox View / Context

            IPs

            No context

            Domains

            No context

            ASN

            No context

            JA3 Fingerprints

            No context

            Dropped Files

            No context

            Created / dropped Files

            C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):451603
            Entropy (8bit):5.009711072558331
            Encrypted:false
            SSDEEP:12288:ZHfRTyGZ6lup8Cfrvq4JBPKh+FBlESBw4p6:NfOCzvRKhGvwJ
            MD5:A78AD14E77147E7DE3647E61964C0335
            SHA1:CECC3DD41F4CEA0192B24300C71E1911BD4FCE45
            SHA-256:0D6803758FF8F87081FAFD62E90F0950DFB2DD7991E9607FE76A8F92D0E893FA
            SHA-512:DDE24D5AD50D68FC91E9E325D31E66EF8F624B6BB3A07D14FFED1104D3AB5F4EF1D7969A5CDE0DFBB19CB31C506F7DE97AF67C2F244F7E7E8E10648EA8321101
            Malicious:false
            Reputation:low
            Preview: BDic.... ....6...."..Z..4g....6.2...{/...3...5....AF 1363.AF nm.AF pt.AF n1.AF p.AF tc.AF SM.AF M.AF S.AF MS.AF MNR.AF GDS.AF MNT.AF MH.AF MR.AF SZMR.AF MJ.AF MT.AF MY.AF MRZ.AF MN.AF MG.AF RM.AF N.AF MV.AF XM.AF DSM.AF SD.AF G.AF R.AF MNX.AF MRS.AF MD.AF MNRB.AF B.AF ZSMR.AF PM.AF SMNGJ.AF SMN.AF ZMR.AF SMGB.AF MZR.AF GM.AF SMR.AF SMDG.AF RMZ.AF ZM.AF MDG.AF MDT.AF SMNXT.AF SDY.AF LSDG.AF LGDS.AF GLDS.AF UY.AF U.AF DSGNX.AF GNDSX.AF DSG.AF Y.AF GS.AF IEMS.AF YP.AF ZGDRS.AF XGNVDS.AF UT.AF GNDS.AF GVDS.AF MYPS.AF XGNDS.AF TPRY.AF MDSG.AF ZGSDR.AF DYSG.AF PMYTNS.AF AGDS.AF DRZGS.AF PY.AF GSPMDY.AF EGVDS.AF SL.AF GNXDS.AF DSBG.AF IM.AF I.AF MDGS.AF SMY.AF DSGN.AF DSLG.AF GMDS.AF MDSBG.AF SGD.AF IY.AF P.AF DSMG.AF BLZGDRS.AF TR.AF AGSD.AF ZGBDRSL.AF PTRY.AF ASDGV.AF ASM.AF ICANGSD.AF ICAM.AF IKY.AF AMS.AF PMYTRS.AF BZGVDRS.AF SDRBZG.AF GVMDS.AF PSM.AF DGLS.AF GNVXDS.AF AGDSL.AF DGS.AF XDSGNV.AF BZGDRS.AF AM.AF AS.AF A.AF LDSG.AF AGVDS.AF SDG.AF LDSMG.AF EDSMG.AF EY.AF DRSMZG.AF PRYT.AF LZ
            C:\Users\user\AppData\Local\Google\Chrome\User Data\1c0cc9ef-bff6-4c3e-8436-805e6dcfce20.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):162896
            Entropy (8bit):6.08203961035659
            Encrypted:false
            SSDEEP:3072:4N6Fh/DYC/ddlBuZ92QklE6FcbXafIB0u1GOJmA3iuRF:SysC/ddlBuZsnaqfIlUOoSiuRF
            MD5:E418FFC3C99A9707CB58CA330F7DA5DD
            SHA1:1A7722CEE89061BE7190FB69C44DA887A80ED0C8
            SHA-256:604AC46F43120F0E555D9F8E45726F95EA8319401EC3DBB70A555F122F61F843
            SHA-512:9533DDC1E50740C70E62DAFB9767074AEB4000A12F83667336578BB6F0A9E22B334CE14CB581C180E31F125F666D5D67E2410BA87A442A2F5684E6DB01D10795
            Malicious:false
            Reputation:low
            Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.610416492436291e+12,"network":1.610384093e+12,"ticks":101423734.0,"uncertainty":2817478.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016607996"},"plugins":{"metadata":{"adobe-flash-player":{"disp
            C:\Users\user\AppData\Local\Google\Chrome\User Data\7b4db693-1d07-4133-8b2e-8b4634602e58.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:SysEx File -
            Category:dropped
            Size (bytes):94708
            Entropy (8bit):3.7397319725141114
            Encrypted:false
            SSDEEP:384:lDN2C8DNojcyVb9ClN+r7vSa3h6Q5HUNGFMrXkCkxZo4srrTWmP030GmK1OQkGNU:hCyVpCA1BcerYykQPzOGKAqS5g
            MD5:364AD9E48A9DED70B1F682B0787D2E67
            SHA1:1184E0A05B68277F1D9A7E78C0A06B5B350B5BDE
            SHA-256:666A3EA106EEF9CB1D774A870D158A15EC3FB558ED692CF9F7D4A625D1C2EDAF
            SHA-512:CC324C44E8D7EB43D4EE4F2FBEE1BE87E0FB44023F6E0A92BE8C051077DEB70220AABDF18902427A8A07939A8C8964185F43597EA588AF1E39E219700A13FC03
            Malicious:false
            Reputation:low
            Preview: .q..............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n...y.8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
            C:\Users\user\AppData\Local\Google\Chrome\User Data\88614e77-16d2-4c8d-8a3a-e64860f813a2.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):154415
            Entropy (8bit):6.0513523780569045
            Encrypted:false
            SSDEEP:3072:/Fh/DYC/ddlBuZ92QklE6FcbXafIB0u1GOJmA3iuRF:zsC/ddlBuZsnaqfIlUOoSiuRF
            MD5:A3094C4A50034E56C368B74E5191D8C7
            SHA1:DEC192F8927110A801CB08063B990CC8BE8D239C
            SHA-256:B17DCCB615560DACE73F5AB86591D97F063F5D1CCF88B749FCB9CA212EFA8932
            SHA-512:F6825E48A935AC67B688B25F3DC9461E14368422E0A19FFCD67AB7E78EC6016E4BB26965489FD28F45CBD6870D964D61A32D8F9BFCB9A19277CBB03BE00C665E
            Malicious:false
            Reputation:low
            Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.610416492436291e+12,"network":1.610384093e+12,"ticks":101423734.0,"uncertainty":2817478.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016284739"},"plugins":{"metadata":{"adobe-flash-player":{"disp
            C:\Users\user\AppData\Local\Google\Chrome\User Data\95bec033-6b45-4801-bd46-3e8859881e05.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):162896
            Entropy (8bit):6.08203961035659
            Encrypted:false
            SSDEEP:3072:4N6Fh/DYC/ddlBuZ92QklE6FcbXafIB0u1GOJmA3iuRF:SysC/ddlBuZsnaqfIlUOoSiuRF
            MD5:E418FFC3C99A9707CB58CA330F7DA5DD
            SHA1:1A7722CEE89061BE7190FB69C44DA887A80ED0C8
            SHA-256:604AC46F43120F0E555D9F8E45726F95EA8319401EC3DBB70A555F122F61F843
            SHA-512:9533DDC1E50740C70E62DAFB9767074AEB4000A12F83667336578BB6F0A9E22B334CE14CB581C180E31F125F666D5D67E2410BA87A442A2F5684E6DB01D10795
            Malicious:false
            Reputation:low
            Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.610416492436291e+12,"network":1.610384093e+12,"ticks":101423734.0,"uncertainty":2817478.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016607996"},"plugins":{"metadata":{"adobe-flash-player":{"disp
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):120
            Entropy (8bit):3.254162526001658
            Encrypted:false
            SSDEEP:3:FkXft0xE1G1mstft0xE1G1mstft0xE1n:+ftIE1G1mkftIE1G1mkftIE1n
            MD5:E9224A19341F2979669144B01332DF59
            SHA1:F7F760C7104457DF463306A7F7BAE0142EFCEB5B
            SHA-256:47DD519C226D23F203ACAE0EC44DF9BB6208828E24F726E1602EA52F63C3E2BE
            SHA-512:4184302DEB5009D767FECFC150F580DD57D5CF9CF3BFEB7E52C9F3340E5E6499251B9F0DFF37F0454411FED9046880E0A9204312D021294256372C916B8155AC
            Malicious:false
            Reputation:low
            Preview: sdPC....................s}.....M..2.!..%sdPC....................s}.....M..2.!..%sdPC....................s}.....M..2.!..%
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\223e547e-2e5d-42bf-8d0a-f13f274c0381.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):22614
            Entropy (8bit):5.535952282801531
            Encrypted:false
            SSDEEP:384:Ie6tFLlLqXi1kXqKf/pUZNCgVLH2HfD+rUt/HGEnTo8y9u4T:ALl0i1kXqKf/pUZNCgVLH2HfirUtvGEA
            MD5:00EDA4E3D99EC588792E6B4FF25C65EB
            SHA1:4038C96E610D9FED723679EC5E8232EFAE882233
            SHA-256:E73E3C6BB740FE6A76303C1A60F76F11474B5B9CA9181D43123852B7B86522A9
            SHA-512:8C76E100FCCC21A83FB4137E60FEA7C433A46B911C38FD825EE8FE6E7584218F4FF666B879B8B0429DD302B2679676E4667FF0DF3A0E41F74B970813C45D0F55
            Malicious:false
            Reputation:low
            Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13254890090251367","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2a547adf-26d4-4793-9316-893ca88ae2c4.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):22612
            Entropy (8bit):5.535888879767363
            Encrypted:false
            SSDEEP:384:Ie6t4LlLqXi1kXqKf/pUZNCgVLH2HfD+rUt/HG1nTo869u41:LLl0i1kXqKf/pUZNCgVLH2HfirUtvG16
            MD5:4692EC97B581248BEC0F2910D952EE2F
            SHA1:234C374ADBDAB329542D7D3A16AAF8D827358AB8
            SHA-256:D32D995337CD3CB4FD2F13ADF432C529E6F1EC320D1D89F0AB71CF0220F061AE
            SHA-512:F2BABC5EC561A81038C892CBE5D22CD49405C0792939F488C697C9B8CB687ED07AD19F08B3A116F7075A56B83C300096CFF7731D7C4A580FB9CFBF7C561B7351
            Malicious:false
            Reputation:low
            Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13254890090251367","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\53490bc7-68c3-4f01-a21e-28ae97390292.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):5649
            Entropy (8bit):5.189743540534769
            Encrypted:false
            SSDEEP:96:nKgtF2arM4YoV1ScVOok0JCKL8HckE1sNbOTQVuwn:nKgtnrM4Y0sc34KMckEmV
            MD5:E3E8274C39C42A20B2386046149F902A
            SHA1:E12BCCAA6E3106AA94F489FF9C40CB907D21DBAC
            SHA-256:6030499543CE3C348FF539EB337426E2CFC7B05EF5B445646CF1392DAACB6F0D
            SHA-512:F5CF292B372A56FC33DED17083B4D314AEACD4AB42BCE81723F1F07D5FE72843E5E0E708315CA20DE308BE83202F3367005881831B3DF47243CCF4ED869995EC
            Malicious:false
            Reputation:low
            Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13254890090582281","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\60f28472-5203-4d62-867c-9e88d66a8085.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):1038
            Entropy (8bit):5.566843653883075
            Encrypted:false
            SSDEEP:24:YI6H0UhVsTG1KUerkq/HeUeXby2qUeXvh7wUP1RUenHQ:YI6UUhVseKUewqPeUer2UefpwUPLUenw
            MD5:9071C0DC402101FF4F18BC7DF233B75D
            SHA1:88C6EE85EAD9A0767A3A546AEEE6B1ECCB2B0C5D
            SHA-256:4ED1A29AAB6E76112DCB6C7A6D7EE9C3B0A68AF42E39325DB66A47670C540ED4
            SHA-512:27934E2918D9AFC7DE06BC5BF95F0949A3404CAA982A1EB9D36E41F6FF3FE3AD9E88B465DF748B9261C8FF1651B76AD534F208405ED3B2993C31CFAFD62FDF37
            Malicious:false
            Reputation:low
            Preview: {"expect_ct":[],"sts":[{"expiry":1633014077.350499,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601478077.350503},{"expiry":1633014077.22511,"host":"nAuqgR4iEWti7SOdT3UHPl6rmZU/DeaIm38P2O2OkgA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478077.225114},{"expiry":1633014092.4175,"host":"0J7rAWV0ouCFYJ9XrkDiKnAO1SshXJmLJE1SS3V8kDM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478092.417504},{"expiry":1633014091.91938,"host":"5EdUoB7YUY9zZV+2DkgVXgho8WUvp+D+6KpeUOhNQIM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478091.919383},{"expiry":1641952493.22629,"host":"8/RrMmQlCD2Gsp14wUCE1P8r7B2C5+yE0+g79IPyRsc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1610416493.226292},{"expiry":1633014077.462534,"host":"+ccWXqaoHJ9hfuXbleKV6FQUrBlyXAJ31BdqjNQJpHs=","mode":"force-https","sts_include_subdomains":false,"sts_obse
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\68ba9ea2-3fd8-4106-af6b-78cb0f651821.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):5624
            Entropy (8bit):5.1880745010505755
            Encrypted:false
            SSDEEP:96:nKgtFbarM4YoV1ScVOok0JCKL8HckE1svbOTQVuwn:nKgtkrM4Y0sc34KMckEmr
            MD5:8F6AD3A027FC4476AD34C27A191FA4A3
            SHA1:EFBBC5F22CC503322B265656160D805521417D7C
            SHA-256:59EDDB6AF4D502271AEA54F4A9197500C68FD3FF03E4FCBC73A04B18E19B32D5
            SHA-512:D5066AC9E93B2909052C1AA2F38A860FC1573D397E21818A603E6E1F93D7B62474DAFFF01E8E6CF9A979E9116A66D81397D0AA71AA069C8D17FA695D047758E5
            Malicious:false
            Reputation:low
            Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13254890090582281","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\78fed78d-eb0e-4888-99f5-876a0eff6a27.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:modified
            Size (bytes):2073
            Entropy (8bit):4.902223022375721
            Encrypted:false
            SSDEEP:48:Y2TntwCXGDHz5sGTsLRLsQDgs/yKsn3zsgMHcYhbD:JTnOCXGDHz9arXC9GNhH
            MD5:023DB2B3D5D6EC012D6C52A5166CDFEA
            SHA1:CA129317DF56791767448BF6222F7285526FBB0D
            SHA-256:EA796C8E3BD73A6B9D65303649E8FDE83FF3B4885624DB07D4684846FEA695C8
            SHA-512:9C9F70DDBE1F02719A56D83BEFE9CB3A4BCF38D03287DCB34B897EE9FC867C4FEA074A77CB3C0589013829BAA7E23C046541B1ED0D659D2ECEC90D0A24E70363
            Malicious:false
            Reputation:low
            Preview: {"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://www.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://www.google.com","supports_spdy":true},{"isolation":[],"server":"https://ssl.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://fonts.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"isolation":[],"server":"https://play.google.com","supports_spdy":true},{"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"isolation":[],"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13257482093220010","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://redirector.gvt1.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13257482093226239","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://accounts.google.com","suppo
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9be8f6a0-3d9d-405d-904a-676af39e2e8d.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):4219
            Entropy (8bit):4.871684703914691
            Encrypted:false
            SSDEEP:48:YXsJjMH+5s7YMHBKsvxMHVzspxMHbsIHt/soBDysKqnsllzMHpDCLsWJMHLsNuMg:RG+ZGJG+GTTD7IGpD+G7Gp2GnG4GVhH
            MD5:EDC4A4E22003A711AEF67FAED28DB603
            SHA1:977E551B9ED5F60D018C030B0B4AA2E33B954556
            SHA-256:DD2C9F43F622F801FCC213CDE8E3E90EF1D0D26665AE675449A94CEC7EB1D453
            SHA-512:84D3930579FD73C7D86144D5CDC636436955BA79759273C740D2D72BC4847F2F7F165BBCA3EB2E4DFB01777D6A5F141623278C1BF74615C5A491092CE3FD1602
            Malicious:false
            Reputation:low
            Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248543677350473","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543677350474","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31344},"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248543501474403","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543501474403","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31656},"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248543501454993","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543501454994","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":39369},"server":"https://www.googleapis.com","supports_spdy":true},
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):334
            Entropy (8bit):5.245248020070894
            Encrypted:false
            SSDEEP:6:maBdR9+q2PWXp+N23iKKdK9RXXTZIFUtp1BdmNJZmwP1BdP9VkwOWXp+N23iKKdi:FBdyva5Kk7XT2FUtp1BdG/P1Bdb5f5KU
            MD5:7406C2F8E93EC3BD0A3ABC9961F23CFB
            SHA1:37D1533DE092583B8814D61C14EE8467E819F5FD
            SHA-256:F249886CCFF0D7EA7A83176FEA4CD40AF7A600DF011B41CC584BC0EF11E128C0
            SHA-512:F98DBD5304A7A3CBC5C5BB81249169AAE0CE9F3617485A33F195567209FD790601AF14B72472DBCC70CAA2037927D3E917AAE4AC43136CBE4D9AD8A3741988AB
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:55.887 1b08 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2021/01/11-17:54:55.888 1b08 Recovering log #3.2021/01/11-17:54:55.889 1b08 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):318
            Entropy (8bit):5.236706229890671
            Encrypted:false
            SSDEEP:6:maLh99+q2PWXp+N23iKKdKyDZIFUtp1LTgJZmwP1Lvy9VkwOWXp+N23iKKdKyJLJ:F1+va5Kk02FUtp1ni/P1rs5f5KkWJ
            MD5:22515ACD7ECDCB769D3C1BFCAE9B11E4
            SHA1:F3514915F8A712A50F40CC7D5A62B8EAFE075189
            SHA-256:D57E79AFDBEE9B45A0598124D81FED307ED75AB185B5F4D3419F2BEA94212406
            SHA-512:7F4FD920436CB1841E987E085605284C8D66977B3FDDB530905689C07F9F31869876A115126FF20C10064048AE49269018A75677D3D1EC3052D018A8E6F01AA5
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:55.250 1b08 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2021/01/11-17:54:55.264 1b08 Recovering log #3.2021/01/11-17:54:55.279 1b08 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:SQLite 3.x database, last written using SQLite version 3032001
            Category:dropped
            Size (bytes):8192
            Entropy (8bit):1.350688022464307
            Encrypted:false
            SSDEEP:24:TLyqJLbXaFpEO5bNmISHn06UwITgAZOZD/i:TekLLOpEO5J/Kn7ULTNOZi
            MD5:BA6841087CB7237088EE476D56DDA703
            SHA1:3DA321491CE6A65954E8CDEFECA3115619E17D74
            SHA-256:A14A2457FCCB6C615D6B49BAA507E28D47DEE64836F1245E567596B7A0B3C07F
            SHA-512:94074F3CD22337CE97A92F865C94537A024DB9C99F836B22ABE4807730F204444C61551DC74C0D57C0AC4453A4E98909DEAB5C4E0E5B593011E111A12B6278FB
            Malicious:false
            Reputation:low
            Preview: SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):8732
            Entropy (8bit):1.3134050174552918
            Encrypted:false
            SSDEEP:24:PcLgAZOZD/DqLbJLbXaFpEO5bNmISHn06Uw99:P8NOZDq5LLOpEO5J/Kn7UK9
            MD5:94599CA00A65CB368435C7FCECCC2697
            SHA1:B3F72D5A237B020BEDAF5533F722E2448D8DA996
            SHA-256:96C3C8D0F3B1FB20407D727E1D24EF4B04A8F9F471DAF3C0D7C636117AAF91C5
            SHA-512:C599570FD6F0AD616AD98E040E331E81146C02C51F2732BBE469722F4BA4D9A0648EB6166B4FE8FD8C8EF65955C7C3E23E710CB46701AB8814578AA571E57895
            Malicious:false
            Reputation:low
            Preview: ........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):1528
            Entropy (8bit):3.9022835608901683
            Encrypted:false
            SSDEEP:24:34SKtlrlA5lZHd0CYF5/0wk7+OeUeIsliwkG3rqBroBV2d6IHd0CRlL:34BXxignD/rk7+fUeIOkmCoDNCL
            MD5:CBB28470E64B1B266FEA917CC644F8B6
            SHA1:2CFEBE25268CD36C9B0EDD86AA5DC034F7680384
            SHA-256:356AD04E3554129974064E45D6ABF76698DA4E4EE50AC81843BBC400EF5622D9
            SHA-512:AE1FFCF82C9811AD373550074ED47AE8E0CF3CAE2E87CBF6DBF36B1EDC54CA90B397B9A4F4F715FAC06A8206DCEBF8F10D0D7526EE8E1D093CABB66316B2C0C0
            Malicious:false
            Reputation:low
            Preview: SNSS....................................................!.............................................1..,.......$...f5d3382c_a210_4441_95fc_42b09ccdb3a6.......................k..................................................................................5..0.......&...{524A03AB-861D-4591-9B4E-BDD69F9D425A}...................................................i..d...........F...https://www.ambrrey.com/588:19%20PMt71919n2021?e=Mark.Weinberg@agf.com......................................................h.......`.......................................................V..O....W..O....0.......H.......H...........................F...h.t.t.p.s.:././.w.w.w...a.m.b.r.r.e.y...c.o.m./.5.8.8.:.1.9.%.2.0.P.M.t.7.1.9.1.9.n.2.0.2.1.?.e.=.M.a.r.k...W.e.i.n.b.e.r.g.@.a.g.f...c.o.m.........................m...h.t.t.p.:././.m.a.r.k...w.e.i.n.b.e.r.g...p.m.i.o.f.f.l.l...c.o.m./.r./.?.i.d.=.k.l.1.9.5.8.2.0.,.Z.2.0.1.9.5.8.,.I.1.9.2.0.5.8.&.r.d.=.w.w.w...a.m.b.r.r.e.y...c.o.m./.5.8.8.:.1.9.%.2.0.P.M.t.7.1.9.
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):8
            Entropy (8bit):1.8112781244591325
            Encrypted:false
            SSDEEP:3:3Dtn:3h
            MD5:0686D6159557E1162D04C44240103333
            SHA1:053E9DB58E20A67D1E158E407094359BF61D0639
            SHA-256:3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
            SHA-512:884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
            Malicious:false
            Reputation:low
            Preview: SNSS....
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):164
            Entropy (8bit):4.391736045892206
            Encrypted:false
            SSDEEP:3:FQxlXayz/t2Hmwg0EOZL7Ao4uhFkEuRLKyC5Ei5+Gg:qT5z/t2qoEwhXeLKB
            MD5:0A906A9A542CDF08FF50DAAF1D1E596E
            SHA1:B97D6274196F40874A368C265799F5FA78C52893
            SHA-256:EB9CABBF5FDA1AD535300B0110EAA4068A083248BA928A631C9278545935426D
            SHA-512:8795E905B711ADE6B1C4B402D50AF491B64D157AA738669482DDBFC30E857DF970BFFB774A925F3F4A0802BD27AFAF939CE140894FF09B67FB9C0BB83ED4491A
            Malicious:false
            Reputation:low
            Preview: .f.5................i.Wd...............Sgdaefkejpgkiemlaofpalmlakkmbjdnl.declarative_rules.declarativeContent.onPageChanged.[]..F..................F................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):320
            Entropy (8bit):5.213687258314481
            Encrypted:false
            SSDEEP:6:ma6TM+q2PWXp+N23iKKdK8aPrqIFUtp16bZmwP16ZMVkwOWXp+N23iKKdK8amLJ:F6A+va5KkL3FUtp16b/P16yV5f5KkQJ
            MD5:75B8B08F2BA69BB8F204BDCA3EBDDC6B
            SHA1:EE2761256DA31CB922CD6E63A9BC6DD5B8D04FE8
            SHA-256:486D82437D8D9775A271BDF338F33972569A1DDEC0164A4E69DFD83571713D77
            SHA-512:C23BD1C45C3C24ACDEDCB05A32D3DC8E383F23C45D81442F67821A68A2F32CB14C64826F33896147A7B61EC026EACC771F37B818A2338CE356DB2C91835DFC96
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:50.594 121c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/01/11-17:54:50.595 121c Recovering log #3.2021/01/11-17:54:50.596 121c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):570
            Entropy (8bit):1.8784775129881184
            Encrypted:false
            SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWW
            MD5:D4BA0AE0BB0B9FAFF3DA6F35FDBC3C8A
            SHA1:FB3E9DEC7F35A9B1D94E54A5659DD0DE484055E7
            SHA-256:99DEF1B557F19F04C1AFFC6F247D0451F33FC10EC42E73792223C3215AC98BE6
            SHA-512:86FD07C34B9ABD4C52BA19EAE291936F92BC6D38A75C021EDC1DEDBC15617669876180CD99F959C62476D82EC6BB9F5FE4C6CB4D82CB037EFB76D99A4D3D9C51
            Malicious:false
            Reputation:low
            Preview: .f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):320
            Entropy (8bit):5.249940674265013
            Encrypted:false
            SSDEEP:6:ma4N+q2PWXp+N23iKKdK8NIFUtp14//ZmwP14//VkwOWXp+N23iKKdK8+eLJ:FBva5KkpFUtp12/P1K5f5KkqJ
            MD5:EAF3371069B4E74E114171A4A6579885
            SHA1:94466BCA394C6493FACC0CF35E355B667147FE2E
            SHA-256:66CB6DFC635F0491B6F12FB484A12AD312C4D9BC70DD4D4FAE98236F883CA187
            SHA-512:3A59D0271446CAE92F644EBA0D376C66E750EC53A1E47EB75A3C597B21D01225FFDD12E39A4BE5B298D458FAFA9ECF58B21804426A42799BA6D9EEF51A427AE3
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:52.755 1688 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/01/11-17:54:52.757 1688 Recovering log #3.2021/01/11-17:54:52.757 1688 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_1\_metadata\computed_hashes.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):17938
            Entropy (8bit):6.061511031838911
            Encrypted:false
            SSDEEP:384:ahlZ97TC4hNLFkQF/4H/vo3c93yaM5ZAVGnLMeP3rrBsuzfccHyfXRH0MVEPT:ahlvS2Fk5ooNM5Zg+YePRgpXRHLVA
            MD5:58E0F46E53B12F255C9DCFD2FC198362
            SHA1:24E3904DED013ED70FFC033CFA4855FBB6C41C19
            SHA-256:F82EEF4F80D86F5DEF0F40F91FFB6453E1706CA5FD8A7172EDB19C4B17E2F330
            SHA-512:1AC83CDFF124E4C0281FBBFC0A919AA177F1524AB85434D82E5A87DDDF7CAC26A761C5E6249566626054C62D6B0F46A51AAC1F6E64C260F50832AE1D5F0A49BC
            Malicious:false
            Reputation:low
            Preview: {"file_hashes":[{"block_hashes":["vyABSKu1ssLnoQtj8Nqw6CjEthL33alh0QYBLzRg9+E=","DGWrOFQ2mF53Fk3FM5jLCV5sKg1DgRTF750mXhpKaoM=","f8vmSL13lL5/sEk/UBo2z9BTE1au+kMnftvxebWlLfQ=","g6BagkGM3fYVfhX6pe9v+WIhrxb6KJyr1H8KEdf3iQc=","6GdjKPovCi9TAL74Kj/R6GzGC1RVsWCb0lMtrG41ElU=","vttVT0ok78296FZBpoJgEIMmZmATBpKLrC5wr6RiPIg=","5dwwmOMAg6GXh2x6hn99MsZgiXJCxgTnwFdiMmcl2/0=","lQFxytI8i5cYLqNLbSnc45XXd/jEIuKwO1nAvNh5/WE=","qETF6aAOXwVcduPggf/FGrY8l2ALwdIswKxFJWG2JpQ=","+fjs95t/ESSgtcK9SzZOIcY/aemUr2I/yYI07esfjbk=","H+r4m51qI4G0z8YtAibc3/AGYvPK9qT14BbGvmM4/y4=","Qz4vtomAqVrAeKIcJ/zbVi5yDpFiY+F7tP/FTdoAKwU=","k110zqa69JMO5T4RH/nBdkCVX9I/98Gd7K2dnRuyFyg=","+QrRx4Pz8wbz4ef9ch1Q2aAQDZbv0r64NMyj9z0qaaE=","6q/tcYekY7TN66ZdPx4ALLcteRLQJqFy0wgcIqL6fFU=","djipPPtOAFsToDpKDbadLJLGQiCzTkN2qsRbzvKijBo=","uHEm1DVxHADroGNWHjmdfpdNUgtHXDQ0zfTmdqtJgYo=","1C2E0Gz2nqKFG3ghcQEVyiTYI4rTYNnrpsHQY9J7BfI=","swYZ8T85/4tzx26dfC0RKxMiHwnjqJoxtn0Mb8NdcjI=","AuXwavx8SOtkgFhnRlnM4roIw243Ryh2ktL0QZRDLoE=","oG0S5XUkjBtAHts9X+uQt5MTsf
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):23474
            Entropy (8bit):6.059847580419268
            Encrypted:false
            SSDEEP:384:7dNc1NC6IcafusK4H1IIGRlhKlkIALQWdynQh2RX4K6M1tVztzr7XSNyzH:7dOscSRKc1nGRSkIhEw6M1tf7SNyb
            MD5:6AE2135EA4583C2F06CDEBEA4AE70FA4
            SHA1:DCEB26C7F02D53B5F214305F4C75B4A33A79CDC2
            SHA-256:03AA1944CB3C4F39E20B6361571BC45DFBEBD3FFDA3D8F148CC6ECB29958F903
            SHA-512:B5945E67D9F73DD1982D687E5C6D9B5D6B3886C8050363A259755C76AC0F93651F3425FA7C21AA6A13977AC1C8C9322F998F131648CB8909096058D4F0D23312
            Malicious:false
            Reputation:low
            Preview: {"file_hashes":[{"block_hashes":["DOZdV3jFvk12AM2JNDYKo3KZrIVRprmJ+sVGWkqqE4Q=","rVElW3Hu3T52SzDDUqGT5YiJTBGUv2h3pNuBKFlhZ1U=","X/3fg4KZxgQ1jBr5QGq0F5JnflgE27UErd88mrxTcxs=","VibLbpy0ig+5INMOU71fTYN76iaka2XVpmm1qAKYsX8=","EChCwCbQHbHQ7oDdGT2qNyiRJ0yck2YC2emNGq4whtE="],"block_size":4096,"path":"_locales/iw/messages.json"},{"block_hashes":["xklkoZ7iSU1+7cd6DAtEmUC5lPFd+EgcbnzxkOiFwlk=","3KbsvoxKY/3AwqgF2aAdVQRpMhsNVRkQ3rx2A6Z2Z+Y=","o9+tsohquaCMj+70zeinRG/hBhA2uLoDl/WoC1uokME=","xV/K8xucyWJELVT8Cqn+ugFjobBVmg8pnmACF+2PP4Y=","p/mvJm2wuCl32Rx3it654MljKAsMe3S9IDEabc1A8mE=","j8mPrTb5oOsBTj2Fer78JE6xG6+kR64Cvu2SW8d3j/k=","nqSRpGQ3USU2bZJsZ+AzBmFOyann8omwJrhEWFZDTXc=","eTcQyJUuNuF9yCga/fXGyFCj/pysSceanhBzksdx23s=","Wj7faqnspelXKMvnduxHn1XUBG8TEOqyns7/oUihekM=","VtBwXoadI3EP336rAiL33Gz19KGqtN+RYdKnMKAXoLw=","iDgLXQqXJp8nCZxgLuC9LXM45DGfufvGnXvmHsn18wc=","g+RfdDfrWTUK0Pkcsbot7NJ4SC9wVRV/dVVMuHAtEj8=","2oC4HcCuXu3VjFf6wnKlznt9uqQNaebcuWpm/mWj69U=","aMUIpuFqPMiieSaWhIktCK62v2P3OZQAWupWsYzCnvk=","L
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):19
            Entropy (8bit):1.8784775129881184
            Encrypted:false
            SSDEEP:3:FQxlX:qT
            MD5:0407B455F23E3655661BA46A574CFCA4
            SHA1:855CB7CC8EAC30458B4207614D046CB09EE3A591
            SHA-256:AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
            SHA-512:3020F7C87DC5201589FA43E03B1591ED8BEB64523B37EB3736557F3AB7D654980FB42284115A69D91DE44204CEFAB751B60466C0EF677608467DE43D41BFB939
            Malicious:false
            Reputation:low
            Preview: .f.5...............
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):372
            Entropy (8bit):5.255678603583129
            Encrypted:false
            SSDEEP:6:maJTR9+q2PWXp+N23iKKdK25+Xqx8chI+IFUtp1bJZmwP1+9VkwOWXp+N23iKKdP:FJWva5KkTXfchI3FUtp1N/P1g5f5KkTM
            MD5:E3E9DF93231FFAA9B08D4D7AECD00D9E
            SHA1:79E14B5F0A527D1B0D5C656A9AF3D86AAEDCB715
            SHA-256:2E790CB2ADC39941470FCF85F43798A88F02D9040237063ADA7CA012F2487937
            SHA-512:2B4091097C9BFFB7E3F1B98F31B4669AE0B4A3BDB92CC6E57840CD725EA3D78A9EF803183F5F0183EE0085D7B8BDA720F678E10E13873EA76FB0BE0EF6A732F4
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:55.067 1b08 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2021/01/11-17:54:55.108 1b08 Recovering log #3.2021/01/11-17:54:55.110 1b08 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):358
            Entropy (8bit):5.268594736496555
            Encrypted:false
            SSDEEP:6:ma+wE9+q2PWXp+N23iKKdK25+XuoIFUtp1+8WyJZmwP1+8QoX9VkwOWXp+N23iKX:F+wzva5KkTXYFUtp1+s/P1+Bs5f5KkTZ
            MD5:A5B3D8015A0D079FF76FA2073C4288D5
            SHA1:BCE111F5BFCF4F7E97813DF777B262BE36A1DB24
            SHA-256:D1DCE5ED43A5BBAEBE6B52E3F79A3BF1BE16400E127F32B40C95A550493E758F
            SHA-512:AD1E160C5AED2BCFF1243CA37B94244D2ABCB710EB6C9DE322A916FF5C69D69ABCF136809C8F13A4C30D8938E086164C4E46B163CE09EA4E964BF863274717AC
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:54.867 1b08 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2021/01/11-17:54:54.873 1b08 Recovering log #3.2021/01/11-17:54:54.875 1b08 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):330
            Entropy (8bit):5.27594017057715
            Encrypted:false
            SSDEEP:6:ma+6Sy9+q2PWXp+N23iKKdKWT5g1IdqIFUtp1+ZdJZmwP1+2H3N9VkwOWXp+N23j:F+6SRva5Kkg5gSRFUtp1+Zn/P1+E5f5N
            MD5:CD79F9C32EF8263BF5110AC4138AC7C1
            SHA1:D838758AA456E888FFF81C8F3CE967B9FE896B1E
            SHA-256:C6F36C67EA39FCDCFE64049C26C3A8CED7182F46A900E13AE5B5F88BBBBB31E0
            SHA-512:74DBBEDEE83D1E953D0FF17A2CDE969E4FB6D7A55B3309FDA0A19119386769FF0E22DE9583AC5D080645B74AA5B96A9C3912A1022D9F12874F37E152E3B13202
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:54.817 1b08 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2021/01/11-17:54:54.823 1b08 Recovering log #3.2021/01/11-17:54:54.824 1b08 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:SQLite 3.x database, last written using SQLite version 3032001
            Category:dropped
            Size (bytes):32768
            Entropy (8bit):0.17230188214404066
            Encrypted:false
            SSDEEP:12:TL+A/nroBV2d5hYt0NuQLIAGI/gbroBV2d5hi:TLxnroBV2d5hIguuIRroBV2d5hi
            MD5:2ABEC864AF2ED94D2FD50547D1435407
            SHA1:F71B33BF94CD58F5B5F04A8FE7091160FD6F3682
            SHA-256:09F7B57267A316069EA1047B7F35177B9647D6B569FB2538DCD487A4C1089A39
            SHA-512:5C48C73578F70A00C8721C90D7D43AABF9842AFB7E62678A087E77ECAE73745AE6941F7FC73181FA823F82742A89204A072720B059C66E40742F5CB08787156C
            Malicious:false
            Reputation:low
            Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):1008
            Entropy (8bit):5.474808964801665
            Encrypted:false
            SSDEEP:24:PfLhk+ogDOLMyyMeyfQ0DY78BJgskfa9yBDOxo7nQBrxzEVyroBV2d5h5:PnDZyyMC+U8JFcIoq5
            MD5:FE9ABDB8D7F183A1EA5DDF05E4858068
            SHA1:5F8C3297ECC008F114483B9A1A1C2CD62827FF8D
            SHA-256:B8EBF2588919066314727862887351C4A693FB40C66C318D5F5E26D8E1170A1D
            SHA-512:0BC916A61410FBF3F1971E844E99B2A1ADD3A2D853AB1B14AEEDE546745F866E8B0557BC48820C8A821A05BFB0528377E9BAA027A1C38134A3CCBC54337D5DAB
            Malicious:false
            Reputation:low
            Preview: ............"|....19..588..agf..ambrrey..com..e..http..i192058..id..kl195820..mark..pmioffll..pmt71919n2021..r..rd..weinberg..www..z201958*........19......588......agf......ambrrey......com......e......http......i192058......id......kl195820......mark......pmioffll......pmt71919n2021......r......rd......weinberg......www......z201958..2.........0...........1............2...........5...........7........8...........9............a..........b.........c........d.........e..........f.........g.........h........i...........k.........l.........m............n.........o.........p..........r............t.........w.........y........z...:......................................................................................................................................................................B............. ......*..http://mark.weinberg.pmioffll.com/r/?id=kl195820,Z201958,I192058&rd=www.ambrrey.com/588:19%20PMt71919n2021?e=#Mark.Weinberg@agf.com2.:..............J.............."%(19ADHP
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):42076
            Entropy (8bit):0.11656770342598838
            Encrypted:false
            SSDEEP:12:I10N1j1a1I1I+1G1B1pqLBj/N+3l9q4nMWQA9LUKlbBQZ8fOf:6OhA698DpqLBN+3nbN1Tfm
            MD5:2E3915EAD6099504EAB6B4A3C097BD6E
            SHA1:C9DD1107248DCE2B0E780770D76E1256858C6D11
            SHA-256:7BE044DD12FA41897093015ED28E052072A04F8C54A69828B0A51257133A9243
            SHA-512:620B5521F2447DA13C988B5257A9C9DD53A1E0DE6875FD42404522764DDF88A46C618071787F83178293B2C7859170453083DBBC8BCBDFBECEF5A1AD389299DF
            Malicious:false
            Reputation:low
            Preview: ..............n........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):2955
            Entropy (8bit):5.475188424317915
            Encrypted:false
            SSDEEP:48:ZsEGBRa7JM08dbLcsVbQSefgGLNrS0U9RdiN9r:Ka7JMHdbLcsVbQ5fgG5rS0h
            MD5:35EA4CC7B076AF4742C1CF15F0EA4F06
            SHA1:7095F79C390716D5AA23B3416F982DF6DF0A0191
            SHA-256:5D5E7467DC7853373C2164475707FB898E6FF6852AC0D0B2109920F3F7A73398
            SHA-512:94A58EA5BAF23814D4AC18B24D77C2A2FCFD316655C3D89DDCF1D3162F4E9AD34BB8B69D035A47AB95BCB86DD9CD492EC12492CFA9CE5E3636D68A595F85C16E
            Malicious:false
            Reputation:low
            Preview: qZ?....*............8META:chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm............Y_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.HangoutSinkDiscoveryService;.{"cache":{"sinks":{},"g":{},"h":null},"manualHangouts":{}}.a_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.IdGenerator.cast.RequestIdGenerator..707855000.H_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.LogManager...["[2021-01-11 17:54:56.42][INFO][mr.Init] MR instance ID: 40d5cd2f-f648-44cf-b601-f9481104919a\n","[2021-01-11 17:54:56.42][INFO][mr.Init] Native Cast MRP is disabled.\n","[2021-01-11 17:54:56.42][INFO][mr.Init] Native Mirroring Service is enabled.\n","[2021-01-11 17:54:56.42][INFO][mr.PersistentDataManager] removeTemporary_: 163 chars used\n","[2021-01-11 17:54:56.42][INFO][mr.PersistentDataManager] initialize: 163 chars used, 67 other chars\n","[2021-01-11 17:54:56.42][INFO][mr.CastProvider] Query enabled: true\n","[2021-01-11 17:54:56.42][INFO][mr.CloudProvider]
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):332
            Entropy (8bit):5.1317435092367125
            Encrypted:false
            SSDEEP:6:ma6+q2PWXp+N23iKKdK8a2jMGIFUtp161ZmwP16mhkwOWXp+N23iKKdK8a2jMmLJ:F6+va5Kk8EFUtp161/P16g5f5Kk8bJ
            MD5:CA20A022271577687C6ED784CC4FDBBF
            SHA1:EDD7D1A1DA1F48B2CC2D1059C94595B96496022F
            SHA-256:49243DD59F33D79B8D34331628B43847D2CAC1A5C92C0FBC8FE3EC98D72C4581
            SHA-512:6126C617DB9E209FD45D54383CC7F8D2E400ED3FB3D6A39B2DB6E148FCC7C4EDC47CCCB8F3311272C872B4B453295EF2641C01F108115EBB1CB3BEBD663CC399
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:50.309 12a0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/01/11-17:54:50.310 12a0 Recovering log #3.2021/01/11-17:54:50.313 12a0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):334
            Entropy (8bit):5.199752003006802
            Encrypted:false
            SSDEEP:6:ma6nBuYVOq2PWXp+N23iKKdKgXz4rRIFUtp16nSvZZmwP16nDdkwOWXp+N23iKK2:F6nBlVOva5KkgXiuFUtp16nSvZ/P16nN
            MD5:38BBAA7EC5AD8032FA0591511C6668B0
            SHA1:212C36698DD9EA366B8B67DFBF88AC125F9C7BE0
            SHA-256:F7B2E36BB77E5BC381C271EAC49B26A3C73C2179318666616FDCB7E0FBEAC91C
            SHA-512:4A2A328D6E2DB85EDB7F0E6E158114649D7FA45C2970D2038A30DBCA0898AF6183276FFF861EF1E19B841CD0C781D888C58F872C338C1FAD7760319040F965BD
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:50.624 11d0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/01/11-17:54:50.625 11d0 Recovering log #3.2021/01/11-17:54:50.626 11d0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):133
            Entropy (8bit):1.9837406708828553
            Encrypted:false
            SSDEEP:3:5ljljljljljljl:5ljljljljljljl
            MD5:2D264D9C84A987914AFF523B33A657BF
            SHA1:2673ADCD9295F0A9965C72379499337B98114CCC
            SHA-256:ED239EE0B51A309EF10DC617685639BBE298D489C94AC5662BFF78079334F946
            SHA-512:48ADD9AC76C4A7B5F5D6A47ADDD833352314CC95EB3CBD33407B2076856AF21BDEE6F1BD26AB950BE18D13E5BAC9D34FE4AB46833E93D826EEBDF7B09659D48A
            Malicious:false
            Reputation:low
            Preview: ..&f.................&f.................&f.................&f.................&f.................&f.................&f...............
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):320
            Entropy (8bit):5.084265415675617
            Encrypted:false
            SSDEEP:6:ma6kpAq2PWXp+N23iKKdKrQMxIFUtp16GEVXZmwP16mhkwOWXp+N23iKKdKrQMFd:F6kpAva5KkCFUtp16TVX/P16g5f5KktJ
            MD5:D34FEB88229B4D14AF0A7DB25B4BA36E
            SHA1:277A30FE26AD28435067481A354765F46FE5D192
            SHA-256:2727A81F92D9779F5675C7DCE5AF57B83DE7738CE27F1EA836C9C0F1E4EB2C52
            SHA-512:1788B5C8F774598E7A325A67E159E7D55BD6A634C0363CDCAB3A37D6473A4E6AAEABC8E8A0D5F8B6FE1C5EE850B3DF9C7419E49577FB3EDF93354779E7AF0068
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:50.500 12a0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/01/11-17:54:50.501 12a0 Recovering log #3.2021/01/11-17:54:50.502 12a0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):348
            Entropy (8bit):5.207797674649901
            Encrypted:false
            SSDEEP:6:ma6ja+q2PWXp+N23iKKdK7Uh2ghZIFUtp16jDd5ZmwP16jDdtVkwOWXp+N23iKKF:F6j7va5KkIhHh2FUtp16jD//P16jDt5A
            MD5:C37888B952D500154991DDF515DC0505
            SHA1:AF190B314A190E1CA3B5CCDC7DB600150E480511
            SHA-256:02C242DFFAB77A28BA11533C3A1AB6110188EF2D78DAFB7B9D4F668ED548B038
            SHA-512:9DDFA2891D18B923761E4020F91A00950CC2825BA73AAD1B5094B6B6877EC1B2CDD4C0E55E84A1DB95FE9236C820CFF03A041FD31D56E8B4D6DC14A6D762571E
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:50.233 1688 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/01/11-17:54:50.234 1688 Recovering log #3.2021/01/11-17:54:50.234 1688 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):296
            Entropy (8bit):0.19535324365485862
            Encrypted:false
            SSDEEP:3:8E:8
            MD5:C4DF0FB10C4332150B2C336396CE1B66
            SHA1:780A76E101DE3DE2E68D23E64AB1A44D47A73207
            SHA-256:18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
            SHA-512:51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
            Malicious:false
            Reputation:low
            Preview: .'..(...................................................................................................................................................................................................................................................................................................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):430
            Entropy (8bit):5.254143994117795
            Encrypted:false
            SSDEEP:12:F6nHva5KkFFUtp16nv7Z/P16nA5f5KkOJ:4Pa5KkfgezCqf5KkK
            MD5:0315A3144F137F9A93536610B35898E8
            SHA1:9D728F7EACD919DBDB5B34E5E5CE926E4BC0D3CD
            SHA-256:0730CCCB6716639FBA392F712BA276BC0CFC318131DE6920F41490EB57EC4BA3
            SHA-512:E2F887AD63848166CD759729A49A877A5302014BA537C0340230F494895DA150E7BB9BF2D70F9F60AA45804B50C6190470F1A3857302285E53E3FE53CEC80831
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:50.636 11d0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/01/11-17:54:50.637 11d0 Recovering log #3.2021/01/11-17:54:50.638 11d0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):432
            Entropy (8bit):5.303612117275759
            Encrypted:false
            SSDEEP:12:F6nFNva5KkmiuFUtp16nt/P16nf5f5Kkm2J:43a5KkSgeGxf5Kkr
            MD5:6B8C6491AA86B96481F9633A3B39C16D
            SHA1:642B1187BF1877037D8AC1794A05CB3949C42AA9
            SHA-256:6D5D055A53493C2C52193838AA4EF9B81C95AF613330B5A7189D76CB576D91FC
            SHA-512:51302CD182803CC02251CA1E3703C14306A41816AA9DE57180E1643D588DF2F1F62A39B3ACB800DC3136D878A3F00F206663A65C631D8F3E20E47F03859187EC
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:50.620 1688 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/01/11-17:54:50.621 1688 Recovering log #3.2021/01/11-17:54:50.621 1688 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):19
            Entropy (8bit):1.9837406708828553
            Encrypted:false
            SSDEEP:3:5l:5l
            MD5:E556F26DF3E95C19DBAECA8F5DF0C341
            SHA1:247A89F0557FC3666B5173833DB198B188F3AA2E
            SHA-256:B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
            SHA-512:055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
            Malicious:false
            Reputation:low
            Preview: ..&f...............
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):418
            Entropy (8bit):5.25800686952145
            Encrypted:false
            SSDEEP:6:mams+q2PWXp+N23iKKdKusNpZQMxIFUtp1dXrZZmwP1dBsVkwOWXp+N23iKKdKuG:Fh+va5KkMFUtp1v/P1LsV5f5KkTJ
            MD5:AC4092569BF33C793B9F518C45F15E60
            SHA1:2B35BCDCE4530E4074B9B06128A60958EE379E4E
            SHA-256:0B027EE2960272A762BE5CC2519A9B40385E047CCF65DCA3567CC98D29D5679C
            SHA-512:A906F602E1F92C2FDDDA4285053CE0D080DDF33E4DC5748694C595D5C9C1523E2E67C22387D4F0C5181A99A49965B7BACC6B6686DFA55A4FE461B79907A68170
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:55:07.321 144c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/MANIFEST-000001.2021/01/11-17:55:07.352 144c Recovering log #3.2021/01/11-17:55:07.353 144c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\ce16432d-c31f-4dd7-876c-46b19a2654ff.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):420
            Entropy (8bit):4.985305467053914
            Encrypted:false
            SSDEEP:6:YHpoNXR8+eq7JdV5qQlsDHF4xj70PpqQEsDHF4R8HLJ2AVQBR70S7PMVKJw1K3Ky:YHO8sdBsB6MAsBdLJlyH7E4f3K33y
            MD5:C401B619D9D8E0ADABC25A47EE49CFBA
            SHA1:C9D3B816DD3FBCD98E9C0A32CEC7B501EFC0BBDA
            SHA-256:8F5D75F5EF9876E8D30CE477509F735B50C4D87DBEDB433BE8EDBE6D4B3CB82F
            SHA-512:BC12F16CB95CB0AD708C6BBD005EF863A8552613E612F1084086E0F8262752E1B5144D044F0D141CE8462CC33343C36B517A5CC778751680485D8F88FB51B862
            Malicious:false
            Reputation:low
            Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248543490879170","port":443,"protocol_str":"quic"},{"advertised_versions":[73],"expiration":"13248543490879171","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\17b5a66f-ccc4-45dd-b5f4-79d778dd271a.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):420
            Entropy (8bit):4.954960881489904
            Encrypted:false
            SSDEEP:12:YHO8sdvBVSsB6M/BVSsBdLJlyH7E4f3K33y:YXsdvjX6gjXdL3yH7n/iy
            MD5:F4FEFEEEC722772F9DC0FCE1B52D79B5
            SHA1:00EECFA3B37113D30E7D43BE4383C540F3D93D4D
            SHA-256:D33E13C12004A700F246D8C73709114A881609D658E045D54DE36874728D07F0
            SHA-512:41E61EC89366800FD5F4DD704E53B47DE29411B9088B46349A0A350758D08569C14DCC70CF8D6A6FE6D049CB6D32F2B091153E8148A1B5857BD7AF13492071BE
            Malicious:false
            Reputation:low
            Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248543498399332","port":443,"protocol_str":"quic"},{"advertised_versions":[73],"expiration":"13248543498399332","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):296
            Entropy (8bit):0.19535324365485862
            Encrypted:false
            SSDEEP:3:8E:8
            MD5:C4DF0FB10C4332150B2C336396CE1B66
            SHA1:780A76E101DE3DE2E68D23E64AB1A44D47A73207
            SHA-256:18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
            SHA-512:51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
            Malicious:false
            Reputation:low
            Preview: .'..(...................................................................................................................................................................................................................................................................................................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):430
            Entropy (8bit):5.195380893246646
            Encrypted:false
            SSDEEP:12:F3+va5KkkGHArBFUtp1EESZ/P1K0V5f5KkkGHAryJ:ua5KkkGgPgMdmef5KkkGga
            MD5:835F4045ED7F7FE3B6647A5750AF5FDC
            SHA1:327CCCD9511B82DDDFBBFA49B74D70E52DE08200
            SHA-256:9B135E68DD12BEC1C23F409EE7A618276D8FAC404AB859C8EDAC61E16A8246C3
            SHA-512:E17AF8F70DB3C8DD61164300C2F9F7568F2A84005660E9C4E4D76DF576B7EC9409701CA85CC95D1EE17B2F342B71AB201D47D98D8AEA79E673E161F622EB6DAC
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:55.339 121c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/MANIFEST-000001.2021/01/11-17:54:55.343 121c Recovering log #3.2021/01/11-17:54:55.344 121c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):432
            Entropy (8bit):5.2080291803415415
            Encrypted:false
            SSDEEP:12:FOJ+va5KkkGHArqiuFUtp1ERs/P1vNV5f5KkkGHArq2J:9a5KkkGgCgMR2lf5KkkGg7
            MD5:265BABB71FA52E2C93C6152487BC0EB9
            SHA1:39EA7E0495A0427344E0183CD82EE8E48DAB2E4E
            SHA-256:C77865918A968E00F5B6C032E427E2071B2E3723AFEF9ADE9C086B7BFD9B6A42
            SHA-512:EEB025F7E6050EA764CFDE8EF7C61D0073EFCAF162011ED168943BBEC4490174D516E1BF08AE9557E4C7974620BFCF30A34ECDD183E4C75B42197B697CAD1949
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:55.340 144c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/MANIFEST-000001.2021/01/11-17:54:55.343 144c Recovering log #3.2021/01/11-17:54:55.345 144c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):19
            Entropy (8bit):1.9837406708828553
            Encrypted:false
            SSDEEP:3:5l:5l
            MD5:E556F26DF3E95C19DBAECA8F5DF0C341
            SHA1:247A89F0557FC3666B5173833DB198B188F3AA2E
            SHA-256:B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
            SHA-512:055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
            Malicious:false
            Reputation:low
            Preview: ..&f...............
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):418
            Entropy (8bit):5.192901198133842
            Encrypted:false
            SSDEEP:12:F3J+va5KkkGHArAFUtp1G/P1CV5f5KkkGHArfJ:8a5KkkGgkgHf5KkkGgV
            MD5:7CDC6972CC31B70CBE77038A13965403
            SHA1:6786B3EEFC52466575CD5D967DCB8909B770DA99
            SHA-256:D821DE527B5EEDDE135B9AA25F8B7C90E0B4F1E835FA1A958F0FBC63E3B6A83F
            SHA-512:CB3C30A12771710F70B61EC67E5A58586B8286551DFA448C5D432B6EA56148DC95C5F5A73235C8575A617B14BD5A4EC837687663A8884656D3F8E7A326B98E5A
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:55:12.428 144c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/MANIFEST-000001.2021/01/11-17:55:12.429 144c Recovering log #3.2021/01/11-17:55:12.429 144c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):38
            Entropy (8bit):1.9837406708828553
            Encrypted:false
            SSDEEP:3:sgGg:st
            MD5:45A8ECA4E5C4A6B1395080C1B728B6C9
            SHA1:8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E
            SHA-256:DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
            SHA-512:8EE91A3A1E77459273553F6A776C423A8EE95DB9DCFA897771814B7AD13FD84F06BB2B859F22B6DDA384B39EAA91F1819F170BABED6DA16BDBCF5BCB06CF2124
            Malicious:false
            Reputation:low
            Preview: ..F..................F................
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):324
            Entropy (8bit):5.187609529047198
            Encrypted:false
            SSDEEP:6:ma6jbMq2PWXp+N23iKKdKpIFUtp16jGjZZmwP16jGjzkwOWXp+N23iKKdKa/WLJ:F6jgva5KkmFUtp16jm/P16ja5f5KkaUJ
            MD5:C0A838185B1191F91DDB4349A7E1E741
            SHA1:844E1BA97D4A71140877139503E967990F72AA25
            SHA-256:5A9366C88CAD50A700B4D07CC046473F58ABC905F73BECF88C736AD0FF62F328
            SHA-512:F2870A9546E5D304CFE4C00C28248B1B93A733921CE036482097635D9847314B485963DAB93A4B1BD1F28CC546BF1A1EF69FB9B6337BF789755C54A478EB67AA
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:50.254 1554 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/01/11-17:54:50.255 1554 Recovering log #3.2021/01/11-17:54:50.255 1554 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):399
            Entropy (8bit):5.381074362517039
            Encrypted:false
            SSDEEP:6:ma8lu+q2PWXp+N23iKKdKks8Y5JKKhdIFUtp18lTZmwP18lAX9VkwOWXp+N23iKR:F6va5KkkOrsFUtp1y/P1LT5f5KkkOrzJ
            MD5:2C0CBEEB7A95E38B761CCE00EF4DC1F9
            SHA1:F0A38671F03D41CB0B70158E8FF6953AA46CC031
            SHA-256:063A3480904365F00CE18B5B7D36904E4EA52A4A9EA269AE8B1A29EE6CCB5878
            SHA-512:516788C220CA85A130895B3CBC767533DD5FA77E68CF2712500888A7568190A6FDE37E25C3491952AA81A8584168109C43FFD78C1340024C355F6765323119CC
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:56.426 878 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/MANIFEST-000001.2021/01/11-17:54:56.427 878 Recovering log #3.2021/01/11-17:54:56.428 878 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):12
            Entropy (8bit):3.188721875540867
            Encrypted:false
            SSDEEP:3:3HGx48:3m+8
            MD5:DDEEF080F916F3849EAEC6AF6C9B3C28
            SHA1:1A0A863115877FD116EEBA9A5C205B34A696CBC1
            SHA-256:C71B3CD7AB48FD8CF4D38434CE9DA74F17AB92BC784633C48952A872E0806EDC
            SHA-512:2E88B0048D5540330B5970CF3E3CB391C652D0354764356FFDDE4248006A879130FEB907E03231BB3F484C50AEC1B27344903E7FE4400E01BF2AAF0636AA29AD
            Malicious:false
            Reputation:low
            Preview: .........?.
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d7eddbcc-7e77-468b-8fe3-3f6af0810265.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:very short file (no magic)
            Category:dropped
            Size (bytes):1
            Entropy (8bit):0.0
            Encrypted:false
            SSDEEP:3:L:L
            MD5:5058F1AF8388633F609CADB75A75DC9D
            SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
            SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
            SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
            Malicious:false
            Reputation:low
            Preview: .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):16
            Entropy (8bit):3.2743974703476995
            Encrypted:false
            SSDEEP:3:1sjgWIV//Rv:1qIFJ
            MD5:6752A1D65B201C13B62EA44016EB221F
            SHA1:58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B
            SHA-256:0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
            SHA-512:9CFD838D3FB570B44FC3461623AB2296123404C6C8F576B0DE0AABD9A6020840D4C9125EB679ED384170DBCAAC2FA30DC7FA9EE5B77D6DF7C344A0AA030E0389
            Malicious:false
            Reputation:low
            Preview: MANIFEST-000004.
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):136
            Entropy (8bit):4.518848204834306
            Encrypted:false
            SSDEEP:3:tUKT+GeTv2WZmwv31+0lhR1V8s1+IGvR1WGv:ma+GMhZmwP1+C7Vv1+Z7tv
            MD5:68884998E67328445E244140B84056CB
            SHA1:7BF50F3E858FED7C925B033920D35DEE90FC8E7F
            SHA-256:C6B12BD86AE6ABD6AF62ACE65346A7DA5C965B2DACA68847161F4F402D20351D
            SHA-512:FE3306DB737F167058A081F2D886F138EA5F831547E43D7FF4C5F28A581071EC2342786C2CDEAFF2CEA3FCC457BAA042A7F51EEC0C8046B290664CA10EF228FD
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:54.496 560 Recovering log #3.2021/01/11-17:54:54.596 560 Delete type=0 #3.2021/01/11-17:54:54.597 560 Delete type=3 #2.
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MPEG-4 LOAS
            Category:dropped
            Size (bytes):50
            Entropy (8bit):5.028758439731456
            Encrypted:false
            SSDEEP:3:Ukk/vxQRDKIVmt+8jzn:oO7t8n
            MD5:031D6D1E28FE41A9BDCBD8A21DA92DF1
            SHA1:38CEE81CB035A60A23D6E045E5D72116F2A58683
            SHA-256:B51BC53F3C43A5B800A723623C4E56A836367D6E2787C57D71184DF5D24151DA
            SHA-512:E994CD3A8EE3E3CF6304C33DF5B7D6CC8207E0C08D568925AFA9D46D42F6F1A5BDD7261F0FD1FCDF4DF1A173EF4E159EE1DE8125E54EFEE488A1220CE85AF904
            Malicious:false
            Reputation:low
            Preview: V........leveldb.BytewiseComparator...#...........
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text
            Category:dropped
            Size (bytes):338
            Entropy (8bit):5.231134932446377
            Encrypted:false
            SSDEEP:6:maPnAN+q2PWXp+N23iKKdKfrzAdIFUtp1PTXZmwP1PiVkwOWXp+N23iKKdKfrzId:Ffs+va5Kk9FUtp1LX/P1qV5f5Kk2J
            MD5:3A091E61924C1A310AAEAC6F90AF3204
            SHA1:5E2F90C5297F3E8CD23B06433E70282CFD71DB75
            SHA-256:FF34F466D01DB5DB54ABA17BC64C94D9E2DBF6B9A8F7C14D3229EDD177CE6EF3
            SHA-512:93D25FB10F79CCDC7FA3E932B45E8886CF3CB2B0DA312DC337FB0836060D51C2247E4449E807242E5735DB9F68A3453AAFEF893B25F436008DF8B04F9D6EFDE6
            Malicious:false
            Reputation:low
            Preview: 2021/01/11-17:54:55.632 144c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2021/01/11-17:54:55.633 144c Recovering log #3.2021/01/11-17:54:55.634 144c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/000003.log .
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):106
            Entropy (8bit):3.138546519832722
            Encrypted:false
            SSDEEP:3:tbloIlrJ5ldQxl7aXVdJiG6R0RlAl:tbdlrnQxZaHIGi0R6l
            MD5:DE9EF0C5BCC012A3A1131988DEE272D8
            SHA1:FA9CCBDC969AC9E1474FCE773234B28D50951CD8
            SHA-256:3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
            SHA-512:CEA946EBEADFE6BE65E33EDFF6C68953A84EC2E2410884E12F406CAC1E6C8A0793180433A7EF7CE097B24EA78A1FDBB4E3B3D9CDF1A827AB6FF5605DA3691724
            Malicious:false
            Reputation:low
            Preview: C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.
            C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with no line terminators
            Category:dropped
            Size (bytes):13
            Entropy (8bit):2.8150724101159437
            Encrypted:false
            SSDEEP:3:Yx7:4
            MD5:C422F72BA41F662A919ED0B70E5C3289
            SHA1:AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632
            SHA-256:02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
            SHA-512:86010ED2B2EEBDCC5A8A076B37703669C294C6D1BFAAEA963E26A9C94B81B4C53EC765D9425E5B616159C43923F800A891F9B903659575DF02F8845521F8DC46
            Malicious:false
            Reputation:low
            Preview: 85.0.4183.121
            C:\Users\user\AppData\Local\Google\Chrome\User Data\b9f74a4e-3803-40e0-89ea-1a9efc7fdada.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:dropped
            Size (bytes):92724
            Entropy (8bit):3.739338404540594
            Encrypted:false
            SSDEEP:384:rDN2C8DN8c7ClN+r7vSa3h6Q5HUNGFMrXkCkxZo4srrTWmP030GmK1OQkGN712/B:3yVpCA1BcerYykQPzOGKAqS5G
            MD5:F1A6A0CC5887B49C1DF43EBF68D3661F
            SHA1:8807CE297A679D8DE2DB83D2773AF495847E8EE2
            SHA-256:A784BD7110A0BB12BE1F830039A1562D541108651CF03EE7205CCD97D6E4299A
            SHA-512:1B0BD024C098109469BC4AB74DC9D4F0A698D78ED6DE326B17B81B6297ED7714870330FE50AEFE7B2AC2DE1BE148C1CB96843E8518C56223BB7ED6BC2A319826
            Malicious:false
            Reputation:low
            Preview: 0j..............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n...y.8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
            C:\Users\user\AppData\Local\Google\Chrome\User Data\ca5238cc-0c84-45f3-89a9-ed60dd11588d.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:data
            Category:modified
            Size (bytes):95428
            Entropy (8bit):3.7396995278629084
            Encrypted:false
            SSDEEP:384:VDN2C8DNojcyVb9ClN+r7vSa3h6Q5HUNGFMrXkCkxZo4srrTWmP7l30GmK1OQkGP:xCyVpCAQBcerYykQPzOGKAqS5c2
            MD5:B89F43EB84766799DB75FB72E2D6374A
            SHA1:560BDF69A29C58476091FC7B751ED410D2743E9D
            SHA-256:47C1EA6CC9835951417E8E4FB97E3FC951222BC16CA92F52AA77052A4DC2CF5F
            SHA-512:D7F4B6695F981547441E7460B04E48C0E3E62EF64D1977053D9C59B709D58FF5F0A464BCE477C708299DE717D764658D36238B4018FDBD436D49C57CFF815701
            Malicious:false
            Reputation:low
            Preview: .t..............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n...y.8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
            C:\Users\user\AppData\Local\Google\Chrome\User Data\cf8b32d1-4022-4f93-880b-9cd6660ff880.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:ASCII text, with very long lines, with no line terminators
            Category:dropped
            Size (bytes):162896
            Entropy (8bit):6.082040205591984
            Encrypted:false
            SSDEEP:3072:m3LFh/DYC/ddlBuZ92QklE6FcbXafIB0u1GOJmA3iuRF:mnsC/ddlBuZsnaqfIlUOoSiuRF
            MD5:58C41F1D082EAD93D8FE1754E61B65E7
            SHA1:2AA27F99C6E0E863A845D09892635249C40B14F5
            SHA-256:276A24A228418550508C24EACBA2932609D3E8D2A60CAC866EFA261C3CBB62A4
            SHA-512:73FDF2BC306840D8124184CA239307C312E9439985473EEF8EF3C306B82497204282DEF999977196ED88D16FB5BC1D14F3D33740BD5B73CCA7622A70AFD03905
            Malicious:false
            Reputation:low
            Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.610416492436291e+12,"network":1.610384093e+12,"ticks":101423734.0,"uncertainty":2817478.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016284739"},"plugins":{"metadata":{"adobe-flash-player":{"disp
            C:\Users\user\AppData\Local\Temp\38fbe728-21f7-4bef-9550-0a0fb2e65d7e.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:very short file (no magic)
            Category:dropped
            Size (bytes):1
            Entropy (8bit):0.0
            Encrypted:false
            SSDEEP:3:L:L
            MD5:5058F1AF8388633F609CADB75A75DC9D
            SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
            SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
            SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
            Malicious:false
            Reputation:low
            Preview: .
            C:\Users\user\AppData\Local\Temp\5f030b73-d58b-4ee8-8e87-a561b3debed7.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:Google Chrome extension, version 3
            Category:dropped
            Size (bytes):300953
            Entropy (8bit):7.973503294353402
            Encrypted:false
            SSDEEP:6144:0sb1v/4nxPbqqBbWbFsw+wh3bC5NFv++S/hup0XcaxlnJ9:7l/4nxPZbOFsw+y3d+S6WnX
            MD5:1FE8E0AEB768437A23CEEAE6053E5822
            SHA1:5529A275644B729009E22035F6125879450F4ABB
            SHA-256:25A2F515CEC98CF2ACF11B34C59723D76820A4B5734E223D7EBEA55E5A851468
            SHA-512:45C8EEC35301495EB9DCE36B32F1CA2E9A7B167CAB52D3E026E2617134067C38CCE1463DEC18C1657A6984FBB8F342336E29E8BF6280C0533CB67CA56812320A
            Malicious:false
            Reputation:low
            Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b...............L.18..Y.~..%...~._......O\..p,...eY.0=.!..+.SoZA7...:t.G...VZ<..d....MN.......T..{1\.T...P,...i...NrD...e.2..u....5......1.n.Zu.E...!..XR..j.:.E.gUw.-s7:T.c_...(.i..iU.).M=yF<..`......F...@)..IK.. b.4.o..mC'...N.*@OtT...`.&|.8.M;...........0..0...*.H............0.......).'..b.*$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.|b.l....{.K@]6.LlP/....](.A...........e..;.<LQ0{^....=m.V.#....a.NL......%...p.@.4....Q.Fw...dUoCq....Rl.G.,2.....[..T'.........."ct.).s#.(/.D..C..4..RKf.W....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...H0F.!...L..\.j.1.d.....==v.....-
            C:\Users\user\AppData\Local\Temp\62d4f562-73a7-4066-9205-6a96748ad538.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:very short file (no magic)
            Category:dropped
            Size (bytes):1
            Entropy (8bit):0.0
            Encrypted:false
            SSDEEP:3:L:L
            MD5:5058F1AF8388633F609CADB75A75DC9D
            SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
            SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
            SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
            Malicious:false
            Reputation:low
            Preview: .
            C:\Users\user\AppData\Local\Temp\d9b8c9fc-e977-41bc-91b2-01b5f5ee2543.tmp
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:Google Chrome extension, version 3
            Category:dropped
            Size (bytes):768843
            Entropy (8bit):7.992932603402907
            Encrypted:true
            SSDEEP:12288:cK2ED9wjXNC1Gse83ru82/u0eKhgxuPFrDXgtbPz54Pm1D0fBmfH1sBrJ9mTiDga:cK2ED9I48seur0/uZKCuPNbgtbz6m1ob
            MD5:A11D5CAF6BF849AEB84B0C95B1C3B7CF
            SHA1:27F410CCBD75852C01C7464A1FD7EF8C29BE3916
            SHA-256:D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
            SHA-512:086C124DE3A01BE467647F3BCB4EA05105F690AB45417A0E3D38935ABA9E2381DF59AF98D0FFF7823CEFD5390B48807352E135AC70977AED7B413A8CC48FB590
            Malicious:false
            Reputation:low
            Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........6W..>Nuw9..R{c...Nq.H.K..A!....`v.k+..?.5.>v.....;.._~....tp....x.q.V...7.m.O.~.{!.o/q.'..BK..4./?'.....L..fH&.._<..&.p.k^..\s...:1y..F.N.+...X.PO@Mo....X.G1:..Y.@;..j..........=ae...0.......DU....n...n.;.Ipr..Q....:... <.....a.Y....{ei........0..0...*.H............0.......Mbh=.[O}.+..U.KHF(n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$......l-m.............m....ni...`..W.....R.p.b.+...+.\k.R$e~.J\.&c%.d...M..j..V.%...+1F....D....X\.1ct.<........E.B.+.i@...8..^...&YR...I.o...,.....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. D.'.N@.(..GK....m...A.0.."
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\am\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):17307
            Entropy (8bit):5.461848619761356
            Encrypted:false
            SSDEEP:384:arfbEVrFvMP4rMhuDopC3vUuFBYZV6uml:aHEVrFvMP4KuFvr6D6uml
            MD5:26330929DF0ED4E86F06C00C03F07CE3
            SHA1:478F3B7E7A7E007BEE182B89C2EF6FFE6045E92C
            SHA-256:621B5139ED199022BB6529AF18ED4DC312AE9F3E90ECAF3B2C9E1D12114F5B22
            SHA-512:0BE6183A1BF12575C0F99960705D4249E79CDB8528C55FF132BE99A111F09494231AD6A36CD61B090A3B34C6971D68A29373BA346888E852C52E05DC14380682
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "...... ... ..... .. ...... .... ... .... ......?".. },.. "128276876460319075": {.. "message": "..... ...".. },.. "1428448869078126731": {.. "message": ".... ......".. },.. "1522140683318860351": {.. "message": "..... ....... .... ..... .....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": "... ...".. },.. "1802762746589457177": {.. "message": "...".. },.. "1850397500312020388": {.. "message": ".$START_LINK$Google Home .......$END_LINK$ ... ...... Chromecast ..... .....? $START_SPAN$*$END_SPAN$",.. "placeholde
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\ar\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):16809
            Entropy (8bit):5.458147730761559
            Encrypted:false
            SSDEEP:192:0IprKC78JmUjk8RkeryFOYPATxLZ8fsbE3/IFV6c8TEKdl:Jrp8JjA8RkerK0lc3wFV6uml
            MD5:44325A88063573A4C77F6EF943B0FC3E
            SHA1:78908D766F3E7A0E4545E7BD823C8ED47C7164EB
            SHA-256:67A439A08804EF4BEF261BDBADD8F0FEFD51729167D01EDCA99DD4AF57D6108B
            SHA-512:889C02BC986794C58C76022E78F57F867DD1D5217687F12D679A33A2DB9E5A18F3A37CF94D8FE4585E747C78E4662EAB93361FF7D945990774C7CFCACCFB79D1
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": ".. .. ........ ....... .... .... ... .......".. },.. "128276876460319075": {.. "message": "...... .......".. },.. "1428448869078126731": {.. "message": "..... .......".. },.. "1522140683318860351": {.. "message": "..... ........ .... ........ ... .....".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": "..... .....".. },.. "1850397500312020388": {.. "message": "... ....... .. .... Chromecast .. $START_LINK$..... Google Home$END_LINK$. $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {..
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\bg\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):18086
            Entropy (8bit):5.408731329060678
            Encrypted:false
            SSDEEP:192:4jjpr342SIwPIasR9VhMkACVmrv8evj+3eXivOMbb2vVzCkwRV6V6c8TEKdl:4ZrYo+rxT+qOV6V6uml
            MD5:6911CE87E8C47223F33BEF9488272E40
            SHA1:980398F076BB7D451B18D7FDE2DE09041B1F55AD
            SHA-256:273DEF0F67F0FA080802B85EF6F334DE50A19408F46BDF41F0F099B1F5501EEA
            SHA-512:CDB69405BB553E46DCF02F71B1A394307D0051E7FA662DFFEBA7888F30DD933F13C7FD6E32F1D7AEAEE8746316873B6E1D92029724ABDC75E49DCC092172EA22
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": ".......".. },.. "1213957982723875920": {.. "message": "... .. ........ ......... ...... ...-..... ....... ..?".. },.. "128276876460319075": {.. "message": "......... .. ..........".. },.. "1428448869078126731": {.. "message": "........ .. .........".. },.. "1522140683318860351": {.. "message": "........... .. .. ........ ...., ........ .......".. },.. "1550904064710828958": {.. "message": "......".. },.. "1636686747687494376": {.. "message": ".......".. },.. "1802762746589457177": {.. "message": ".... .. .....".. },.. "1850397500312020388": {.. "message": "....... .. ............ .. Chromecast . $START_LINK$............ Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "p
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\bn\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):19695
            Entropy (8bit):5.315564774032776
            Encrypted:false
            SSDEEP:384:PrUCrcTIOeswIW/Vre/sZn8TFfzheV6uml:lPswIWtoK8xfG6uml
            MD5:F9DDF525C07251282A3BFFCEE9A09ABB
            SHA1:A343A078E804AF400A8F3E1891E3390DA754A5CD
            SHA-256:C69C6C90F7EB8F10685CD815AF1F6F1B87CF30C4E8D95DF1D577DE1105AAD227
            SHA-512:EBD339C37162984672513019D470B92DF8B743DD69D4430361EF12D42FD1C208DBDE818A7BFE20BE8A7D63CD6E02B3F4344DEA1C4AEDB8719D789981A49DA44C
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": ".... ...".. },.. "1213957982723875920": {.. "message": "..... ....... ..... ........... ...... ....... ...... ...?".. },.. "128276876460319075": {.. "message": "...... ........".. },.. "1428448869078126731": {.. "message": "...... ......... ...".. },.. "1522140683318860351": {.. "message": "..... .... ...... ....... ... ... .... ...... .....".. },.. "1550904064710828958": {.. "message": ".........".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": ".....".. },.. "1850397500312020388": {.. "message": "$START_LINK$ Google
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\ca\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15518
            Entropy (8bit):5.242542310885
            Encrypted:false
            SSDEEP:384:drGUBKxMF2ayv8FrIccUVFmwf+7d9VKS3V6uml:dCUBKxMFBy0FE3UzmQ+zkSl6uml
            MD5:A90CF7930E7C3BEC61EE252DEFAD574A
            SHA1:F630CA01114A7BDD39607CB84B8280CCE218A5C6
            SHA-256:A533740E17559E2ADF40B4555C60F21EEC84E92C09CDBC19EED033A0B4DD2474
            SHA-512:598F991B344FA6724617D6CE57BB0D6D64EF86B4F5317BF6AD5EDF43E6B0A385094E7885F7A8FA2B107405B31C3D9F76E92315BC1D9BB52ACD4ECAD342917DE1
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Es congela".. },.. "1213957982723875920": {.. "message": "Quina de les opcions.seg.ents descriu millor la vostra xarxa?".. },.. "128276876460319075": {.. "message": "Detecci. de dispositius".. },.. "1428448869078126731": {.. "message": "Flu.desa del v.deo".. },.. "1522140683318860351": {.. "message": "S'ha produ.t un error en la connexi.. Torneu-ho a provar.".. },.. "1550904064710828958": {.. "message": "Correcta".. },.. "1636686747687494376": {.. "message": "Perfecta".. },.. "1802762746589457177": {.. "message": "Volum".. },.. "1850397500312020388": {.. "message": "Pots veure el Chromecast a l'$START_LINK$aplicaci. Google.Home$END_LINK$?$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\cs\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15552
            Entropy (8bit):5.406413558584244
            Encrypted:false
            SSDEEP:192:eVdprJrG5efiTk93ebrxZR1fdc8VDCwT9fTV6c8TEKdl:2rMqiQerxQ88W7V6uml
            MD5:17E753EE877FDED25886D5F7925CA652
            SHA1:8E4EC969777CC0CEB7C12D0C1B9D87EBBB9C4678
            SHA-256:C562FCCFCE374D446BFAC30AC9B18FF17E7A3EF101C919FF857104917F300382
            SHA-512:33D61F6327FC81D7A45AA2CC97922DC527F5F43E54AA1A1638DA6EE407024A2F10CFD82CC5C3C581C2E7B216276987CB26C3FA95198572E139ACF29CC5B7ADCB
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Video zamrz.".. },.. "1213957982723875920": {.. "message": "Kter. popis nejl.pe vystihuje va.i s..?".. },.. "128276876460319075": {.. "message": "Zji..ov.n. za..zen.".. },.. "1428448869078126731": {.. "message": "Plynulost videa".. },.. "1522140683318860351": {.. "message": "P.ipojen. se nezda.ilo. Zkuste to pros.m znovu.".. },.. "1550904064710828958": {.. "message": "Plynul.".. },.. "1636686747687494376": {.. "message": "Perfektn.".. },.. "1802762746589457177": {.. "message": "Hlasitost".. },.. "1850397500312020388": {.. "message": "Vid.te sv.j Chromecast v.$START_LINK$aplikaci Google Home $END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\da\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15340
            Entropy (8bit):5.2479291792849105
            Encrypted:false
            SSDEEP:192:+Upr8XnI1MY2kPuir8j7Rd3kbTWc4QtV6c8TEKdl:FrJ1H9br8h6eZCV6uml
            MD5:F08A313C78454109B629B37521959B33
            SHA1:3D585D52EC8B4399F66D4BE88CED10F4A034FCCC
            SHA-256:23BF7E5EDF70291CA6D8F4A64788C5B86379EECB628E3DFA7DD83344612F7564
            SHA-512:9F2868AEBBF7F6167A7EA120FE65E752F9A65D1DC51072AA2413B2FDE374DA2D169D455A4788E341717F694179E6F1FA80413C080D9CD8CB397C3E84668CBFEC
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Fryser".. },.. "1213957982723875920": {.. "message": "Hvilket af f.lgende udsagn beskriver bedst dit netv.rk?".. },.. "128276876460319075": {.. "message": "Enhedsregistrering".. },.. "1428448869078126731": {.. "message": "Videostabilitet".. },.. "1522140683318860351": {.. "message": "Forbindelsen blev afbrudt. Pr.v igen.".. },.. "1550904064710828958": {.. "message": "Problemfri".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Lydstyrke".. },.. "1850397500312020388": {.. "message": "Kan du se din Chromecast i $START_LINK$ Google Home-appen$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "STAR
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\de\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15555
            Entropy (8bit):5.258022363187752
            Encrypted:false
            SSDEEP:192:AJprM71A4qyJSwlk5KR5rtXsmvL0xhVw921YV6c8TEKdl:2re3jJS5A5rt8msA2KV6uml
            MD5:980FB419ED6ED94AD75686AFFB4E4C2E
            SHA1:871BFBCA6BCBA9197811883A93C50C0716562D57
            SHA-256:585C7814AFD2453232BC940252D4AE821D6E6CBCFD74A793F78E5DB8BA5342F1
            SHA-512:1681FA9C3BA882250A5005FB807D759EB8A634F1AA011725B1C865C0028BE7AB7BC16DC821A7F5BBFBA84C91E7D663ADE715284798E7E84E8FFF2D254488882D
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "H.ngenbleiben".. },.. "1213957982723875920": {.. "message": "Welche dieser Aussagen beschreibt dein Netzwerk am besten?".. },.. "128276876460319075": {.. "message": "Ger.teerkennung".. },.. "1428448869078126731": {.. "message": "Videowiedergabequalit.t".. },.. "1522140683318860351": {.. "message": "Fehler beim Herstellen der Verbindung. Bitte versuche es noch einmal.".. },.. "1550904064710828958": {.. "message": "St.rungsfrei".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Lautst.rke".. },.. "1850397500312020388": {.. "message": "Siehst du deinen Chromecast in der $START_LINK$Google Home App$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\el\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):17941
            Entropy (8bit):5.465343004010711
            Encrypted:false
            SSDEEP:384:S0rDuhLh41cZrP3TzDBknbpgo6djIV6uml:S0fuBh46ZD3TzDinbpgoUK6uml
            MD5:40EB778339005A24FF9DA775D56E02B7
            SHA1:B00561CC7020F7FE717B5F692884253C689A7C61
            SHA-256:F56BF7C171AA20038EE30B754478B69A98F3014C89362779B0A8788C7B9BEEE1
            SHA-512:8BED281A33EC1E4E88A9F9D62BB13FE0266C0FAF8856D1DC2A843D26DD3CE5E7D1400FD3325ABD783B0364EC4FB1188AD941D56AEB9073BC365BE0D12DE6C013
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": ".......".. },.. "1213957982723875920": {.. "message": ".... ... .. ........ .......... ........ .. ...... ...;".. },.. "128276876460319075": {.. "message": ".......... ........".. },.. "1428448869078126731": {.. "message": "......... ......".. },.. "1522140683318860351": {.. "message": "........ ......... ......... .....".. },.. "1550904064710828958": {.. "message": ".....".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": "...... ....".. },.. "1850397500312020388": {.. "message": "........ .. ..... .. Chromecast .... $START_LINK$........ Google Home$END_LINK$; $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\en\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):14897
            Entropy (8bit):5.197356586852831
            Encrypted:false
            SSDEEP:96:2MKUOp5N7GTNMRuv6M0bIt3FXGkW6/5NkkQ9NJKJhnH3t9F410sUA+ISN6cGDSyR:VKzprogudTGkWqrKcJhdIR+V6c8TEKdl
            MD5:8351AF4EA9BDD9C09019BC85D25B0016
            SHA1:F6EC1FFD291C8632758E01C9EE837B1AD18D4DCF
            SHA-256:F41C82D8A4F0E9B645656D630C882BE94A0FB7F8CEC0FE864B57298F0312B212
            SHA-512:75672B57F21F38F97341AD76A199AD764E9FBAB2384D701BF6EB06CEFDE6C4F20F047F9051A4E30D99621E5C1FBBDB9E38E8D2B47470806704B38DA130A146CF
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Freezes".. },.. "1213957982723875920": {.. "message": "Which of the following best describes your network?".. },.. "128276876460319075": {.. "message": "Device Discovery".. },.. "1428448869078126731": {.. "message": "Video Smoothness".. },.. "1522140683318860351": {.. "message": "Connection failed. Please try again.".. },.. "1550904064710828958": {.. "message": "Smooth".. },.. "1636686747687494376": {.. "message": "Perfect".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Are you able to see your Chromecast in the $START_LINK$ Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "START
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\es\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15560
            Entropy (8bit):5.236752363299121
            Encrypted:false
            SSDEEP:192:NAgprfy1pTCukFr+1DIyDRoanvV6c8TEKdl:KMrq6FrmvV6uml
            MD5:8A70C18BB1090AA4D500DE9E8E4A00EF
            SHA1:8AFC097FA956C1317DB0835348B2DA19F0789669
            SHA-256:FF173D1CEF665B1234E02F11070ABD2B65230318150734579A03C7F31B4AE3F4
            SHA-512:140BAF40A4ABE9B8AF0855B0EBB7DFDF17869EDFC4EE1037C5EA7FDD8EDEBD4850E055B6A4D7B8782657618BCE1517813779BA01BA993CC838BB43E0BE71EEEE
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Congelaci.n de im.genes".. },.. "1213957982723875920": {.. "message": ".Cu.l de las siguientes respuestas describe mejor tu red?".. },.. "128276876460319075": {.. "message": "Detecci.n de dispositivo".. },.. "1428448869078126731": {.. "message": "Fluidez del v.deo".. },.. "1522140683318860351": {.. "message": "Error en la conexi.n. Vuelve a intentarlo.".. },.. "1550904064710828958": {.. "message": "V.deo fluido".. },.. "1636686747687494376": {.. "message": "Perfecta".. },.. "1802762746589457177": {.. "message": "Volumen".. },.. "1850397500312020388": {.. "message": ".Puedes ver tu Chromecast en la $START_LINK$aplicaci.n Google.Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\et\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15139
            Entropy (8bit):5.228213017029721
            Encrypted:false
            SSDEEP:96:Z48bxhWYp5Ny5M63niwAKD4rrJSJ2RkPXh9P5NFP2+NBMU01jewUEVez3QOiSevy:ikxprot3lYkf/rHBc0KsUV6c8TEKdl
            MD5:A62F12BCBA6D2C579212CA2FF90F8266
            SHA1:F7E964A2D9BBDA364252BCE5CFBA3FD34FDD825E
            SHA-256:3EB3EB0B3B4A8E5A477D1B3C3A3891CCC7DC6B8879ECE243A7BD7C478068273D
            SHA-512:E300201245C00ADEC8F39D586875F8FA4607AB203572BF3CE353C1CA7CDCA05B8786810CA0CEE27E4EA54A5EFD53690F1EA7AA4148CFF472A66BB11202723566
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Hangub".. },.. "1213957982723875920": {.. "message": "Milline j.rgmistest v.idetest kirjeldab k.ige paremini teie v.rku?".. },.. "128276876460319075": {.. "message": "Seadme tuvastamine".. },.. "1428448869078126731": {.. "message": "Video sujuvus".. },.. "1522140683318860351": {.. "message": ".hendamine eba.nnestus. Proovige uuesti.".. },.. "1550904064710828958": {.. "message": ".htlane".. },.. "1636686747687494376": {.. "message": "T.iuslik".. },.. "1802762746589457177": {.. "message": "Helitugevus".. },.. "1850397500312020388": {.. "message": "Kas n.ete oma Chromecasti $START_LINK$rakenduses Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\fa\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):17004
            Entropy (8bit):5.485874780010479
            Encrypted:false
            SSDEEP:192:rngaIprIX/t9wkjTJrs3hqaXxRQdiIMDnD+LhfHdoltV6c8TEKdl:4rin5rU1X7Qd0M9CtV6uml
            MD5:852BD3CFF960F1BC3A2AAB3CB3874EF9
            SHA1:C9F6F3C776542889FE3B67971D65ACFE048A3A0A
            SHA-256:D87597B6C10364501B98AA42524843F109009CCEF022D8E0170440D7F144F4C6
            SHA-512:2A7AE4D70E33E53EE31831CE2E61DD8DF103C4170EC483BDA14B8788E5DD536EEE84DBA340CACBDF16889C7E6465B48D82C4714E746E8A7B372D12CBDF371C95
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": ".... ... .......".. },.. "1213957982723875920": {.. "message": ".... .. .. ..... ... .... ... .. .. ...... ... ..... .......".. },.. "128276876460319075": {.. "message": "..... ......".. },.. "1428448869078126731": {.. "message": "..... .....".. },.. "1522140683318860351": {.. "message": "..... ...... .... ..... ...... ...... .....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": "..... ...".. },.. "1850397500312020388": {.. "message": ".... ......... Chromecast ... .. .. $START_LINK$ ...... Google Home$END_LINK$ ....... $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {..
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\fi\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15268
            Entropy (8bit):5.268402902466895
            Encrypted:false
            SSDEEP:192:efMprYXiYUNpj5Coik1tXxrUhvUzSPWV6c8TEKdl:eIrjbjosdrU5WV6uml
            MD5:3902581B6170D0CEA9B1ECF6CC82D669
            SHA1:C8208AC2B1DD6D4F8BDAAE01C8BD71FFFA5A732B
            SHA-256:D2A8180225A83A423BB6E17343DFA8F636D517154944002ED9240411B8C0C5E1
            SHA-512:612FDD8A3C5051F0A4F1E11E50B5D124B337C77D62D987D35C2AF9E08AFC6AFCEBAEE8D40FDFBCD1E1889F39758B96FAECBF6C6D1CF146C741A5261952050221
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Pys.htyy".. },.. "1213957982723875920": {.. "message": "Mik. seuraavista kuvaa parhaiten verkkoasi?".. },.. "128276876460319075": {.. "message": "Laitteiden tunnistaminen".. },.. "1428448869078126731": {.. "message": "Videon tasaisuus".. },.. "1522140683318860351": {.. "message": "Yhteys ep.onnistui. Yrit. uudelleen.".. },.. "1550904064710828958": {.. "message": "Tasainen".. },.. "1636686747687494376": {.. "message": "T.ydellinen".. },.. "1802762746589457177": {.. "message": "..nenvoimakkuus".. },.. "1850397500312020388": {.. "message": "N.etk. Chromecastisi $START_LINK$Google Home .sovelluksessa$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\fil\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15570
            Entropy (8bit):5.1924418176212646
            Encrypted:false
            SSDEEP:192:+esprzAsQp68wIJYkMyr2k0jR1/7Rr1uV6c8TEKdl:Gr78JDMyrR0tJuV6uml
            MD5:59483AD798347B291363327D446FA107
            SHA1:C069F29BB68FA7BA2631B0BF5BBF313346AC6736
            SHA-256:DD47530EAE96346CD4DC3267A0BB1091BB17B704803A93CDA2E3E81551B94F12
            SHA-512:091595CA135E965ED3DE376873541117F0E7A8EBDEB4714833EFDD6C820234373891BE5DEC437BA85CCB79CCCA053D407E6ADA17EBDAE7D313324A48775C0010
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Hindi gumagalaw".. },.. "1213957982723875920": {.. "message": "Alin sa sumusunod ang pinakamahusay na naglalarawan sa iyong network?".. },.. "128276876460319075": {.. "message": "Pagtuklas ng Device".. },.. "1428448869078126731": {.. "message": "Pagka-smooth ng Video".. },.. "1522140683318860351": {.. "message": "Hindi nakakonekta. Pakisubukang muli.".. },.. "1550904064710828958": {.. "message": "Smooth".. },.. "1636686747687494376": {.. "message": "Perpekto".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Nakikita mo ba ang iyong Chromecast sa $START_LINK$ Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\fr\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15826
            Entropy (8bit):5.277877116547859
            Encrypted:false
            SSDEEP:192:nLZprAZg3EkV3sjrICe8L/1Va7lt1rlxLAkoYHHavV6c8TEKdl:vrW+2jrI7TdLAk3MV6uml
            MD5:9B416146FE4F1403C2AACAC4DCF1A5C3
            SHA1:616F055C9FAD4CE972DF82EC8A9B2F4EDA3E7FAD
            SHA-256:7C7F5758F54008190ACCDDBD1761CBD980FB5FE0847E992874498228D2571DBC
            SHA-512:6E8E70380A8C6E2C0587ADFF6AE36963EC76694904841CE1DFE4EEE215B917AD3E8AF727555627FBDF6B8BA6A4A0674D2B90AC4E9331B6628A32F4C4348FB51B
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Se fige".. },.. "1213957982723875920": {.. "message": "Parmi les propositions suivantes, laquelle d.crit le mieux votre r.seau.?".. },.. "128276876460319075": {.. "message": "D.tection d'appareils".. },.. "1428448869078126731": {.. "message": "Fluidit. de la vid.o".. },.. "1522140683318860351": {.. "message": ".chec de la connexion. Veuillez r.essayer.".. },.. "1550904064710828958": {.. "message": "Fluide".. },.. "1636686747687494376": {.. "message": "Parfaite".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Votre Chromecast est-il visible dans l'$START_LINK$application Google.Home$END_LINK$.? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\gu\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):19255
            Entropy (8bit):5.32628732852814
            Encrypted:false
            SSDEEP:384:Hq2Mr+qPlJKYMdzKgXr3dGsGF+yAK37Wf7Cy/V6uml:KxzTVgX7ykj6uml
            MD5:68B03519786F71A426BAC24DECA2DD52
            SHA1:B8E6608932EC5CEC4BC3C5475BFC3E312D2E2E7D
            SHA-256:C77A4D27E9E6CA25B9290056D93A656E3EBE975957E4C2EE9F0FB11B133D5CD4
            SHA-512:5FFE06A10774877AF25E05BA07F3032CC52F874896D67E320F4EF9D524A22E40B462CC6206700E9557EB354FA2730172DC6912EBCA49C671FB0EF155B17F9EFF
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "........... .... ..... .......... ....... ..... ... ..?".. },.. "128276876460319075": {.. "message": "..... ...".. },.. "1428448869078126731": {.. "message": "........ ......".. },.. "1522140683318860351": {.. "message": "....... ...... ..... .... ..... ..... ...... ....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": ".......".. },.. "1850397500312020388": {.. "message": "... ... $START_LINK$ Google Home ..$END_LINK$... Chromecast..
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\hi\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):19381
            Entropy (8bit):5.328912995891658
            Encrypted:false
            SSDEEP:384:zrGrSmhKy7KyY+bNEDqlQdrMEPxtShJV6uml:zBqG6QdwEPrW6uml
            MD5:20C86E04B1833EA7F21C07361061420A
            SHA1:617C0D70E162CF380005E9780B61F650B7A39F9B
            SHA-256:C2C27CA242DBDE600BA3AA7782156BC2B190A64D8A1B51EDC8007BDECA139553
            SHA-512:9FB91AA8E0226519E298B1136E8A1A3C1879DB7F0E6052AF1BFD55921CD698346278D04602510680A9695A76DD5C96D9665380580044C50D81392BB2CB3E8E95
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "..... ... .. ... .... ....... .. .... ..... ..... .... ..?".. },.. "128276876460319075": {.. "message": "...... ...".. },.. "1428448869078126731": {.. "message": "...... .........".. },.. "1522140683318860351": {.. "message": "....... ..... ..... .... ...... .....".. },.. "1550904064710828958": {.. "message": ".......".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": ".....".. },.. "1850397500312020388": {.. "message": ".... .. $START_LINK$ Google Home .........$END_LINK$ ... .... Ch
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\hr\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15507
            Entropy (8bit):5.290847699527565
            Encrypted:false
            SSDEEP:192:Pdapr6h85tRwVQgkvJryLkla5Kfndg/V6c8TEKdl:Arwot2Q7BryVce/V6uml
            MD5:3ED90E66789927D80B42346BB431431E
            SHA1:2B061E3271DF4255B1FFC47BDB207CDEC0D9724F
            SHA-256:0B41E3C42414F72C9A12C05F8772597F9685115366A774C66018467AD4B71A74
            SHA-512:92BE43F1FFC8EFBF5BBC50573AC4C65F6104416A5B6CD04404C3A9854CA3DCF2A43A4044C168590CDF83887D234495843572331ADCD5B020D2E48A3956F3C164
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Zamrzavanje".. },.. "1213957982723875920": {.. "message": "Koje od sljede.eg najbolje opisuje va.u mre.u?".. },.. "128276876460319075": {.. "message": "Otkrivanje ure.aja".. },.. "1428448869078126731": {.. "message": "Ujedna.enost videoreprodukcije".. },.. "1522140683318860351": {.. "message": "Povezivanje nije uspjelo. Poku.ajte ponovo.".. },.. "1550904064710828958": {.. "message": "Glatko".. },.. "1636686747687494376": {.. "message": "Savr.ena".. },.. "1802762746589457177": {.. "message": "Glasno.a".. },.. "1850397500312020388": {.. "message": "Vidite li svoj Chromecast u $START_LINK$aplikaciji Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\hu\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15682
            Entropy (8bit):5.354505633120392
            Encrypted:false
            SSDEEP:192:CCEAproS9fZv+JwkDMrC2NSxoSgbV6c8TEKdl:5r5VZv+RDMrazoV6uml
            MD5:8E9FF7E49473C5734A2F6F0812E12EB3
            SHA1:A4F10DDD1580582533D5EB59EDF6D8048F887C81
            SHA-256:6CDD2FB39ADECE00E88B989E464B05ED1414092D0492F6D0AE58D549BFD1A46A
            SHA-512:E9A4AF31B1A276F395599BB620A3164CABF3459F3C102DD3F57DFEA734510BD985DE65CB409E1975559ACCC615075439A08E1DEBE22C90A0ABCAA3CAFEE79AC7
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Lefagy".. },.. "1213957982723875920": {.. "message": "Az al.bbiak k.z.l melyik jellemzi legjobban h.l.zat.t?".. },.. "128276876460319075": {.. "message": "Eszk.zfelfedez.s".. },.. "1428448869078126731": {.. "message": "Vide. folyamatoss.ga".. },.. "1522140683318860351": {.. "message": "Sikertelen kapcsol.d.s. K.rj.k, pr.b.lja .jra.".. },.. "1550904064710828958": {.. "message": "Folyamatos".. },.. "1636686747687494376": {.. "message": "T.k.letes".. },.. "1802762746589457177": {.. "message": "Hanger.".. },.. "1850397500312020388": {.. "message": "L.tja a Chromecastot a $START_LINK$Google Home alkalmaz.sban$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content":
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\id\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15070
            Entropy (8bit):5.190057470347349
            Encrypted:false
            SSDEEP:192:GsprMtChjkWfrEWL0KRCnEOWV6c8TEKdl:9rtAEr3LTRuWV6uml
            MD5:7ADF9F2048944821F93879336EB61A78
            SHA1:C3DA74FB544684D5B250767BB0CB66FFB7C58963
            SHA-256:3630947E1075E3663AD3E4824D0BE42CB47C0D615D8053E83B9595047C8BA9BE
            SHA-512:1F28BB80E1839C5581106BEA3AE2501C7618249D7E3115819F5A9A87771D59F5DE346C1B9C87F7FFC390604D5B9888CE738E25F2F04A094002A0FB3B22CBEC95
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Membeku".. },.. "1213957982723875920": {.. "message": "Dari berikut ini, manakah yang paling mendeskripsikan jaringan Anda?".. },.. "128276876460319075": {.. "message": "Penemuan Perangkat".. },.. "1428448869078126731": {.. "message": "Kelancaran Video".. },.. "1522140683318860351": {.. "message": "Sambungan gagal. Coba lagi.".. },.. "1550904064710828958": {.. "message": "Lancar".. },.. "1636686747687494376": {.. "message": "Sempurna".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Bisakah Anda melihat Chromecast di $START_LINK$aplikasi Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\it\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15256
            Entropy (8bit):5.210663765771143
            Encrypted:false
            SSDEEP:192:lYprk52dAaykVza8rE0QWBKD9+vq0hKEV6c8TEKdl:qrlA8r6DalV6uml
            MD5:BB3041A2B485B900F623E57459AE698A
            SHA1:502F5EA89F9FB0287E864B240EA39889D72053A4
            SHA-256:025737EF8FA06706B3F26D0F52B4844244A6D33DAE1D82FEF2931A14C003D57E
            SHA-512:BA51784073BEF82F3A116B33DA406FDB10EC823B9EE74375C46036DAD8BDCB4141F60845DE141ABE42CEEF9251572F6AB287CA5FC7669C60E4F68071D5AB8C2D
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Si blocca".. },.. "1213957982723875920": {.. "message": "Quale delle seguenti definizioni descrive meglio la tua rete?".. },.. "128276876460319075": {.. "message": "Rilevamento dispositivi".. },.. "1428448869078126731": {.. "message": "Uniformit. video".. },.. "1522140683318860351": {.. "message": "Connessione non riuscita. Riprova.".. },.. "1550904064710828958": {.. "message": "Fluido".. },.. "1636686747687494376": {.. "message": "Perfetta".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Riesci a vedere il tuo dispositivo Chromecast nell'$START_LINK$app Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\ja\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):16519
            Entropy (8bit):5.675556017051063
            Encrypted:false
            SSDEEP:192:nkprPhQdxkRWrZe1wYpMR5wnAV6c8TEKdl:YrLRWri65wAV6uml
            MD5:6F2CC1A6B258DF45F519BA24149FABDC
            SHA1:8A58C7880C6D22765DCBB6BCE22A192C1B109AE1
            SHA-256:42ECFEE727CFC4F2845FEFDACE5EDC2E0A40AFAD69973A3B950CE653A7633342
            SHA-512:F7454F0E14301C59CC54361ACC0A1C6D072EF9BDF5DEA60646FB90B1CE47612785938C784A4CF1DE3E62648A14420374933B5F5DA43907BC00D3799FF163A3D0
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "...".. },.. "1213957982723875920": {.. "message": "................................".. },.. "128276876460319075": {.. "message": "......".. },.. "1428448869078126731": {.. "message": ".......".. },.. "1522140683318860351": {.. "message": ".......................".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": "$START_LINK$Google Home ...$END_LINK$. Chromecast .........$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\kn\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):20406
            Entropy (8bit):5.312117131662377
            Encrypted:false
            SSDEEP:384:a6C5rBSzvrZreGnla9ZBHRUDYr9yRwEcAa4rSeD5BSz0hJz8qbbM3gbr//Hkr44c:a6C5rBSzvFreGnla9ZBHRUDYr9yRwEcC
            MD5:2E3239FC277287810BC88D93A6691B09
            SHA1:FC5D585DA00ADC90BF79109C7377BD55E6653569
            SHA-256:5FC705AD19761204D8604EA069936A23731B055D51E7836CAAF16AC7719FBEEA
            SHA-512:DF8BC9E577D3ECB0E6C303E1D2C9E9A4A8317CAE810A9DFC88D91B373A4B665722C5A9AB5A589BB947FDA4C7CD9A6DF39DDD13EA47FE9EFF7E0AC43E49FF3479
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "....... .........".. },.. "1213957982723875920": {.. "message": "...... ...... ..... ........... ..... ......... ............?".. },.. "128276876460319075": {.. "message": "..... ........".. },.. "1428448869078126731": {.. "message": "........ .......".. },.. "1522140683318860351": {.. "message": "...... ........... ........ ..... ...........".. },.. "1550904064710828958": {.. "message": ".....".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": "........".. },.. "1850397500312020388": {.. "message": ".... $
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\ko\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with CRLF line terminators
            Category:dropped
            Size (bytes):15480
            Entropy (8bit):5.617756574352461
            Encrypted:false
            SSDEEP:192:kWprGvSQtkxWffrnl5JuFBWVZV6c8TEKdl:TrkuxKfrlT4YVZV6uml
            MD5:E303CD63AD00EB3154431DED78E871C4
            SHA1:3B1E5B8E2CF5EBDF5D33656EF80A46563F751783
            SHA-256:FDE602BFDB1AFD282682DA5338C4F91D8A2F6CB5411DB8F62F4583D629CE67A6
            SHA-512:18BA1D5A25FBC1829AD957A531B0CC490AFCBD20AC22181021363AA3CFB916270B8732E824463C9B0897220E8AE86EB1BE561D6540E6C625F08F228F61DDFFA3
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "...".. },.. "1213957982723875920": {.. "message": ".. . .. .. ..... .. . .... ... .....?".. },.. "128276876460319075": {.. "message": ".. ..".. },.. "1428448869078126731": {.. "message": "... ..".. },.. "1522140683318860351": {.. "message": ".... ...... .. ... ....".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "...".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": "$START_LINK$Google Home .$END_LINK$. Chromecast. .....? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\lt\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15802
            Entropy (8bit):5.354550839818046
            Encrypted:false
            SSDEEP:192:lGxSprfkiRR+2zJckS1khrnPI85+80p3DWReV6c8TEKdl:lG4rlq0OkSmhrwbpIeV6uml
            MD5:93BBBE82F024FBCB7FB18E203F253429
            SHA1:83F4D80F64FA2ADCE6C515C5F663BD38A76C51DB
            SHA-256:E7A8570922CCC4F2CA3721C4E61F426158C4E7BC90274FBC8BE4040FF8B6CA9B
            SHA-512:B7E7878106B466CE95069141DF1DE387E847348B62E9C4D548006452F3E164B3AD842E9673A56DC011A5ECC3346B5863E2034EE477A9D1F3E0ABD76B2D0F640A
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Stringa".. },.. "1213957982723875920": {.. "message": "Kuris i. toliau pateikt. teigini. geriausiai apib.dina j.s. tinkl.?".. },.. "128276876460319075": {.. "message": ".renginio suradimas".. },.. "1428448869078126731": {.. "message": "Vaizdo .ra.o sklandumas".. },.. "1522140683318860351": {.. "message": ".vyko ry.io klaida. Bandykite dar kart..".. },.. "1550904064710828958": {.. "message": "Leid.iama skland.iai".. },.. "1636686747687494376": {.. "message": "Puiki".. },.. "1802762746589457177": {.. "message": "Garsumas".. },.. "1850397500312020388": {.. "message": "Ar .Chromecast. rodomas $START_LINK$programoje .Google Home.$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\lv\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15891
            Entropy (8bit):5.36794040601742
            Encrypted:false
            SSDEEP:192:y18prUkm15wkLDG2raqhnZDuvyI762V6c8TEKdl:RrAL7rte62V6uml
            MD5:388590CE5E144AE5467FD6585073BD11
            SHA1:61228673A400A98D5834389C06127589F19D3A30
            SHA-256:05CA14196CA5D90B228C0F03684E03EBE403A3E7B513AE0A059244AE12B51164
            SHA-512:BF83AC90BC56CEB1CA12DCB47BCE542FB8CFE0BC14E34DE4FE1A84F7CDB4B54E36C125CEA7EE06EA6244F7795A0957A8A20DB30CA4C60FC6E96EF2A735448521
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": ".Iesald.ts. att.ls".. },.. "1213957982723875920": {.. "message": "Kur. no t.l.k min.tajiem apgalvojumiem vislab.k raksturo j.su t.klu?".. },.. "128276876460319075": {.. "message": "Ier.ces atra.ana".. },.. "1428448869078126731": {.. "message": "Video vienm.r.ba".. },.. "1522140683318860351": {.. "message": "Neizdev.s izveidot savienojumu. L.dzu, m..iniet v.lreiz.".. },.. "1550904064710828958": {.. "message": "Vienm.r.gs att.ls".. },.. "1636686747687494376": {.. "message": "Nevainojama".. },.. "1802762746589457177": {.. "message": "Ska.ums".. },.. "1850397500312020388": {.. "message": "Vai j.su Chromecast ier.ce ir redzama $START_LINK$lietotn. Google.Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2"..
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\ml\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):20986
            Entropy (8bit):5.347122984404251
            Encrypted:false
            SSDEEP:384:6pQrdbhWHZ3wOn1HbxytQdroExFVRnTPV6uml:X5hUtz6uml
            MD5:2AF93901DE80CA49DA869188BCDA9495
            SHA1:E60DF4F2FB12BD3F1CA869DAD9F6BDE0C17CEB11
            SHA-256:329E80AEE1212F634E180DEF7E16D6E38D9C9FDA9AC9DB1D99B8AE1626EF304E
            SHA-512:DD1711B017DC65E1272972A1BEBD7A1B1769E1F22B37B20582573392CD432725D19DCE134145B3C031428BC0B5948B02A9AA93C8A651BEAA189B686B7BC2AD46
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "...........".. },.. "1213957982723875920": {.. "message": "................ ..... ....... ...... ....... ......... ............. .................?".. },.. "128276876460319075": {.. "message": "...... .........".. },.. "1428448869078126731": {.. "message": "...... ...............".. },.. "1522140683318860351": {.. "message": "...... .............. ....... ...........".. },.. "1550904064710828958": {.. "message": ".........".. },.. "1636686747687494376": {.. "message": "........".. },.. "1802762746589457177": {.. "message"
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\mr\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):19628
            Entropy (8bit):5.311054092888986
            Encrypted:false
            SSDEEP:192:PbrpprGy+RmIosTmidpzlF1Akk03LQYOkQrjNjP8hZYiEQ5z+excV6c8TEKdl:PbfrGUIos7dpzxbP7KrjNjaBEYuV6uml
            MD5:659F5B4ACA112D3ECBB6EC1613DDE824
            SHA1:5DEE35FCD260554999F8DDEC489FBA9F81FA8EEE
            SHA-256:C8B765E7A07578BC078A952E151E3B866506959E15E79E9E5E1DBB98F9C4008F
            SHA-512:F74B36C1B6160E444F4969D13788A9C60637BDC11DC5065B2518B668E8D638384E00557ACDC88B3EA225D9231B6BED4B227BFB2E12C92773073B256F62ADDE63
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "......".. },.. "1213957982723875920": {.. "message": "......... ..... ...... ......... ............ ..... ....?".. },.. "128276876460319075": {.. "message": "........ ...".. },.. "1428448869078126731": {.. "message": "....... .......".. },.. "1522140683318860351": {.. "message": "....... ....... ..... ..... ...... ....... ....".. },.. "1550904064710828958": {.. "message": ".... ..... .....".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": ".........".. },.. "1850397500312020388": {.. "message": "...... $START_LINK$ Goo
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\ms\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15330
            Entropy (8bit):5.193447909498091
            Encrypted:false
            SSDEEP:192:rCprBbx+Fkc4kYPr/pEt4EpXlIoV6c8TEKdl:CrYjer/mOE4oV6uml
            MD5:09D75141E0D80FBD3E9E92CE843DA986
            SHA1:B24EAB4B1242C31B69514D77BC1DB36A3F648F40
            SHA-256:8F1DBDEFD910AD88BEEC7956619CDB34391D6E69254C3A7497E8F87134AE8B5C
            SHA-512:935C69481F1555787FCB9A5490B3188B348284B600359239742A7D802ADD5CC8A30CC1F0942D52E620DFB388787FCD69B548BBAC590110245DF5763367A2DD5A
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Tidak bergerak".. },.. "1213957982723875920": {.. "message": "Antara yang berikut, manakah yang terbaik menggambarkan rangkaian anda?".. },.. "128276876460319075": {.. "message": "Penemuan Peranti".. },.. "1428448869078126731": {.. "message": "Kelancaran Video".. },.. "1522140683318860351": {.. "message": "Sambungan gagal. Sila cuba lagi.".. },.. "1550904064710828958": {.. "message": "Lancar".. },.. "1636686747687494376": {.. "message": "Sempurna".. },.. "1802762746589457177": {.. "message": "Kelantangan".. },.. "1850397500312020388": {.. "message": "Adakah anda dapat melihat Chromecast anda dalam $START_LINK$ apl Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content":
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\nb\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15155
            Entropy (8bit):5.2408655429422515
            Encrypted:false
            SSDEEP:192:5Pvl9prfckKJ+3kEUroBsL78Z4XyfhV6c8TEKdl:9vhrkDJ+UEUroE78OCJV6uml
            MD5:ED99169537909291BCC1ED1EA7BB63F0
            SHA1:5F72D51B6DBE8C622EF33D2B2AEBD7E9E20DAFB3
            SHA-256:65B6598225ADA1E14EE9CB76CA863708E8F9EE0724B4EDC8F9508532BD631BAB
            SHA-512:452704BFC109EEBDE7C9D83CFC9EADA7471989CA7D30F5C8754B6C2B026100A87C8D9ED49A09E398CEBA8B837829E2D9C6772EEEAF1AFA506F35BDDF25C20C23
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Fryser".. },.. "1213957982723875920": {.. "message": "Hvilket av f.lgende eksempler beskriver nettverket ditt best?".. },.. "128276876460319075": {.. "message": "Enhetsgjenkjenning".. },.. "1428448869078126731": {.. "message": "Videojevnhet".. },.. "1522140683318860351": {.. "message": "Tilkoblingen mislyktes. Pr.v p. nytt.".. },.. "1550904064710828958": {.. "message": "Jevn".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Volum".. },.. "1850397500312020388": {.. "message": "Ser du Chromecasten din i $START_LINK$Google Home-appen$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "START_SPAN":
            C:\Users\user\AppData\Local\Temp\scoped_dir5560_1945573007\CRX_INSTALL\_locales\nl\messages.json
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
            Category:dropped
            Size (bytes):15327
            Entropy (8bit):5.221212691380602
            Encrypted:false
            SSDEEP:192:0Yiepr1oh/Kd1sko8MrIpL72Izq8pXL2vVRmdKV6c8TEKdl:04r60Xo8MrIpLpRXL0G0V6uml
            MD5:E9236F0B36764D22EEC86B717602241E
            SHA1:DE82B804B18933907095DEF3F2EF164C1BB5F9B6
            SHA-256:300F4F7C45EBE39EAAF40776C28D0A399A710699AAB58E9A8D43A6FD2DD00376
            SHA-512:BB8A81D5D1C3FB3CA05149137852CAC213DEECB0437DA85472D5C03DAEFFE28D73007D7921740E56FE8B79544F529670600D47B86C4F27BF45C090B4D55F23F7
            Malicious:false
            Reputation:low
            Preview: {.. "1018984561488520517": {.. "message": "Loopt vast".. },.. "1213957982723875920": {.. "message": "Welke beschrijving past het beste bij je netwerk?".. },.. "128276876460319075": {.. "message": "Apparaatdetectie".. },.. "1428448869078126731": {.. "message": "Vloeiendheid van de video".. },.. "1522140683318860351": {.. "message": "Kan geen verbinding maken. Probeer het opnieuw.".. },.. "1550904064710828958": {.. "message": "Vloeiend".. },.. "1636686747687494376": {.. "message": "Perfect".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Zie je je Chromecast in de $START_LINK$Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..

            Static File Info

            No static file info

            Network Behavior

            Network Port Distribution

            TCP Packets

            TimestampSource PortDest PortSource IPDest IP
            Jan 11, 2021 17:54:53.625763893 CET4972580192.168.2.363.250.38.72
            Jan 11, 2021 17:54:53.626408100 CET4972680192.168.2.363.250.38.72
            Jan 11, 2021 17:54:53.800033092 CET4972880192.168.2.363.250.38.72
            Jan 11, 2021 17:54:53.813936949 CET804972563.250.38.72192.168.2.3
            Jan 11, 2021 17:54:53.814081907 CET4972580192.168.2.363.250.38.72
            Jan 11, 2021 17:54:53.814632893 CET804972663.250.38.72192.168.2.3
            Jan 11, 2021 17:54:53.814743042 CET4972680192.168.2.363.250.38.72
            Jan 11, 2021 17:54:53.817996979 CET4972580192.168.2.363.250.38.72
            Jan 11, 2021 17:54:53.997556925 CET804972863.250.38.72192.168.2.3
            Jan 11, 2021 17:54:53.997693062 CET4972880192.168.2.363.250.38.72
            Jan 11, 2021 17:54:54.012516022 CET804972563.250.38.72192.168.2.3
            Jan 11, 2021 17:54:54.053515911 CET4972580192.168.2.363.250.38.72
            Jan 11, 2021 17:54:55.494198084 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.536695957 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.536822081 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.537075043 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.580173016 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.594070911 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.594098091 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.594116926 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.594132900 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.594146013 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.594188929 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.610380888 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.610532999 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.610697985 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.653232098 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.653501987 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.653572083 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.655741930 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.655777931 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.655807972 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.655843973 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.655858040 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.655900002 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.657908916 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.657934904 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.658003092 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.660063982 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.660088062 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.660139084 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.662209034 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.662235975 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.662305117 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.664346933 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.664382935 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.664489985 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.665163994 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.666513920 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.666532040 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.666568041 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.666599035 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.668683052 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.668700933 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.668770075 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.670782089 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.670808077 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.670842886 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.670867920 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.696052074 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.696099043 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.696111917 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.696168900 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.697066069 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.697125912 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.697211027 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.697269917 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.699218035 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.699250937 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.699274063 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.699317932 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.701356888 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.701416969 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.701461077 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.701517105 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.703536034 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.703579903 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.703596115 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.703628063 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.705653906 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.705692053 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.705740929 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.705760956 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.707782984 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.707811117 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.707847118 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.707870960 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.709943056 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.709969997 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.710033894 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.712109089 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.712145090 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.712197065 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.714253902 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.714288950 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.714346886 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.716392994 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.716424942 CET44349741172.217.23.1192.168.2.3
            Jan 11, 2021 17:54:55.716490984 CET49741443192.168.2.3172.217.23.1
            Jan 11, 2021 17:54:55.718513966 CET44349741172.217.23.1192.168.2.3

            UDP Packets

            TimestampSource PortDest PortSource IPDest IP
            Jan 11, 2021 17:54:45.581718922 CET6349253192.168.2.38.8.8.8
            Jan 11, 2021 17:54:45.632366896 CET53634928.8.8.8192.168.2.3
            Jan 11, 2021 17:54:46.695038080 CET6083153192.168.2.38.8.8.8
            Jan 11, 2021 17:54:46.745978117 CET53608318.8.8.8192.168.2.3
            Jan 11, 2021 17:54:48.042947054 CET6010053192.168.2.38.8.8.8
            Jan 11, 2021 17:54:48.093713045 CET53601008.8.8.8192.168.2.3
            Jan 11, 2021 17:54:49.192897081 CET5319553192.168.2.38.8.8.8
            Jan 11, 2021 17:54:49.241003036 CET53531958.8.8.8192.168.2.3
            Jan 11, 2021 17:54:50.802546978 CET5014153192.168.2.38.8.8.8
            Jan 11, 2021 17:54:50.855454922 CET53501418.8.8.8192.168.2.3
            Jan 11, 2021 17:54:53.009682894 CET5934953192.168.2.38.8.8.8
            Jan 11, 2021 17:54:53.057784081 CET53593498.8.8.8192.168.2.3
            Jan 11, 2021 17:54:53.474760056 CET5708453192.168.2.38.8.8.8
            Jan 11, 2021 17:54:53.531034946 CET53570848.8.8.8192.168.2.3
            Jan 11, 2021 17:54:53.548139095 CET5882353192.168.2.38.8.8.8
            Jan 11, 2021 17:54:53.552525043 CET5756853192.168.2.38.8.8.8
            Jan 11, 2021 17:54:53.554896116 CET5054053192.168.2.38.8.8.8
            Jan 11, 2021 17:54:53.555489063 CET5436653192.168.2.38.8.8.8
            Jan 11, 2021 17:54:53.604192019 CET53588238.8.8.8192.168.2.3
            Jan 11, 2021 17:54:53.608470917 CET53575688.8.8.8192.168.2.3
            Jan 11, 2021 17:54:53.624742031 CET53505408.8.8.8192.168.2.3
            Jan 11, 2021 17:54:53.632313967 CET53543668.8.8.8192.168.2.3
            Jan 11, 2021 17:54:53.927428961 CET5303453192.168.2.38.8.8.8
            Jan 11, 2021 17:54:53.983325005 CET53530348.8.8.8192.168.2.3
            Jan 11, 2021 17:54:54.126588106 CET5776253192.168.2.38.8.8.8
            Jan 11, 2021 17:54:54.130384922 CET5543553192.168.2.38.8.8.8
            Jan 11, 2021 17:54:54.188008070 CET53577628.8.8.8192.168.2.3
            Jan 11, 2021 17:54:54.194514990 CET53554358.8.8.8192.168.2.3
            Jan 11, 2021 17:54:54.258228064 CET5543653192.168.2.38.8.8.8
            Jan 11, 2021 17:54:54.258721113 CET5543753192.168.2.38.8.8.8
            Jan 11, 2021 17:54:54.314388990 CET53554368.8.8.8192.168.2.3
            Jan 11, 2021 17:54:54.317800999 CET53554378.8.8.8192.168.2.3
            Jan 11, 2021 17:54:54.481128931 CET5071353192.168.2.38.8.8.8
            Jan 11, 2021 17:54:54.553071976 CET53507138.8.8.8192.168.2.3
            Jan 11, 2021 17:54:54.597698927 CET5613253192.168.2.38.8.8.8
            Jan 11, 2021 17:54:54.649405003 CET53561328.8.8.8192.168.2.3
            Jan 11, 2021 17:54:55.428697109 CET5898753192.168.2.38.8.8.8
            Jan 11, 2021 17:54:55.493035078 CET53589878.8.8.8192.168.2.3
            Jan 11, 2021 17:54:56.153073072 CET5657953192.168.2.38.8.8.8
            Jan 11, 2021 17:54:56.201531887 CET53565798.8.8.8192.168.2.3
            Jan 11, 2021 17:54:56.927278042 CET6063353192.168.2.38.8.8.8
            Jan 11, 2021 17:54:56.983625889 CET53606338.8.8.8192.168.2.3
            Jan 11, 2021 17:54:58.347975016 CET6194653192.168.2.38.8.8.8
            Jan 11, 2021 17:54:58.406934023 CET53619468.8.8.8192.168.2.3
            Jan 11, 2021 17:54:59.621670961 CET6491053192.168.2.38.8.8.8
            Jan 11, 2021 17:54:59.678205013 CET53649108.8.8.8192.168.2.3
            Jan 11, 2021 17:54:59.687928915 CET6491153192.168.2.38.8.8.8
            Jan 11, 2021 17:54:59.688333035 CET6491253192.168.2.38.8.8.8
            Jan 11, 2021 17:54:59.744324923 CET53649118.8.8.8192.168.2.3
            Jan 11, 2021 17:54:59.768203974 CET53649128.8.8.8192.168.2.3
            Jan 11, 2021 17:55:01.347078085 CET5212353192.168.2.38.8.8.8
            Jan 11, 2021 17:55:01.397980928 CET53521238.8.8.8192.168.2.3
            Jan 11, 2021 17:55:03.072721958 CET5878453192.168.2.38.8.8.8
            Jan 11, 2021 17:55:03.120683908 CET53587848.8.8.8192.168.2.3
            Jan 11, 2021 17:55:04.486593008 CET6397853192.168.2.38.8.8.8
            Jan 11, 2021 17:55:04.535079002 CET53639788.8.8.8192.168.2.3
            Jan 11, 2021 17:55:10.933653116 CET6293853192.168.2.38.8.8.8
            Jan 11, 2021 17:55:10.984524012 CET53629388.8.8.8192.168.2.3
            Jan 11, 2021 17:55:15.594985008 CET5570853192.168.2.38.8.8.8
            Jan 11, 2021 17:55:15.653103113 CET53557088.8.8.8192.168.2.3
            Jan 11, 2021 17:55:18.247627974 CET5680353192.168.2.38.8.8.8
            Jan 11, 2021 17:55:18.295444012 CET53568038.8.8.8192.168.2.3
            Jan 11, 2021 17:55:29.728616953 CET5714553192.168.2.38.8.8.8
            Jan 11, 2021 17:55:29.785448074 CET53571458.8.8.8192.168.2.3
            Jan 11, 2021 17:55:29.791055918 CET5714653192.168.2.38.8.8.8
            Jan 11, 2021 17:55:29.791526079 CET5714753192.168.2.38.8.8.8
            Jan 11, 2021 17:55:29.841972113 CET53571468.8.8.8192.168.2.3
            Jan 11, 2021 17:55:29.858406067 CET53571478.8.8.8192.168.2.3
            Jan 11, 2021 17:55:34.346735954 CET5830653192.168.2.38.8.8.8
            Jan 11, 2021 17:55:34.403263092 CET53583068.8.8.8192.168.2.3
            Jan 11, 2021 17:55:35.481429100 CET6412453192.168.2.38.8.8.8
            Jan 11, 2021 17:55:35.580328941 CET53641248.8.8.8192.168.2.3
            Jan 11, 2021 17:55:44.072829008 CET4936153192.168.2.38.8.8.8
            Jan 11, 2021 17:55:44.130419016 CET53493618.8.8.8192.168.2.3
            Jan 11, 2021 17:55:48.487406969 CET6315053192.168.2.38.8.8.8
            Jan 11, 2021 17:55:48.545903921 CET53631508.8.8.8192.168.2.3
            Jan 11, 2021 17:55:51.320694923 CET5327953192.168.2.38.8.8.8
            Jan 11, 2021 17:55:51.379823923 CET53532798.8.8.8192.168.2.3
            Jan 11, 2021 17:55:51.795480967 CET5364253192.168.2.38.8.8.8
            Jan 11, 2021 17:55:51.843672037 CET53536428.8.8.8192.168.2.3
            Jan 11, 2021 17:55:52.064857960 CET5566753192.168.2.38.8.8.8
            Jan 11, 2021 17:55:52.132551908 CET53556678.8.8.8192.168.2.3
            Jan 11, 2021 17:55:52.333101988 CET5483353192.168.2.38.8.8.8
            Jan 11, 2021 17:55:52.373243093 CET6247653192.168.2.38.8.8.8
            Jan 11, 2021 17:55:52.389900923 CET53548338.8.8.8192.168.2.3
            Jan 11, 2021 17:55:52.429518938 CET53624768.8.8.8192.168.2.3

            DNS Queries

            TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
            Jan 11, 2021 17:54:53.554896116 CET192.168.2.38.8.8.80x6cfStandard query (0)mark.weinberg.pmioffll.comA (IP address)IN (0x0001)
            Jan 11, 2021 17:54:54.126588106 CET192.168.2.38.8.8.80xf1f6Standard query (0)www.ambrrey.comA (IP address)IN (0x0001)
            Jan 11, 2021 17:54:54.481128931 CET192.168.2.38.8.8.80xef05Standard query (0)www.ambrrey.comA (IP address)IN (0x0001)
            Jan 11, 2021 17:54:55.428697109 CET192.168.2.38.8.8.80xa151Standard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)
            Jan 11, 2021 17:54:59.621670961 CET192.168.2.38.8.8.80x1cc1Standard query (0)www.ambrrey.comA (IP address)IN (0x0001)
            Jan 11, 2021 17:55:29.728616953 CET192.168.2.38.8.8.80x3e22Standard query (0)www.ambrrey.comA (IP address)IN (0x0001)

            DNS Answers

            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
            Jan 11, 2021 17:54:53.624742031 CET8.8.8.8192.168.2.30x6cfNo error (0)mark.weinberg.pmioffll.com63.250.38.72A (IP address)IN (0x0001)
            Jan 11, 2021 17:54:54.188008070 CET8.8.8.8192.168.2.30xf1f6Name error (3)www.ambrrey.comnonenoneA (IP address)IN (0x0001)
            Jan 11, 2021 17:54:54.553071976 CET8.8.8.8192.168.2.30xef05Name error (3)www.ambrrey.comnonenoneA (IP address)IN (0x0001)
            Jan 11, 2021 17:54:55.493035078 CET8.8.8.8192.168.2.30xa151No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)
            Jan 11, 2021 17:54:55.493035078 CET8.8.8.8192.168.2.30xa151No error (0)googlehosted.l.googleusercontent.com172.217.23.1A (IP address)IN (0x0001)
            Jan 11, 2021 17:54:59.678205013 CET8.8.8.8192.168.2.30x1cc1Name error (3)www.ambrrey.comnonenoneA (IP address)IN (0x0001)
            Jan 11, 2021 17:55:29.785448074 CET8.8.8.8192.168.2.30x3e22Name error (3)www.ambrrey.comnonenoneA (IP address)IN (0x0001)

            HTTP Request Dependency Graph

            • mark.weinberg.pmioffll.com

            HTTP Packets

            Session IDSource IPSource PortDestination IPDestination PortProcess
            0192.168.2.34972563.250.38.7280C:\Program Files\Google\Chrome\Application\chrome.exe
            TimestampkBytes transferredDirectionData
            Jan 11, 2021 17:54:53.817996979 CET414OUTGET /r/?id=kl195820,Z201958,I192058&rd=www.ambrrey.com/588:19%20PMt71919n2021?e= HTTP/1.1
            Host: mark.weinberg.pmioffll.com
            Connection: keep-alive
            Upgrade-Insecure-Requests: 1
            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36
            Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
            Accept-Encoding: gzip, deflate
            Accept-Language: en-US,en;q=0.9
            Jan 11, 2021 17:54:54.012516022 CET489INHTTP/1.1 200 OK
            X-Powered-By: PHP/7.2.34
            Content-Type: text/html; charset=UTF-8
            Content-Length: 217
            Content-Encoding: gzip
            Vary: Accept-Encoding
            Date: Mon, 11 Jan 2021 16:54:53 GMT
            Server: LiteSpeed
            X-Turbo-Charged-By: LiteSpeed
            Data Raw: 1f 8b 08 00 00 00 00 00 00 03 65 90 31 0f c2 20 10 85 77 13 ff 03 76 d2 98 80 98 18 ad a2 0e ea 68 74 70 71 a4 2d 86 9a b6 34 70 8a fd f7 1e a1 71 11 86 0b c7 f7 8e f7 10 a3 e3 e5 70 bb 5f 4f 44 43 5d ed 86 03 f1 ab 4a 16 78 26 b8 04 94 50 a9 9d 60 b1 22 c4 74 bc 15 99 29 3a a4 c2 16 2e b7 65 0b 04 ba 56 6d 13 50 1f 60 4f f9 96 b1 9b f4 a3 de d2 92 d6 4a b2 25 89 f7 9e ca 3a b3 56 75 34 37 35 5b ac 56 6b 9e 92 eb 19 96 3c e5 69 33 9f cd f9 1e 27 6d a2 89 a0 d4 d2 69 94 fa b2 29 8c a7 95 c9 25 94 a6 a1 a1 4d dd 2b 73 60 c7 7c d2 f3 7f 90 55 0f 7c 55 03 b4 6e cd 58 32 45 1b d3 a0 44 5e b0 e8 32 e4 67 7d 24 cc 18 7e e4 0b 1a 1b 02 8d 21 01 00 00
            Data Ascii: e1 wvhtpq-4pqp_ODC]Jx&P`"t):.eVmP`OJ%:Vu475[Vk<i3'mi)%M+s`|U|UnX2ED^2g}$~!


            Session IDSource IPSource PortDestination IPDestination PortProcess
            163.250.38.7280192.168.2.349726C:\Program Files\Google\Chrome\Application\chrome.exe
            TimestampkBytes transferredDirectionData
            Jan 11, 2021 17:55:04.989104986 CET2191INHTTP/1.0 400 Bad request
            Cache-Control: no-cache
            Connection: close
            Content-Type: text/html
            Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
            Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


            Session IDSource IPSource PortDestination IPDestination PortProcess
            263.250.38.7280192.168.2.349728C:\Program Files\Google\Chrome\Application\chrome.exe
            TimestampkBytes transferredDirectionData
            Jan 11, 2021 17:55:04.992501974 CET2191INHTTP/1.0 400 Bad request
            Cache-Control: no-cache
            Connection: close
            Content-Type: text/html
            Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
            Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


            Code Manipulations

            Statistics

            Behavior

            Click to jump to process

            System Behavior

            Analysis Process: chrome.exe PID: 5560 Parent PID: 992

            General

            Start time:17:54:49
            Start date:11/01/2021
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'http://mark.weinberg.pmioffll.com/r/?id=kl195820,Z201958,I192058&rd=www.ambrrey.com/588:19%20PMt71919n2021?e=#Mark.Weinberg@agf.com'
            Imagebase:0x7ff77b960000
            File size:2150896 bytes
            MD5 hash:C139654B5C1438A95B321BB01AD63EF6
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low

            Analysis Process: chrome.exe PID: 4640 Parent PID: 5560

            General

            Start time:17:54:50
            Start date:11/01/2021
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1588,7652527513034620381,14458896377220717861,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1720 /prefetch:8
            Imagebase:0x7ff77b960000
            File size:2150896 bytes
            MD5 hash:C139654B5C1438A95B321BB01AD63EF6
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low

            Disassembly

            Reset < >