Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Analysis Report http://t.orders.destinationmaternity.com/r/?id=h1fef42,971b0f,971b16&p1=sv.j-ss.xyz?gNVfz=am9obi5lbGxpb3R0QHJzYWdyb3VwLmNh

Overview

General Information

Sample URL:http://t.orders.destinationmaternity.com/r/?id=h1fef42,971b0f,971b16&p1=sv.j-ss.xyz?gNVfz=am9obi5lbGxpb3R0QHJzYWdyb3VwLmNh
Analysis ID:339442

Most interesting Screenshot:

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain

Classification

Startup

  • System is w10x64
  • chrome.exe (PID: 3252 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'http://t.orders.destinationmaternity.com/r/?id=h1fef42,971b0f,971b16&p1=sv.j-ss.xyz?gNVfz=am9obi5lbGxpb3R0QHJzYWdyb3VwLmNh' MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 3920 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1536,17135931925735234631,6662398635317680266,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1856 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 6988 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1536,17135931925735234631,6662398635317680266,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=5348 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 6948 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1536,17135931925735234631,6662398635317680266,131072 --lang=en-US --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=4992 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

barindex
Antivirus detection for URL or domainShow sources
Source: http://sv.j-ss.xyz/main/SlashNext: Label: Fake Login Page type: Phishing & Social Engineering
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdicJump to behavior
Source: global trafficHTTP traffic detected: GET /r/?id=h1fef42,971b0f,971b16&p1=sv.j-ss.xyz?gNVfz=am9obi5lbGxpb3R0QHJzYWdyb3VwLmNh HTTP/1.1Host: t.orders.destinationmaternity.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /?gNVfz=am9obi5lbGxpb3R0QHJzYWdyb3VwLmNh HTTP/1.1Host: sv.j-ss.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /main/ HTTP/1.1Host: sv.j-ss.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=tenk92cvbq28p8okbg65c8cfkr
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: sv.j-ss.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://sv.j-ss.xyz/main/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=tenk92cvbq28p8okbg65c8cfkr
Source: e4e1f615eb30bb13_0.0.drString found in binary or memory: _keyhttps://www.youtube.com/s/player/9f996d3e/www-widgetapi.vflset/www-widgetapi.js equals www.youtube.com (Youtube)
Source: unknownDNS traffic detected: queries for: t.orders.destinationmaternity.com
Source: 77EC63BDA74BD0D0E0426DC8F8008506.1.drString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: 83ad5b4b0431c152_0.0.drString found in binary or memory: http://j-ss.xyz/5
Source: Current Session.0.drString found in binary or memory: http://sv.j-ss.xyz
Source: History-journal.0.drString found in binary or memory: http://sv.j-ss.xyz/?gNVfz=am9obi5lbGxpb3R0QHJzYWdyb3VwLmNh
Source: History Provider Cache.0.drString found in binary or memory: http://sv.j-ss.xyz/?gNVfz=am9obi5lbGxpb3R0QHJzYWdyb3VwLmNh2
Source: History-journal.0.drString found in binary or memory: http://sv.j-ss.xyz/?gNVfz=am9obi5lbGxpb3R0QHJzYWdyb3VwLmNhRedirecting...
Source: History-journal.0.drString found in binary or memory: http://sv.j-ss.xyz/?gNVfz=am9obi5lbGxpb3R0QHJzYWdyb3VwLmNhRedirecting.../
Source: Current Session.0.drString found in binary or memory: http://sv.j-ss.xyz/main/
Source: History Provider Cache.0.drString found in binary or memory: http://sv.j-ss.xyz/main/2
Source: History-journal.0.drString found in binary or memory: http://sv.j-ss.xyz/main/Redirecting...
Source: History-journal.0.drString found in binary or memory: http://sv.j-ss.xyz/main/Redirecting.../
Source: Current Session.0.drString found in binary or memory: http://sv.j-ss.xyz/main/main.php#KVm7BH87tRTjQEDEB8xItEHjSzNU4zUzDdboaPzL0z7IHNRM89p5DJQ6BzRozQPV1JN
Source: Current Session.0.drString found in binary or memory: http://sv.j-ss.xyzh
Source: History-journal.0.dr, History.0.drString found in binary or memory: http://t.orders.destinationmaternity.com/r/?id=h1fef42
Source: manifest.json0.0.dr, cdf44fd4-b1ad-4ef0-9287-e06cca183067.tmp.1.drString found in binary or memory: https://accounts.google.com
Source: manifest.json0.0.dr, cdf44fd4-b1ad-4ef0-9287-e06cca183067.tmp.1.drString found in binary or memory: https://apis.google.com
Source: 879e0a3f685d08f2_0.0.drString found in binary or memory: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.GhYSaDTWhs4.O/m=gapi_iframes
Source: e9b5fa22c45aae07_0.0.drString found in binary or memory: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.L7mys-cL6BM.O/m=gapi_iframes
Source: cdf44fd4-b1ad-4ef0-9287-e06cca183067.tmp.1.drString found in binary or memory: https://clients2.google.com
Source: manifest.json0.0.drString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: cdf44fd4-b1ad-4ef0-9287-e06cca183067.tmp.1.drString found in binary or memory: https://clients2.googleusercontent.com
Source: manifest.json0.0.drString found in binary or memory: https://content.googleapis.com
Source: 2388fecebc52f9fe_0.0.drString found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: 2388fecebc52f9fe_0.0.drString found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: cdf44fd4-b1ad-4ef0-9287-e06cca183067.tmp.1.dr, efe0f311-4deb-442f-8fbc-5723cedee74b.tmp.1.dr, d7801c74-c9e9-4f72-aafe-1350d223d173.tmp.1.drString found in binary or memory: https://dns.google
Source: manifest.json0.0.drString found in binary or memory: https://feedback.googleusercontent.com
Source: cdf44fd4-b1ad-4ef0-9287-e06cca183067.tmp.1.drString found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.googleapis.com;
Source: cdf44fd4-b1ad-4ef0-9287-e06cca183067.tmp.1.drString found in binary or memory: https://fonts.gstatic.com
Source: Network Action Predictor.0.drString found in binary or memory: https://fonts.gstatic.com/
Source: manifest.json0.0.drString found in binary or memory: https://fonts.gstatic.com;
Source: 3dbe54b7c92541c6_0.0.drString found in binary or memory: https://google.com/
Source: 8feba683dc703faa_0.0.drString found in binary or memory: https://google.com/5
Source: 96bbb1b4acd4294b_0.0.drString found in binary or memory: https://google.com/5o
Source: 04e8b7623a668c0b_0.0.drString found in binary or memory: https://google.com/7
Source: cd1f0afd4ea22633_0.0.drString found in binary or memory: https://google.com/I
Source: e9b5fa22c45aae07_0.0.drString found in binary or memory: https://google.com/a
Source: e5afb582c6366c19_0.0.drString found in binary or memory: https://google.com/aj
Source: 9363fc750a36716b_0.0.drString found in binary or memory: https://google.com/dd
Source: 252603ae5628212e_0.0.drString found in binary or memory: https://google.com/v
Source: manifest.json0.0.drString found in binary or memory: https://hangouts.google.com/
Source: cdf44fd4-b1ad-4ef0-9287-e06cca183067.tmp.1.drString found in binary or memory: https://ogs.google.com
Source: manifest.json.0.drString found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: cdf44fd4-b1ad-4ef0-9287-e06cca183067.tmp.1.drString found in binary or memory: https://play.google.com
Source: 2388fecebc52f9fe_0.0.drString found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: Current Session.0.drString found in binary or memory: https://policies.google.com
Source: Current Session.0.drString found in binary or memory: https://policies.google.com#
Source: Network Action Predictor.0.drString found in binary or memory: https://policies.google.com/
Source: Current Session.0.dr, Favicons.0.drString found in binary or memory: https://policies.google.com/privacy?hl=en
Source: Current Session.0.drString found in binary or memory: https://policies.google.com/privacy?hl=en)Privacy
Source: History-journal.0.drString found in binary or memory: https://policies.google.com/privacy?hl=enPrivacy
Source: Current Session.0.drString found in binary or memory: https://policies.google.com/terms?hl=en
Source: Current Session.0.drString found in binary or memory: https://policies.google.com/terms?hl=en2Google
Source: Current Session.0.dr, Favicons.0.drString found in binary or memory: https://policies.google.com/terms?hl=en4
Source: History.0.drString found in binary or memory: https://policies.google.com/terms?hl=enGoogle
Source: Current Session.0.drString found in binary or memory: https://policies.google.comh
Source: b6b1d3734915a1e9_0.0.drString found in binary or memory: https://s.ytimg.com/yts/jsbin/fetch-polyfill-vfl6MZH8P/fetch-polyfill.js
Source: manifest.json.0.drString found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: cdf44fd4-b1ad-4ef0-9287-e06cca183067.tmp.1.drString found in binary or memory: https://ssl.gstatic.com
Source: Favicons.0.drString found in binary or memory: https://ssl.gstatic.com/policies/favicon.ico
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: 2388fecebc52f9fe_0.0.drString found in binary or memory: https://support.google.com/recaptcha
Source: 2388fecebc52f9fe_0.0.drString found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: 3dbe54b7c92541c6_0.0.drString found in binary or memory: https://www.google-analytics.com/analytics.js
Source: Current Session.0.dr, manifest.json0.0.dr, cdf44fd4-b1ad-4ef0-9287-e06cca183067.tmp.1.drString found in binary or memory: https://www.google.com
Source: QuotaManager.0.dr, manifest.json.0.dr, 000003.log0.0.drString found in binary or memory: https://www.google.com/
Source: QuotaManager.0.drString found in binary or memory: https://www.google.com//
Source: Current Session.0.drString found in binary or memory: https://www.google.com/intl/en/policies/privacy/
Source: Favicons.0.drString found in binary or memory: https://www.google.com/intl/en/policies/privacy/-
Source: History-journal.0.drString found in binary or memory: https://www.google.com/intl/en/policies/privacy/Privacy
Source: Current Session.0.drString found in binary or memory: https://www.google.com/intl/en/policies/privacy/p
Source: Current Session.0.dr, Favicons.0.drString found in binary or memory: https://www.google.com/intl/en/policies/terms/
Source: Current Session.0.drString found in binary or memory: https://www.google.com/intl/en/policies/terms/=
Source: History.0.drString found in binary or memory: https://www.google.com/intl/en/policies/terms/Google
Source: Current Session.0.drString found in binary or memory: https://www.google.com/intl/en/policies/terms/M
Source: 797e4b0541426e04_0.0.drString found in binary or memory: https://www.google.com/js/bg/-G8VfAKUYb8WxmX_w6Q8mys20oGpQXMrrcIJY5m4T6M.js
Source: 12d96302da194ceb_0.0.drString found in binary or memory: https://www.google.com/js/bg/7JZ2fmCMVOl0vw20xI3AsjDeeds-Si0AsriAJ95C_5g.js
Source: f548000704400c0b_0.0.drString found in binary or memory: https://www.google.com/js/th/VTUAtZPSGoPqxKWISYzTadnUDWd_YumXMNF2imdJllM.js
Source: 2388fecebc52f9fe_0.0.drString found in binary or memory: https://www.google.com/log?format=json&hasfast=true
Source: 2388fecebc52f9fe_0.0.drString found in binary or memory: https://www.google.com/recaptcha/api2/
Source: Current Session.0.drString found in binary or memory: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhPvkZAAAAALJ-7_WbPxTqDTrcCZ6aLEK8Y9v-&co=aHR0
Source: Current Session.0.drString found in binary or memory: https://www.google.com/recaptcha/api2/bframe?hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&k=6LdhPvkZAAAAALJ-7_Wb
Source: manifest.json0.0.drString found in binary or memory: https://www.google.com;
Source: Current Session.0.drString found in binary or memory: https://www.google.comh
Source: cdf44fd4-b1ad-4ef0-9287-e06cca183067.tmp.1.drString found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: cdf44fd4-b1ad-4ef0-9287-e06cca183067.tmp.1.drString found in binary or memory: https://www.gstatic.com
Source: Network Action Predictor.0.drString found in binary or memory: https://www.gstatic.com/
Source: 1ee63ee50b839f33_0.0.dr, 9363fc750a36716b_0.0.drString found in binary or memory: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdentityPoliciesUi.en.3Jg6ZTi5ayM.es5
Source: cd1f0afd4ea22633_0.0.drString found in binary or memory: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.TCoB7ee77HA.O/rt=j/m=q_dnp
Source: 8feba683dc703faa_0.0.dr, 83ad5b4b0431c152_0.0.drString found in binary or memory: https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js
Source: 2388fecebc52f9fe_0.0.drString found in binary or memory: https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.jsa
Source: 2388fecebc52f9fe_0.0.drString found in binary or memory: https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.jsaD
Source: manifest.json0.0.drString found in binary or memory: https://www.gstatic.com;
Source: 000003.log5.0.drString found in binary or memory: https://www.youtube-nocookie.com
Source: Current Session.0.drString found in binary or memory: https://www.youtube-nocookie.com#
Source: QuotaManager.0.dr, 000003.log0.0.drString found in binary or memory: https://www.youtube-nocookie.com/
Source: Current Session.0.drString found in binary or memory: https://www.youtube-nocookie.com/embed/48l-xdS4pXg?rel=0&showinfo=0&theme=light&version=3&hl=en&cc_l
Source: Current Session.0.drString found in binary or memory: https://www.youtube-nocookie.com/embed/YlmVKT3Zvhw?rel=0&showinfo=0&theme=light&version=3&hl=en&cc_l
Source: Current Session.0.drString found in binary or memory: https://www.youtube-nocookie.com/embed/ZdEIZNg3epQ?rel=0&showinfo=0&theme=light&version=3&hl=en&cc_l
Source: Current Session.0.drString found in binary or memory: https://www.youtube-nocookie.com/embed/ggoJFaE71W8?rel=0&showinfo=0&theme=light&version=3&hl=en&cc_l
Source: bf45d15a123c217e_0.0.drString found in binary or memory: https://www.youtube-nocookie.com/s/player/9f996d3e/player_ias.vflset/en_US/base.js
Source: 8cbd6cb02760d992_0.0.drString found in binary or memory: https://www.youtube-nocookie.com/s/player/9f996d3e/player_ias.vflset/en_US/embed.js
Source: 29ca6f217824d8ed_0.0.drString found in binary or memory: https://www.youtube-nocookie.com/s/player/9f996d3e/player_ias.vflset/en_US/remote.js
Source: 36db2ea73c74132d_0.0.drString found in binary or memory: https://www.youtube-nocookie.com/s/player/9f996d3e/www-embed-player.vflset/www-embed-player.js
Source: e4e1f615eb30bb13_0.0.drString found in binary or memory: https://www.youtube.com/s/player/9f996d3e/www-widgetapi.vflset/www-widgetapi.js
Source: bf45d15a123c217e_0.0.drString found in binary or memory: https://youtube-nocookie.com/
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: classification engineClassification label: mal48.win@43/218@12/10
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-60002C63-CB4.pmaJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Temp\93d71dfc-e62c-4ce9-9926-0817812e8940.tmpJump to behavior
Source: QuotaManager.0.drBinary or memory string: CREATE TABLE HostQuotaTable(host TEXT NOT NULL, type INTEGER NOT NULL, quota INTEGER DEFAULT 0, UNIQUE(host, type));
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'http://t.orders.destinationmaternity.com/r/?id=h1fef42,971b0f,971b16&p1=sv.j-ss.xyz?gNVfz=am9obi5lbGxpb3R0QHJzYWdyb3VwLmNh'
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1536,17135931925735234631,6662398635317680266,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1856 /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1536,17135931925735234631,6662398635317680266,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=5348 /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1536,17135931925735234631,6662398635317680266,131072 --lang=en-US --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=4992 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1536,17135931925735234631,6662398635317680266,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1856 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1536,17135931925735234631,6662398635317680266,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=5348 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1536,17135931925735234631,6662398635317680266,131072 --lang=en-US --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=4992 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdicJump to behavior

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management InstrumentationPath InterceptionProcess Injection1Masquerading3OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network MediumEncrypted Channel2Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsProcess Injection1LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothNon-Application Layer Protocol2Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationApplication Layer Protocol3Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Binary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureScheduled TransferIngress Tool Transfer1SIM Card SwapCarrier Billing Fraud

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://t.orders.destinationmaternity.com/r/?id=h1fef42,971b0f,971b16&p1=sv.j-ss.xyz?gNVfz=am9obi5lbGxpb3R0QHJzYWdyb3VwLmNh0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
sv.j-ss.xyz1%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
http://sv.j-ss.xyz/main/100%SlashNextFake Login Page type: Phishing & Social Engineering
https://dns.google0%URL Reputationsafe
https://dns.google0%URL Reputationsafe
https://dns.google0%URL Reputationsafe
https://dns.google0%URL Reputationsafe
http://sv.j-ss.xyz/main/Redirecting.../0%Avira URL Cloudsafe
http://sv.j-ss.xyz/main/Redirecting...0%Avira URL Cloudsafe
http://sv.j-ss.xyz/favicon.ico0%Avira URL Cloudsafe
http://sv.j-ss.xyz0%Avira URL Cloudsafe
http://sv.j-ss.xyz/main/main.php#KVm7BH87tRTjQEDEB8xItEHjSzNU4zUzDdboaPzL0z7IHNRM89p5DJQ6BzRozQPV1JN0%Avira URL Cloudsafe
http://j-ss.xyz/50%Avira URL Cloudsafe
http://sv.j-ss.xyzh0%Avira URL Cloudsafe
http://sv.j-ss.xyz/main/20%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
pagead46.l.doubleclick.net
108.177.126.154
truefalse
    		high
    stats.l.doubleclick.net
    		108.177.126.156
    		truefalse
      		high
      sv.j-ss.xyz
      		192.236.249.58
      		truefalseunknown
      i.ytimg.com
      		173.194.79.119
      		truefalse
        		high
        photos-ugc.l.googleusercontent.com
        		108.177.127.132
        		truefalse
          		high
          destinationmat-rt-prod3-ssl-280079234.us-west-2.elb.amazonaws.com
          		52.10.125.252
          		truefalse
            		high
            googlehosted.l.googleusercontent.com
            		108.177.126.132
            		truefalse
              		high
              s.ytimg.com
              		108.177.127.113
              		truefalse
                		high
                stackpath.bootstrapcdn.com
                		unknown
                		unknownfalse
                  		high
                  clients2.googleusercontent.com
                  		unknown
                  		unknownfalse
                    		high
                    yt3.ggpht.com
                    		unknown
                    		unknownfalse
                      		high
                      googleads.g.doubleclick.net
                      		unknown
                      		unknownfalse
                        		high
                        www.youtube.com
                        		unknown
                        		unknownfalse
                          		high
                          t.orders.destinationmaternity.com
                          		unknown
                          		unknownfalse
                            		high
                            www.youtube-nocookie.com
                            		unknown
                            		unknownfalse
                              		high
                              static.doubleclick.net
                              		unknown
                              		unknownfalse
                                		high
                                stats.g.doubleclick.net
                                		unknown
                                		unknownfalse
                                  		high

                                  Contacted URLs

                                  NameMaliciousAntivirus DetectionReputation
                                  https://www.youtube-nocookie.com/embed/48l-xdS4pXg?rel=0&showinfo=0&theme=light&version=3&hl=en&cc_lang_pref=en&cc_load_policy=1&enablejsapi=1false
                                    		high
                                    http://sv.j-ss.xyz/favicon.icofalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    https://www.youtube-nocookie.com/embed/ZdEIZNg3epQ?rel=0&showinfo=0&theme=light&version=3&hl=en&cc_lang_pref=en&cc_load_policy=1&enablejsapi=1false
                                      		high
                                      http://sv.j-ss.xyz/main/true
                                      • SlashNext: Fake Login Page type: Phishing & Social Engineering
                                      		unknown
                                      http://sv.j-ss.xyz/main/true
                                      • SlashNext: Fake Login Page type: Phishing & Social Engineering
                                      		unknown
                                      https://www.youtube-nocookie.com/embed/ggoJFaE71W8?rel=0&showinfo=0&theme=light&version=3&hl=en&cc_lang_pref=en&cc_load_policy=1&enablejsapi=1false
                                        		high
                                        https://www.youtube-nocookie.com/embed/YlmVKT3Zvhw?rel=0&showinfo=0&theme=light&version=3&hl=en&cc_lang_pref=en&cc_load_policy=1&enablejsapi=1false
                                          		high

                                          URLs from Memory and Binaries

                                          NameSourceMaliciousAntivirus DetectionReputation
                                          https://dns.googlecdf44fd4-b1ad-4ef0-9287-e06cca183067.tmp.1.dr, efe0f311-4deb-442f-8fbc-5723cedee74b.tmp.1.dr, d7801c74-c9e9-4f72-aafe-1350d223d173.tmp.1.drfalse
                                          • URL Reputation: safe
                                          • URL Reputation: safe
                                          • URL Reputation: safe
                                          • URL Reputation: safe
                                          		unknown
                                          https://www.youtube-nocookie.com/embed/48l-xdS4pXg?rel=0&showinfo=0&theme=light&version=3&hl=en&cc_lCurrent Session.0.drfalse
                                            		high
                                            https://www.youtube-nocookie.com/s/player/9f996d3e/player_ias.vflset/en_US/remote.js29ca6f217824d8ed_0.0.drfalse
                                              		high
                                              http://sv.j-ss.xyz/main/Redirecting.../History-journal.0.drtrue
                                              • Avira URL Cloud: safe
                                              		unknown
                                              http://t.orders.destinationmaternity.com/r/?id=h1fef42History-journal.0.dr, History.0.drfalse
                                                		high
                                                https://www.youtube-nocookie.com/embed/ggoJFaE71W8?rel=0&showinfo=0&theme=light&version=3&hl=en&cc_lCurrent Session.0.drfalse
                                                  		high
                                                  https://youtube-nocookie.com/bf45d15a123c217e_0.0.drfalse
                                                    		high
                                                    http://sv.j-ss.xyz/main/Redirecting...History-journal.0.drtrue
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://www.youtube-nocookie.com#Current Session.0.drfalse
                                                      		high
                                                      https://www.youtube-nocookie.com/s/player/9f996d3e/www-embed-player.vflset/www-embed-player.js36db2ea73c74132d_0.0.drfalse
                                                        		high
                                                        http://sv.j-ss.xyzCurrent Session.0.drfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://www.youtube-nocookie.com/s/player/9f996d3e/player_ias.vflset/en_US/base.jsbf45d15a123c217e_0.0.drfalse
                                                          		high
                                                          https://www.youtube-nocookie.com000003.log5.0.drfalse
                                                            		high
                                                            https://www.youtube-nocookie.com/embed/ZdEIZNg3epQ?rel=0&showinfo=0&theme=light&version=3&hl=en&cc_lCurrent Session.0.drfalse
                                                              		high
                                                              http://sv.j-ss.xyz/main/main.php#KVm7BH87tRTjQEDEB8xItEHjSzNU4zUzDdboaPzL0z7IHNRM89p5DJQ6BzRozQPV1JNCurrent Session.0.drtrue
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              https://s.ytimg.com/yts/jsbin/fetch-polyfill-vfl6MZH8P/fetch-polyfill.jsb6b1d3734915a1e9_0.0.drfalse
                                                                		high
                                                                https://www.youtube-nocookie.com/s/player/9f996d3e/player_ias.vflset/en_US/embed.js8cbd6cb02760d992_0.0.drfalse
                                                                  		high
                                                                  http://j-ss.xyz/583ad5b4b0431c152_0.0.drfalse
                                                                  • Avira URL Cloud: safe
                                                                  		unknown
                                                                  https://www.youtube-nocookie.com/QuotaManager.0.dr, 000003.log0.0.drfalse
                                                                    		high
                                                                    https://www.youtube-nocookie.com/embed/YlmVKT3Zvhw?rel=0&showinfo=0&theme=light&version=3&hl=en&cc_lCurrent Session.0.drfalse
                                                                      		high
                                                                      https://clients2.googleusercontent.comcdf44fd4-b1ad-4ef0-9287-e06cca183067.tmp.1.drfalse
                                                                        		high
                                                                        http://sv.j-ss.xyzhCurrent Session.0.drfalse
                                                                        • Avira URL Cloud: safe
                                                                        		unknown
                                                                        https://feedback.googleusercontent.commanifest.json0.0.drfalse
                                                                          		high
                                                                          https://www.youtube.com/s/player/9f996d3e/www-widgetapi.vflset/www-widgetapi.jse4e1f615eb30bb13_0.0.drfalse
                                                                            		high
                                                                            http://sv.j-ss.xyz/main/2History Provider Cache.0.drtrue
                                                                            • Avira URL Cloud: safe
                                                                            		unknown

                                                                            Contacted IPs

                                                                            • No. of IPs < 25%
                                                                            • 25% < No. of IPs < 50%
                                                                            • 50% < No. of IPs < 75%
                                                                            • 75% < No. of IPs

                                                                            Public

                                                                            IPDomainCountryFlagASNASN NameMalicious
                                                                            108.177.126.132
                                                                            		unknownUnited States
                                                                            		15169GOOGLEUSfalse
                                                                            108.177.126.154
                                                                            		unknownUnited States
                                                                            		15169GOOGLEUSfalse
                                                                            192.236.249.58
                                                                            		unknownUnited States
                                                                            		54290HOSTWINDSUSfalse
                                                                            52.10.125.252
                                                                            		unknownUnited States
                                                                            		16509AMAZON-02USfalse
                                                                            173.194.79.119
                                                                            		unknownUnited States
                                                                            		15169GOOGLEUSfalse
                                                                            108.177.127.132
                                                                            		unknownUnited States
                                                                            		15169GOOGLEUSfalse
                                                                            108.177.127.113
                                                                            		unknownUnited States
                                                                            		15169GOOGLEUSfalse
                                                                            239.255.255.250
                                                                            		unknownReserved
                                                                            		unknownunknownfalse

                                                                            Private

                                                                            IP
                                                                            192.168.2.1
                                                                            127.0.0.1

                                                                            General Information

                                                                            Joe Sandbox Version:31.0.0 Red Diamond
                                                                            Analysis ID:339442
                                                                            Start date:14.01.2021
                                                                            Start time:03:34:10
                                                                            Joe Sandbox Product:CloudBasic
                                                                            Overall analysis duration:0h 5m 47s
                                                                            Hypervisor based Inspection enabled:false
                                                                            Report type:light
                                                                            Cookbook file name:browseurl.jbs
                                                                            Sample URL:http://t.orders.destinationmaternity.com/r/?id=h1fef42,971b0f,971b16&p1=sv.j-ss.xyz?gNVfz=am9obi5lbGxpb3R0QHJzYWdyb3VwLmNh
                                                                            Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                                            Number of analysed new started processes analysed:25
                                                                            Number of new started drivers analysed:0
                                                                            Number of existing processes analysed:0
                                                                            Number of existing drivers analysed:0
                                                                            Number of injected processes analysed:0
                                                                            Technologies:
                                                                            • HCA enabled
                                                                            • EGA enabled
                                                                            • AMSI enabled
                                                                            Analysis Mode:default
                                                                            Analysis stop reason:Timeout
                                                                            Detection:MAL
                                                                            Classification:mal48.win@43/218@12/10
                                                                            Cookbook Comments:
                                                                            • Adjust boot time
                                                                            • Enable AMSI
                                                                            • Browse: https://www.google.com/intl/en/policies/privacy/
                                                                            • Browse: https://www.google.com/intl/en/policies/terms/
                                                                            Warnings:
                                                                            Show All
                                                                            • Exclude process from analysis (whitelisted): MpCmdRun.exe, BackgroundTransferHost.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, svchost.exe, UsoClient.exe
                                                                            • TCP Packets have been reduced to 100
                                                                            • Created / dropped Files have been reduced to 100
                                                                            • Excluded IPs from analysis (whitelisted): 52.147.198.201, 13.64.90.137, 13.88.21.125, 172.217.218.113, 172.217.218.100, 172.217.218.102, 172.217.218.101, 172.217.218.138, 172.217.218.139, 108.177.119.101, 108.177.119.100, 108.177.119.113, 108.177.119.102, 108.177.119.139, 108.177.119.138, 173.194.69.84, 173.194.187.70, 173.194.187.106, 209.197.3.15, 108.177.119.147, 108.177.119.106, 108.177.119.104, 108.177.119.105, 108.177.119.103, 108.177.119.99, 8.248.117.254, 8.238.85.254, 8.241.126.121, 8.241.126.249, 8.238.85.126, 108.177.126.94, 108.177.119.94, 172.217.218.95, 108.177.127.94, 74.125.143.95, 108.177.119.95, 108.177.126.95, 108.177.127.95, 173.194.69.113, 173.194.69.138, 173.194.69.100, 173.194.69.102, 173.194.69.101, 173.194.69.139, 108.177.126.190, 108.177.126.136, 108.177.127.190, 108.177.127.93, 108.177.127.136, 172.217.218.91, 172.217.218.136, 172.217.218.93, 173.194.69.91, 173.194.69.93, 173.194.79.91, 173.194.79.93, 173.194.79.136, 173.194.79.190, 108.177.119.136, 108.177.119.91, 108.177.119.148, 108.177.119.149, 108.177.126.139, 108.177.126.100, 108.177.126.113, 108.177.126.102, 108.177.126.101, 108.177.126.138, 172.217.22.46, 216.58.210.14, 172.217.16.142, 172.217.18.110, 172.217.22.78, 172.217.22.110, 172.217.21.238, 172.217.23.174, 172.217.23.142, 216.58.205.238, 172.217.22.14, 216.58.206.14, 216.58.212.174, 172.217.18.14, 172.217.18.174, 216.58.207.46, 142.250.74.206, 74.125.143.139, 74.125.143.102, 74.125.143.138, 74.125.143.101, 74.125.143.100, 74.125.143.113, 2.20.84.85, 51.11.168.160, 168.61.161.212, 2.20.142.210, 2.20.142.209, 92.122.213.247, 92.122.213.194, 173.194.151.121, 20.54.26.129, 173.194.188.198, 173.194.188.167, 51.104.144.132
                                                                            • Excluded domains from analysis (whitelisted): gstaticadssl.l.google.com, ssl.gstatic.com, arc.msn.com.nsatc.net, r3.sn-4g5edn7y.gvt1.com, r1---sn-4g5e6nsk.gvt1.com, clientservices.googleapis.com, policies.google.com, fs-wildcard.microsoft.com.edgekey.net, clients2.google.com, audownload.windowsupdate.nsatc.net, update.googleapis.com, www.google.com, watson.telemetry.microsoft.com, www.gstatic.com, au-bg-shim.trafficmanager.net, www.google-analytics.com, fs.microsoft.com, r2.sn-4g5edns6.gvt1.com, content-autofill.googleapis.com, plus.l.google.com, ris-prod.trafficmanager.net, skypedataprdcolcus17.cloudapp.net, www.googleapis.com, r3---sn-4g5edn7y.gvt1.com, ris.api.iris.microsoft.com, youtube-ui.l.google.com, www3.l.google.com, blobcollector.events.data.trafficmanager.net, clients.l.google.com, au.download.windowsupdate.com.edgesuite.net, ogs.google.com, r5---sn-4g5e6nsr.gvt1.com, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, r1---sn-4g5ednsd.gvt1.com, arc.msn.com, r2---sn-4g5edns6.gvt1.com, redirector.gvt1.com, auto.au.download.windowsupdate.com.c.footprint.net, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, skypedataprdcolwus17.cloudapp.net, accounts.google.com, www-google-analytics.l.google.com, fonts.gstatic.com, r1.sn-4g5e6nsk.gvt1.com, ctldl.windowsupdate.com, e1723.g.akamaiedge.net, a767.dscg3.akamai.net, r1.sn-4g5ednsd.gvt1.com, static-doubleclick-net.l.google.com, skypedataprdcoleus16.cloudapp.net, play.google.com, cds.j3z9t3p6.hwcdn.net, r5.sn-4g5e6nsr.gvt1.com, skypedataprdcolwus15.cloudapp.net, apis.google.com
                                                                            • Report size getting too big, too many NtCreateFile calls found.
                                                                            • Report size getting too big, too many NtOpenFile calls found.
                                                                            • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
                                                                            • Report size getting too big, too many NtWriteVirtualMemory calls found.

                                                                            Simulations

                                                                            Behavior and APIs

                                                                            TimeTypeDescription
                                                                            03:35:03API Interceptor1x Sleep call for process: chrome.exe modified

                                                                            Joe Sandbox View / Context

                                                                            IPs

                                                                            No context

                                                                            Domains

                                                                            No context

                                                                            ASN

                                                                            No context

                                                                            JA3 Fingerprints

                                                                            No context

                                                                            Dropped Files

                                                                            No context

                                                                            Created / dropped Files

                                                                            C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):451603
                                                                            Entropy (8bit):5.009711072558331
                                                                            Encrypted:false
                                                                            SSDEEP:12288:ZHfRTyGZ6lup8Cfrvq4JBPKh+FBlESBw4p6:NfOCzvRKhGvwJ
                                                                            MD5:A78AD14E77147E7DE3647E61964C0335
                                                                            SHA1:CECC3DD41F4CEA0192B24300C71E1911BD4FCE45
                                                                            SHA-256:0D6803758FF8F87081FAFD62E90F0950DFB2DD7991E9607FE76A8F92D0E893FA
                                                                            SHA-512:DDE24D5AD50D68FC91E9E325D31E66EF8F624B6BB3A07D14FFED1104D3AB5F4EF1D7969A5CDE0DFBB19CB31C506F7DE97AF67C2F244F7E7E8E10648EA8321101
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: BDic.... ....6...."..Z..4g....6.2...{/...3...5....AF 1363.AF nm.AF pt.AF n1.AF p.AF tc.AF SM.AF M.AF S.AF MS.AF MNR.AF GDS.AF MNT.AF MH.AF MR.AF SZMR.AF MJ.AF MT.AF MY.AF MRZ.AF MN.AF MG.AF RM.AF N.AF MV.AF XM.AF DSM.AF SD.AF G.AF R.AF MNX.AF MRS.AF MD.AF MNRB.AF B.AF ZSMR.AF PM.AF SMNGJ.AF SMN.AF ZMR.AF SMGB.AF MZR.AF GM.AF SMR.AF SMDG.AF RMZ.AF ZM.AF MDG.AF MDT.AF SMNXT.AF SDY.AF LSDG.AF LGDS.AF GLDS.AF UY.AF U.AF DSGNX.AF GNDSX.AF DSG.AF Y.AF GS.AF IEMS.AF YP.AF ZGDRS.AF XGNVDS.AF UT.AF GNDS.AF GVDS.AF MYPS.AF XGNDS.AF TPRY.AF MDSG.AF ZGSDR.AF DYSG.AF PMYTNS.AF AGDS.AF DRZGS.AF PY.AF GSPMDY.AF EGVDS.AF SL.AF GNXDS.AF DSBG.AF IM.AF I.AF MDGS.AF SMY.AF DSGN.AF DSLG.AF GMDS.AF MDSBG.AF SGD.AF IY.AF P.AF DSMG.AF BLZGDRS.AF TR.AF AGSD.AF ZGBDRSL.AF PTRY.AF ASDGV.AF ASM.AF ICANGSD.AF ICAM.AF IKY.AF AMS.AF PMYTRS.AF BZGVDRS.AF SDRBZG.AF GVMDS.AF PSM.AF DGLS.AF GNVXDS.AF AGDSL.AF DGS.AF XDSGNV.AF BZGDRS.AF AM.AF AS.AF A.AF LDSG.AF AGVDS.AF SDG.AF LDSMG.AF EDSMG.AF EY.AF DRSMZG.AF PRYT.AF LZ
                                                                            C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:Microsoft Cabinet archive data, 58936 bytes, 1 file
                                                                            Category:dropped
                                                                            Size (bytes):58936
                                                                            Entropy (8bit):7.994797855729196
                                                                            Encrypted:true
                                                                            SSDEEP:768:A2CCXehkvodpN73AJjDzh85ApA37vK5clxQh+aLE/sSkoWYrgEHqCinmXdBDz2mi:i/LAvEZrGclx0hoW6qCLdNz2pj
                                                                            MD5:E4F1E21910443409E81E5B55DC8DE774
                                                                            SHA1:EC0885660BD216D0CDD5E6762B2F595376995BD0
                                                                            SHA-256:CF99E08369397577BE949FBF1E4BF06943BC8027996AE65CEB39E38DD3BD30F5
                                                                            SHA-512:2253849FADBCDF2B10B78A8B41C54E16DB7BB300AAA1A5A151EDA2A7AA64D5250AED908C3B46AFE7262E66D957B255F6D57B6A6BB9E4F9324F2C22E9BF088246
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: MSCF....8.......,...................I........S........LQ.v .authroot.stl..0(/.5..CK..8T....c_.d...:.(.....].M$[v.4CH)-.%.QIR..$t)Kd...D.....3.n..u..............|..=H4.U=...X..qn.+S..^J.....y.n.v.XC...3a.!.....]...c(...p..]..M.....4.....i...}C.@.[..#xUU..*D..agaV..2.|.g...Y..j.^..@.Q......n7R...`.../..s...f...+...c..9+[.|0.'..2!.s....a........w.t:..L!.s....`.O>.`#..'.pfi7.U......s..^...wz.A.g.Y........g......:7{.O.......N........C..?....P0$.Y..?m....Z0.g3.>W0&.y](....].`>... ..R.qB..f.....y.cEB.V=.....hy}....t6b.q./~.p........60...eCS4.o......d..}.<,nh..;.....)....e..|....Cxj...f.8.Z..&..G.......b.....OGQ.V..q..Y.............q...0..V.Tu?.Z..r...J...>R.ZsQ...dn.0.<...o.K....|.....Q...'....X..C.....a;.*..Nq..x.b4..1,}.'.......z.N.N...Uf.q'.>}........o\.cD"0.'.Y.....SV..g...Y.....o.=.....k..u..s.kV?@....M...S.n^.:G.....U.e.v..>...q.'..$.)3..T...r.!.m.....6...r,IH.B <.ht..8.s..u[.N.dL.%...q....g..;T..l..5...\.....g...`...........A$:...........
                                                                            C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):326
                                                                            Entropy (8bit):3.1147363886328936
                                                                            Encrypted:false
                                                                            SSDEEP:6:kK7jswwDN+SkQlPlEGYRMY9z+4KlDA3RUegeT6lf:z7kPlE99SNxAhUegeT2
                                                                            MD5:1C03B04B77FA11EE0EDA9CEAF6371A9C
                                                                            SHA1:FA7042E52A72BCA4063B9D4F75D10ADD2FC1BDBD
                                                                            SHA-256:C56E2274254BF9F1FB47E7FD3C329727F1A22FB3BE5F2DFD8BFD837A291A66EB
                                                                            SHA-512:17ED3C4463379BDF41A67CDCD5704A12A9CCDAF90C7552A281401F63E4F54F4FD7D30479D6FE1EA92470569EEBFB4DC349C6082116E386FB9EBD4A8014F3D3FB
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: p...... .........}.Li...(....................................................... ..........Y.......$...........8...h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".0.6.9.5.5.9.e.2.a.0.d.6.1.:.0."...
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\05623d2a-9f6b-430e-89a0-1cdad6d921d1.tmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):94772
                                                                            Entropy (8bit):3.745354313889532
                                                                            Encrypted:false
                                                                            SSDEEP:384:aDLws+F3exuoVdfk7NIrRvEQ37I+jH+zGfyrNSkux7qaOtrpAmdRvhCIQEbO+a4/:c+615W+8DIebqkW4XDioKCoEv7
                                                                            MD5:0E221F219B5844ABC97FBBA13306B081
                                                                            SHA1:2411AAA514F69ABF96E7E31093BC774219A1AC6F
                                                                            SHA-256:EE3F48837C519BD4A249AC8D201FBCF3D47E19C3412298F551A1077B87DD5B2D
                                                                            SHA-512:195970B75D198A84F81A1ACED086DC39F18DB56924BEBE4ED19477A8850D1498607934041704E9DB1E1A681EAB3CE732295DE3DEEC300F64DBDB62A46A49A53A
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0r..............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n.....8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\2f0a14ca-cfea-495a-a152-813c138fc321.tmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text, with very long lines, with no line terminators
                                                                            Category:dropped
                                                                            Size (bytes):154967
                                                                            Entropy (8bit):6.052281601337477
                                                                            Encrypted:false
                                                                            SSDEEP:3072:3pvGyAE4f2Rh9ITWGFcbXafIB0u1GOJmA3iuRB:syL4eD92aqfIlUOoSiuRB
                                                                            MD5:2936323F914E52DA1B945E9FD62DB43D
                                                                            SHA1:269666CFB1C4610FD084C43BC85458EF7EEF2EBF
                                                                            SHA-256:46A48F97C878088FC621D4B47B05CC79B926A39476470535D348404740D53146
                                                                            SHA-512:70FFA78265B80AD1327BE2AF1509D748058CF4A063A61449EFC0087BEB84AE001A759220DE54C4D0ACA903129C18A172F3889DE6DD12101BC498F1E2D9F21E64
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.610624102862149e+12,"network":1.610591704e+12,"ticks":98846720.0,"uncertainty":4426648.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016975779"},"plugins":{"metadata":{"adobe-flash-player":{"displ
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\3869217b-4ca4-4f52-ae27-462c1ad3ca55.tmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text, with very long lines, with no line terminators
                                                                            Category:dropped
                                                                            Size (bytes):154795
                                                                            Entropy (8bit):6.051843584372805
                                                                            Encrypted:false
                                                                            SSDEEP:3072:HpvGyAE4f2Rh9ITWGFcbXafIB0u1GOJmA3iuRB:8yL4eD92aqfIlUOoSiuRB
                                                                            MD5:286DFBA935694E76051888C4E342DEBF
                                                                            SHA1:D409711E1B81CD7CC9A009ECC750601AC26C053C
                                                                            SHA-256:0AB960AE61F0A983B71AAB67FE46C303422324DB5E38B2C4B52B1344CDD78146
                                                                            SHA-512:8423F3F2A6521A42962E8B7F6A2685E65C7493B97A4FB54EFC890A095F7F01BA9EB28B7A9DD9C144BAD523F027364DC1FF5B36C544AC80F93A0C0855CDB5A02B
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.610624102862149e+12,"network":1.610591704e+12,"ticks":98846720.0,"uncertainty":4426648.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016975779"},"plugins":{"metadata":{"adobe-flash-player":{"displ
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\5c578af4-117b-4e14-b73d-e4e196d14b81.tmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text, with very long lines, with no line terminators
                                                                            Category:dropped
                                                                            Size (bytes):155053
                                                                            Entropy (8bit):6.052451277937765
                                                                            Encrypted:false
                                                                            SSDEEP:3072:qpvGyAE4f2Rh9ITWGFcbXafIB0u1GOJmA3iuRB:PyL4eD92aqfIlUOoSiuRB
                                                                            MD5:E01231D726533CAC4DCDA8CFEF618989
                                                                            SHA1:C536387893DCDED19FC66F06797D9CE75A2E7C60
                                                                            SHA-256:4E3F00DD62837E4B6B3E95596AE09A227B431F18AD2BE838D26E94BF42E4E158
                                                                            SHA-512:D9C1445311FDA40E86E28915570CF69211ECCC12D4D7E2D36B0825D1018A930F5371CB5C902847C156099E42FB03D650C011043FD3FF9B52B57898D5779D23ED
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.610624102862149e+12,"network":1.610591704e+12,"ticks":98846720.0,"uncertainty":4426648.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016975779"},"plugins":{"metadata":{"adobe-flash-player":{"displ
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\619dba73-08f2-496c-b9d8-2f5f36f97d94.tmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text, with very long lines, with no line terminators
                                                                            Category:dropped
                                                                            Size (bytes):163267
                                                                            Entropy (8bit):6.082344574199982
                                                                            Encrypted:false
                                                                            SSDEEP:3072:k2FpvGyAE4f2Rh9ITWGFcbXafIB0u1GOJmA3iuRB:piyL4eD92aqfIlUOoSiuRB
                                                                            MD5:CCDF2DAF77AC08AFE363634CE95D8404
                                                                            SHA1:2A74E08A6796B92DCA747037E40F815B9FEC1AF7
                                                                            SHA-256:EE654CBF7FDC1810DC88280C78F3A8543A9C080F293C11F302658C3E26DCA683
                                                                            SHA-512:EC7CF0A751E509B6FA9F53EF0AF55B927723C89C42EC38F40CB998259607F91B4EA7145CFA1F61ADFE889C2D69457BC25FE5EB18F3239B71DC7ECADD753A7922
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.610624102862149e+12,"network":1.610591704e+12,"ticks":98846720.0,"uncertainty":4426648.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016975779"},"plugins":{"metadata":{"adobe-flash-player":{"displ
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\75d83c73-531e-4d63-aeec-597a35a58acf.tmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text, with very long lines, with no line terminators
                                                                            Category:dropped
                                                                            Size (bytes):163267
                                                                            Entropy (8bit):6.082344159659306
                                                                            Encrypted:false
                                                                            SSDEEP:3072:R2FpvGyAE4f2Rh9ITWGFcbXafIB0u1GOJmA3iuRB:QiyL4eD92aqfIlUOoSiuRB
                                                                            MD5:0FE2BA7690B026BA9E8B27D69906EA0C
                                                                            SHA1:EA68CE9F9096CB2AD2318C5B281B748B6083A782
                                                                            SHA-256:0F15D8EAEE65F733358B424D01A86DE441931254030978EAC531A7178921B598
                                                                            SHA-512:E71F511425BB65BD600B07AD7ACF5EAC8900DA4930B32D1CF38272E61D638E95E29E5B791FC1688625785928208A8B2EA632812AA8D90781A03F02832F751D17
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.610624102862149e+12,"network":1.610591704e+12,"ticks":98846720.0,"uncertainty":4426648.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016607996"},"plugins":{"metadata":{"adobe-flash-player":{"displ
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\7f7be7fd-329d-4aa4-b739-c30a1c8555ff.tmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text, with very long lines, with no line terminators
                                                                            Category:dropped
                                                                            Size (bytes):163267
                                                                            Entropy (8bit):6.082343020846282
                                                                            Encrypted:false
                                                                            SSDEEP:3072:RwOpvGyAE4f2Rh9ITWGFcbXafIB0u1GOJmA3iuRB:+ryL4eD92aqfIlUOoSiuRB
                                                                            MD5:7246AEA3B22260616690DFD905932AC8
                                                                            SHA1:8964637684B7049AE53A01681451F991D43B3E2F
                                                                            SHA-256:70FC9C5E998573EBB8E4B2412875C1D488BC82D1FFA82897E04CD6670F8F1FF3
                                                                            SHA-512:D833A98B5C67816DF85A4A35F1A1C1EFA85A56271CFD34088616984909E77A70E93E2E14E4B72C2912CF24D45BEF0A16771C4023ED709CE2ED0B18965A4937CF
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.610624102862149e+12,"network":1.610591704e+12,"ticks":98846720.0,"uncertainty":4426648.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016607996"},"plugins":{"metadata":{"adobe-flash-player":{"displ
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):120
                                                                            Entropy (8bit):3.254162526001658
                                                                            Encrypted:false
                                                                            SSDEEP:3:FkXft0xE1G1mstft0xE1G1mstft0xE1n:+ftIE1G1mkftIE1G1mkftIE1n
                                                                            MD5:E9224A19341F2979669144B01332DF59
                                                                            SHA1:F7F760C7104457DF463306A7F7BAE0142EFCEB5B
                                                                            SHA-256:47DD519C226D23F203ACAE0EC44DF9BB6208828E24F726E1602EA52F63C3E2BE
                                                                            SHA-512:4184302DEB5009D767FECFC150F580DD57D5CF9CF3BFEB7E52C9F3340E5E6499251B9F0DFF37F0454411FED9046880E0A9204312D021294256372C916B8155AC
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: sdPC....................s}.....M..2.!..%sdPC....................s}.....M..2.!..%sdPC....................s}.....M..2.!..%
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\18604c9d-687e-4ec8-8632-039633ca9d57.tmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text, with very long lines, with no line terminators
                                                                            Category:dropped
                                                                            Size (bytes):5856
                                                                            Entropy (8bit):5.177739336997556
                                                                            Encrypted:false
                                                                            SSDEEP:96:nRVF7P4vBgOo7B3cVbAok0JCvRLL8HkJ1qbOTQVuwn:nRVJ4vBY3cR/4vZ2kJ6
                                                                            MD5:33F97F9F75D7EB4085E9618DD1DED411
                                                                            SHA1:E0B065C1096CD8950A1D4771D205C19CCBCA37B5
                                                                            SHA-256:045756AFD0ADFE769CFD8B3519BA4858E51DB0907DAE058DFD461FAFFC1B0A00
                                                                            SHA-512:DBD866F44C76A783D953A704156D9421995C3383E67DD54D5895F5388A54C26B376B217F62C07C16732F38C67B111251CE1357A560F36C5BC8B48C985D5A2618
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13255097700175456","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5ac51b47-c0b3-409e-bee3-ca09c775eba3.tmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                                                                            Category:dropped
                                                                            Size (bytes):22612
                                                                            Entropy (8bit):5.535491559862798
                                                                            Encrypted:false
                                                                            SSDEEP:384:F5ttPLlQzXE1kXqKf/pUZNCgVLH2HfD8rUhHGznTVBLIpI4r:7LlyE1kXqKf/pUZNCgVLH2HfQrUVGzno
                                                                            MD5:7D40653C2F4E457AC9FEB3A9F8606CF6
                                                                            SHA1:3A001B763A925606633AFF2C0899052C25DA1247
                                                                            SHA-256:076BDDE7806CEF9036F7B5939F87C56775E9C4E94259A86225BAE89F70FCA26D
                                                                            SHA-512:5D33F05CD82643C788B889F1FAC1F91F5F6DB49019936D9FCF1F4DB7E7D06ED31F4264AA7672FADED6900788CD69F68379F697823990502BC1DEA37D07EAD05F
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13255097699940971","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\61373cca-c9fa-4409-9b5e-c4ae1236c0c1.tmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text, with very long lines, with no line terminators
                                                                            Category:dropped
                                                                            Size (bytes):5882
                                                                            Entropy (8bit):5.180333257084749
                                                                            Encrypted:false
                                                                            SSDEEP:96:nRVFAP4vBgOo7B3cVbAok0JCvRLL8HkJ1AbOTQVuwn:nRVs4vBY3cR/4vZ2kJ8
                                                                            MD5:9BCA3AAAEE2B593AAEFF1746DE50325A
                                                                            SHA1:5BFDA26D054D4CF2208342BE75E9865AC96E76B7
                                                                            SHA-256:ABF0569041AF89C3F5AD476204638856F37EBB757273633D9447BE943AB6F3AD
                                                                            SHA-512:DC1174202559064469F286D1B867AF586761645AE585D5AA87A84C377F06993BC770D94EA3A1BFDF78726938264176843DDB1B33E0977155734A3BA9DBA6DA9B
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13255097700175456","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\806616d3-66ee-43cf-9d05-b8618ac7db1e.tmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text, with very long lines, with no line terminators
                                                                            Category:dropped
                                                                            Size (bytes):5579
                                                                            Entropy (8bit):4.903901586100022
                                                                            Encrypted:false
                                                                            SSDEEP:96:JzfEMZ6krvGLEUFEHGdE96VEwMDVKiDGizGvGSrxGL33GRGAGIGsGWGwhH:JzfEMZ6krvsEjHn96VEwMDVnDfzc1rx3
                                                                            MD5:CB7234C2392BE3A68D617FE04EA88698
                                                                            SHA1:7FB1B45534DDF7BFE858F9661F017193D3231E59
                                                                            SHA-256:EA4B706953DFEB1560D13FA86C3716D322373238FF526ABAC8EFCD277E60A430
                                                                            SHA-512:FFECA8ACA0212710FE35C066A1C967C70BF3C645C850CAC0BDB358CEBB72BDD405DD16D2FF43A22088F30B6CAE6CEA308F9D33D1FEDAC355E3EFD0D716A0325F
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: {"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13257689702765388","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://accounts.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13257689702819585","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://redirector.gvt1.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13257689703034541","port":443,"protocol_str":"quic"},{"advertised_versions":[50],"expiration":"13257689703034546","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://r1---sn-4g5e6nsk.gvt1.com"},{"isolation":[],"server":"https://stackpath.bootstrapcdn.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13257689704702531","port":443,"protocol_str":"quic"}],"isolation":[],
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\990e74f0-26d8-4e95-a1fc-1ae20936dc1e.tmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:very short file (no magic)
                                                                            Category:dropped
                                                                            Size (bytes):1
                                                                            Entropy (8bit):0.0
                                                                            Encrypted:false
                                                                            SSDEEP:3:L:L
                                                                            MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                            SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                            SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                            SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):331
                                                                            Entropy (8bit):5.220030633675435
                                                                            Encrypted:false
                                                                            SSDEEP:6:mouUpM+q2PWXp+N23iKKdK9RXXTZIFUtpnI9mZmwPnXcMVkwOWXp+N23iKKdK9Rn:O+va5Kk7XT2FUtpIg/PtV5f5Kk7XVJ
                                                                            MD5:34FE07A5A3A915EF1B0D8F857D6B33D5
                                                                            SHA1:530C04A4D3038CACA992CD559B150F2AA5F4D1B6
                                                                            SHA-256:6850C9A0B5F964CDB3B0AE2D9F2D58F577FA45ED25D28E7AA0B85F33E50EC8BF
                                                                            SHA-512:CE1C2E73AD4A25FB74ECB07ED98C7846719A6DC1AD7FFE9DB13458258A9A9AB89E8B15D7751306083E372245498C0CF7B66FDC65440D884C118479511629A76D
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:06.449 a1c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2021/01/14-03:35:06.459 a1c Recovering log #3.2021/01/14-03:35:06.460 a1c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):315
                                                                            Entropy (8bit):5.178730225749796
                                                                            Encrypted:false
                                                                            SSDEEP:6:mo+MM+q2PWXp+N23iKKdKyDZIFUtpn7JZmwPnkUpMVkwOWXp+N23iKKdKyJLJ:uN+va5Kk02FUtpt/PdiV5f5KkWJ
                                                                            MD5:8BEE25F7EF838476BA848275C92C8D5C
                                                                            SHA1:757F27AAE835ABBE21F289AFCA36C35A14A97D5D
                                                                            SHA-256:0378612BA41C0FE77D82322259BEB5E98F933E2B9F0B9FBF19606339FEFD090B
                                                                            SHA-512:B7698AF4019AFB7A7ABEDBED80CDB8786E9920922350DFCEEFD47479630EA686436A2FD15AAB12D74253092C505466B84B6D20FC5A63D9EEA6A76ECD7E76355C
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:06.441 a1c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2021/01/14-03:35:06.442 a1c Recovering log #3.2021/01/14-03:35:06.443 a1c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\04e8b7623a668c0b_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):367
                                                                            Entropy (8bit):5.835768793893709
                                                                            Encrypted:false
                                                                            SSDEEP:6:m9nYGLKdGMwjM71/oAiwNTkbOaEGla6Ds3uX0cuDMntOHvXDzrzK6t:Z9wwhviwG9UEs+ENDFHLzx
                                                                            MD5:FA119FAD4469B9D0B915BEF62AEEAADC
                                                                            SHA1:CBDEE0339E9D1921D726D54EF0396B0AF3BA471A
                                                                            SHA-256:2059EED26A077B2D992F03A1F2E0E3BEB9B7ACF9DB6A46F8977F37B73D9C8739
                                                                            SHA-512:DD8AEBC81341D9011ECBF3D99EAB708D5DDEC973A8C96CE0A66B2FD12833E5885DC69EEEDDD11ADB25095D4AB9344560D471DC61F6D41123CF56A2C83AE1A952
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m..........A.r5...._keyhttps://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdentityPoliciesUi.en.3Jg6ZTi5ayM.es5.O/am=CkAB/d=1/excm=_b,_tp,termshomeview/ed=1/dg=0/wt=2/ct=zgms/rs=AOaEmlFFDbpuT_1RinU2yuadiT_uVbzwQg/m=_b,_tp .https://google.com/7...p./.....................zF..(..C!i&..*..%.Yq.H.NR.....A..Eo.........e.........A..Eo..................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\12d96302da194ceb_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):410
                                                                            Entropy (8bit):5.723827304478
                                                                            Encrypted:false
                                                                            SSDEEP:6:mNlXYGLIe/TFDn7LgkDv6LlIbqUTgzbK6tEkv6j9lIbqUTgCwkv6OXlIbqUTgf7:OmepDHgyQoWNOU6okU94K
                                                                            MD5:BFC2B7CBFE5B429BEB7728C3BD008543
                                                                            SHA1:741FA7102C137802B0F3E60791824F88DFB3E33B
                                                                            SHA-256:D69B1CFFB9EB3F73DDA7C72154FBFFE03C929A2466934E87B4ED977C8E2143D8
                                                                            SHA-512:44E96E436AC265E3CBA8EEEAA1C4318CA230B5FFF296064B14D7EEDF1C3E657FD2F8B407E2CE24998000BE4EF897D9830D5CCB1DAB02887DD0E3763213712D97
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m......n....T.3...._keyhttps://www.google.com/js/bg/7JZ2fmCMVOl0vw20xI3AsjDeeds-Si0AsriAJ95C_5g.js .https://youtube-nocookie.com/...p./.............@........i....K...d.7...@.yZ....Z..$..A..Eo......?N...........A..Eo.....................p./.....................i....K...d.7...@.yZ....Z..$..A..Eo........@J...........p./.....................i....K...d.7...@.yZ....Z..$..A..Eo......^A..........
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\14c2b88df9afed01_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):1013
                                                                            Entropy (8bit):6.049158741585535
                                                                            Encrypted:false
                                                                            SSDEEP:24:Q76ww9iHhCNjF5mzgqMZkCM+Tv7WblOUANgXYWA:BNU45U9CMav7WbbAKRA
                                                                            MD5:D24EA5C1CD7482F361DA3B7D75501455
                                                                            SHA1:140C49E62D39FC2E81F0527208E9F5366E0DB3F6
                                                                            SHA-256:ABD26E6C6171E6D9B2F7A66973B0F623C4E345F0F44A2C81E19D798EB1B9AD3E
                                                                            SHA-512:9F6CAF594438F45F2612F0AC970FD07DB757A087485FBA01A8C9F960926304B33098B40F4AB989574276D656EFBDCD60AEA213C7D050CEB760903E5296E36376
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m......q.....~....._keyhttps://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdentityPoliciesUi.en.3Jg6ZTi5ayM.es5.O/ck=boq-identity.IdentityPoliciesUi.eoF_MQihPJ4.L.B1.O/am=CkAB/d=1/exm=A7fCU,BVgquf,CBlRxf,COQbmf,EFQ78c,EGlAz,HDvRde,HLo3Ef,IZT63,JNoxi,Jis5wf,KG2eXe,KUM7Z,L1AAkb,LEikZe,LGJfp,MdUzUe,MpJwZc,NpD4ec,NwH0H,O6y8ed,OmgaI,PQaYAf,PrPYRd,QLpTOd,RMhBfe,Ru0Pgb,SF3gsd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,UgAtXe,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Y2UGcc,YLQSd,YTxL4,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,b7FMof,blwjVc,byfTOb,duFQFc,e5qFLc,fKUV3e,gychg,hc6Ubd,iTsyac,iWP1Yb,lPKSwe,lsjVmc,lwddkf,n73qwf,o02Jie,oWOlDb,p8L0ob,pB6Zqd,pjICDe,qmdT9,r2V6Pd,rE6Mgd,rHjpXd,tfTN8c,vfuNJf,w9hDv,ws9Tlc,x60fie,xQtZb,xUdipf,xiqEse,yDVVkb,yJVP7e,zbML3c,zy0vNb/excm=_b,_tp,termshomeview/ed=1/wt=2/ct=zgms/rs=AOaEmlFcqgQykAXVh8K7ZkYJRF9gJpU4oA/m=FqLSBc,A4UTCb,krBSJd,VXdfxd,uiNkee,wmlPKb,IavLJc .https://google.com/.z..p./.........................z.uf......H../q..tg....L.A..Eo......>'.5.........A..Eo.....
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1ee63ee50b839f33_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):1023
                                                                            Entropy (8bit):6.050449954647684
                                                                            Encrypted:false
                                                                            SSDEEP:24:ajww9iHnNjF5mzgqMZkCM+TJ/7WblOUf5NgXYpAH:ajNUn5U9CMaJ/7WbbBKCA
                                                                            MD5:98AC13A8E7964A00D166EFF5DCBFCC6F
                                                                            SHA1:FF43B049BB54D881E89ABACD28D91593D8A6FBC5
                                                                            SHA-256:EA9351EC102AF8BD8E054B766A98F0605C43AF4F08975A500688EF0539E63883
                                                                            SHA-512:4034FCB7CA5BDBAAB08D21982C05ABB11378D85F6A0FD1FEB0F5A86D867B53C139353985D30D622704E54EA38FDCFBC7C11E503667FA10EB2175B0AA33E17017
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m......{....=.p...._keyhttps://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdentityPoliciesUi.en.3Jg6ZTi5ayM.es5.O/ck=boq-identity.IdentityPoliciesUi.eoF_MQihPJ4.L.B1.O/am=CkAB/d=1/exm=A7fCU,BVgquf,BqFhcd,CBlRxf,COQbmf,EFQ78c,HDvRde,HLo3Ef,IZT63,JNoxi,Jis5wf,KG2eXe,KUM7Z,L1AAkb,LEikZe,LGJfp,MdUzUe,MpJwZc,NpD4ec,NwH0H,O6y8ed,OmgaI,PQaYAf,PrPYRd,QLpTOd,RMhBfe,Ru0Pgb,SF3gsd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,UgAtXe,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Y2UGcc,YLQSd,YTxL4,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,b7FMof,blwjVc,byfTOb,duFQFc,e5qFLc,fKUV3e,gychg,hc6Ubd,iTsyac,iWP1Yb,lPKSwe,lsjVmc,lwddkf,n73qwf,nBisbb,o02Jie,oWOlDb,p8L0ob,pB6Zqd,pjICDe,qmdT9,r2V6Pd,rE6Mgd,rHjpXd,tfTN8c,vfuNJf,w9hDv,ws9Tlc,x60fie,xQtZb,xUdipf,xiqEse,yDVVkb,yJVP7e,zbML3c,zy0vNb/excm=_b,_tp,privacyhomeview/ed=1/wt=2/ct=zgms/rs=AOaEmlFcqgQykAXVh8K7ZkYJRF9gJpU4oA/m=FqLSBc,A4UTCb,krBSJd,VXdfxd,uiNkee,wmlPKb,IavLJc .https://google.com/....p./...................._F.v%.i..WD.....Ph.............A..Eo......!.TZ.........
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2388fecebc52f9fe_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):457384
                                                                            Entropy (8bit):6.122419686586124
                                                                            Encrypted:false
                                                                            SSDEEP:12288:5PsxvCzRfP7jB1fM8JNGm8zlfguITFkUREL1J5I56BL:WUR6ekUaLtu61
                                                                            MD5:58C244CD5653B09FC3997B68B64CEC52
                                                                            SHA1:EE6729BD8840630591374BBA333870463A5ACA1A
                                                                            SHA-256:AD96BB90C4312595E200BFE2E89405A7B38E55C4F4DE2221B7F1797CBC894484
                                                                            SHA-512:96A7EF40605580EBC8F31C59528B1C8186C333C224C66442202CE0B64CF6210E5C2C097390D93FF52D6327FC2CDB43B228683BDEFF5052C906303C013A66F189
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m......@....F......C681027E7B1A436BD42611AA9D97C8F0583D53E892BC14DE989B023E670878D9..............'.h6....O~........6\.................h...................h.......................................................................@.......................................l.......|...........,...p...........(...................`...................T...t...........L.......8...........................l...............................\...............x.......t...T.......l.......d.......T...........X................................................................................................................... ....................(S.<..`2.....L`.....(S...i..`.L.......L`Z........Rc............\.............Qb..a.....H.....Qb...K....U.....Qb.`......y.....Qb.......W......O...Qb........n.....Qb.H`.....FH....Qb.z......Mj....Qb.@7z....JG....Qb~.S.....be....Qb.@}.....$B....Qb..b.....TE....Qb.w.$....Y3....Qb6. c....ZR....Qbv.......TS....Qb..N....PK....QbJ.lF....aL....Qb..3.....GE....Qb.@......k8.
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\252603ae5628212e_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):974
                                                                            Entropy (8bit):6.038639268103208
                                                                            Encrypted:false
                                                                            SSDEEP:24:fww9iHS5Nm8F7ptJ3HqbQUtrjdnLHyaz7KXeg:fNUghzJ39SrjdLHQ
                                                                            MD5:8BCD79CC97AD73EC16759F5C3F431CF1
                                                                            SHA1:28DA14931AEC95238E9D044F45F4C70BD5EF7736
                                                                            SHA-256:DD6F6E26460184680B99062D6A34F5D321CDA7B815C238ABA1848596244D95EB
                                                                            SHA-512:34CF4A8842A3574E22F9B0AA9599501F4CDFEEED91EC39C4C2F8FCBEAF6216BCDA4D27DEE2408B5170B0284BAEBD54EE2E32D14DFE3E16A7D706B633AF33B092
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m......J....p......_keyhttps://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdentityPoliciesUi.en.3Jg6ZTi5ayM.es5.O/ck=boq-identity.IdentityPoliciesUi.eoF_MQihPJ4.L.B1.O/am=CkAB/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,privacyhomeview/ed=1/wt=2/ct=zgms/rs=AOaEmlFcqgQykAXVh8K7ZkYJRF9gJpU4oA/m=n73qwf,ws9Tlc,IZT63,e5qFLc,UUJqVe,vfuNJf,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,U0aPgd,ZwDk9d,V3dDOb,r2V6Pd,nBisbb,p8L0ob,O6y8ed,NpD4ec,PrPYRd,MpJwZc,SF3gsd,NwH0H,OmgaI,HLo3Ef,x60fie,xiqEse,Y2UGcc,XVMNvd,L1AAkb,KUM7Z,rE6Mgd,duFQFc,Jis5wf,hc6Ubd,lwddkf,gychg,w9hDv,RMhBfe,Ru0Pgb,SdcwHb,aW3pY,YLQSd,PQaYAf,iWP1Yb,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,b7FMof,CBlRxf,xQtZb,lPKSwe,MdUzUe,o02Jie,JNoxi,rHjpXd,yDVVkb,pB6Zqd,iTsyac,zbML3c,KG2eXe,Uas9Hd,BVgquf,YTxL4,yJVP7e,tfTN8c,QLpTOd,VwDzFe,zy0vNb,HDvRde,LGJfp,A7fCU,oWOlDb,UgAtXe,qmdT9,BqFhcd,pjICDe .https://google.com/v...p./....................gG.pd.i\Q......$.e3....RA.P..R.A..Eo...................A..Eo..................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\29ca6f217824d8ed_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):503
                                                                            Entropy (8bit):5.611776999087984
                                                                            Encrypted:false
                                                                            SSDEEP:6:mg+PYGLUxwzDT2buGgkov6g1XSShYRK6ts6mXSShLMX+6flXSShMO6QXSShjl/:N+D6buGgrrHyutqOU32ODp
                                                                            MD5:77AB10431637FB04BF316F4CE9113B88
                                                                            SHA1:40BA6B17A40FADC44168F83C06355DE4E0BEFC02
                                                                            SHA-256:961C4BA2A5BAA897D590251EBD640A40C108844F411DB362E95305044808CA91
                                                                            SHA-512:EA317C95AF2C74714E1AF6DA4F316985064FA8972AC5DC06C9C215A469969B839025C8110CE522B6836CA0FAA3D7FEA1C49636D9F5685C21E640A930350CF9AA
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m......w.....4G...._keyhttps://www.youtube-nocookie.com/s/player/9f996d3e/player_ias.vflset/en_US/remote.js .https://youtube-nocookie.com/...p./.............;.......0.&.s.......}..T..T"{..S*.|pA.A..Eo........d..........A..Eo.....................p./.............u.......0.&.s.......}..T..T"{..S*.|pA.A..Eo.......Js............p./.............|.......0.&.s.......}..T..T"{..S*.|pA.A..Eo.......Q<............p./....................0.&.s.......}..T..T"{..S*.|pA.A..Eo.......L.?........
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\36db2ea73c74132d_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):429
                                                                            Entropy (8bit):5.623719379203597
                                                                            Encrypted:false
                                                                            SSDEEP:6:mPXYGLUxwz7Cj4PY0c71j4GgkyMcKkZ04ghK6txdkZ04+QXKkZ0407:m+sPjcRsGgfAge5gl6gG
                                                                            MD5:3298ED2E0A1C1ED0BF26C1EB0F96696A
                                                                            SHA1:CE05A0D398A5C3BBDE195AE36C9D7B702375A73D
                                                                            SHA-256:210B9BF92DC568B3CF0D14B14D3E87F3888DFF9E58EBA33D5B19D4D83BF0C221
                                                                            SHA-512:AA68387DB6C9A1015D36486D12D5C6B409DF585FE032DCB0B3DC4707205EDAF1CFC5B3E31E5D2929E2E92269E5D142B7335F4BD3451BB85D91B5C5D395C78DBE
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m............Q....._keyhttps://www.youtube-nocookie.com/s/player/9f996d3e/www-embed-player.vflset/www-embed-player.js .https://youtube-nocookie.com/.@..p./...................?..G.{.-?.......Z..G.;.M..cZ.bj.A..Eo........)u.........A..Eo...................@..p./...................?..G.{.-?.......Z..G.;.M..cZ.bj.A..Eo......C...........@..p./...................?..G.{.-?.......Z..G.;.M..cZ.bj.A..Eo......q.t........
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3dbe54b7c92541c6_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):202
                                                                            Entropy (8bit):5.486807831867628
                                                                            Encrypted:false
                                                                            SSDEEP:6:m2p7EYGL+MIwJJ5ujKyMIpw05E+4kK6t:Bp7sIwvU26pBLJ
                                                                            MD5:388BF75382E46D0DA877DD76897F26E9
                                                                            SHA1:7B2DFE758461290F9A2879F70BD6DF821B6CCCA7
                                                                            SHA-256:186B5997FC92CC2AE1BC9613B0E1FF9B7B4BED07D68E85B361AA5DA9DEFB11ED
                                                                            SHA-512:3407F825A22EE0CEE3D45D578C058894209A3CC5C2CF0AE39F56784063B8C7BB070AEC23590414A790058499B1570B55C59EAF3648E85061FC5F4F7623F52DDB
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m......F...W......_keyhttps://www.google-analytics.com/analytics.js .https://google.com/....p./.............7............f.\M.+.....f.P(G.....v..G.A..Eo......<..6.........A..Eo..................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\54d4247ebaa5c46c_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):443
                                                                            Entropy (8bit):5.891170131212238
                                                                            Encrypted:false
                                                                            SSDEEP:6:mJbEYGLKdGMwjM71/oAi+R3M713ptxXs7ImIbdGjsx3vikvimuk16f7cykgnGfBT:mh9wwhvic8hZ3sU5Y2vikvi78kki8l1
                                                                            MD5:963DC59707BF77E708528D502C31466B
                                                                            SHA1:C6D00F1D84A75ADDEB75AAA7329AB5CE85208BF8
                                                                            SHA-256:DB7D734CE7D8A19B14471EED74DB7A22FC734682C69BD2CFAC4114ABC8EC640E
                                                                            SHA-512:82570CB3B3E2ED21B5D46302F875DCB1EC07F5F96EDB081C083CD7946D62D813B4148C6338E64AE254A144850A8AA62669C2E1A8BF30945A6343C7DA56A7D6C9
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m......7...~......._keyhttps://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdentityPoliciesUi.en.3Jg6ZTi5ayM.es5.O/ck=boq-identity.IdentityPoliciesUi.eoF_MQihPJ4.L.B1.O/am=CkAB/d=1/exm=_b,_tp/excm=_b,_tp,privacyhomeview/ed=1/wt=2/ct=zgms/rs=AOaEmlFcqgQykAXVh8K7ZkYJRF9gJpU4oA/m=byfTOb,lsjVmc,LEikZe .https://google.com/.f..p./.............:.......~}Fi.1..H7jg.A.....AZ.?....]"...A..Eo......o..v.........A..Eo..................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\797e4b0541426e04_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):232
                                                                            Entropy (8bit):5.6835958082204865
                                                                            Encrypted:false
                                                                            SSDEEP:6:mY2YGLIWNuV5jWcvuecbsk/SmRdsnpnK6t:vPWk5hmeXkjdE
                                                                            MD5:62E6F6285A3E98D5BB1A2A8212F2D017
                                                                            SHA1:81FDE589483495F65DE253B3B80D0E0FA7612E94
                                                                            SHA-256:B88060E8A7BD1F6D5BE25C582C57F3A44B91F99CB8207EBFBEB530D670054325
                                                                            SHA-512:9D28F222CAC0337C99E7A4DE08DAA3589E6DC0F0635A3B4E38BF673F21941158010DC7C3D7C45CE7B9F322F092EF86E24CFAFA6506058D6ADBADD14612309FD5
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m......d.....M....._keyhttps://www.google.com/js/bg/-G8VfAKUYb8WxmX_w6Q8mys20oGpQXMrrcIJY5m4T6M.js .https://google.com/5.$.p./.............>.......p..V...\..P......L...p...}Y.J..A..Eo......n...........A..Eo..................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\83ad5b4b0431c152_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):238
                                                                            Entropy (8bit):5.544773291153917
                                                                            Encrypted:false
                                                                            SSDEEP:6:m6nYGLKdXNQKTOWcZogvUrccbyDis//aptDv5rBK6t:N6hNQKHcOg8rccb8KptDv5
                                                                            MD5:4CED6B524D5FA191E5E76075396799E1
                                                                            SHA1:8F4ECF0438EC6BFC74F0113448C1DFA9185482B8
                                                                            SHA-256:8211ED0BD04E0FCF1508DFE49BB45D616B99535567D43FDA4DB49D8E6D75A6CD
                                                                            SHA-512:3C40392BAF8DAD1E560D138AE9F04E3F257DFFDE40F177FB5140F91D4CF75C3A94C83BECB6A130CA83F3B88986E9820CEE85F8E93E02B14089BFEF045778FDE4
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m......j....&uC...._keyhttps://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js .http://j-ss.xyz/5...p./.............&.......K..+V.zd-5.n.7.wA~u...A...B.J..d.A..Eo......u.a..........A..Eo..................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\879e0a3f685d08f2_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):338
                                                                            Entropy (8bit):5.796420638424978
                                                                            Encrypted:false
                                                                            SSDEEP:6:mm7YpLZuVvJGDvdwIYXc5nRbsVkcOvluthK5Fqg/K4bK6t:zCLZ0vJsFwHc5psVkcOYXg/Z
                                                                            MD5:2BE7A77BB271B825ADE79B9F8077190A
                                                                            SHA1:D8FB2B5966E9C1C7F7B8A1DF94B677AE5B13059A
                                                                            SHA-256:5252002024831A3C8DF2E8504C028F27B1D6406430BF87E29A6F4560B3AD8A3F
                                                                            SHA-512:69F430F2A51AF8C78B5F3832A969E05F07FFB27463F381C6BE052C1162C936909BA20F87EFA57FB93772C3643779B0F0CD7471BB419DFB22CFD6E5EC9943FD1A
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m..........^......._keyhttps://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.GhYSaDTWhs4.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_CcmyUNBPTBtz4hsH0C6OHKqodVQ/cb=gapi.loaded_0 .https://google.com/.;..p./.....................&.j.H".....G.......q...8wP ...A..Eo........$..........A..Eo..................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8cbd6cb02760d992_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):502
                                                                            Entropy (8bit):5.621393464880085
                                                                            Encrypted:false
                                                                            SSDEEP:12:RoD6mkSgYk+/BOnk+/Bb9ek+/BVuk+/B:RNmZjLOnLb9eLVuL
                                                                            MD5:617656575B31B044940930CD3D280080
                                                                            SHA1:E5D83670AABB7D96BE74AE6F9CFBCB4E72D1F580
                                                                            SHA-256:5A4F6327B61B17E8DA394467D3F1466E3D05032914C6EC62C3D6AAE44404689F
                                                                            SHA-512:9B8B8B04766FFC6BD758DE559A531E340A3BDF7E34F801A21E1E96B1E4EAA6EA99874C1108AAF3628F32492EDD396A4F092E037B388243FE50874F5F0B846EDA
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m......v...7&......_keyhttps://www.youtube-nocookie.com/s/player/9f996d3e/player_ias.vflset/en_US/embed.js .https://youtube-nocookie.com/....p./.............E........#....m..U...'....j..v[.._q.^c.A..Eo.......%2..........A..Eo......................p./.............w........#....m..U...'....j..v[.._q.^c.A..Eo.......q..............p./.....................#....m..U...'....j..v[.._q.^c.A..Eo......nw.6............p./.....................#....m..U...'....j..v[.._q.^c.A..Eo.......yq~........
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8feba683dc703faa_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):373
                                                                            Entropy (8bit):5.913548837371524
                                                                            Encrypted:false
                                                                            SSDEEP:6:mjmRyEYGLKdXNQKTOWcZogRuUnyzpjkAZoDK6t1KoAqK3AQNNpjkAf:pihNQKHcOg8UnEqRCozuNq
                                                                            MD5:11261EDF5338114E0A4A68C0329A2A06
                                                                            SHA1:AA2BBD7CDC2B109504479918C447D6139EDF3DD8
                                                                            SHA-256:7015ECF9B1889A28AA594E4945EBFEFE1112B6BE0D4C1BA863B9F8D58316B447
                                                                            SHA-512:3550154F0D7954A8DC7E9EC052692A5D31991B9FD53C8C1FC7C75EDF9675C4EC73E7A07789264F39778D089D0DA670182BA5592A894F69E6D27BF21C0830BB3D
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m......m...y......._keyhttps://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js .https://google.com/5...p./.............w........E5.}v...#.#{$^H)'..t7.9-Cw.baK..A..Eo.......p...........A..Eo..................5...p./.....C681027E7B1A436BD42611AA9D97C8F0583D53E892BC14DE989B023E670878D9.E5.}v...#.#{$^H)'..t7.9-Cw.baK..A..Eo..........L.......
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9363fc750a36716b_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):441
                                                                            Entropy (8bit):5.877847382866161
                                                                            Encrypted:false
                                                                            SSDEEP:6:mmXXYGLKdGMwjM71/oAi+R3M713ptxXscTkbdGjsx3vikvimuLnyas/0PMDh/26J:XXq9wwhvic8hZ3s/Y2vikvi7cc+267
                                                                            MD5:A3463095A02D7EFC1C0B0034F83210A6
                                                                            SHA1:0ECD35DE8306ADA0BD480F6281475A6F5C85FBC2
                                                                            SHA-256:75C2165589129B1BB26D0DFB87F0A71089C3ABA96E62FD7B2726BF2EB047AB40
                                                                            SHA-512:DECB18D22969C6200C8D17ECD6CCCCF9E009715EBCF31802EE7FDABB722979188D940943143E50D4C2D249516B5AFD0D5D70663F60FC43DEA781C923EA5E0B80
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m......5....\y....._keyhttps://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdentityPoliciesUi.en.3Jg6ZTi5ayM.es5.O/ck=boq-identity.IdentityPoliciesUi.eoF_MQihPJ4.L.B1.O/am=CkAB/d=1/exm=_b,_tp/excm=_b,_tp,termshomeview/ed=1/wt=2/ct=zgms/rs=AOaEmlFcqgQykAXVh8K7ZkYJRF9gJpU4oA/m=byfTOb,lsjVmc,LEikZe .https://google.com/dd..p./.....................?":G...`I.QaOS...g:"......iAu.A..Eo.......~.G.........A..Eo..................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\96bbb1b4acd4294b_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):369
                                                                            Entropy (8bit):5.860943592454429
                                                                            Encrypted:false
                                                                            SSDEEP:6:m/6EYGLKdGMwjM71/oAiwyImIbOaEGla6Ds3uX0cuzDl16RZowbx3/voRK6t:5h9wwhviwh59UEs+ENv6Ztb10
                                                                            MD5:404D89CCFA8D3834BDB93F500B5C95E5
                                                                            SHA1:AADF3CD52072F3C100373A094C91E9ECDBF66769
                                                                            SHA-256:A0D292C26FB5A081DF4CCA9AD014060FA523A2EEB5C2BF8008007DBF7D0AD9B9
                                                                            SHA-512:2BACEE5DC7BA6253923AF59C828A14D431EEC0BAF0819E2DF795F8C4F2A097AE44EDE4F48379F3146FA47BB1E9B818FA1079C7CDE211E83EF8E46AABAC02A252
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m................._keyhttps://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdentityPoliciesUi.en.3Jg6ZTi5ayM.es5.O/am=CkAB/d=1/excm=_b,_tp,privacyhomeview/ed=1/dg=0/wt=2/ct=zgms/rs=AOaEmlFFDbpuT_1RinU2yuadiT_uVbzwQg/m=_b,_tp .https://google.com/5o..p./.............%..........$....~.>)...z.ev....!...z..A..Eo...................A..Eo..................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ace59f701161bfb1_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):1042
                                                                            Entropy (8bit):6.063654788362729
                                                                            Encrypted:false
                                                                            SSDEEP:24:Dww9iHohRoF5mzgqMZkCg+TkE7WblcNUANErP7ZrN:DNUo+5U9Cgaj7WbuiAYP7j
                                                                            MD5:A0955276BCFB15977A76675ABB2F810A
                                                                            SHA1:89C811C308E6E2065CAB7B0978C18777CD3F0C3E
                                                                            SHA-256:721FB9A64EA72B96509D2991117CE6298E06456A4A9CDC132484CD1ADB3696D1
                                                                            SHA-512:E7F83670F977385542EE6C68CAC5F362A1756A8621F5D986D4614306438258B3C417359933AE90E5B87505D914C5B95D6447757F24957B2D0F2CFAE4CA20E679
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m................._keyhttps://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdentityPoliciesUi.en.3Jg6ZTi5ayM.es5.O/ck=boq-identity.IdentityPoliciesUi.eoF_MQihPJ4.L.B1.O/am=CkAB/d=1/exm=A4UTCb,A7fCU,BVgquf,CBlRxf,COQbmf,EFQ78c,EGlAz,FqLSBc,HDvRde,HLo3Ef,IZT63,IavLJc,JNoxi,Jis5wf,KG2eXe,KUM7Z,L1AAkb,LEikZe,LGJfp,MdUzUe,MpJwZc,NpD4ec,NwH0H,O6y8ed,OmgaI,PQaYAf,PrPYRd,QLpTOd,RMhBfe,Ru0Pgb,SF3gsd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,UgAtXe,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,XVMNvd,Y2UGcc,YLQSd,YTxL4,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,b7FMof,blwjVc,byfTOb,duFQFc,e5qFLc,fKUV3e,gychg,hc6Ubd,iTsyac,iWP1Yb,krBSJd,lPKSwe,lsjVmc,lwddkf,n73qwf,o02Jie,oWOlDb,p8L0ob,pB6Zqd,pjICDe,qmdT9,r2V6Pd,rE6Mgd,rHjpXd,tfTN8c,uiNkee,vfuNJf,w9hDv,wmlPKb,ws9Tlc,x60fie,xQtZb,xUdipf,xiqEse,yDVVkb,yJVP7e,zbML3c,zy0vNb/excm=_b,_tp,termshomeview/ed=1/wt=2/ct=zgms/rs=AOaEmlFcqgQykAXVh8K7ZkYJRF9gJpU4oA/m=Wt6vjf,_latency,FCpbqb,WhJNk .https://google.com/....p./.......................7..V_..+.Z.tHa|.!.$...k,J.+..A..Eo
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b6b1d3734915a1e9_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):491
                                                                            Entropy (8bit):5.602671424389355
                                                                            Encrypted:false
                                                                            SSDEEP:6:mUePYYKHRGjgTDJJ6gkf6xRcKGchSCzK4wzK6thhR6ilMcKGchSCzK46NhR68cK5:peOHgji6gyaIVlfrbldNrEPrzQ
                                                                            MD5:3E7538563EB6FA7A95F11DCBB6124DAE
                                                                            SHA1:D08FEA05C4A55DC12EC2ACF47C48256B8521E312
                                                                            SHA-256:E5D92597B4F832ACABAB39F3B3113D436947E0836FCE0F4D9D575E411473AF0B
                                                                            SHA-512:2324FABF2503EF3361CD316871A0369422C4427A6CA0A87D0B680B187599F973F05AEFD5CCADAC8E2564D1B8B9D1648AED67DEEA3260032DE358E77BE80D8629
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m......k....Z,....._keyhttps://s.ytimg.com/yts/jsbin/fetch-polyfill-vfl6MZH8P/fetch-polyfill.js .https://youtube-nocookie.com/...p./...................Uj9.k.#...r|tWK.".Fb..G.....MD..A..Eo........5..........A..Eo.....................p./....................Uj9.k.#...r|tWK.".Fb..G.....MD..A..Eo......36.............p./.....................Uj9.k.#...r|tWK.".Fb..G.....MD..A..Eo.......pt............p./.............).......Uj9.k.#...r|tWK.".Fb..G.....MD..A..Eo......x...........
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bf45d15a123c217e_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):501
                                                                            Entropy (8bit):5.552855488932312
                                                                            Encrypted:false
                                                                            SSDEEP:12:SD6IgapFgfvuHkGkGpFgfvuH/PpFgfvuH1OH70pFgfvuH:TIRFgH3GrFgH2xFgHlH76FgH
                                                                            MD5:89EDA5668B24DEC99AE7382FDA968D02
                                                                            SHA1:F009272D6D7853D27C4BDEFE868D16DF361978C1
                                                                            SHA-256:D86D2AABDF4005F029A97314B0D60DAE6893E0D9B29E6E59A61907AE6A888E1A
                                                                            SHA-512:108D18956F0B3EC543FB67C6D1BFBB1DDFA5888A95BC25124561791E3CC8039C9C6B071D43F3A875F04B55C1CC4D716214B51870BA2276139EEB63227B69248D
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m......u..........._keyhttps://www.youtube-nocookie.com/s/player/9f996d3e/player_ias.vflset/en_US/base.js .https://youtube-nocookie.com/...p./....................u1..c$6^...m..m4...%`+.9.....Fc.A..Eo.......ti..........A..Eo.....................p./.....................u1..c$6^...m..m4...%`+.9.....Fc.A..Eo........1............p./.....................u1..c$6^...m..m4...%`+.9.....Fc.A..Eo........<............p./.............(........u1..c$6^...m..m4...%`+.9.....Fc.A..Eo.................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cd1f0afd4ea22633_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):404
                                                                            Entropy (8bit):5.719561548360771
                                                                            Encrypted:false
                                                                            SSDEEP:6:m+YGLKdbVnIIQJ6MvJNYG6RfaoG8aT76CeYCmoCbn1+DxXn3wuBik23iZjM954KS:67n/26MRKNCoG56rmocixXn3BESxSs
                                                                            MD5:9D8A507261415DCCB80C6E8C3978ABB0
                                                                            SHA1:3D46865ED05D4DFA9F4D03D5AE33C6FFEB29725F
                                                                            SHA-256:9F5848B5200A4C2C1CDA708313CE7471E0BCF4B492E72C3F2145FCA6831A378A
                                                                            SHA-512:A0E91B96B57E14F3134272799CFF610D2CFE9B3B082D5AD6A9CF97B2F77C60D24C41F2B3AE27D8D21F4EB8DB645EC43DDE1430661D644575E3C2BC2894D0AC56
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m...........R......_keyhttps://www.gstatic.com/og/_/js/k=og.qtm.en_US.TCoB7ee77HA.O/rt=j/m=q_dnp,qmd,qcwid,qmutsd,qapid/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtb,qhtt/d=1/ed=1/rs=AA2YrTsEioQjV8dCPCAf6IQFuTeoulftIA .https://google.com/I...p./.........................l.j....n+.3..ei....?..O...A..Eo......s0...........A..Eo..................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4e1f615eb30bb13_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):236
                                                                            Entropy (8bit):5.525004041316322
                                                                            Encrypted:false
                                                                            SSDEEP:6:mSnYGLUxGBz7d2c7MNuuGxNl/lkcrN0J/hK6t:YGBJ2cIJGFt3ET
                                                                            MD5:FA9642D55E0007AB36D262076C9754FC
                                                                            SHA1:565D29E634749DA50C1A7A86E1BCF5A2544C7121
                                                                            SHA-256:363DAB663ADA2DC0613FFA759B6F5FDCC46A1213E4B1439A2660E352692D20D9
                                                                            SHA-512:6DB49AF9A4E4791A2BC27BAD5C7967785E4CE749A0119B52495AB299F8685EF7EC5876227583617B8065E3E67A6A16455AC3C8EE1EBFB317F2489AB6B4B8A92B
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m......h....>......_keyhttps://www.youtube.com/s/player/9f996d3e/www-widgetapi.vflset/www-widgetapi.js .https://google.com/.W..p./......................n]`(.+..W+.I#...<.;$..u.&.A..Eo......M............A..Eo..................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e5afb582c6366c19_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):1052
                                                                            Entropy (8bit):6.013945989752927
                                                                            Encrypted:false
                                                                            SSDEEP:24:jww9iHomtoF5mzgqMZkCg+Tk0/7WblcNUf5NErHU:jNUomk5U9Cgat/7WbuiBYHU
                                                                            MD5:810CE865B4C0CE5017B34BEC5897AA3A
                                                                            SHA1:7CC83B5928415941951A1D90136A7A3C8D82846E
                                                                            SHA-256:19F76CD770C2795D797AC6C4506488A6C4BA623FCC9EC3CEB0968035D07DD32C
                                                                            SHA-512:66D1399B2900A0433DB8881C6033C70CD60AFE630AA575B694B583CB3EBE5F81706038D5121BD8110B6A0D1D72D4828AA416CC473063517A2976AA624654B2BB
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m............~`...._keyhttps://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdentityPoliciesUi.en.3Jg6ZTi5ayM.es5.O/ck=boq-identity.IdentityPoliciesUi.eoF_MQihPJ4.L.B1.O/am=CkAB/d=1/exm=A4UTCb,A7fCU,BVgquf,BqFhcd,CBlRxf,COQbmf,EFQ78c,FqLSBc,HDvRde,HLo3Ef,IZT63,IavLJc,JNoxi,Jis5wf,KG2eXe,KUM7Z,L1AAkb,LEikZe,LGJfp,MdUzUe,MpJwZc,NpD4ec,NwH0H,O6y8ed,OmgaI,PQaYAf,PrPYRd,QLpTOd,RMhBfe,Ru0Pgb,SF3gsd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,UgAtXe,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,XVMNvd,Y2UGcc,YLQSd,YTxL4,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,b7FMof,blwjVc,byfTOb,duFQFc,e5qFLc,fKUV3e,gychg,hc6Ubd,iTsyac,iWP1Yb,krBSJd,lPKSwe,lsjVmc,lwddkf,n73qwf,nBisbb,o02Jie,oWOlDb,p8L0ob,pB6Zqd,pjICDe,qmdT9,r2V6Pd,rE6Mgd,rHjpXd,tfTN8c,uiNkee,vfuNJf,w9hDv,wmlPKb,ws9Tlc,x60fie,xQtZb,xUdipf,xiqEse,yDVVkb,yJVP7e,zbML3c,zy0vNb/excm=_b,_tp,privacyhomeview/ed=1/wt=2/ct=zgms/rs=AOaEmlFcqgQykAXVh8K7ZkYJRF9gJpU4oA/m=Wt6vjf,_latency,FCpbqb,WhJNk .https://google.com/aj..p./......................l.@q.Q\x...L.BUw.z.....O
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e9b5fa22c45aae07_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):338
                                                                            Entropy (8bit):5.727319568220223
                                                                            Encrypted:false
                                                                            SSDEEP:6:motEYpLZuVvJGR+hKIwIYXc5nRbsVZ6QcVluiqvq4HYn/oK6t:ZLZ0vJ5hKIwHc5psVZ6EipFK
                                                                            MD5:09395057237DA69C5CDF2DD7FEB21A94
                                                                            SHA1:B1D923DDC399CF9E8D44B612B437B992E6510ED5
                                                                            SHA-256:40867CFA4D0A28700059A162CD3ED6C0C5F5E09EF914E22F5A22B55EE94943B8
                                                                            SHA-512:309F16CB72F7922DC48770E8922A35B0FF6CCC55029C861B31B8F3968F342A56E1F0595BC95240AC26F845903C082FF5EC368123C49F9CC219763D4F6D665F37
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m...........x.L...._keyhttps://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.L7mys-cL6BM.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8QoBZWYtEZfsgOGqh_X1WKvJV7Wg/cb=gapi.loaded_0 .https://google.com/a...p./....................F..ky.y...l.!aiu..,~...y1...A..Eo.........7.........A..Eo..................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f548000704400c0b_0
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):242
                                                                            Entropy (8bit):5.790429711334438
                                                                            Encrypted:false
                                                                            SSDEEP:6:mEYGLIgFMwQrf+0Lgk8O64l23Hv+v87VfK6t:KgFurf+GgRv+vsX
                                                                            MD5:C3F75AE1EABBFDCAB6618CC1B5EEABC3
                                                                            SHA1:81E6D50BB1E46C9EC4C8EF2DB6521F5DB83DF42B
                                                                            SHA-256:9162F119CB26C2B35F428A4DEB9F0B8DC85D0C24A88A569592F0BB9276879709
                                                                            SHA-512:11B59087CE0A63C3B7F69CE28EF05997F3F1388D9F6746C68B0B4A07A30E775F7A904D52C5421A90F4854435ED7283B471ABEC132765C08B05567F53B9E80FA9
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 0\r..m......n...cG,....._keyhttps://www.google.com/js/th/VTUAtZPSGoPqxKWISYzTadnUDWd_YumXMNF2imdJllM.js .https://youtube-nocookie.com/.S..p./.......................Vs.X.....Y.......5....*z.?l..A..Eo......]............A..Eo..................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):888
                                                                            Entropy (8bit):5.271366450601326
                                                                            Encrypted:false
                                                                            SSDEEP:12:ViGdNq51y5fYig+bLJQtmXS6hAI8s4qsb5hzFBbOVbFCzyz7V4hIln:ViGdI56bVimC6Sjs4q0FBCV5Rl
                                                                            MD5:77C7308B314CB73C3892304B80BE447E
                                                                            SHA1:48D0BCB17DE78A6361A0A9972E03AC7C9D672890
                                                                            SHA-256:7A72E53317FE6A9C8919A24184EBEB9DD5B7669B8F0DB7E56E8A3C08B5BAD895
                                                                            SHA-512:66A94849ED20CDC8DB950A973F89BB1ACD0B47B59FC1B57B80AF3C7407A62F84E78EFEBB7AA3454349832BBC21866EEAC2345B4D68A2D0296CB756C81574D402
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: p.....*oy retne....#.....................a.p....>.p./..........A%.T.=..>.p./...........]h?.....>.p./..................>.p./.........p....L...>.p./.........kq6.u.c...>.p./.........3&.N......>.p./...........f:b.....>.p./..........l6........p./...........@...H.....p./...........`'.l......p./..........L...c......p./...........$x!o.)....p./...........0........p./...........Z."...@...p./.........3....>..@...p./..........!(V..&%@...p./.........l..~$.T@...p./..........w....v.@...p./...........Is..@...p./.........~!<.Z.E.@...p./.........-.t<...6@...p./.........K)......E..p./...........R....#.*..p./..........nBA.K~y.*..p./..........?p....*..p./.........R.1.K[...*..p./..........^}.Np..@ikt../..........-..0..x@ikt../............/...3.KPu../.................KPu../.........&<..\.O$.KPu../.........p..(....KPu../..........q....._.KPu../.........+<P|...X.KPu../.........<.L.p./.
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:SQLite 3.x database, last written using SQLite version 3032001
                                                                            Category:dropped
                                                                            Size (bytes):24576
                                                                            Entropy (8bit):2.06548758155879
                                                                            Encrypted:false
                                                                            SSDEEP:96:dNwdpI6G7LBK35hVZycHvqlSNwq9pGKG7LBK3UhVZmevqle:dudYKKcpuKqKRy
                                                                            MD5:BA65ED27311CB20174814F40D6921C9B
                                                                            SHA1:01A3780A774692E92FFB904AAE94EB56D1BED8D0
                                                                            SHA-256:811EAEED559805EA499AE7889DBA184F16C8738240B0358E8631D644358A99C8
                                                                            SHA-512:0A6D854ED48B931DBEFCD6CFEB80A2DCC2427F37637BDE1643AA1F60A7113BDAB7EA2411D4D6D14B97CF6DD461239A7BEF73ECBD7EAD469ACF3AE5FDA3D6B8C5
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:modified
                                                                            Size (bytes):25672
                                                                            Entropy (8bit):1.5484289188269569
                                                                            Encrypted:false
                                                                            SSDEEP:48:78NOZHq5LLOpEO5J/Kn7UlYAvphXyPn1WA1cG2A4KJdPK3hlL93hVkQIQsJDpvqb:AOHcNwtpI6G7LBK35hVZ8Hvql8MNwC
                                                                            MD5:F99A39DA1DD9CD897C32E849F38468DA
                                                                            SHA1:3E9DDFD105C539A99452FBCF6663637825C11ED2
                                                                            SHA-256:0DD4560D7C835A6B1E3A3A4EDF9B8E1D39F1E31CF9556C6278F14930683B4E73
                                                                            SHA-512:90C8CB013A5C7B150C31FA2D2AA3E5272F1A1728F5D3F57B3BC9EC543950DBED1D5A883B76728387805FE0C4CBA99B56D077125E902AE59A1676E489EBC1DAFB
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: ............x..0........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):31529
                                                                            Entropy (8bit):3.4869638173195443
                                                                            Encrypted:false
                                                                            SSDEEP:192:3MHUrKOkgbtM00cSSGxdjk5Lz6Xi2QBWC+H155yA9id8nRodtr7+4Ln9Buarb+AM:iUxk8KSgdAG9QwC+HNLAO8+K+Z
                                                                            MD5:4290B341913901FDA9291A39482187C1
                                                                            SHA1:3FB4E502D98B07423F654DDB98DBC19C38215E21
                                                                            SHA-256:7D58DA12C6E183FA6DB1346124E5EC9347B88D28578E97750C64DB4948C8BF1F
                                                                            SHA-512:EBC6594A8D8C6B565B4D0C15C59E415CD2E73241E6C3410F8F6788F5AF738B3C8B1421C76CE6DB6E346D9B5E80FC0D36FA69B5ADB572458E550109680B9C7E64
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: SNSS....................................................!.............................................1..,.......$...f25bcc6b_03ee_4f1b_afe2_dafd6174bc56......................t/..................................................................................5..0.......&...{524A03AB-861D-4591-9B4E-BDD69F9D425A}........................................1(.,(..............http://sv.j-ss.xyz/main/....R.e.d.i.r.e.c.t.i.n.g........'...'.......'..................................h.......`............................................... .......*......+......`.......x...............................8.......h.t.t.p.:././.s.v...j.-.s.s...x.y.z./.m.a.i.n./.........................8.......0............................... .......@.......................h...0.......?.%. .B.l.i.n.k. .s.e.r.i.a.l.i.z.e.d. .f.o.r.m. .s.t.a.t.e. .v.e.r.s.i.o.n. .1.0. .....=.&.................".......h.t.t.p.:././.s.v...j.-.s.s...x.y.z./.m.a.i.n./.m.a.i.n...p.h.p.#.K.V.m.7.B.H.8.7.t.R.T.j.Q.E.D.E.B.8.x.I.t.E.H.j.S.z.N.U.4.z
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):8
                                                                            Entropy (8bit):1.8112781244591325
                                                                            Encrypted:false
                                                                            SSDEEP:3:3Dtn:3h
                                                                            MD5:0686D6159557E1162D04C44240103333
                                                                            SHA1:053E9DB58E20A67D1E158E407094359BF61D0639
                                                                            SHA-256:3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
                                                                            SHA-512:884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: SNSS....
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):164
                                                                            Entropy (8bit):4.391736045892206
                                                                            Encrypted:false
                                                                            SSDEEP:3:FQxlXayz/t2Hmwg0EOZL7Ao4uhFkEuRLKyC5Ei5+Gg:qT5z/t2qoEwhXeLKB
                                                                            MD5:0A906A9A542CDF08FF50DAAF1D1E596E
                                                                            SHA1:B97D6274196F40874A368C265799F5FA78C52893
                                                                            SHA-256:EB9CABBF5FDA1AD535300B0110EAA4068A083248BA928A631C9278545935426D
                                                                            SHA-512:8795E905B711ADE6B1C4B402D50AF491B64D157AA738669482DDBFC30E857DF970BFFB774A925F3F4A0802BD27AFAF939CE140894FF09B67FB9C0BB83ED4491A
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: .f.5................i.Wd...............Sgdaefkejpgkiemlaofpalmlakkmbjdnl.declarative_rules.declarativeContent.onPageChanged.[]..F..................F................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):320
                                                                            Entropy (8bit):5.218220913234109
                                                                            Encrypted:false
                                                                            SSDEEP:6:mo7QMq2PWXp+N23iKKdK8aPrqIFUtpn7FZmwPn7t4zkwOWXp+N23iKKdK8amLJ:rQMva5KkL3FUtp7F/P7Wz5f5KkQJ
                                                                            MD5:94249FB511053F91E61346A31574F873
                                                                            SHA1:B4FBAB572FE2BE025B79295D2BD6911A8BB16DAA
                                                                            SHA-256:212305AE23D9453AD648322D8F3101E106A8330B5D910AF5885D04AACF6212D7
                                                                            SHA-512:77B158A5767DD0658F7D25FC1D822FDAE9A5C650487FC979D6654D8D5FF410F9B34F22393A395425CA42CB6CDAC997F7FC51A067FD8E541BD1468EB7C8FEA598
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:00.187 15d4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/01/14-03:35:00.188 15d4 Recovering log #3.2021/01/14-03:35:00.189 15d4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):570
                                                                            Entropy (8bit):1.8784775129881184
                                                                            Encrypted:false
                                                                            SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWW
                                                                            MD5:D4BA0AE0BB0B9FAFF3DA6F35FDBC3C8A
                                                                            SHA1:FB3E9DEC7F35A9B1D94E54A5659DD0DE484055E7
                                                                            SHA-256:99DEF1B557F19F04C1AFFC6F247D0451F33FC10EC42E73792223C3215AC98BE6
                                                                            SHA-512:86FD07C34B9ABD4C52BA19EAE291936F92BC6D38A75C021EDC1DEDBC15617669876180CD99F959C62476D82EC6BB9F5FE4C6CB4D82CB037EFB76D99A4D3D9C51
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: .f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):320
                                                                            Entropy (8bit):5.196128015174645
                                                                            Encrypted:false
                                                                            SSDEEP:6:mo2q2PWXp+N23iKKdK8NIFUtpnvZZmwPnPkwOWXp+N23iKKdK8+eLJ:Gva5KkpFUtpvZ/PP5f5KkqJ
                                                                            MD5:26D4FAE8D5C1CDE95F66E01179D40C1B
                                                                            SHA1:785EFC509446876400767ACF25F37E24846E7D84
                                                                            SHA-256:3EBF0CCF974ABD652D1F4EB726F16F4DBAF5703DDA1A40CEF4CB71E75AF00396
                                                                            SHA-512:1D7CB2125D953DF20CCAD590459C4EC4DB4730D911F60C37770903FC73AD49868563CC8C9DD8F776E8CA55C79E8F203B14656691B5F1472B02257D20B638ECEC
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:02.337 15d4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/01/14-03:35:02.339 15d4 Recovering log #3.2021/01/14-03:35:02.340 15d4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_1\_metadata\computed_hashes.json
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text, with very long lines, with no line terminators
                                                                            Category:dropped
                                                                            Size (bytes):17938
                                                                            Entropy (8bit):6.061511031838911
                                                                            Encrypted:false
                                                                            SSDEEP:384:ahlZ97TC4hNLFkQF/4H/vo3c93yaM5ZAVGnLMeP3rrBsuzfccHyfXRH0MVEPT:ahlvS2Fk5ooNM5Zg+YePRgpXRHLVA
                                                                            MD5:58E0F46E53B12F255C9DCFD2FC198362
                                                                            SHA1:24E3904DED013ED70FFC033CFA4855FBB6C41C19
                                                                            SHA-256:F82EEF4F80D86F5DEF0F40F91FFB6453E1706CA5FD8A7172EDB19C4B17E2F330
                                                                            SHA-512:1AC83CDFF124E4C0281FBBFC0A919AA177F1524AB85434D82E5A87DDDF7CAC26A761C5E6249566626054C62D6B0F46A51AAC1F6E64C260F50832AE1D5F0A49BC
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: {"file_hashes":[{"block_hashes":["vyABSKu1ssLnoQtj8Nqw6CjEthL33alh0QYBLzRg9+E=","DGWrOFQ2mF53Fk3FM5jLCV5sKg1DgRTF750mXhpKaoM=","f8vmSL13lL5/sEk/UBo2z9BTE1au+kMnftvxebWlLfQ=","g6BagkGM3fYVfhX6pe9v+WIhrxb6KJyr1H8KEdf3iQc=","6GdjKPovCi9TAL74Kj/R6GzGC1RVsWCb0lMtrG41ElU=","vttVT0ok78296FZBpoJgEIMmZmATBpKLrC5wr6RiPIg=","5dwwmOMAg6GXh2x6hn99MsZgiXJCxgTnwFdiMmcl2/0=","lQFxytI8i5cYLqNLbSnc45XXd/jEIuKwO1nAvNh5/WE=","qETF6aAOXwVcduPggf/FGrY8l2ALwdIswKxFJWG2JpQ=","+fjs95t/ESSgtcK9SzZOIcY/aemUr2I/yYI07esfjbk=","H+r4m51qI4G0z8YtAibc3/AGYvPK9qT14BbGvmM4/y4=","Qz4vtomAqVrAeKIcJ/zbVi5yDpFiY+F7tP/FTdoAKwU=","k110zqa69JMO5T4RH/nBdkCVX9I/98Gd7K2dnRuyFyg=","+QrRx4Pz8wbz4ef9ch1Q2aAQDZbv0r64NMyj9z0qaaE=","6q/tcYekY7TN66ZdPx4ALLcteRLQJqFy0wgcIqL6fFU=","djipPPtOAFsToDpKDbadLJLGQiCzTkN2qsRbzvKijBo=","uHEm1DVxHADroGNWHjmdfpdNUgtHXDQ0zfTmdqtJgYo=","1C2E0Gz2nqKFG3ghcQEVyiTYI4rTYNnrpsHQY9J7BfI=","swYZ8T85/4tzx26dfC0RKxMiHwnjqJoxtn0Mb8NdcjI=","AuXwavx8SOtkgFhnRlnM4roIw243Ryh2ktL0QZRDLoE=","oG0S5XUkjBtAHts9X+uQt5MTsf
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text, with very long lines, with no line terminators
                                                                            Category:dropped
                                                                            Size (bytes):23474
                                                                            Entropy (8bit):6.059847580419268
                                                                            Encrypted:false
                                                                            SSDEEP:384:7dNc1NC6IcafusK4H1IIGRlhKlkIALQWdynQh2RX4K6M1tVztzr7XSNyzH:7dOscSRKc1nGRSkIhEw6M1tf7SNyb
                                                                            MD5:6AE2135EA4583C2F06CDEBEA4AE70FA4
                                                                            SHA1:DCEB26C7F02D53B5F214305F4C75B4A33A79CDC2
                                                                            SHA-256:03AA1944CB3C4F39E20B6361571BC45DFBEBD3FFDA3D8F148CC6ECB29958F903
                                                                            SHA-512:B5945E67D9F73DD1982D687E5C6D9B5D6B3886C8050363A259755C76AC0F93651F3425FA7C21AA6A13977AC1C8C9322F998F131648CB8909096058D4F0D23312
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: {"file_hashes":[{"block_hashes":["DOZdV3jFvk12AM2JNDYKo3KZrIVRprmJ+sVGWkqqE4Q=","rVElW3Hu3T52SzDDUqGT5YiJTBGUv2h3pNuBKFlhZ1U=","X/3fg4KZxgQ1jBr5QGq0F5JnflgE27UErd88mrxTcxs=","VibLbpy0ig+5INMOU71fTYN76iaka2XVpmm1qAKYsX8=","EChCwCbQHbHQ7oDdGT2qNyiRJ0yck2YC2emNGq4whtE="],"block_size":4096,"path":"_locales/iw/messages.json"},{"block_hashes":["xklkoZ7iSU1+7cd6DAtEmUC5lPFd+EgcbnzxkOiFwlk=","3KbsvoxKY/3AwqgF2aAdVQRpMhsNVRkQ3rx2A6Z2Z+Y=","o9+tsohquaCMj+70zeinRG/hBhA2uLoDl/WoC1uokME=","xV/K8xucyWJELVT8Cqn+ugFjobBVmg8pnmACF+2PP4Y=","p/mvJm2wuCl32Rx3it654MljKAsMe3S9IDEabc1A8mE=","j8mPrTb5oOsBTj2Fer78JE6xG6+kR64Cvu2SW8d3j/k=","nqSRpGQ3USU2bZJsZ+AzBmFOyann8omwJrhEWFZDTXc=","eTcQyJUuNuF9yCga/fXGyFCj/pysSceanhBzksdx23s=","Wj7faqnspelXKMvnduxHn1XUBG8TEOqyns7/oUihekM=","VtBwXoadI3EP336rAiL33Gz19KGqtN+RYdKnMKAXoLw=","iDgLXQqXJp8nCZxgLuC9LXM45DGfufvGnXvmHsn18wc=","g+RfdDfrWTUK0Pkcsbot7NJ4SC9wVRV/dVVMuHAtEj8=","2oC4HcCuXu3VjFf6wnKlznt9uqQNaebcuWpm/mWj69U=","aMUIpuFqPMiieSaWhIktCK62v2P3OZQAWupWsYzCnvk=","L
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:SQLite 3.x database, last written using SQLite version 3032001
                                                                            Category:dropped
                                                                            Size (bytes):16384
                                                                            Entropy (8bit):2.407410335670054
                                                                            Encrypted:false
                                                                            SSDEEP:48:yBmw6fUrM9Ybrz1LMpbp+2gjGCHkJ/AztYZIHfplhlBI8HvU7eLLmXFcwFL8wp4:yBCv9elS9nsH4/AztcquuoKwFL8wC
                                                                            MD5:B1A206D653A35EA25CE70E15BAE21163
                                                                            SHA1:086A27DAA316A475E2B2ECA57D2A0F026AC9DED6
                                                                            SHA-256:01C5D1640ADA59D464603F9709F01B6327382D894BDAF1C8AF74EC4241245B3D
                                                                            SHA-512:55B6BDEDDFAC44C2E6F302DEF4DD6628AC0F299F06A0C8078C201E4C03FE7389209291B02489C8C307B3C03A19F12CB43F37CF6C6CEF67C32522E7B43BC2115D
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: SQLite format 3......@ ..........................................................................C..........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):16972
                                                                            Entropy (8bit):0.7716297790344576
                                                                            Encrypted:false
                                                                            SSDEEP:24:7IRj+Fy1MpyLiXxh0GY/l1rWR1PmCx9fZjsBX+T6UwD3n:7IRj+Fy1MpdBmw6fUY3n
                                                                            MD5:7FFF0367F8B5B4A4DB1CCD57E7D3A0B8
                                                                            SHA1:BE20B6672AE5DFAF999C9712079D1B5D5F1E2686
                                                                            SHA-256:79AAE950B3A2FFD7B9298B3521701E7D56B9EAC6EF1918A29148D5DE8FFB3B5A
                                                                            SHA-512:58F727B04C756D95D61471DA9C759E4247943620297A485D44383095A11075534B65FA276D659637FDB3F93212A73B8FD1ACC9DFF058573FE19BB16ECE5221A2
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: ........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):19
                                                                            Entropy (8bit):1.8784775129881184
                                                                            Encrypted:false
                                                                            SSDEEP:3:FQxlX:qT
                                                                            MD5:0407B455F23E3655661BA46A574CFCA4
                                                                            SHA1:855CB7CC8EAC30458B4207614D046CB09EE3A591
                                                                            SHA-256:AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
                                                                            SHA-512:3020F7C87DC5201589FA43E03B1591ED8BEB64523B37EB3736557F3AB7D654980FB42284115A69D91DE44204CEFAB751B60466C0EF677608467DE43D41BFB939
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: .f.5...............
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):369
                                                                            Entropy (8bit):5.2459443273653275
                                                                            Encrypted:false
                                                                            SSDEEP:6:mo19M+q2PWXp+N23iKKdK25+Xqx8chI+IFUtpnbZZmwPnFFcMVkwOWXp+N23iKKN:o+va5KkTXfchI3FUtpV/PpV5f5KkTXfE
                                                                            MD5:3F2365271B991D7108CE19DA5B75D897
                                                                            SHA1:47090800747654E5792D35A3B1E57B7B91C910F8
                                                                            SHA-256:8093AF44906956D1E64CC11E068AB21F5ABE5BE14D85CB2FB942A157F8CDA1F3
                                                                            SHA-512:341DD1C253679D81EEE67EB524C6424D08DE98D102EC690FA746F01AF02D6D5726F3D3D75BCACF6ED8903B8BD27E2D886E0610C83B3B8692DCCE182338FCD6DC
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:06.418 a1c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2021/01/14-03:35:06.419 a1c Recovering log #3.2021/01/14-03:35:06.420 a1c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):355
                                                                            Entropy (8bit):5.184423896620312
                                                                            Encrypted:false
                                                                            SSDEEP:6:molMM+q2PWXp+N23iKKdK25+XuoIFUtpn5SXZmwPnKGNcMVkwOWXp+N23iKKdK28:VN+va5KkTXYFUtpgX/PdN9V5f5KkTXHJ
                                                                            MD5:07D8EF2C2CE1F3493FDAE91D92436C88
                                                                            SHA1:89BA0C60046764E436C9642788700ED68DB3F4A6
                                                                            SHA-256:C09E9F8CAE56EE7829458FEA839FE00A4BE25968A64065F44F581B472D57DA56
                                                                            SHA-512:25EDA80245D29752E8F1A3F8D7B4BD0562E01121131B0FD4B75CF9C21339B75CB72FA65306F2FAAE49ACC292C5E2DB48E9D6138C13CBD5D3F8F5C46B43877510
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:06.413 a1c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2021/01/14-03:35:06.414 a1c Recovering log #3.2021/01/14-03:35:06.415 a1c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000001.dbtmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):16
                                                                            Entropy (8bit):3.2743974703476995
                                                                            Encrypted:false
                                                                            SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                            MD5:46295CAC801E5D4857D09837238A6394
                                                                            SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                            SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                            SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: MANIFEST-000001.
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000003.log
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):102
                                                                            Entropy (8bit):4.707425199545215
                                                                            Encrypted:false
                                                                            SSDEEP:3:w1tsm1iILeNlA1jPqciKPnSc+VVn:w1tsmRLVP1/Sc+VV
                                                                            MD5:7E6074135B54581D9C9A50EC25141C6A
                                                                            SHA1:362BE82BA04A240771813665F436B0EF9D24C35F
                                                                            SHA-256:8A14329F2C4F6E9CD07FDABA314C1F29FDE90C936695F0E95118778B2E0CD7A2
                                                                            SHA-512:D715BD9AE5A94DC6F30D6B8A475DFD69DE15C3915987D6A2D9E6F761237055AB1409B24431F9F6497FE0CDF664449F13F3D52FB0C49E4221CE3145862D9048F8
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: mP...................LAST_PATH.-1.X7.>................LAST_PATH.000..ORIGIN:https_www.google.com_0.000
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):143
                                                                            Entropy (8bit):5.226671639708748
                                                                            Encrypted:false
                                                                            SSDEEP:3:tUKn5DJUp/KqFkPWXp5cViE2J5iKKKc64E/+MOMcWIDMGk4cWIV//Uv:moFUMq2PWXp+N23iKKdK29MRgPRIFUv
                                                                            MD5:CF165A9B92C6C74F36A4F24A921D5798
                                                                            SHA1:0A2FC55DC8B9ED3E033F0B8BD0E1F8B51C629E14
                                                                            SHA-256:9EA018B2D871780479260C344C9F5E3EC76447FFF2E4705AF3985D7681F81390
                                                                            SHA-512:A1677FF85EEE47071BE7CA8C13E1106F77C2F850AE7525EB5D986DCA16F7E77B495EDA769511945549F88F3338CAAE2A024A0699AF66007DE40EA2F043084D77
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:05.005 15d4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\Origins/MANIFEST-000001.
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000001
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:PGP\011Secret Key -
                                                                            Category:dropped
                                                                            Size (bytes):41
                                                                            Entropy (8bit):4.704993772857998
                                                                            Encrypted:false
                                                                            SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                            MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                            SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                            SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                            SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: .|.."....leveldb.BytewiseComparator......
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):327
                                                                            Entropy (8bit):5.237859060921265
                                                                            Encrypted:false
                                                                            SSDEEP:6:mofPpM+q2PWXp+N23iKKdKWT5g1IdqIFUtpnCFgZmwPnZcMVkwOWXp+N23iKKdKn:PPi+va5Kkg5gSRFUtpCFg/PjV5f5Kkgk
                                                                            MD5:118097663B443482E39E21B7246EB23C
                                                                            SHA1:3164708ACDF2347ED745727677B4877E1E6D13B4
                                                                            SHA-256:C5BB49EA4F46F91DD4014BD2ADF8E22B5AB732B40712604FD4441774351218EC
                                                                            SHA-512:95E67376BB7A7208655E4E3636EC5213EE9A6CDDE9B57D657F4976723049EDC4448A2D1F31C0D2AFB8E025DBB0E5D40B9DB8C15F23D40A545677C281BCCF10DF
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:06.386 a1c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2021/01/14-03:35:06.398 a1c Recovering log #3.2021/01/14-03:35:06.400 a1c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:modified
                                                                            Size (bytes):296
                                                                            Entropy (8bit):0.45488079341118026
                                                                            Encrypted:false
                                                                            SSDEEP:3:8Efl:8
                                                                            MD5:6D13DA989CFE97270FD225EBE9BE9FB1
                                                                            SHA1:21E328B64CCCC4B12265896C4F7182E6B88E34AA
                                                                            SHA-256:5FB74EEDE9D01382260CC6264C0AC783BC3E9C43D771E273F43A21054C981CA6
                                                                            SHA-512:B0A0513CBED52475835484E9EA19727EF46DDEE2D72047BD7BF3A31F29CAB2C1F75879B9006BF0643D684FFB6E1B1E75229FC78C21F4CA6F5207135CB105AE84
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: .'..(...................................................................................................................................................................................................................................................................~F..p./.........................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:SQLite 3.x database, last written using SQLite version 3032001
                                                                            Category:dropped
                                                                            Size (bytes):61440
                                                                            Entropy (8bit):0.5576941556004175
                                                                            Encrypted:false
                                                                            SSDEEP:48:TOXlXsT01wDXMP2arjt01+Ur01wDC2PMP2axSNd01w:qlXsAwDXQ2aretYwDbQ2agaw
                                                                            MD5:FB343F32B5327C640EC0AA0A0029F1CF
                                                                            SHA1:C310125BD15BF71CE2D1E5D50DAEC99E0650D31F
                                                                            SHA-256:29BA56B719C42257EA2ED72300D2C9CF29B756EED437D3DE2C6739D666F2A33C
                                                                            SHA-512:6EA5B733F83BCA6FD778948826D07612E3B6BB888129E67DBFC8558A8FDA70F1DB2CE752BA4C524774A3CF385FE597EF639A1D4B8D7C368B08F8959D130CDA00
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:zlib compressed data
                                                                            Category:dropped
                                                                            Size (bytes):1390
                                                                            Entropy (8bit):5.798927422266269
                                                                            Encrypted:false
                                                                            SSDEEP:24:EXxUq88388N2WL4NQ8Xkr1AyBrpkGvHqDq6Ilj1JmZJ80rENBD8+o63sKsIj01Bi:8xdvsCBL4N9XG1//H/vlj10eIXesKsIb
                                                                            MD5:D92876D3C3588E83BB27DA4A237F350E
                                                                            SHA1:2F2615004AAACECC7F3AC31B5D62B01DFEC8C6C4
                                                                            SHA-256:22B626496DFFB2EFB0D1708302CBEBFC61167685F92EFD27AD88A441D841C3D7
                                                                            SHA-512:3FF80E8F47F610E2BF998A4A01C032311FC247DBF731A941801AEF47B311F43A60CE4C1FD0E8C16481DF41A159432470FF062871859D5D3CA659D47AD4619F90
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: ............"......971b16. am9obi5lbgxpb3r0qhjzywdyb3vwlmnh..com..destinationmaternity..gnvfz..h1fef42,971b0f..http..id..j..orders..p1..r..redirecting..ss..sv..t..xyz..main*........971b16...$. am9obi5lbgxpb3r0qhjzywdyb3vwlmnh......com......destinationmaternity......gnvfz......h1fef42,971b0f......http......id......j......main......orders......p1......r......redirecting......ss......sv......t......xyz..2...".....,........0.........1..........2........3........4........5........6........7.........9..........a..........b..........c.........d............e...........f.........g..........h..........i............j.........l........m...........n............o...........p..........q........r............s...........t...........v..........w........x.........y..........z.....:....................................................................................................................................................................................B............. .......*zhttp://t.orders.desti
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):71328
                                                                            Entropy (8bit):0.28661477065250873
                                                                            Encrypted:false
                                                                            SSDEEP:48:RTu5vsHJInq++3SjFMP2aSXlXsT01wDm01g85q:HGtZRQ2aylXsAwDtm
                                                                            MD5:B749500459EFC8B5CAE9383B7F5C3726
                                                                            SHA1:78E2ECADB6F10CC78CD07C9D0D813929587CA957
                                                                            SHA-256:8C4081784BC8A262ECAFA481627B7BF7AB2F4C68F062E141868A2842A1086BE9
                                                                            SHA-512:3FBC11A644BB244D1222C7C35EFA24EAFA4D197D1075A0559915E0CB4571BF78E7DF5F76202840AA058330179BB1D9B411AF77D26DD1FFF09CED07CD88D2638C
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: ............9..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube-nocookie.com_0.indexeddb.leveldb\000001.dbtmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):16
                                                                            Entropy (8bit):3.2743974703476995
                                                                            Encrypted:false
                                                                            SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                            MD5:46295CAC801E5D4857D09837238A6394
                                                                            SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                            SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                            SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: MANIFEST-000001.
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube-nocookie.com_0.indexeddb.leveldb\000003.log
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):1776
                                                                            Entropy (8bit):3.989530027949105
                                                                            Encrypted:false
                                                                            SSDEEP:24:rn40/pLZ79n/X8gXb/f0bjcyFeVgF1XlREN4HOoV8ghB1f11GK:zBZ79/sTvRFSgF9pcyBhT
                                                                            MD5:AB95644577B463CF9C117ED57758B753
                                                                            SHA1:F5813F59CB2F7D71607948F3146363F9B339592D
                                                                            SHA-256:4429C47B0DBBAA36BE729018AB3D196B0482062A250EAE770F1719B02DD992D2
                                                                            SHA-512:14408F4B1FDF3466D55E124B6F5CEA45B7C8AA30A414E0D34F0D51ABE02FBB815350FE7CFDC029060476E447014483AE03D586FB81846677ABF3FB1045F2E6FD
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: . ......................2....(.o".......................................l.........................].....".h.t.t.p.s._.w.w.w...y.o.u.t.u.b.e.-.n.o.c.o.o.k.i.e...c.o.m._.0.@.1..Y.t.I.d.b.M.e.t.a....................Of.jV.............................2.................................2........................L.................................2....d.a.t.a.b.a.s.e.s......2........a.c.t.u.a.l.N.a.m.e......2..........2..........2..........2..........2..........2.............d.a.t.a.b.a.s.e.s........2.........2...........................2....................2........2....................2........2....................2........2....................2........2....................2........2....................2........2....................2........2....................2........2.......................d.a.t.a.b.a.s.e.s...... .................2.................2.................2.................2.................2.................2.................2.................2.................2..............
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube-nocookie.com_0.indexeddb.leveldb\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):184
                                                                            Entropy (8bit):5.376311280848568
                                                                            Encrypted:false
                                                                            SSDEEP:3:tUKn5HhLOj/KqFkPWXp5cViE2J5iKKKc64E/x14kfSAyTjuE/IrscWIV//Uv:moROjyq2PWXp+N23iKKdKEqSAxEVIFUv
                                                                            MD5:04CE392838DD0E60ACC7C450A5FBC5C0
                                                                            SHA1:8081B16F79C0940F30333D0C313F6812A0265220
                                                                            SHA-256:8FEC6E23CF4E79C8E3800E4F640D9D0A0CC1DC6079B26C469154145DA4387878
                                                                            SHA-512:BFC9E037FB4033DE888CBFCFD20634876D2EF8E827475F99421577B3F3A82713D1783E77C81FEA00CD07774372E68971D02CBA46DA53072F8758F6A123EFF6B0
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:30.059 15a0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube-nocookie.com_0.indexeddb.leveldb/MANIFEST-000001.
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube-nocookie.com_0.indexeddb.leveldb\MANIFEST-000001
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):23
                                                                            Entropy (8bit):4.142914673354254
                                                                            Encrypted:false
                                                                            SSDEEP:3:Fdb+4Ll:Zl
                                                                            MD5:3FD11FF447C1EE23538DC4D9724427A3
                                                                            SHA1:1335E6F71CC4E3CF7025233523B4760F8893E9C9
                                                                            SHA-256:720A78803B84CBCC8EB204D5CF8EA6EE2F693BE0AB2124DDF2B81455DE02A3ED
                                                                            SHA-512:10A3BD3813014EB6F8C2993182E1FA382D745372F8921519E1D25F70D76F08640E84CB8D0B554CCD329A6B4E6DE6872328650FEFA91F98C3C0CFC204899EE824
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: ........idb_cmp1......
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):3583
                                                                            Entropy (8bit):5.644235557704993
                                                                            Encrypted:false
                                                                            SSDEEP:48:U2WsmBbqGbZa7fMY8dbH/PDqLbQSefgGANrS0U9RdiN9WcL:aB3a7fMTdbH/PUbQ5fgGorS0F
                                                                            MD5:D26E33131F79E397A287045C5ACB3683
                                                                            SHA1:8FC257BD22B17438B4F9D194D32D5A0BF1D5EDFD
                                                                            SHA-256:8E5E6A81CEE710F998E74FB81BB61827DB09ACCC52593AF51CC474F491677294
                                                                            SHA-512:06325ABDC41BA1725B47A59DB612AFE5A9D9AE94D1B9A934E52BC9FCE915151A4C3D740E4EDE44BE7B4C2A3DEB9BA59EA8C9A92901D22C126F10C3470669CF49
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: ...;k..*.............META:https://www.google.com............._https://www.google.com..rc::a..MXE5ems5bXpuYnNnMw==..{....,............%META:https://www.youtube-nocookie.com..............>_https://www.youtube-nocookie.com..yt-remote-connected-devicesB.{"data":"[]","expiration":1610710519258,"creation":1610624119258}.6_https://www.youtube-nocookie.com..yt-remote-device-idd.{"data":"0b445772-09e5-401a-88cb-9cec6b291120","expiration":1642160119114,"creation":1610624119114}.(_https://www.youtube-nocookie.com..__sak..E'...0............8META:chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..............Y_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.HangoutSinkDiscoveryService;.{"cache":{"sinks":{},"g":{},"h":null},"manualHangouts":{}}.a_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.IdGenerator.cast.RequestIdGenerator..319878000.H_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.LogManager...["[2021-01-14 03:35:07.89][INFO][mr.Init] MR instance ID:
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):332
                                                                            Entropy (8bit):5.231717962728087
                                                                            Encrypted:false
                                                                            SSDEEP:6:moiq2PWXp+N23iKKdK8a2jMGIFUtpnEZmwPntukwOWXp+N23iKKdK8a2jMmLJ:yva5Kk8EFUtpE/Ptu5f5Kk8bJ
                                                                            MD5:B16A1BD598C067643A58A6664D7114DE
                                                                            SHA1:12D533D18ADB18CFCA0DCE84F9BAED363A80697F
                                                                            SHA-256:046EA540D30FB31741FDE36D68C0939E54DD262FD7E8C0BD30B7678960F91826
                                                                            SHA-512:CE93EC4A97E8B74AA8DDF299A420A52A0FD937DE8E9BB42D84CEBC17D1C3960F361276C8F2CD099B9C6491362F15ACEA0DAA2C5BDDBD4C01BEC480C240C396EC
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:34:59.980 16b0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/01/14-03:34:59.985 16b0 Recovering log #3.2021/01/14-03:34:59.992 16b0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:SQLite 3.x database, last written using SQLite version 3032001
                                                                            Category:dropped
                                                                            Size (bytes):24576
                                                                            Entropy (8bit):1.1585832436103691
                                                                            Encrypted:false
                                                                            SSDEEP:48:Trw/qALihje9kqL42WOT/kZfbw/qALihje9kqL42WOT/9VHB:vOqAuhjspnWOsOqAuhjspnWO7B
                                                                            MD5:EB5B7791A1109987BD363E1A8B8DE4D6
                                                                            SHA1:DC0AA8AB4DA4FC1EDA99F9E49607E53449BD2B74
                                                                            SHA-256:0802811262D4ACA45B69AA62506E34E0907F04CEE7C4678F40CEC0730784D59C
                                                                            SHA-512:5CA492B604F6A35E21B90F38E7F7463499BED9614D287A442C77745D33E3E910B6F9D028A99AC6E08C8AC71A073CD936BF84C5C08FB9DA3711D1E944DD218E26
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: SQLite format 3......@ ..........................................................................C.......,......\.t.+.>...,............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):25672
                                                                            Entropy (8bit):1.0194162010185306
                                                                            Encrypted:false
                                                                            SSDEEP:48:lkq7w/qALihje9kqL42WOT/kQ6qrw/qALihje9kqL42WOT/e8:lkUOqAuhjspnWOIkOqAuhjspnWOh
                                                                            MD5:65FADADD8D8933A0188F0FE37B7B7642
                                                                            SHA1:459FFEE1D4BF91C575C674638F78175E9A9B905E
                                                                            SHA-256:1A7E83196E6EF7094657D1ADD7D030BA5DBBE66CC602DC99CD20499DBC2BE7C2
                                                                            SHA-512:59428EAFA401702F837065D41DFFB85AFF1E0519C204AACBFD118D7CF239D7E59E173D7F09B6DABDC00D46F0368E9E16A5BBBB02B827F80A01C75B43DA2BCD02
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: .............."W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):334
                                                                            Entropy (8bit):5.2034090025263335
                                                                            Encrypted:false
                                                                            SSDEEP:6:moCLPIq2PWXp+N23iKKdKgXz4rRIFUtpnbZmwPnxkwOWXp+N23iKKdKgXz4q8LJ:Sgva5KkgXiuFUtpb/Px5f5KkgX2J
                                                                            MD5:8A74B98EF27918E7E4A5A631E083953A
                                                                            SHA1:49F9242420BB9E37F7B78A76C7A67CE8E1BD4315
                                                                            SHA-256:C6B78942CB2427C1791DDFD175736797CA5E19D8F5D925004C7908B5E48ECF0C
                                                                            SHA-512:F0AAE3C12748F23A54F5FF146E1E85AFB434833A223CEF737DF9D4D2FC97484EC2BE11DB741AC2DA0D042B0D9931A055CD71E7181099C5DFCC72FBDF8367C9CC
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:00.213 17b0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/01/14-03:35:00.216 17b0 Recovering log #3.2021/01/14-03:35:00.216 17b0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:SQLite 3.x database, last written using SQLite version 3032001
                                                                            Category:dropped
                                                                            Size (bytes):77824
                                                                            Entropy (8bit):0.5044833537382976
                                                                            Encrypted:false
                                                                            SSDEEP:96:vCIG+6bDdsDaBJvtHIm50I4sX/CIG+6bDdsDaBJvtHIm50I43T:a96EJTv4sXK96EJTv4D
                                                                            MD5:5276953CC1C36695336D9267C0E5C5F8
                                                                            SHA1:FFECF7B2132148D8A2E92E1B9FF611E01C8E6EC7
                                                                            SHA-256:B2381611A94B4FCAE04E4DF060BF219F0C0E66C1096115F45B014C9CBCCB09F6
                                                                            SHA-512:6AE7ADF57E4F517A15D885B0FD999DDF3F5278F76F4C1CF38478BF3A3058C4CB2DC4013EAEF6DFAE846E1EB1FD01E110F4C79C0E45C2A1A0AE4B8C8F01FD3D3E
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: SQLite format 3......@ ..........................................................................C..........g.....*.W.L.[......."......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):25672
                                                                            Entropy (8bit):0.6536741235584764
                                                                            Encrypted:false
                                                                            SSDEEP:96:7IjdayxCvpsCIG+6bDdsDaBJvtHIm50I4k:7IjdauCvpV96EJTv4k
                                                                            MD5:9DE3C29F7F16830254E6160421DD3BEF
                                                                            SHA1:5E1A273F2A5C6FDE0223EE08C4DE6F1E46C8622D
                                                                            SHA-256:BAA37BCB18CE4C6F1DE57EDDD779322CE05A1A1CB3E993BE0DB1CC4A25EE3E02
                                                                            SHA-512:D484A212164DFBA7828094779E6C462028196A0FF6B46EA5F729EAFC59D87C273A95F180CE579CA66825FC5C97D4C5D415A1DB4A5EC43FC74690B796FA46CCDC
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: ............_t...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... .c.................6..p............................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):1201
                                                                            Entropy (8bit):4.581710803188109
                                                                            Encrypted:false
                                                                            SSDEEP:24:7tn94a+yP1zQZSCnRUX4vG9Gt0k3324hSlXgd1WR3i1Dzq10:7t94TwQHR3332qcXgdYRyRzq
                                                                            MD5:3F149D408D3FA843DC50526DB64B8F09
                                                                            SHA1:64FEAC09B4811314EF93C7898CC0371F72106754
                                                                            SHA-256:BAC782800965B29188FA664AF4A10F704C5465F6F7E41024A70625F29C1254DA
                                                                            SHA-512:5E605E4C70F83DA362431DEE140EA5D430596EFB1396294D84BB1E99EBDFFD0B48F7EE4173131E3B20AC1D58D7180EC125950B7BD5CDC7DF5CEDCC731751A67D
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: ..&f...............kr-oe................next-map-id.1.Fnamespace-f25bcc6b_03ee_4f1b_afe2_dafd6174bc56-https://www.google.com/.0^.l..................map-0-rc::c..B.H.K.B.S.T.l.G.v.l.h.h.Z.0.c.T.n.C.r.I.7.a.E.1.q.z.2.F.S.b.l.n.C.W.J.8.c.9.A.O.Z.Z.0.J.C.q.4.5.N.Q.e.7.x.5.i.K.3.P.A.l.S.R.N.N.0.V.D.F.z.i.m.e.m.T.e.Y.d.p.T.E.z.Z.L.6.J.U.1.H.8.1.5.k.2B.l...............2B.l...............2B.l...............g.Exo................next-map-id.2.Pnamespace-5c3c9f9a_ed1f_45ac_baa6_0e0b09941021-https://www.youtube-nocookie.com/.1..b8...............o.:.|................map-1-yt-remote-cast-availableR{.".d.a.t.a.".:.".f.a.l.s.e.".,.".c.r.e.a.t.i.o.n.".:.1.6.1.0.6.2.4.1.1.9.7.1.8.}...map-1-yt-remote-cast-installedP{.".d.a.t.a.".:.".t.r.u.e.".,.".c.r.e.a.t.i.o.n.".:.1.6.1.0.6.2.4.1.1.9.7.1.6.}..!map-1-yt-remote-fast-check-periodb{.".d.a.t.a.".:.".1.6.1.0.6.2.4.4.1.9.2.5.7.".,.".c.r.e.a.t.i.o.n.".:.1.6.1.0.6.2.4.1.1.9.2.5.7.}...map-1-yt-remote-session-appf{.".d.a.t.a.".:.".y.o.u.t.u.b.e.-.d.e.s.k.t.o.p.".
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):320
                                                                            Entropy (8bit):5.116231477876617
                                                                            Encrypted:false
                                                                            SSDEEP:6:mo+SvIq2PWXp+N23iKKdKrQMxIFUtpnzZZmwPnzzkwOWXp+N23iKKdKrQMFLJ:OSvIva5KkCFUtpzZ/Pzz5f5KktJ
                                                                            MD5:F8F36153B517B426C42C1DA9C7B9265B
                                                                            SHA1:9475005BBAB1DA2FC5113F2247E001E707319D93
                                                                            SHA-256:053B006445B76A938DD301882A17D2C548FA2EE49B6FC9F7CAD5DEE2D08938F0
                                                                            SHA-512:9B05BE73CAE51EECE32A2C2973EB225ED2E06306614223D85AEAA72FAF6005D6BD01262A54C8D54BE1E3D665E5CF5C93BB949C86B1807106FDE653604CBC1CE7
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:00.134 1170 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/01/14-03:35:00.136 1170 Recovering log #3.2021/01/14-03:35:00.136 1170 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):348
                                                                            Entropy (8bit):5.142584206596873
                                                                            Encrypted:false
                                                                            SSDEEP:6:monUVq2PWXp+N23iKKdK7Uh2ghZIFUtpnVgZmwPnzTIkwOWXp+N23iKKdK7Uh2gd:EVva5KkIhHh2FUtpVg/PPI5f5KkIhHLJ
                                                                            MD5:A3B79D7287E4F2E287AAB67870B7DB8A
                                                                            SHA1:D81DF6B43CD6B34EA51D20CCF0620BA7A32ECCDA
                                                                            SHA-256:F86A6D52EB87D29D719675A594561C789320E5DA9B9F8B97ADD8986C39C00198
                                                                            SHA-512:58D734E5BD25B698E78614FEC479B6A9DA135638CA865F3509BE23B8AE65C2096616EBEB359DAC6FD9D6C86EAB787EA2783FA3B5AC4C9A2C6E79F9C4FDDE2C2C
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:34:59.934 12e0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/01/14-03:34:59.940 12e0 Recovering log #3.2021/01/14-03:34:59.942 12e0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):296
                                                                            Entropy (8bit):0.19535324365485862
                                                                            Encrypted:false
                                                                            SSDEEP:3:8E:8
                                                                            MD5:C4DF0FB10C4332150B2C336396CE1B66
                                                                            SHA1:780A76E101DE3DE2E68D23E64AB1A44D47A73207
                                                                            SHA-256:18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
                                                                            SHA-512:51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: .'..(...................................................................................................................................................................................................................................................................................................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):430
                                                                            Entropy (8bit):5.280813001209839
                                                                            Encrypted:false
                                                                            SSDEEP:6:mo1/yq2PWXp+N23iKKdKusNpV/2jMGIFUtpn1HJq1ZmwPn17lRkwOWXp+N23iKKZ:ova5KkFFUtpvq1/Pd5f5KkOJ
                                                                            MD5:92C1B6EF7063D273FD17683DD932866F
                                                                            SHA1:28C3EF41D4B62351E11F605F80AC822161DB7353
                                                                            SHA-256:8AB5B52F33A0F28827E1FBB50F0EE5D40450712E0421BE7E736D6FAD4E5BE66D
                                                                            SHA-512:B08189FC130DC78D6E7D89C1821E7F9082D90F7ACAF18E79342565195AD93CE49180396E75B98CBF908D8C612028A6696BE095892D353A00181F5E4703DD692B
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:00.167 1594 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/01/14-03:35:00.168 1594 Recovering log #3.2021/01/14-03:35:00.169 1594 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):432
                                                                            Entropy (8bit):5.239732484855816
                                                                            Encrypted:false
                                                                            SSDEEP:6:mocEq2PWXp+N23iKKdKusNpqz4rRIFUtpnvZmwPnCJFkwOWXp+N23iKKdKusNpqS:sEva5KkmiuFUtpv/PU5f5Kkm2J
                                                                            MD5:2A9F1449434A2E89196B5C32D6D1704E
                                                                            SHA1:2B4EA1118D500E0B7CFD46C9677A37E86DC143C5
                                                                            SHA-256:2ED2452740643897595C3C2B92EA6AD85A339C03D112709AA4FC773885032FB2
                                                                            SHA-512:8D0900C61B3818DC0A953B249D9F34E55FC940D7693A2CF07A27F7233599DC252A882D2F47C33F62C252C6989E1B0CBEEC385F76B681D9EE59F43224CA4C5081
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:00.211 15d4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/01/14-03:35:00.212 15d4 Recovering log #3.2021/01/14-03:35:00.213 15d4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):19
                                                                            Entropy (8bit):1.9837406708828553
                                                                            Encrypted:false
                                                                            SSDEEP:3:5l:5l
                                                                            MD5:E556F26DF3E95C19DBAECA8F5DF0C341
                                                                            SHA1:247A89F0557FC3666B5173833DB198B188F3AA2E
                                                                            SHA-256:B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
                                                                            SHA-512:055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: ..&f...............
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):418
                                                                            Entropy (8bit):5.2671263458279185
                                                                            Encrypted:false
                                                                            SSDEEP:6:mofUHqlyq2PWXp+N23iKKdKusNpZQMxIFUtpnfUr1ZmwPnfU9RkwOWXp+N23iKK+:kqIva5KkMFUtpw1/PS5f5KkTJ
                                                                            MD5:ECCB6D648E1630B9B31232B6ABFF047C
                                                                            SHA1:197421AEB0F2EC5574EAD3BDB53447AC439FB516
                                                                            SHA-256:14B009CD44356BE1F3337EA1A4BE521423984BD09611BB3B58F7EF015AC6B887
                                                                            SHA-512:F1DB24373D57BBEEA7BBF2C05266921921E3F425AC7C1109BB3FFAD7E2D69BCB60116D7D9B6613FA7E3A3AFEBBA0BFA0775C9F14962B793B335756AC49131AAF
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:16.368 15a0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/MANIFEST-000001.2021/01/14-03:35:16.369 15a0 Recovering log #3.2021/01/14-03:35:16.369 15a0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\d7801c74-c9e9-4f72-aafe-1350d223d173.tmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text, with very long lines, with no line terminators
                                                                            Category:dropped
                                                                            Size (bytes):420
                                                                            Entropy (8bit):4.985305467053914
                                                                            Encrypted:false
                                                                            SSDEEP:6:YHpoNXR8+eq7JdV5qQlsDHF4xj70PpqQEsDHF4R8HLJ2AVQBR70S7PMVKJw1K3Ky:YHO8sdBsB6MAsBdLJlyH7E4f3K33y
                                                                            MD5:C401B619D9D8E0ADABC25A47EE49CFBA
                                                                            SHA1:C9D3B816DD3FBCD98E9C0A32CEC7B501EFC0BBDA
                                                                            SHA-256:8F5D75F5EF9876E8D30CE477509F735B50C4D87DBEDB433BE8EDBE6D4B3CB82F
                                                                            SHA-512:BC12F16CB95CB0AD708C6BBD005EF863A8552613E612F1084086E0F8262752E1B5144D044F0D141CE8462CC33343C36B517A5CC778751680485D8F88FB51B862
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248543490879170","port":443,"protocol_str":"quic"},{"advertised_versions":[73],"expiration":"13248543490879171","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):296
                                                                            Entropy (8bit):0.19535324365485862
                                                                            Encrypted:false
                                                                            SSDEEP:3:8E:8
                                                                            MD5:C4DF0FB10C4332150B2C336396CE1B66
                                                                            SHA1:780A76E101DE3DE2E68D23E64AB1A44D47A73207
                                                                            SHA-256:18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
                                                                            SHA-512:51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: .'..(...................................................................................................................................................................................................................................................................................................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):430
                                                                            Entropy (8bit):5.232864989528257
                                                                            Encrypted:false
                                                                            SSDEEP:12:3pva5KkkGHArBFUtpHp1/PHtt5f5KkkGHAryJ:Fa5KkkGgPgHLf5KkkGga
                                                                            MD5:B262E3EBC5C0F90520944C4F78A88393
                                                                            SHA1:748352B467276C7894B15640A7C3E5BFBD186F36
                                                                            SHA-256:4C2A4FEAB174AFA9CE4B644739135FCE3FC47BA4475F84EF2E26EE6C46372FEF
                                                                            SHA-512:231BE0CEDA8922BB84A9075C0EA8E02B87A86D447F7749EC4CB50E5AD18FE66820CB16CBB92ECAB118ECB8BC0CB2FF13EED29689AC434DAF74487D19B62C28FE
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:06.922 1594 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/MANIFEST-000001.2021/01/14-03:35:06.927 1594 Recovering log #3.2021/01/14-03:35:06.929 1594 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):432
                                                                            Entropy (8bit):5.2192219518689
                                                                            Encrypted:false
                                                                            SSDEEP:12:1va5KkkGHArqiuFUtplz1/PU5f5KkkGHArq2J:Za5KkkGgCgXYf5KkkGg7
                                                                            MD5:6B6F535A80F9EEED75DDF7D6E155DC17
                                                                            SHA1:0FF5D8E62591F8B4ACA848421894764CACC358E3
                                                                            SHA-256:6AF1A726B984BDA594FCBB9C158F625E56B37D4F20EA58A54FFE70B3D1D7A781
                                                                            SHA-512:9A64AAA92073065F0B41BAF86126978FB2F77200515AF2A271CD8DB8915F71B7675B924EF4705EDAC0F757C4AA980D4CEE292DE74D8E288CC77D1484A1FC3624
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:06.935 15a0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/MANIFEST-000001.2021/01/14-03:35:06.938 15a0 Recovering log #3.2021/01/14-03:35:06.939 15a0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):19
                                                                            Entropy (8bit):1.9837406708828553
                                                                            Encrypted:false
                                                                            SSDEEP:3:5l:5l
                                                                            MD5:E556F26DF3E95C19DBAECA8F5DF0C341
                                                                            SHA1:247A89F0557FC3666B5173833DB198B188F3AA2E
                                                                            SHA-256:B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
                                                                            SHA-512:055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: ..&f...............
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):418
                                                                            Entropy (8bit):5.220016349696773
                                                                            Encrypted:false
                                                                            SSDEEP:12:8tva5KkkGHArAFUtpMNB/PM4dz5f5KkkGHArfJ:Ya5KkkGgkgErvf5KkkGgV
                                                                            MD5:A977BDB254BFFA8EE5FFB5074AFD23D9
                                                                            SHA1:891261DEC0D5370FEF6D354ECF9DD2D7BE65AC29
                                                                            SHA-256:3A4469318D53A1D5773092A19479433EC16D6FB15EB9E7D454E5E2AD4965580C
                                                                            SHA-512:386961A509F887A8D240953877289CC3079E2B58A18F628F61C66348215B46DDAA637911312213A11891834E21FD6DBF0E89C739F35487DAF4CE3AA5B2C6A00D
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:22.256 17b0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/MANIFEST-000001.2021/01/14-03:35:22.257 17b0 Recovering log #3.2021/01/14-03:35:22.258 17b0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\efe0f311-4deb-442f-8fbc-5723cedee74b.tmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text, with very long lines, with no line terminators
                                                                            Category:dropped
                                                                            Size (bytes):420
                                                                            Entropy (8bit):4.954960881489904
                                                                            Encrypted:false
                                                                            SSDEEP:12:YHO8sdvBVSsB6M/BVSsBdLJlyH7E4f3K33y:YXsdvjX6gjXdL3yH7n/iy
                                                                            MD5:F4FEFEEEC722772F9DC0FCE1B52D79B5
                                                                            SHA1:00EECFA3B37113D30E7D43BE4383C540F3D93D4D
                                                                            SHA-256:D33E13C12004A700F246D8C73709114A881609D658E045D54DE36874728D07F0
                                                                            SHA-512:41E61EC89366800FD5F4DD704E53B47DE29411B9088B46349A0A350758D08569C14DCC70CF8D6A6FE6D049CB6D32F2B091153E8148A1B5857BD7AF13492071BE
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248543498399332","port":443,"protocol_str":"quic"},{"advertised_versions":[73],"expiration":"13248543498399332","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):38
                                                                            Entropy (8bit):1.9837406708828553
                                                                            Encrypted:false
                                                                            SSDEEP:3:sgGg:st
                                                                            MD5:45A8ECA4E5C4A6B1395080C1B728B6C9
                                                                            SHA1:8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E
                                                                            SHA-256:DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
                                                                            SHA-512:8EE91A3A1E77459273553F6A776C423A8EE95DB9DCFA897771814B7AD13FD84F06BB2B859F22B6DDA384B39EAA91F1819F170BABED6DA16BDBCF5BCB06CF2124
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: ..F..................F................
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):324
                                                                            Entropy (8bit):5.253427379027576
                                                                            Encrypted:false
                                                                            SSDEEP:6:mozWXpQ+q2PWXp+N23iKKdKpIFUtpnmSgZmwPnuQVkwOWXp+N23iKKdKa/WLJ:KXi+va5KkmFUtpmX/PzV5f5KkaUJ
                                                                            MD5:FDE9440DDB33A2980BC8F7F409D3BDD9
                                                                            SHA1:671D57D3BC5CD36F4AF4AFF3329B31AC60CB497B
                                                                            SHA-256:7D9767A3DA093AAD872A338124286893748E2F7D0AFB30CFA77720010C9A60B4
                                                                            SHA-512:3F710BDC0E5C0FD0ED0FC00AA3C9FDBC3D43EE04D093B683E29C40F3579E91B8E4794ABB346C63C5F7208C119B8F987F14F8DD9B38365D5EA5253827013D2459
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:34:59.942 132c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/01/14-03:34:59.945 132c Recovering log #3.2021/01/14-03:34:59.946 132c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):402
                                                                            Entropy (8bit):5.325093290828609
                                                                            Encrypted:false
                                                                            SSDEEP:6:moHIq2PWXp+N23iKKdKks8Y5JKKhdIFUtpnHdyZmwPnHPFzkwOWXp+N23iKKdKk0:3Iva5KkkOrsFUtpHdy/PHd5f5KkkOrzJ
                                                                            MD5:0854571575CD3FB8B09640E59725BED1
                                                                            SHA1:F153E395A380407750927D7FBEF52DA45BFB6D88
                                                                            SHA-256:5A7434E3F1AF6881FF656B4E8FB38A72661B6AECCDF0AA5F5ACACB70E604746F
                                                                            SHA-512:834D954755900887F87C63D4CCD749D7128CD40BDD59943B0A4201B0F72E9C6B07DB19906EB5A110A2DFD7CFAC54586E163A1EA4379E1C4DB2B22A56FF976006
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: 2021/01/14-03:35:07.917 1170 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/MANIFEST-000001.2021/01/14-03:35:07.918 1170 Recovering log #3.2021/01/14-03:35:07.919 1170 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/000003.log .
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):84
                                                                            Entropy (8bit):5.070965596820219
                                                                            Encrypted:false
                                                                            SSDEEP:3:f7meI/jfB3xmllMf5AlnDbgtYtki50NxR8:f7mpjiMf5A5DMt+1cR8
                                                                            MD5:19EC6757BBBBE3DB388AC3D982A4E200
                                                                            SHA1:49AA18207956E417808CB131BD545A1501E1B37D
                                                                            SHA-256:A37A7A6ED61DE7F18D38202793D8E91E11B256EB96958B0031DDD961BC69110D
                                                                            SHA-512:8F7FE7922D5C6369BB2029A691E5DC9566A5A10014F87FADBCE9977E70E13640C9EB16963DA9ADEA21DCD30612E72598F25CAD158FFA41F99EAD86098784B411
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: ....;2..Z;+......$.`x.1....I..*.!.......U.p.&......Z.mgT.......\..).....n.+.[+4.
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c90e3471-4594-48ec-aa8a-d1bc5add3bce.tmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text, with very long lines, with no line terminators
                                                                            Category:dropped
                                                                            Size (bytes):5635
                                                                            Entropy (8bit):5.17684833414989
                                                                            Encrypted:false
                                                                            SSDEEP:96:nRzF7P4vBgOo7B3cVblok0JCKL8HkJ1qbOTQVuwn:nRzJ4vBY3cRE4K2kJ6
                                                                            MD5:1FA305C32E3FF0FA34AE376ACC3BCFC2
                                                                            SHA1:80E1EB1B30FD90B0E5CDBC8B6986F891D7C75F47
                                                                            SHA-256:D44EDB5A113EF21E2257EC87F4C27F5F5DAC4B72B234B3D359960CB62EA96165
                                                                            SHA-512:733A4F577157C1C3A5F76B9DFC22F9AF4ABA5ED6689113D7B7276051DB2F0F407A1BD1943AB830FBA3F46BE4E103DE376BC9C059098E1AE47EA98EBC6B9CF04B
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13255097700175456","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","
                                                                            C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cdf44fd4-b1ad-4ef0-9287-e06cca183067.tmp
                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            File Type:ASCII text, with very long lines, with no line terminators
                                                                            Category:dropped
                                                                            Size (bytes):4219
                                                                            Entropy (8bit):4.871684703914691
                                                                            Encrypted:false
                                                                            SSDEEP:48:YXsJjMH+5s7YMHBKsvxMHVzspxMHbsIHt/soBDysKqnsllzMHpDCLsWJMHLsNuMg:RG+ZGJG+GTTD7IGpD+G7Gp2GnG4GVhH
                                                                            MD5:EDC4A4E22003A711AEF67FAED28DB603
                                                                            SHA1:977E551B9ED5F60D018C030B0B4AA2E33B954556
                                                                            SHA-256:DD2C9F43F622F801FCC213CDE8E3E90EF1D0D26665AE675449A94CEC7EB1D453
                                                                            SHA-512:84D3930579FD73C7D86144D5CDC636436955BA79759273C740D2D72BC4847F2F7F165BBCA3EB2E4DFB01777D6A5F141623278C1BF74615C5A491092CE3FD1602
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248543677350473","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543677350474","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31344},"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248543501474403","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543501474403","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31656},"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248543501454993","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543501454994","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":39369},"server":"https://www.googleapis.com","supports_spdy":true},

                                                                            Static File Info

                                                                            No static file info

                                                                            Network Behavior

                                                                            Snort IDS Alerts

                                                                            TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                                            01/14/21-03:35:03.144326TCP2515WEB-MISC PCT Client_Hello overflow attempt49722443192.168.2.3173.194.187.70

                                                                            Network Port Distribution

                                                                            TCP Packets

                                                                            TimestampSource PortDest PortSource IPDest IP
                                                                            Jan 14, 2021 03:35:02.611152887 CET4971380192.168.2.352.10.125.252
                                                                            Jan 14, 2021 03:35:02.612268925 CET4971480192.168.2.352.10.125.252
                                                                            Jan 14, 2021 03:35:02.789971113 CET4971880192.168.2.352.10.125.252
                                                                            Jan 14, 2021 03:35:02.816008091 CET804971352.10.125.252192.168.2.3
                                                                            Jan 14, 2021 03:35:02.816176891 CET4971380192.168.2.352.10.125.252
                                                                            Jan 14, 2021 03:35:02.816546917 CET4971380192.168.2.352.10.125.252
                                                                            Jan 14, 2021 03:35:02.817475080 CET804971452.10.125.252192.168.2.3
                                                                            Jan 14, 2021 03:35:02.817570925 CET4971480192.168.2.352.10.125.252
                                                                            Jan 14, 2021 03:35:02.995253086 CET804971852.10.125.252192.168.2.3
                                                                            Jan 14, 2021 03:35:02.995407104 CET4971880192.168.2.352.10.125.252
                                                                            Jan 14, 2021 03:35:03.020880938 CET804971352.10.125.252192.168.2.3
                                                                            Jan 14, 2021 03:35:03.022547007 CET804971352.10.125.252192.168.2.3
                                                                            Jan 14, 2021 03:35:03.062849998 CET4971380192.168.2.352.10.125.252
                                                                            Jan 14, 2021 03:35:03.088100910 CET4972180192.168.2.3192.236.249.58
                                                                            Jan 14, 2021 03:35:03.141056061 CET8049721192.236.249.58192.168.2.3
                                                                            Jan 14, 2021 03:35:03.141231060 CET4972180192.168.2.3192.236.249.58
                                                                            Jan 14, 2021 03:35:03.141442060 CET4972180192.168.2.3192.236.249.58
                                                                            Jan 14, 2021 03:35:03.194207907 CET8049721192.236.249.58192.168.2.3
                                                                            Jan 14, 2021 03:35:03.197411060 CET8049721192.236.249.58192.168.2.3
                                                                            Jan 14, 2021 03:35:03.200558901 CET4972180192.168.2.3192.236.249.58
                                                                            Jan 14, 2021 03:35:03.258879900 CET8049721192.236.249.58192.168.2.3
                                                                            Jan 14, 2021 03:35:03.258922100 CET8049721192.236.249.58192.168.2.3
                                                                            Jan 14, 2021 03:35:03.258955002 CET8049721192.236.249.58192.168.2.3
                                                                            Jan 14, 2021 03:35:03.259001970 CET4972180192.168.2.3192.236.249.58
                                                                            Jan 14, 2021 03:35:03.298875093 CET4972180192.168.2.3192.236.249.58
                                                                            Jan 14, 2021 03:35:05.378802061 CET4972180192.168.2.3192.236.249.58
                                                                            Jan 14, 2021 03:35:05.443994999 CET8049721192.236.249.58192.168.2.3
                                                                            Jan 14, 2021 03:35:05.484101057 CET4972180192.168.2.3192.236.249.58
                                                                            Jan 14, 2021 03:35:06.648367882 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.696252108 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.696368933 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.696604013 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.744261980 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.744535923 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.744565010 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.744590044 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.744611025 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.744621992 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.744651079 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.759258032 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.759407043 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.759574890 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.807555914 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.807604074 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.807742119 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.807847977 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.809057951 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.809108973 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.809150934 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.809161901 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.809187889 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.809202909 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.809242010 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.811449051 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.811506033 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.811549902 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.811566114 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.813843012 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.813894033 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.813924074 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.813946962 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.816221952 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.816268921 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.816298962 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.816319942 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.818638086 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.818677902 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.818717957 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.818741083 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.821054935 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.821098089 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.821134090 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.821152925 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.823445082 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.823482990 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.823537111 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.823559999 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.825932980 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.825975895 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.826045990 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.855592012 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.855649948 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.855746984 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.855798006 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.856662989 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.856710911 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.856736898 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.856765032 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.859026909 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.859065056 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.859131098 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.861452103 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.861537933 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.861601114 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.863923073 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.863975048 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.864051104 CET49746443192.168.2.3108.177.126.132
                                                                            Jan 14, 2021 03:35:06.866234064 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.866275072 CET44349746108.177.126.132192.168.2.3
                                                                            Jan 14, 2021 03:35:06.866393089 CET49746443192.168.2.3108.177.126.132

                                                                            UDP Packets

                                                                            TimestampSource PortDest PortSource IPDest IP
                                                                            Jan 14, 2021 03:34:55.027636051 CET5598453192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:34:55.078448057 CET53559848.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:34:55.843395948 CET6418553192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:34:55.891530037 CET53641858.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:34:57.158423901 CET6511053192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:34:57.214674950 CET53651108.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:34:58.313808918 CET5836153192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:34:58.361675024 CET53583618.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:00.811147928 CET6349253192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:00.862071037 CET53634928.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:02.543574095 CET5319553192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:02.548516035 CET5014153192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:02.551722050 CET5302353192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:02.555273056 CET4956353192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:02.602467060 CET53531958.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:02.615784883 CET53501418.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:02.616158009 CET53530238.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:02.632004976 CET53495638.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:02.889238119 CET5135253192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:02.945637941 CET53513528.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:03.030855894 CET5934953192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:03.038652897 CET5708453192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:03.087260962 CET53593498.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:03.103041887 CET53570848.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:03.151113987 CET5882353192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:03.215378046 CET53588238.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:03.345338106 CET5756853192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:03.345678091 CET5054053192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:03.393107891 CET53575688.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:03.406884909 CET53505408.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:03.624902010 CET5303453192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:03.672631025 CET53530348.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:03.687885046 CET5776253192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:03.726011992 CET5543553192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:03.752365112 CET53577628.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:03.773758888 CET53554358.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:04.410963058 CET5071353192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:04.478053093 CET53507138.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:04.646511078 CET5613253192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:04.696702957 CET5898753192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:04.726322889 CET53561328.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:04.744595051 CET53589878.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:04.930502892 CET5657953192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:04.995136976 CET53565798.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:05.968374968 CET6063353192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:06.016113043 CET53606338.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:06.583141088 CET6129253192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:06.647310972 CET53612928.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:07.252897978 CET6491053192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:07.300852060 CET53649108.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:07.942560911 CET5212353192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:08.009185076 CET53521238.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:08.995982885 CET5613053192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:09.047034979 CET53561308.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:10.831732988 CET5878453192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:10.879672050 CET53587848.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:12.386917114 CET6397853192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:12.451596975 CET53639788.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:13.402618885 CET5570853192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:13.473598957 CET53557088.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:16.854727983 CET5680353192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:16.919101954 CET53568038.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:17.534264088 CET5714553192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:17.538753986 CET5535953192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:17.598896980 CET53571458.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:17.605935097 CET53553598.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:17.675661087 CET5830653192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:17.675940037 CET6412453192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:17.740853071 CET53641248.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:17.740886927 CET53583068.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:17.802654028 CET64125443192.168.2.3108.177.126.154
                                                                            Jan 14, 2021 03:35:17.829319954 CET4936153192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:17.840136051 CET6315053192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:17.850600004 CET44364125108.177.126.154192.168.2.3
                                                                            Jan 14, 2021 03:35:17.850646973 CET44364125108.177.126.154192.168.2.3
                                                                            Jan 14, 2021 03:35:17.852281094 CET64125443192.168.2.3108.177.126.154
                                                                            Jan 14, 2021 03:35:17.852467060 CET64125443192.168.2.3108.177.126.154
                                                                            Jan 14, 2021 03:35:17.877317905 CET53493618.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:17.887902975 CET53631508.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:17.900827885 CET44364125108.177.126.154192.168.2.3
                                                                            Jan 14, 2021 03:35:17.901211977 CET64125443192.168.2.3108.177.126.154
                                                                            Jan 14, 2021 03:35:17.904195070 CET44364125108.177.126.154192.168.2.3
                                                                            Jan 14, 2021 03:35:17.904225111 CET44364125108.177.126.154192.168.2.3
                                                                            Jan 14, 2021 03:35:17.904448986 CET64125443192.168.2.3108.177.126.154
                                                                            Jan 14, 2021 03:35:17.908525944 CET64125443192.168.2.3108.177.126.154
                                                                            Jan 14, 2021 03:35:17.921892881 CET5327953192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:17.958456993 CET44364125108.177.126.154192.168.2.3
                                                                            Jan 14, 2021 03:35:17.958605051 CET44364125108.177.126.154192.168.2.3
                                                                            Jan 14, 2021 03:35:17.958730936 CET64125443192.168.2.3108.177.126.154
                                                                            Jan 14, 2021 03:35:17.960777044 CET64125443192.168.2.3108.177.126.154
                                                                            Jan 14, 2021 03:35:18.001912117 CET53532798.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:18.009620905 CET44364125108.177.126.154192.168.2.3
                                                                            Jan 14, 2021 03:35:18.009701014 CET44364125108.177.126.154192.168.2.3
                                                                            Jan 14, 2021 03:35:18.009891033 CET64125443192.168.2.3108.177.126.154
                                                                            Jan 14, 2021 03:35:18.227850914 CET5688153192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:18.292287111 CET53568818.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:18.629795074 CET5364253192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:18.632601976 CET5566753192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:18.694173098 CET53536428.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:18.699156046 CET53556678.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:19.063625097 CET55668443192.168.2.3173.194.79.119
                                                                            Jan 14, 2021 03:35:19.112440109 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.112493992 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.114164114 CET55668443192.168.2.3173.194.79.119
                                                                            Jan 14, 2021 03:35:19.114444971 CET55668443192.168.2.3173.194.79.119
                                                                            Jan 14, 2021 03:35:19.163333893 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.163783073 CET55668443192.168.2.3173.194.79.119
                                                                            Jan 14, 2021 03:35:19.166347980 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.166394949 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.166441917 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.166482925 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.166517973 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.167094946 CET55668443192.168.2.3173.194.79.119
                                                                            Jan 14, 2021 03:35:19.167129040 CET55668443192.168.2.3173.194.79.119
                                                                            Jan 14, 2021 03:35:19.192303896 CET55668443192.168.2.3173.194.79.119
                                                                            Jan 14, 2021 03:35:19.236903906 CET55668443192.168.2.3173.194.79.119
                                                                            Jan 14, 2021 03:35:19.239424944 CET55668443192.168.2.3173.194.79.119
                                                                            Jan 14, 2021 03:35:19.287986994 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.288038015 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.288079023 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.288116932 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.288162947 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.288197041 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.288662910 CET55668443192.168.2.3173.194.79.119
                                                                            Jan 14, 2021 03:35:19.288711071 CET55668443192.168.2.3173.194.79.119
                                                                            Jan 14, 2021 03:35:19.288753986 CET55668443192.168.2.3173.194.79.119
                                                                            Jan 14, 2021 03:35:19.290019989 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.290194988 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.290235996 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.290273905 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.290321112 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.291435957 CET55668443192.168.2.3173.194.79.119
                                                                            Jan 14, 2021 03:35:19.291485071 CET55668443192.168.2.3173.194.79.119
                                                                            Jan 14, 2021 03:35:19.292206049 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.292253017 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.292382956 CET55668443192.168.2.3173.194.79.119
                                                                            Jan 14, 2021 03:35:19.295255899 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.295291901 CET44355668173.194.79.119192.168.2.3
                                                                            Jan 14, 2021 03:35:19.295428038 CET55668443192.168.2.3173.194.79.119
                                                                            Jan 14, 2021 03:35:19.321654081 CET55668443192.168.2.3173.194.79.119
                                                                            Jan 14, 2021 03:35:20.071954966 CET5483353192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:20.128109932 CET53548338.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:23.460222006 CET6247653192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:23.474806070 CET4970553192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:23.480164051 CET6147753192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:23.516381979 CET53624768.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:23.522651911 CET53497058.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:23.539227962 CET53614778.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:24.189533949 CET6163353192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:24.247760057 CET53616338.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:27.864861012 CET5594953192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:27.925467968 CET53559498.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:33.821455002 CET64125443192.168.2.3108.177.126.154
                                                                            Jan 14, 2021 03:35:33.895332098 CET44364125108.177.126.154192.168.2.3
                                                                            Jan 14, 2021 03:35:36.724632025 CET5760153192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:36.775540113 CET53576018.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:41.975265980 CET4934253192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:42.026227951 CET53493428.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:43.051254988 CET5625353192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:43.102055073 CET53562538.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:43.987333059 CET5543953192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:44.047739029 CET53554398.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:53.575680017 CET5706953192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:53.636848927 CET53570698.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:35:56.754749060 CET5765953192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:35:56.802813053 CET53576598.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:36:00.401540995 CET5471753192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:36:00.457981110 CET53547178.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:36:00.810117006 CET5663953192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:36:00.872123957 CET53566398.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:36:01.012372017 CET5185653192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:36:01.076920033 CET53518568.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:36:01.207063913 CET5654653192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:36:01.268383026 CET53565468.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:36:01.415328979 CET6215253192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:36:01.482651949 CET53621528.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:36:11.926784039 CET5347053192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:36:11.993252039 CET53534708.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:36:17.320396900 CET5644653192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:36:17.385138035 CET53564468.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:36:17.574254036 CET5963153192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:36:17.630461931 CET53596318.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:36:18.253684044 CET5551553192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:36:18.311381102 CET53555158.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:36:27.020551920 CET6454753192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:36:28.029512882 CET6454753192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:36:28.298120022 CET53645478.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:36:41.807316065 CET5175953192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:36:41.875106096 CET53517598.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:36:41.981029034 CET5920753192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:36:42.040708065 CET53592078.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:36:48.494792938 CET5426953192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:36:48.545598030 CET53542698.8.8.8192.168.2.3
                                                                            Jan 14, 2021 03:36:49.804233074 CET5485653192.168.2.38.8.8.8
                                                                            Jan 14, 2021 03:36:49.869265079 CET53548568.8.8.8192.168.2.3

                                                                            DNS Queries

                                                                            TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                                                            Jan 14, 2021 03:35:02.543574095 CET192.168.2.38.8.8.80xcdd8Standard query (0)t.orders.destinationmaternity.comA (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:03.030855894 CET192.168.2.38.8.8.80x6414Standard query (0)sv.j-ss.xyzA (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:03.345338106 CET192.168.2.38.8.8.80xb5e6Standard query (0)stackpath.bootstrapcdn.comA (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:06.583141088 CET192.168.2.38.8.8.80x221bStandard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:13.402618885 CET192.168.2.38.8.8.80xc874Standard query (0)www.youtube-nocookie.comA (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:16.854727983 CET192.168.2.38.8.8.80xc2eStandard query (0)s.ytimg.comA (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:17.534264088 CET192.168.2.38.8.8.80xcc09Standard query (0)googleads.g.doubleclick.netA (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:17.538753986 CET192.168.2.38.8.8.80x20aaStandard query (0)static.doubleclick.netA (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:17.840136051 CET192.168.2.38.8.8.80xbbdStandard query (0)www.youtube.comA (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:18.227850914 CET192.168.2.38.8.8.80xefe1Standard query (0)stats.g.doubleclick.netA (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:18.629795074 CET192.168.2.38.8.8.80xc51cStandard query (0)yt3.ggpht.comA (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:18.632601976 CET192.168.2.38.8.8.80x2f85Standard query (0)i.ytimg.comA (IP address)IN (0x0001)

                                                                            DNS Answers

                                                                            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                                                            Jan 14, 2021 03:35:02.602467060 CET8.8.8.8192.168.2.30xcdd8No error (0)t.orders.destinationmaternity.comdestinationmat-rt-prod3-ssl-280079234.us-west-2.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)
                                                                            Jan 14, 2021 03:35:02.602467060 CET8.8.8.8192.168.2.30xcdd8No error (0)destinationmat-rt-prod3-ssl-280079234.us-west-2.elb.amazonaws.com52.10.125.252A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:02.602467060 CET8.8.8.8192.168.2.30xcdd8No error (0)destinationmat-rt-prod3-ssl-280079234.us-west-2.elb.amazonaws.com44.237.144.219A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:03.087260962 CET8.8.8.8192.168.2.30x6414No error (0)sv.j-ss.xyz192.236.249.58A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:03.393107891 CET8.8.8.8192.168.2.30xb5e6No error (0)stackpath.bootstrapcdn.comcds.j3z9t3p6.hwcdn.netCNAME (Canonical name)IN (0x0001)
                                                                            Jan 14, 2021 03:35:06.647310972 CET8.8.8.8192.168.2.30x221bNo error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)
                                                                            Jan 14, 2021 03:35:06.647310972 CET8.8.8.8192.168.2.30x221bNo error (0)googlehosted.l.googleusercontent.com108.177.126.132A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:13.473598957 CET8.8.8.8192.168.2.30xc874No error (0)www.youtube-nocookie.comyoutube-ui.l.google.comCNAME (Canonical name)IN (0x0001)
                                                                            Jan 14, 2021 03:35:16.919101954 CET8.8.8.8192.168.2.30xc2eNo error (0)s.ytimg.com108.177.127.113A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:16.919101954 CET8.8.8.8192.168.2.30xc2eNo error (0)s.ytimg.com108.177.127.100A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:16.919101954 CET8.8.8.8192.168.2.30xc2eNo error (0)s.ytimg.com108.177.127.138A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:16.919101954 CET8.8.8.8192.168.2.30xc2eNo error (0)s.ytimg.com108.177.127.101A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:16.919101954 CET8.8.8.8192.168.2.30xc2eNo error (0)s.ytimg.com108.177.127.102A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:16.919101954 CET8.8.8.8192.168.2.30xc2eNo error (0)s.ytimg.com108.177.127.139A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:17.598896980 CET8.8.8.8192.168.2.30xcc09No error (0)googleads.g.doubleclick.netpagead46.l.doubleclick.netCNAME (Canonical name)IN (0x0001)
                                                                            Jan 14, 2021 03:35:17.598896980 CET8.8.8.8192.168.2.30xcc09No error (0)pagead46.l.doubleclick.net108.177.126.154A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:17.598896980 CET8.8.8.8192.168.2.30xcc09No error (0)pagead46.l.doubleclick.net108.177.126.157A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:17.598896980 CET8.8.8.8192.168.2.30xcc09No error (0)pagead46.l.doubleclick.net108.177.126.155A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:17.598896980 CET8.8.8.8192.168.2.30xcc09No error (0)pagead46.l.doubleclick.net108.177.126.156A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:17.605935097 CET8.8.8.8192.168.2.30x20aaNo error (0)static.doubleclick.netstatic-doubleclick-net.l.google.comCNAME (Canonical name)IN (0x0001)
                                                                            Jan 14, 2021 03:35:17.887902975 CET8.8.8.8192.168.2.30xbbdNo error (0)www.youtube.comyoutube-ui.l.google.comCNAME (Canonical name)IN (0x0001)
                                                                            Jan 14, 2021 03:35:18.292287111 CET8.8.8.8192.168.2.30xefe1No error (0)stats.g.doubleclick.netstats.l.doubleclick.netCNAME (Canonical name)IN (0x0001)
                                                                            Jan 14, 2021 03:35:18.292287111 CET8.8.8.8192.168.2.30xefe1No error (0)stats.l.doubleclick.net108.177.126.156A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:18.292287111 CET8.8.8.8192.168.2.30xefe1No error (0)stats.l.doubleclick.net108.177.126.155A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:18.292287111 CET8.8.8.8192.168.2.30xefe1No error (0)stats.l.doubleclick.net108.177.126.157A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:18.292287111 CET8.8.8.8192.168.2.30xefe1No error (0)stats.l.doubleclick.net108.177.126.154A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:18.694173098 CET8.8.8.8192.168.2.30xc51cNo error (0)yt3.ggpht.comphotos-ugc.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)
                                                                            Jan 14, 2021 03:35:18.694173098 CET8.8.8.8192.168.2.30xc51cNo error (0)photos-ugc.l.googleusercontent.com108.177.127.132A (IP address)IN (0x0001)
                                                                            Jan 14, 2021 03:35:18.699156046 CET8.8.8.8192.168.2.30x2f85No error (0)i.ytimg.com173.194.79.119A (IP address)IN (0x0001)

                                                                            HTTP Request Dependency Graph

                                                                            • t.orders.destinationmaternity.com
                                                                            • sv.j-ss.xyz

                                                                            HTTP Packets

                                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                            0192.168.2.34971352.10.125.25280C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            TimestampkBytes transferredDirectionData
                                                                            Jan 14, 2021 03:35:02.816546917 CET87OUTGET /r/?id=h1fef42,971b0f,971b16&p1=sv.j-ss.xyz?gNVfz=am9obi5lbGxpb3R0QHJzYWdyb3VwLmNh HTTP/1.1
                                                                            Host: t.orders.destinationmaternity.com
                                                                            Connection: keep-alive
                                                                            Upgrade-Insecure-Requests: 1
                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36
                                                                            Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                            Accept-Encoding: gzip, deflate
                                                                            Accept-Language: en-US,en;q=0.9
                                                                            Jan 14, 2021 03:35:03.022547007 CET97INHTTP/1.1 302 Found
                                                                            Content-Type: text/plain; charset=utf-8
                                                                            Date: Thu, 14 Jan 2021 02:35:02 GMT
                                                                            Location: http://sv.j-ss.xyz?gNVfz=am9obi5lbGxpb3R0QHJzYWdyb3VwLmNh
                                                                            P3P: CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
                                                                            Server: Apache
                                                                            Set-Cookie: uuid230=158e3628-c179-474a-aa9c-a69e768a223f; Domain=destinationmaternity.com; Path=/; Expires=Tue, 01-Feb-2089 05:49:09 GMT
                                                                            Set-Cookie: nlid=1fef42|971b0f; Domain=destinationmaternity.com; Path=/
                                                                            X-Robots-Tag: noindex
                                                                            Content-Length: 17
                                                                            Connection: keep-alive
                                                                            Data Raw: 54 65 6d 70 6f 72 61 72 69 6c 79 20 6d 6f 76 65 64
                                                                            Data Ascii: Temporarily moved


                                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                            1192.168.2.349721192.236.249.5880C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            TimestampkBytes transferredDirectionData
                                                                            Jan 14, 2021 03:35:03.141442060 CET101OUTGET /?gNVfz=am9obi5lbGxpb3R0QHJzYWdyb3VwLmNh HTTP/1.1
                                                                            Host: sv.j-ss.xyz
                                                                            Connection: keep-alive
                                                                            Upgrade-Insecure-Requests: 1
                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36
                                                                            Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                            Accept-Encoding: gzip, deflate
                                                                            Accept-Language: en-US,en;q=0.9
                                                                            Jan 14, 2021 03:35:03.197411060 CET107INHTTP/1.1 302 Found
                                                                            Server: nginx
                                                                            Date: Thu, 14 Jan 2021 02:35:03 GMT
                                                                            Content-Type: text/html; charset=UTF-8
                                                                            Content-Length: 0
                                                                            Connection: keep-alive
                                                                            Keep-Alive: timeout=60
                                                                            X-Powered-By: PHP/7.4.14
                                                                            Set-Cookie: PHPSESSID=tenk92cvbq28p8okbg65c8cfkr; path=/
                                                                            Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                            Cache-Control: no-store, no-cache, must-revalidate
                                                                            Pragma: no-cache
                                                                            location: main/
                                                                            Jan 14, 2021 03:35:03.200558901 CET112OUTGET /main/ HTTP/1.1
                                                                            Host: sv.j-ss.xyz
                                                                            Connection: keep-alive
                                                                            Upgrade-Insecure-Requests: 1
                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36
                                                                            Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                            Accept-Encoding: gzip, deflate
                                                                            Accept-Language: en-US,en;q=0.9
                                                                            Cookie: PHPSESSID=tenk92cvbq28p8okbg65c8cfkr
                                                                            Jan 14, 2021 03:35:03.258879900 CET133INHTTP/1.1 200 OK
                                                                            Server: nginx
                                                                            Date: Thu, 14 Jan 2021 02:35:03 GMT
                                                                            Content-Type: text/html; charset=UTF-8
                                                                            Transfer-Encoding: chunked
                                                                            Connection: keep-alive
                                                                            Keep-Alive: timeout=60
                                                                            Vary: Accept-Encoding
                                                                            X-Powered-By: PHP/7.4.14
                                                                            Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                            Cache-Control: no-store, no-cache, must-revalidate
                                                                            Pragma: no-cache
                                                                            Content-Encoding: gzip
                                                                            Data Raw: 62 65 31 0d 0a 1f 8b 08 00 00 00 00 00 02 03 6d 97 57 b3 a4 4a 72 80 df e7 57 b4 ce 86 22 f6 c6 c6 39 0d 34 8d d9 9d 99 10 ae f1 b6 f1 2f 0a 3c 34 de 1b 85 fe bb 38 33 b3 f7 de 95 c4 03 14 59 99 59 59 59 45 91 df 97 af ff 46 ab 94 e9 69 cc 25 9f ea ea a2 59 a4 c4 53 97 b7 f7 eb d5 b9 51 d7 2b 6d d2 17 97 33 65 e9 02 7e 00 17 73 08 9a b1 98 8a b6 09 aa eb 95 51 de 2e 6f f9 34 75 7f bf 5e d7 75 fd 58 6f 1f ed 90 5d 4d e3 ba 7d fa 02 3f 8d 7f 35 df a7 3f 59 7e c4 53 fc f6 fd cb d7 1f 03 6e 75 d5 8c df fe 1f 37 20 8e e3 3f ad 7f e8 26 41 7c 3e ea 64 0a 2e 9f ba ef 49 3f 17 cb b7 37 aa 6d a6 a4 99 de cd bd 4b de 2e d1 cf b7 6f 6f 53 b2 4d d7 4f db 7f 5c a2 3c 18 c6 64 fa 36 4f e9 3b f6 76 b9 9e 5e a6 62 aa 92 ef 46 12 17 43 12 4d 45 93 7d 7c 7c 7c bd fe 94 7e f9 3a 46 43 d1 4d 97 71 88 7e 86 35 fe 8a 2b 6b db ac 4a 3e a2 b6 be 9e 66 41 37 9d 9e af 41 57 7c bc c6 b7 4b 30 ee 4d 74 89 93 34 19 be 7f bd fe 74 71 fa aa 8a a6 bc e4 43 92 fe e1 6a 9c 82 a8 ec 82 29 ff 08 db 76 1a cf c4 74 51 dc fc 70 fb bb e0 0a 7f dc 3e c0 6b 34 8e 7f c8 3e ea e2 d4 1a cf b1 86 a4 fa f6 36 4e 7b 95 8c 79 92 4c 6f 97 e2 9c 75 36 14 d3 7e 8a f3 e0 86 c1 ef 59 a6 ee 06 50 b8 54 28 eb cb cd 2d ba 3a b8 c1 32 fd b7 98 bb 82 a9 8e 62 f0 f5 85 44 de b5 10 4c dd 52 f3 c8 19 d0 0d 17 96 d6 d8 4c 48 f6 57 d0 3c 53 39 b4 e3 d8 0e 45 56 34 df de 82 a6 6d f6 ba 9d c7 b7 df f3 f3 fd f2 e5 4f f3 bc fe 5a 9f b0 8d f7 ef 5f 2e 97 af 71 b1 5c a2 2a 18 cf a5 fd 5c 94 a0 68 92 e1 92 bf 83 00 70 89 df d3 2a d9 2e af 79 9c 8a 74 7f ff b5 66 ef d1 79 4b 86 b7 4f eb 7f b5 af f7 f7 60 9e da 5f 3d 3f 7a d3 76 a8 2f 41 f4 b9 9d ce fe d3 f9 47 97 77 7f 11 ed 1a 25 39 0c 9d 0c f3 a5 33 34 43 62 1b 3f 31 dc eb 79 28 16 7c 58 07 1d 87 6d a0 1d 12 70 a0 3c a7 18 32 86 77 77 5a d0 11 f2 30 da 43 d7 6c 50 50 48 1b 01 87 1c c9 43 38 39 9e 6b ae 6f 8a 20 df bd 64 dd 72 2f 6d cb 3b 93 4a fb e1 77 d1 bd 89 3c d3 7c ac 4c ee e2 a1 b8 c6 c1 61 65 4a ec aa 76 65 e8 90 21 14 45 dc 69 3d 84 aa 9e 41 94 68 26 aa 56 b1 46 c9 41 92 82 37 51 58 f5 84 0a f6 09 eb 0e c5 67 02 c9 95 7b 33 e8 8b 43 d0 4d 08 ae c1 2c 26 11 9a d5 8b 22 04 6a 76 bb 47 bc ce 95 f9 54 09 87 ec 62 0e bb 7b db 66 72 53 5a f2 85 de 42 49 92 96 ca b1 06 41 4d 02 4d 6b 41 47 a8 69 37 8f 12 ed 87 80 a4 5e ea 11 13 97 3b 14 e1 e5 c3 02 a7 6a 0c 45 c3 1d d0 78 55 13 7c a7 5c ed 44 e9 09 d2 02 ec 23 35 ec e4 45 65 cf 8e b6 65 a2 c0 b7 90 4b 23 55 03 6c a3 90 77 9e 6e fa 49 db c4 66 51 0c 55 d0 49 70 6a 76 45 e6 94 60 6a 20 50 ef 33 e2 55 09 1e de ae 62 b7 80 3e b0 c8 09 74 f3 31 9f 2e 3a 45 1f a3 03 e3 9c 6e e1 5f 10 0a 21 b1 2b 3a 71 4c a6 66 3a 6f 18 9c a1 2f 1c 5e 78 e1 fe a2 f4 62 78 0a 8f 00 9f 83 bc 13 b6 40 1b 73 17 36 18 fa 8e 19 66 2f eb a9 ea f6 a8 83 97 8a 1c 05 db be 04 08 41 16 bb 9f f6 d1 6d 42 a9 ac 5c fc 9a 72 2c 6d ba f1 02 89 d8 2d 0a 7f ce 34 06 42 34 79 2d 28 d1 5b fa ab 31 ec d0 1c 5d 6c d8 e6 40 3d 53 e2 e8 5c da 7b 8a c2 d6 c6 e0 a3 d8
                                                                            Data Ascii: be1mWJrW"94/<483YYYYEFi%YSQ+m3e~sQ.o4u^uXo]M}?5?Y~Snu7 ?&A|>d.I?7mK.ooSMO\<d6O;v^bFCME}|||~:FCMq~5+kJ>fA7AW|K0Mt4tqCj)vtQp>k4>6N{yLou6~YPT(-:2bDLRLHW<S9EV4mOZ_.q\*\hp*.ytfyKO`_=?zv/AGw%934Cb?1y(|Xmp<2wwZ0ClPPHC89ko dr/m;Jw<|LaeJve!Ei=Ah&VFA7QXg{3CM,&"jvGTb{frSZBIAMMkAGi7^;jExU|\D#5EeeK#UlwnIfQUIpjvE`j P3Ub>t1.:En_!+:qLf:o/^xbx@s6f/AmB\r,m-4B4y-([1]l@=S\{
                                                                            Jan 14, 2021 03:35:05.378802061 CET1342OUTGET /favicon.ico HTTP/1.1
                                                                            Host: sv.j-ss.xyz
                                                                            Connection: keep-alive
                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36
                                                                            Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8
                                                                            Referer: http://sv.j-ss.xyz/main/
                                                                            Accept-Encoding: gzip, deflate
                                                                            Accept-Language: en-US,en;q=0.9
                                                                            Cookie: PHPSESSID=tenk92cvbq28p8okbg65c8cfkr
                                                                            Jan 14, 2021 03:35:05.443994999 CET1343INHTTP/1.1 200 OK
                                                                            Server: nginx
                                                                            Date: Thu, 14 Jan 2021 02:35:05 GMT
                                                                            Content-Type: text/html; charset=UTF-8
                                                                            Content-Length: 135
                                                                            Connection: keep-alive
                                                                            Keep-Alive: timeout=60
                                                                            Last-Modified: Wed, 13 Jan 2021 20:41:24 GMT
                                                                            ETag: "87-5b8ce299fadd1"
                                                                            Accept-Ranges: bytes
                                                                            Data Raw: 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 22 2f 69 6e 64 65 78 2e 70 68 70 3f 22 20 2b 20 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 2e 73 70 6c 69 74 28 22 3f 22 29 5b 31 5d 3b 3c 2f 73 63 72 69 70 74 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e
                                                                            Data Ascii: <html> <body> <script>window.location.href="/index.php?" + window.location.href.split("?")[1];</script> </body></html>


                                                                            Code Manipulations

                                                                            Statistics

                                                                            Behavior

                                                                            Click to jump to process

                                                                            System Behavior

                                                                            Analysis Process: chrome.exe PID: 3252 Parent PID: 4576

                                                                            General

                                                                            Start time:03:34:58
                                                                            Start date:14/01/2021
                                                                            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            Wow64 process (32bit):false
                                                                            Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'http://t.orders.destinationmaternity.com/r/?id=h1fef42,971b0f,971b16&p1=sv.j-ss.xyz?gNVfz=am9obi5lbGxpb3R0QHJzYWdyb3VwLmNh'
                                                                            Imagebase:0x7ff77b960000
                                                                            File size:2150896 bytes
                                                                            MD5 hash:C139654B5C1438A95B321BB01AD63EF6
                                                                            Has elevated privileges:true
                                                                            Has administrator privileges:true
                                                                            Programmed in:C, C++ or other language
                                                                            Reputation:low

                                                                            Analysis Process: chrome.exe PID: 3920 Parent PID: 3252

                                                                            General

                                                                            Start time:03:35:00
                                                                            Start date:14/01/2021
                                                                            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            Wow64 process (32bit):false
                                                                            Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1536,17135931925735234631,6662398635317680266,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1856 /prefetch:8
                                                                            Imagebase:0x7ff77b960000
                                                                            File size:2150896 bytes
                                                                            MD5 hash:C139654B5C1438A95B321BB01AD63EF6
                                                                            Has elevated privileges:true
                                                                            Has administrator privileges:true
                                                                            Programmed in:C, C++ or other language
                                                                            Reputation:low

                                                                            Analysis Process: chrome.exe PID: 6988 Parent PID: 3252

                                                                            General

                                                                            Start time:03:35:20
                                                                            Start date:14/01/2021
                                                                            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            Wow64 process (32bit):false
                                                                            Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1536,17135931925735234631,6662398635317680266,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=5348 /prefetch:8
                                                                            Imagebase:0x7ff77b960000
                                                                            File size:2150896 bytes
                                                                            MD5 hash:C139654B5C1438A95B321BB01AD63EF6
                                                                            Has elevated privileges:false
                                                                            Has administrator privileges:false
                                                                            Programmed in:C, C++ or other language
                                                                            Reputation:low

                                                                            Analysis Process: chrome.exe PID: 6948 Parent PID: 3252

                                                                            General

                                                                            Start time:03:35:21
                                                                            Start date:14/01/2021
                                                                            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            Wow64 process (32bit):false
                                                                            Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1536,17135931925735234631,6662398635317680266,131072 --lang=en-US --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=4992 /prefetch:8
                                                                            Imagebase:0x7ff77b960000
                                                                            File size:2150896 bytes
                                                                            MD5 hash:C139654B5C1438A95B321BB01AD63EF6
                                                                            Has elevated privileges:true
                                                                            Has administrator privileges:true
                                                                            Programmed in:C, C++ or other language
                                                                            Reputation:low

                                                                            Disassembly

                                                                            Reset < >