Play interactive tour

Edit tour

Analysis Report https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok

Overview

General Information

Sample URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok
Analysis ID:	343642
Most interesting Screenshot:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

No high impact signatures.

Classification

Startup

System is w10x64

iexplore.exe (PID: 3152 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)

iexplore.exe (PID: 5524 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3152 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)

cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Compliance:

Uses new MSVCR Dlls

Show sources

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Uses secure TLS version for HTTPS connections

Show sources

Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.3:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.3:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.94.196.189:443 -> 192.168.2.3:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.94.196.189:443 -> 192.168.2.3:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.3:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.3:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.3:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.3:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.3:49763 version: TLS 1.2

Networking:

Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: <a href="https://www.facebook.com/MinisterievanJustitieenVeiligheid/" class="facebook"> equals www.facebook.com (Facebook)
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: <a href="https://www.linkedin.com/company/ministerie-van-justitie-en-veiligheid-/" class="linkedin"> equals www.linkedin.com (Linkedin)
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: <a href="https://www.youtube.com/user/MinisterieJustitie" class="youtube"> equals www.youtube.com (Youtube)
Source: onderwerpen[1].htm.2.dr	String found in binary or memory: <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/> equals www.facebook.com (Facebook)
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/> equals www.facebook.com (Facebook)

Source: unknown

DNS traffic detected: queries for: www.rijksoverheid.nl

Source: piwik[1].js.2.dr	String found in binary or memory: http://bestiejs.github.io/json3
Source: ankiebroekersknol_1.jpg_1920[1].jpg.2.dr, sander-dekker-2020-1[1].jpg.2.dr	String found in binary or memory: http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/
Source: piwik[1].js.2.dr	String found in binary or memory: http://kit.mit-license.org
Source: ankiebroekersknol_1.jpg_1920[1].jpg.2.dr, sander-dekker-2020-1[1].jpg.2.dr	String found in binary or memory: http://ns.useplus.org/ldf/xmp/1.0/
Source: contact[1].htm.2.dr	String found in binary or memory: http://wetten.overheid.nl/BWBR0019219
Source: contact[1].htm.2.dr	String found in binary or memory: https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://crisis.nl/nl-alert
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://feeds.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid/nieuws.rss
Source: documenten[1].htm.2.dr	String found in binary or memory: https://feeds.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten.rss
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://feeds.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/nieuws.rss
Source: piwik[1].js.2.dr	String found in binary or memory: https://github.com/piwik/piwik/blob/master/js/piwik.js
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://ind.nl/Paginas/Coronavirus.aspx
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://magazines.rijksoverheid.nl/jenv/jenvmagazine
Source: rop-survey-bar-and-ergo.min[1].js.2.dr	String found in binary or memory: https://onderzoek.platformrijksoverheid.nl/CnTMVC/pub/108108108pre/cnt108108108pre.js
Source: piwik[1].js.2.dr	String found in binary or memory: https://opensource.org/licenses/BSD-3-Clause
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://twitter.com/ministerieJenV
Source: avondklok[1].htm.2.dr	String found in binary or memory: https://we.tl/t-1RCY6GmWbX
Source: contact[1].htm.2.dr	String found in binary or memory: https://wetten.overheid.nl/BWBR0007376/2020-01-01
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.aandachtvoorelkaar.nl/
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.ecdc.europa.eu/en/coronavirus
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.gobiernodireino.nl/
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.gobiernudireino.nl/
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.government.nl
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.government.nl/topics/c/coronavirus-covid-19
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://www.instagram.com/ministeriejenv/
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.kpnteletolk.nl/
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.kvk.nl/coronaloket/
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://www.linkedin.com/company/ministerie-van-justitie-en-veiligheid-/
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.overheid.nl/contact/e-mailgedragslijn-voor-overheden
Source: {D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.Root
Source: {D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/
Source: abonneren[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/abonneren
Source: ~DF39AA4FEEDC27AB5D.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/abonneren/ministerie-van-justitie-en-veiligheidn.png
Source: ~DF39AA4FEEDC27AB5D.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/abonneren8Abonneren
Source: ~DF39AA4FEEDC27AB5D.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/abonnerenn
Source: 9EW0KY5N.htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/actueel/nieuwsbrieven/regeringsnieuws
Source: imagestore.dat.2.dr, ~DF39AA4FEEDC27AB5D.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/binaries/content/assets/rijksoverheid/iconen/touch-icon.png
Source: coronavirus-covid-19[1].htm.2.dr, onderwerpen[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos
Source: {D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/contact
Source: {D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/contact4Contact
Source: ~DF39AA4FEEDC27AB5D.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/contactes/ministerie-van-justitie-en-veiligheid
Source: ~DF39AA4FEEDC27AB5D.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/contactes/ministerie-van-justitie-en-veiligheidP
Source: {D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/dInformatie
Source: abonneren[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten
Source: formulier-eigen-verklaring-avondklok[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok
Source: formulier-voor-de-avondklok-downloaden-en-meenemen[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloade
Source: formulier-werkgeversverklaring-avondklok[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondk
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten?trefwoord=coronavirus&startdatum=&einddatum=&onderdeel=Alle
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries
Source: {D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/minister2
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr, ~DF39AA4FEEDC27AB5D.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid
Source: ~DF39AA4FEEDC27AB5D.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheideren/2021/01/21/formul
Source: ~DF39AA4FEEDC27AB5D.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheidpMinisterie
Source: ~DF39AA4FEEDC27AB5D.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/nderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formu
Source: {D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr, ~DF39AA4FEEDC27AB5D.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen
Source: {D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-c
Source: {D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-cRoot
Source: {D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-coverheid.nl/abonneren8Abonneren
Source: {D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr, ~DF39AA4FEEDC27AB5D.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19
Source: {D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok
Source: ~DF39AA4FEEDC27AB5D.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok/formulieren/2021/01/21/formu
Source: {D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklokfAvondklok
Source: documenten[1].htm.2.dr, ~DF39AA4FEEDC27AB5D.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten
Source: ~DF39AA4FEEDC27AB5D.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/form
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=2
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=3
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=4
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=5
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=6
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?sorteren%2Dop=relevantie
Source: {D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documentenjOnderwerpen
Source: {D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19NCoronavirus
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/overheidscommunicatie/nederlandse-gebarentaal
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/privacy-en-persoonsgegevens/burgerservicenummer-bsn
Source: ~DF39AA4FEEDC27AB5D.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpenoronavirus-covid-19/documenten/formulieren/2021/01/21/formul
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/over-rijksoverheid-nl
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.who.int/emergencies/diseases/novel-coronavirus-2019
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://www.youtube.com/user/MinisterieJustitie

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.3:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.3:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.94.196.189:443 -> 192.168.2.3:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.94.196.189:443 -> 192.168.2.3:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.3:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.3:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.3:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.3:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.3:49763 version: TLS 1.2

System Summary:

Source: classification engine

Classification label: clean0.win@3/98@5/4

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DF786A98532573F663.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: unknown	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3152 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3152 CREDAT:17410 /prefetch:2

Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading1	OS Credential Dumping	File and Directory Discovery1	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection1	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol1	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol2	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok	0%	Virustotal		Browse
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok	0%	Avira URL Cloud	safe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

Source	Detection	Scanner	Label
https://www.kpnteletolk.nl/	0%	Avira URL Cloud	safe
https://crisis.nl/nl-alert	0%	Avira URL Cloud	safe
https://www.gobiernodireino.nl/	0%	Avira URL Cloud	safe
https://we.tl/t-1RCY6GmWbX	0%	Avira URL Cloud	safe
https://www.gobiernudireino.nl/	0%	Avira URL Cloud	safe
http://ns.useplus.org/ldf/xmp/1.0/	0%	URL Reputation	safe
http://ns.useplus.org/ldf/xmp/1.0/	0%	URL Reputation	safe
http://ns.useplus.org/ldf/xmp/1.0/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	0%	URL Reputation	safe
https://www.aandachtvoorelkaar.nl/	0%	Avira URL Cloud	safe
http://bestiejs.github.io/json3	0%	Avira URL Cloud	safe
https://www.rijksoverheid.Root	0%	Avira URL Cloud	safe
https://onderzoek.platformrijksoverheid.nl/CnTMVC/pub/108108108pre/cnt108108108pre.js	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
onderzoek.platformrijksoverheid.nl	78.31.116.148	true	false	unknown
www.rovid.nl	178.22.85.97	true	false	unknown
statistiek.rijksoverheid.nl	13.94.196.189	true	false	high
rijksoverheid.nl	178.22.85.6	true	false	high
www.rijksoverheid.nl	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Reputation
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloaden-en-meenemen	false	high
https://www.rijksoverheid.nl/onderwerpen	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondklok	false	high
https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok#content-wrapper	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok	false	high
https://www.rijksoverheid.nl/contact	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19	false	high
https://www.rijksoverheid.nl/	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok	false	high
https://www.rijksoverheid.nl/abonneren	false	high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://www.rijksoverheid.nl/contact	{D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	false		high
https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok	formulier-eigen-verklaring-avondklok[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheideren/2021/01/21/formul	~DF39AA4FEEDC27AB5D.TMP.1.dr	false		high
https://twitter.com/ministerieJenV	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheidpMinisterie	~DF39AA4FEEDC27AB5D.TMP.1.dr	false		high
https://www.government.nl	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/contactes/ministerie-van-justitie-en-veiligheid	~DF39AA4FEEDC27AB5D.TMP.1.dr	false		high
https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondk	formulier-werkgeversverklaring-avondklok[1].htm.2.dr	false		high
https://www.youtube.com/user/MinisterieJustitie	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/privacy-en-persoonsgegevens/burgerservicenummer-bsn	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/binaries/content/assets/rijksoverheid/iconen/touch-icon.png	imagestore.dat.2.dr, ~DF39AA4FEEDC27AB5D.TMP.1.dr	false		high
https://feeds.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid/nieuws.rss	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://www.who.int/emergencies/diseases/novel-coronavirus-2019	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/actueel/nieuwsbrieven/regeringsnieuws	9EW0KY5N.htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/form	~DF39AA4FEEDC27AB5D.TMP.1.dr	false		high
https://www.kpnteletolk.nl/	contact[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/contactes/ministerie-van-justitie-en-veiligheidP	~DF39AA4FEEDC27AB5D.TMP.1.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/overheidscommunicatie/nederlandse-gebarentaal	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpenoronavirus-covid-19/documenten/formulieren/2021/01/21/formul	~DF39AA4FEEDC27AB5D.TMP.1.dr	false		high
https://opensource.org/licenses/BSD-3-Clause	piwik[1].js.2.dr	false		high
https://crisis.nl/nl-alert	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/contact4Contact	{D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	false		high
https://www.rijksoverheid.nl/abonneren	abonneren[1].htm.2.dr	false		high
https://www.gobiernodireino.nl/	coronavirus-covid-19[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/onderwerpen/coronavirus-coverheid.nl/abonneren8Abonneren	{D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?sorteren%2Dop=relevantie	documenten[1].htm.2.dr	false		high
https://magazines.rijksoverheid.nl/jenv/jenvmagazine	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://we.tl/t-1RCY6GmWbX	avondklok[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/nderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formu	~DF39AA4FEEDC27AB5D.TMP.1.dr	false		high
https://www.gobiernudireino.nl/	coronavirus-covid-19[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/abonneren8Abonneren	~DF39AA4FEEDC27AB5D.TMP.1.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-c	{D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten	documenten[1].htm.2.dr, ~DF39AA4FEEDC27AB5D.TMP.1.dr	false		high
https://www.rijksoverheid.nl/ministeries	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/dInformatie	{D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	false		high
https://www.rijksoverheid.nl/over-rijksoverheid-nl	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/abonneren/ministerie-van-justitie-en-veiligheidn.png	~DF39AA4FEEDC27AB5D.TMP.1.dr	false		high
https://ind.nl/Paginas/Coronavirus.aspx	coronavirus-covid-19[1].htm.2.dr	false		high
https://feeds.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/nieuws.rss	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.kvk.nl/coronaloket/	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok/formulieren/2021/01/21/formu	~DF39AA4FEEDC27AB5D.TMP.1.dr	false		high
http://ns.useplus.org/ldf/xmp/1.0/	ankiebroekersknol_1.jpg_1920[1].jpg.2.dr, sander-dekker-2020-1[1].jpg.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=4	documenten[1].htm.2.dr	false		high
http://kit.mit-license.org	piwik[1].js.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=3	documenten[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documentenjOnderwerpen	{D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=6	documenten[1].htm.2.dr	false		high
https://www.linkedin.com/company/ministerie-van-justitie-en-veiligheid-/	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=5	documenten[1].htm.2.dr	false		high
https://wetten.overheid.nl/BWBR0007376/2020-01-01	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloade	formulier-voor-de-avondklok-downloaden-en-meenemen[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok	{D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	false		high
https://www.overheid.nl/contact/e-mailgedragslijn-voor-overheden	contact[1].htm.2.dr	false		high
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	ankiebroekersknol_1.jpg_1920[1].jpg.2.dr, sander-dekker-2020-1[1].jpg.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://www.aandachtvoorelkaar.nl/	coronavirus-covid-19[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos	coronavirus-covid-19[1].htm.2.dr, onderwerpen[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-cRoot	{D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	false		high
https://www.instagram.com/ministeriejenv/	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/documenten	abonneren[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/documenten?trefwoord=coronavirus&startdatum=&einddatum=&onderdeel=Alle	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=2	documenten[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19NCoronavirus	{D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	false		high
https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/abonnerenn	~DF39AA4FEEDC27AB5D.TMP.1.dr	false		high
https://github.com/piwik/piwik/blob/master/js/piwik.js	piwik[1].js.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklokfAvondklok	{D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	false		high
https://www.government.nl/topics/c/coronavirus-covid-19	coronavirus-covid-19[1].htm.2.dr	false		high
https://feeds.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten.rss	documenten[1].htm.2.dr	false		high
http://bestiejs.github.io/json3	piwik[1].js.2.dr	false	Avira URL Cloud: safe	unknown
http://wetten.overheid.nl/BWBR0019219	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/	{D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	false		high
https://www.rijksoverheid.Root	{D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	false	Avira URL Cloud: safe	unknown
https://www.ecdc.europa.eu/en/coronavirus	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19	{D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr, ~DF39AA4FEEDC27AB5D.TMP.1.dr	false		high
https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid	ministerie-van-justitie-en-veiligheid[1].htm.2.dr, ~DF39AA4FEEDC27AB5D.TMP.1.dr	false		high
https://www.rijksoverheid.nl/ministeries/minister2	{D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr	false		high
https://www.rijksoverheid.nl/onderwerpen	{D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat.1.dr, ~DF39AA4FEEDC27AB5D.TMP.1.dr	false		high
https://onderzoek.platformrijksoverheid.nl/CnTMVC/pub/108108108pre/cnt108108108pre.js	rop-survey-bar-and-ergo.min[1].js.2.dr	false	Avira URL Cloud: safe	unknown

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
13.94.196.189	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
78.31.116.148	unknown	Netherlands	12859	NL-BITBITBVNL	false
178.22.85.97	unknown	Netherlands	41887	PROLOCATIONTransitpolicypref100NL	false
178.22.85.6	unknown	Netherlands	41887	PROLOCATIONTransitpolicypref100NL	false

General Information

Joe Sandbox Version:	31.0.0 Red Diamond
Analysis ID:	343642
Start date:	25.01.2021
Start time:	09:35:28
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 6m 11s
Hypervisor based Inspection enabled:	false
Report type:	light
Cookbook file name:	browseurl.jbs
Sample URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	23
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@3/98@5/4
Cookbook Comments:	Adjust boot time Enable AMSI Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok#content-wrapper Browsing link: https://www.rijksoverheid.nl/ Browsing link: https://www.rijksoverheid.nl/onderwerpen Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19 Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondklok Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloaden-en-meenemen Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok Browsing link: https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid Browsing link: https://www.rijksoverheid.nl/contact Browsing link: https://www.rijksoverheid.nl/abonneren
Warnings:	Show All Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, BackgroundTransferHost.exe, ielowutil.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, svchost.exe TCP Packets have been reduced to 100 Excluded IPs from analysis (whitelisted): 52.255.188.83, 13.64.90.137, 104.83.120.32, 92.122.144.200, 152.199.19.161, 51.104.139.180, 67.27.159.126, 8.248.141.254, 8.248.117.254, 8.248.113.254, 67.27.159.254, 51.103.5.159, 92.122.213.247, 92.122.213.201, 20.54.26.129, 92.122.213.194 Excluded domains from analysis (whitelisted): arc.msn.com.nsatc.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, wns.notify.windows.com.akadns.net, a1449.dscg2.akamai.net, arc.msn.com, e11290.dspg.akamaiedge.net, iecvlist.microsoft.com, go.microsoft.com, emea1.notify.windows.com.akadns.net, audownload.windowsupdate.nsatc.net, watson.telemetry.microsoft.com, auto.au.download.windowsupdate.com.c.footprint.net, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, skypedataprdcolwus17.cloudapp.net, client.wns.windows.com, fs.microsoft.com, ie9comview.vo.msecnd.net, ris-prod.trafficmanager.net, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, ris.api.iris.microsoft.com, skypedataprdcoleus17.cloudapp.net, blobcollector.events.data.trafficmanager.net, go.microsoft.com.edgekey.net, par02p.wns.notify.trafficmanager.net, cs9.wpc.v0cdn.net Report size getting too big, too many NtDeviceIoControlFile calls found.

Simulations

Behavior and APIs

No simulations

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\Z6N4YR9Q\www.rijksoverheid[1].xml Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	13
Entropy (8bit):	2.469670487371862
Encrypted:	false
SSDEEP:	3:D90aKb:JFKb
MD5:	C1DDEA3EF6BBEF3E7060A1A9AD89E4C5
SHA1:	35E3224FCBD3E1AF306F2B6A2C6BBEA9B0867966
SHA-256:	B71E4D17274636B97179BA2D97C742735B6510EB54F22893D3A2DAFF2CEB28DB
SHA-512:	6BE8CEC7C862AFAE5B37AA32DC5BB45912881A3276606DA41BF808A4EF92C318B355E616BF45A257B995520D72B7C08752C0BE445DCEADE5CF79F73480910FED
Malicious:	false
Reputation:	low
Preview:	<root></root>

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D7FD2E5D-5F33-11EB-90E4-ECF4BB862DED}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	30296
Entropy (8bit):	1.8574094694692656
Encrypted:	false
SSDEEP:	192:r5ZGZd32db9WdOtdoSfdcARMd1dsdjOfd+MX:rvidmdbUdudoQdcJd1dsdwdL
MD5:	59099307C946BE5E53340693198B615F
SHA1:	930871FDBB3DB02C2B5130A8E0FB49D0FF452AC4
SHA-256:	93DBE26FC1DE9096A5352A0D06DCCF6971B0576847F3B88426B5A00E6EBAED1A
SHA-512:	034279705F6B7A5AC7C83E03B3057FBCA7816E218C42CEDD16B57AE2DC33CFDD0D745A35ED20E9DA80465526456B90D270F44ED308EA353F3573CF8C0BD8E70E
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D7FD2E5F-5F33-11EB-90E4-ECF4BB862DED}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	191486
Entropy (8bit):	2.706786878606754
Encrypted:	false
SSDEEP:	384:rpyPzW90AhssfNG/P+UR+DdW+OR+Ddd+Z+JPG+AbkxPG+Af7+acoq9FiSG+9sVhk:Mr2HU63cIi+t
MD5:	AA3798DD35FF9D964A1F8A43EACC2F6A
SHA1:	D5A89ED67B58F66CCB1A57BF1F4DB90FA4C560B9
SHA-256:	2C9B0EED2977533546D268B9542199530B603B9F845A79A07247D06BD5C9FECB
SHA-512:	257D0EFA403D4CC0CF5031869CDED9EDA717D79EA2ACEA2FB7BC099E00439FAD161EAAF35B8923ECD33049F4F9F9BF4495BADCDE268866FB4E84EAB9C2FD7992
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D7FD2E60-5F33-11EB-90E4-ECF4BB862DED}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	16984
Entropy (8bit):	1.5655891171236809
Encrypted:	false
SSDEEP:	48:IwThGcpr0GwpakhG4pQIGrapbS4rGQpKeG7HpRpsTGIpG:rTXZMQkz6WBS4FAZTp4A
MD5:	15956805EDE0415E66D8F622BED3D7DD
SHA1:	93BC1EA596BC9F7D8CABD9329FEE54BEB5FA9A72
SHA-256:	E91B95B7B5189DE3879ED0EF7AAC4AAADBF1529E68B7609E1C666C9ED1C0DC3E
SHA-512:	E7FF60C17CBAF62ECEFADFED8DF5F6E8180608F8E538326DBAB05B6CBF07E6478A1139B227034D1DF058C5EE7B8FFBBAE8ABFEEB453A4EDBFDBEE974F2491314
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	6058
Entropy (8bit):	7.764606283406094
Encrypted:	false
SSDEEP:	96:zEcU0A/fyOGMqVJfA0ej4fiN2cXLJeoi8eFBIYZoO1Q3wNKg5i8J1:yGpO0ejsA2c7JeLFB1oO1Ag5i87
MD5:	179A508E311696C2FABABDBEC7373F2A
SHA1:	255060BF72E38D3877E4F0EB3F73715254C6A8D2
SHA-256:	F13058CA4D6D7E1A2079F78F9E2299F48CC0BF36B0C819CEB88169AD15745BF9
SHA-512:	851A8AC2135FF294FE73C255758446BEFA68A719BD15A81011A1E048B264CFD6516F1EF107855545121F85293A1EEF85C98FA2B42D0990A8B9736156F9E2ECBF
Malicious:	false
Reputation:	low
Preview:	X.h.t.t.p.s.:././.w.w.w...r.i.j.k.s.o.v.e.r.h.e.i.d...n.l./.b.i.n.a.r.i.e.s./.c.o.n.t.e.n.t./.a.s.s.e.t.s./.r.i.j.k.s.o.v.e.r.h.e.i.d./.i.c.o.n.e.n./.t.o.u.c.h.-.i.c.o.n...p.n.g......PNG........IHDR...,...,.....N.~G....tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c021 79.155772, 2014/01/13-19:44:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:6f6c313d-0fc9-43fa-a7e3-6d6a1fb54f66" xmpMM:DocumentID="xmp.did:281C48E103A411E49AE0B91D93329B9D" xmpMM:InstanceID="xmp.iid:281C48E003A411E49AE0B91D93329B9D" xmp:CreatorTool="Adobe Photoshop CC 2014 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:4f9f6108-2bc1-4621

C:\Users\user\AppData\Local\Microsoft\Windows\History\History.IE5\mms\U8T4X6N2\jv-dv-20181220-id0i0q33x-web-hd[1].dat Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ISO Media, MP4 v2 [ISO 14496-14]
Category:	dropped
Size (bytes):	1048576
Entropy (8bit):	6.110768348335574
Encrypted:	false
SSDEEP:	12288:y3KNGZzAuQoV/KGPkp4D0lj82sqP9FSvKXhLTMTKE:y30GZUud8p7Y46vKXdAR
MD5:	88D7C2A122C3C2B6B2C85548E68992CF
SHA1:	98DE1B17AD3FA727012E2F2C8349CE8EBBEFE9E2
SHA-256:	6B48D6E97DF27A17BD7CB2135BDC7247B625E7A4BED24F8D3BF84D4E2F7883A5
SHA-512:	D0A284CC9F1AD7E86B5340C81FED04BBAD918E88A30A52462FD9BF1EECEE7C4DF387CFF4148D61DA346DB3E05009A29957C83B5951AA87BB939BE1B47B664272
Malicious:	false
Reputation:	low
Preview:	....ftypmp42....mp42mp41..:Hmoov...lmvhd.....?.'.?.o.._....................................................@..................................dtrak...\tkhd.....?.'.?.'...........................................................@..............$edts....elst.......................mdia... mdhd.....?.'.?.'..a..70........@hdlr........vide.............Mainconcept Video Media Handler...tminf....vmhd...............3hdlr........alis............Alias Data Handler....$dinf....dref............url ........stbl....stsd............avc1.............................H...H.........AVC Coding............................2avcC.M.)....'M.)..`(......00.]...p^..@...(.. ....stts...........!.......\|stss.......[.......3...[...................K...}...............0...b...y...................:...]...................,...;...m...................5...g...o..............."...T...a.......................M.......................-..._...b...................,...Q.......................2...d...................5...g...t.....

C:\Users\user\AppData\Local\Microsoft\Windows\History\History.IE5\mms\U8T4X6N2\jv-dv-20181220-id0i0q33x-web-hd[2].dat Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ISO Media, MP4 v2 [ISO 14496-14]
Category:	dropped
Size (bytes):	131072
Entropy (8bit):	0.35726178355514315
Encrypted:	false
SSDEEP:	96:NoBdZkBC60B7j9REtCORgGW8uEZlN7yfg7HmyJIj5TsHEAFVdQxIe:qBds32XYdRgGWml5yojmyJIjVQhh
MD5:	283171DA63210CD28D90913A98B80CC3
SHA1:	6B48D7A24435D29824A1C09314FB865752F12EF7
SHA-256:	4EC231CB88620B3048FA36A5625237B19064D240154D7D8D883511D69ED706C8
SHA-512:	B3A85DAE766AF36F2F8AB2E4C93D0A90032450154019A5C084093EF0AF75B559B1A36CB334516C161621658ADCA73E2561C1322A180D593B7C5BA4FB9F95D283
Malicious:	false
Reputation:	low
Preview:	....ftypmp42....mp42mp41..:Hmoov...lmvhd.....?.'.?.o.._....................................................@..................................dtrak...\tkhd.....?.'.?.'...........................................................@..............$edts....elst.......................mdia... mdhd.....?.'.?.'..a..70........@hdlr........vide.............Mainconcept Video Media Handler...tminf....vmhd...............3hdlr........alis............Alias Data Handler....$dinf....dref............url ........stbl....stsd............avc1.............................H...H.........AVC Coding............................2avcC.M.)....'M.)..`(......00.]...p^..@...(.. ....stts...........!.......\|stss.......[.......3...[...................K...}...............0...b...y...................:...]...................,...;...m...................5...g...o..............."...T...a.......................M.......................-..._...b...................,...Q.......................2...d...................5...g...t.....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\4215-afstand-houden[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	2162
Entropy (8bit):	4.8377742015761145
Encrypted:	false
SSDEEP:	48:cWAiMrePL4tiwo1XLO9brj8MJq7lsXLO9brDZukM5qOQILP8Q2zACVGf:KzqM891XLM9XLMp43gr84Gf
MD5:	18AFC3C5B03B5C25E13DB168E0DA222F
SHA1:	76CABC3FD38AB96D005DD1B0FA110BB7DE0EFE8E
SHA-256:	B59703506EAA2623A4F902A643FD300CC226964BEC7B1F4E097A6DBEF30AF93C
SHA-512:	F6FEECFE827A268EDFCAE48DC9EFC64B97EAFEB542612BFE58007CF81E1937180B4D535EA9C08FFA5C312D02991F2360F7A01D253F29ABD535233FDB2A47242C
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/4215-afstand-houden.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 24.0.3, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" style="enable-background:new 0 0 64 64;" version="1.1" viewBox="0 0 64 64" x="0px" xml:space="preserve" y="0px">.<style type="text/css">...st0{fill:none;}...st1{fill:#FF1D25;}...st2{fill:#1D1D1B;}.</style>.<g id="Box">..<rect class="st0" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<path d="M8.5,16.8c2.2,0,3.5-1.6,3.5-3.8c0-2.6-1.3-4-3.5-4C6.2,9,5,10.6,5,13C5,15.4,6.3,16.8,8.5,16.8z"/>...<path d="M12.5,18.6c-2.4-0.6-5.7-0.6-8,0c-4.6,1.1-4.4,8.8-4.4,15.1c0.2,2.2,1.8,2.8,2.8,2.8c0-0.1,0-1.2,0-2.2c0-0.5,0-3.3,0-3.6 c0-2.7,0.5-5.6,0.8-6.6C3.8,23.8,4,23.9,4,23.9v12V54c0,0,3.3,0,3.6-3.7c0,0,0.5-14,0.5-14.1c0-0.2,0.1-0.4,0.4-0.4 s0.4,0.2,0.4,0.4c0,0.2,0.5,14,0.5,14C9.6,54,13,54,13,54V35.8v-12c0,0,0.2-0.1,0.3,0.2c0.3,0.9,0.8,3.8,0.8,6.5 c0,0.5,0,3.4,0,

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\abonneren[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	10782
Entropy (8bit):	4.9703975708926285
Encrypted:	false
SSDEEP:	192:q9JG8ukOjA2AWL3HUPEX8G7eYb+qblzMVsqE5ZzRxYJ:T8ukOqWL3HUMZlAeHZzzYJ
MD5:	33E1CE9EFA75B7843AE6508D08291E66
SHA1:	171EA61A4ECC7CF4F06E0528269B4B0D2932F385
SHA-256:	DCD15892D9FE65F39DA6EC45D2766521C0A223CEB6687016D131F77EDC45A8A9
SHA-512:	4DCAF9F5B11317E6CD3889D38EAE0C0220D7B9A93195AAB4B5F9866F8CC5933FB83D4FA57882AD88AB08C17CA88C3761D95E23CEEE6AEF3DED9F2873354B63B6
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/abonneren
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Abonneren \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Abonneren - Rijksoverheid.nl"/>.<meta property="og:title" content="Abonneren"/>.<meta property="og:description" content="U kunt zich abonneren op de e-maildiensten van Rijksoverheid.nl. Abonneren kan op twee manieren: Abonneren op e-mailattenderingen Abonneren op nieuwsbrieven"/>.<meta property="og:type" content="website"/>.<meta property="og:url" content="https://www.rijksoverheid.nl/abonneren"/>.<link rel="canonical" href="https://www.rijksoverheid.nl/abonneren"/>.<meta name="viewport" content="width=device-width, initial-scale=1"/>.<meta name="DCTERMS.language" title="XSD.language" content="nl-NL"/>. <meta name="D

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\avondklok[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	13738
Entropy (8bit):	4.92964801303821
Encrypted:	false
SSDEEP:	192:+QhJukO2EA2AWiYHUPoKSURfPSHwqJV3qEHZzRxYJ:TJukOcWiYHUlZo3vNZzzYJ
MD5:	ABEA088952259A7155681CB08739A4E5
SHA1:	C542FA7C725A2760D250629C7F1B5E1682CCC276
SHA-256:	28631F48FB4AD5F9892AB9A3C695D0EB732F060175948356640DA9FA9B5F4557
SHA-512:	1E97FCD4AE9A98B6C79D4E027A8A2637CE7446116417E1016E160DF696DF97D01D0BD0591C30CC947E1F627C0ACD70A136E04788C4A141BB274B86516D61AD58
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta name="description" content="In heel Nederland gaat een avondklok gelden: van 21.00 uur .s avonds tot 4.30 uur .s ochtends blijft u binnen. De avondklok geldt tot 10 februari 2021 04.30 uur."/>.<meta name="DCTERMS.description" content="In heel Nederland gaat een avondklok gelden: van 21.00 uur .s avonds tot 4.30 uur .s ochtends blijft u binnen. De avondklok geldt tot 10 februari 2021 04.30 uur."/>.<meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Avondklok \| Coronavirus COVID-19 \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Avondklok - Coronavirus COVID-19 - Rijksoverheid.nl"/>.<meta property="og:title" content="Avondklok"/>.<meta property="og:description" content="In heel Nederland geldt vanaf zaterdag 23 januari ee

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\cnt108108108pre[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	1588
Entropy (8bit):	5.312711930573112
Encrypted:	false
SSDEEP:	24:qQqBJOYHpT+EeGI/xsgnj+kd6UTmom2fE6o2gsgnGgsrmJMENBAeAv0M9UA8:nqBPJNeGIxljdd6AmR2/glGgYRLfv8
MD5:	4BC3E7D220FC4BF15C6A2DB817C6C80D
SHA1:	CB4562FAB68F6A86C065DE28FCC36BE8F51BC961
SHA-256:	5B339DBF9E3D74B66AFA8580CD11ECB07E5F002DF54D3BA3D4A2C70A7E33BF10
SHA-512:	D300084B3A36CD93303BBAB248A783438497B43F021B9956AEE0C60823425157C411F280F783CE7D20D187E6ADB59D5DE6B87BCB849B07F3189157FAC37B079B
Malicious:	false
Reputation:	low
IE Cache URL:	https://onderzoek.platformrijksoverheid.nl/CnTMVC/pub/108108108pre/cnt108108108pre.js
Preview:	//Rijksoverheid.nl 108108108, fileId: 108108108pre, version: 20210122-152753.(function(){if(!sessionStorage){return}var g=window.location.host.indexOf("a-")===0;var f=[];if(g){}else{}var e=function(l){for(var m=0;m<f.length;m++){if(l.indexOf(f[m])!==-1){return true}}return false};var c=function(){var l=sessionStorage.getItem("ErgoCnTSessionSelection");if(!l){l="undetermined"}if("P"==="O"){console.info("CnT PREselectionscript: fetchCurrentSessionSelectionStatus="+l)}return l};var d=function(m,n){var l;if(m!=="include"&&e(n.pathname)){l=1;if("P"==="O"){console.info('CnT PREselectionscript: you are on a special "inclusionSubPath" hence session will be INcluded')}}else{if(m==="undetermined"){switch(n.host.toLowerCase()){case"www.rijksoverheid.nl":l=10;if("P"==="O"){l=3}break;case"a-www.rijksoverheid.nl":l=1;break;default:l=0;break}}else{l=-9}}if("P"==="O"){console.info("CnT PREselectionscript: getSelectionFactor="+l)}return l};var a=function(o,l){var n;if(o===-9){n=l}else{var m=Math.round(

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\contact[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	18982
Entropy (8bit):	4.951131037586637
Encrypted:	false
SSDEEP:	384:VVHjaukOqWEHUw4EoEbeEthqKYEZ8RhfbaH40kH40mvH40mX5XNZzzYJ:VVHuvWijrLhq88Rhf2Y0kY0KY0mXrpz4
MD5:	EF540E59744D7CA3C64F87882DD784F9
SHA1:	CFD2AA785788141C9735B4FB9AD990DB586CB964
SHA-256:	44E87472A8CFE964EC3DB2A242E33A8F65F93B22CC39A2CEC817432FA695C235
SHA-512:	2D916BB8E739D25E2A69ACB2E1B5C3000DEBFA93D91F7A86B110F428ECC0504C47566590CF82F92D739EE21B4BC4F20741129F278F3CB5A1F9B61DC5D1C17FDB
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/contact
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta name="description" content="Voor vragen over de website Rijksoverheid.nl kunt u contact opnemen met het loket Informatie Rijksoverheid."/>.<meta name="DCTERMS.description" content="Voor vragen over de website Rijksoverheid.nl kunt u contact opnemen met het loket Informatie Rijksoverheid."/>.<meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Contact \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Contact - Rijksoverheid.nl"/>.<meta property="og:title" content="Contact"/>.<meta property="og:description" content="Heeft u vragen over het coronavirus en de maatregelen? U kunt dan terecht bij het publieksinformatienummer 0800 - 1351 (tussen 08:00 en 20:00 uur). Voor het maken van een afspraak voor een coronatest kunt u bellen met 0

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\core[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	130174
Entropy (8bit):	5.282961614447641
Encrypted:	false
SSDEEP:	1536:xaMJrMdu2VNp1Xtdi6VHGEdLSHxJ4bx60BWSesUhtXQTXu3P58EAhPB+5/Ns1iIK:T0PpZatQTX+aG/C1iXtiy48DUyMbO
MD5:	B4B3996AF6CBB9A1D3F35B9ACD1D6F28
SHA1:	327B6EE197399176142378C61E375B7F1222693B
SHA-256:	A909BBFB230F9E848C59CCAA8E7E95CC2EE4A4CB73F6AE686633C7358991E665
SHA-512:	66D670D7DA5EFE7EA993C384E91FEB3D0C2A89E12116BCE06A9FE7F36125552A4F4A9EB4CC8392007561EE72884F2799BE72037EB6B6560755CAE0501766F750
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/core.js
Preview:	var requirejs,require,define;!function(global,setTimeout){var req,s,head,baseElement,dataMain,src,interactiveScript,currentlyAddingScript,mainScript,subPath,version="2.3.6",commentRegExp=/\/\[\s\S]?\\/\|([^:"'=]\|^)\/\/.$/gm,cjsRequireRegExp=/[^.]\srequire\s$\s["']([^'"\s]+)["']\s$/g,jsSuffixRegExp=/\.js$/,currDirRegExp=/^\.\//,op=Object.prototype,ostring=op.toString,hasOwn=op.hasOwnProperty,isBrowser=!("undefined"==typeof window\|\|"undefined"==typeof navigator\|\|!window.document),isWebWorker=!isBrowser&&"undefined"!=typeof importScripts,readyRegExp=isBrowser&&"PLAYSTATION 3"===navigator.platform?/^complete$/:/^(complete\|loaded)$/,defContextName="_",isOpera="undefined"!=typeof opera&&"[object Opera]"===opera.toString(),contexts={},cfg={},globalDefQueue=[],useInteractive=!1;function commentReplace(e,t){return t\|\|""}function isFunction(e){return"[object Function]"===ostring.call(e)}function isArray(e){return"[object Array]"===ostring.call(e)}function each(e,t){var n;if(e)for(n=0;n<

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\coronavirus-supermarkt-vakkenvuller[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x320, frames 3
Category:	downloaded
Size (bytes):	38358
Entropy (8bit):	7.972462884921573
Encrypted:	false
SSDEEP:	768:IPHTqgdRJm7uImzHpIg+B3ejRzDQO9zymqXD2XqludGEw+VwBn+:IPzodsJITgVzDQGzymqi6wROZ+
MD5:	A10C2179DE17DE5CF6023F7B0ED08A34
SHA1:	93428CC1DB3AB76E0CB7C1BBD70D7BC847E26D4A
SHA-256:	FE4D5DD125E8EF304CB59DCC22615C0E5B2545887414CA9DABC02CA51D5B47CF
SHA-512:	F4C4E9A5671A1A7CF2E625F197EBCDB5020F06DA5AF4973697A2ED114C6E0D000EE98B18495E4E7429DEAAB4C2207E1C20F57E5431167D377C1F4BC68C058C2D
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/uitgelicht/coronavirus-supermarkt-vakkenvuller.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......@...."........................................M.........................!1..AQa."q..2.....#BR..3b...$Sr..Cs.%4Dc....5TUt.......................................................!.1.."AQ.2aq#....3BR..............?...Uj.......4...Z..\..)..z...R.....z..G....pp....S.....PW.$P..B:.Fy.L.C@...b:.G.j.OJ..E...a..=...,.1m.E.\|t.R<.P.B.w.D.A..yof...5.......M0.:..KZ.z..2..../.M...=.........Vm......&..W..\|..7..\|c..^.u=.....QV...,..TR.N...'.{K;%.u+.m0....o....V.8..W=....... . ...EO...........4...x..<q.qYN.6.T..]..Kvy-..!...E.$......j....P4.\-.}..3 ..Nq.F.oG.t{K..I.n.$K..$....sM.....Z.....eF.6..^\|..$.N...p.[tW....#.O.B..Y.y.....8........^..p..$L......d....>B..Z..w.Ao%...A ..:~..Q."..\|.h.{....Y>.<y.....8.K....N\|....G.V......1....9.3..@j..Z_{....:.../y.r3....#8.............ng.$.......,.4.....6.'.P..2.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\documenten[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	54994
Entropy (8bit):	4.60724486549776
Encrypted:	false
SSDEEP:	768:SaWO+ht6UtWwalPSrszPW7mVUnMxXwCiBO7VoRspzYJ:ZXrPSrsy7Yzi2VoOYJ
MD5:	CD11928F30FB3583BE7A9488FDF015D3
SHA1:	95E7D85D906E89AA93C6162D40037D9CD0339E37
SHA-256:	58EEEADDD6E00224087F11936AE6625D697EE02570B4D1379DFE6E94FDA53263
SHA-512:	151CB3E3EF9CE83DF1BB0B61D9F1E49EF5FA7629A0AFF0AB3D651DB394DC60FBA97E0B8174C605BFA681525393DCC1B29CA14C7A33AFAC1E45BAB4421B47A047
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <title>Onderwerpen \| Coronavirus COVID-19 \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Onderwerpen - Coronavirus COVID-19 - Rijksoverheid.nl"/>.<link rel="alternate" href="https://feeds.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten.rss" title="Documenten via RSS" type="application/rss+xml"/>.<link rel="canonical" href="https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten"/>.<link rel="next" href="https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=2"/>.<meta name="viewport" content="width=device-width, initial-scale=1"/>.<meta name="DCTERMS.language" title="XSD.language" content="nl-NL"/>. <meta name="DCTERMS.creator" title="RIJKSOVERHEID.Organisatie" content="Ministerie van Algemene Zaken"/>. <meta name="DCTERMS.identifier" title="XSD.anyURI" content="https://www.rij

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\formulier-werkgeversverklaring-avondklok[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	9949
Entropy (8bit):	5.048415249967825
Encrypted:	false
SSDEEP:	96:Q7MoCek2Vknk1k2UYrsTdgAGj5FmHUuDKhn43yuJeyWcazWHHaz9GHZzRrlKGoCA:qp+2ukO21A2AWCHUPWmj12aEHZzRxYJ
MD5:	2BD25403DBCFAA4828C13E8F18EA70F4
SHA1:	194147C9A2648DFDC51A13F71DB5CF35F9C70A6E
SHA-256:	D03239D6AA1DAB4AB1CB8B6ED2D858F6423F3C5B7BADDD5DEAEA0C97F890F695
SHA-512:	166E850FF98C7C72EDCCDFD4E4A83EDBE50286FBD90EB26FF722C640E5D0235F95FF64169745F89F26FBFB2617A382090D10E63062DDABBD1D04B41C55BA3911
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondklok
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Formulier 'Werkgeversverklaring avondklok' \| Formulier \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Formulier 'Werkgeversverklaring avondklok' - Formulier - Rijksoverheid.nl"/>.<meta property="og:title" content="Formulier 'Werkgeversverklaring avondklok'"/>.<meta property="og:description" content="Als u tijdens de avondklok voor het werk buiten moet zijn, dan heeft u het formulier 'Eigen verklaring avondklok' en een .Werkgeversverklaring avondklok. nodig. De werkgever geeft deze verklaring aan werknemers."/>.<meta property="og:type" content="website"/>.<meta property="og:url" content="https://www.rijksoverheid.nl/documenten/formulieren/

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\icoon-reageerbuis[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	537
Entropy (8bit):	7.114134753084636
Encrypted:	false
SSDEEP:	12:6v/7O/6Tog8WTnmf0qkfYlKKKKKKKKKKAPE8Bsv2y7wSTSLK:D/6Bbmf0VfYgPE8GRL/
MD5:	1213634A486D16E8C356FAC9CA7561F6
SHA1:	AAD69F1067962A1AE4CF1F604D5B5986E036F49E
SHA-256:	B78B84462184D5CA319C008DAC17BF54BCB73F4F15AA7396FA07AB08EF6E12BC
SHA-512:	80EBC0CC903A01FB25234755A67AAE806E11F4C17D6D454579A74B40C2CBD6C69148723B6D88436ACDA6151F0C505F14D9F769E47B46CC5264296EAAFC71CED2
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/icoon-reageerbuis.png
Preview:	.PNG........IHDR...@...@......iq.....pHYs.................tEXtSoftware.Adobe ImageReadyq.e<....IDATx...m.0.............t.F..`...........L.S/.D..`;..Y:YX.s.\|...v!..r......&.&r.5......t.I.N....h2..nh..,....R....9*.....?`..\|..$.s..4do..]..F.....pW[..~.9.}.P...1.X..V.....imJ...-J.....e}J........P..pR&.5W..3F.......................................@Y.z..t.L..Y..}...........y.........7.N....H..w..0.^x@....rE+......0.....e(.yD...D..k[..&.....I=.(.;.6....X.`{,._..v:v..@.U.^0l+c.`..'%..kb\..."+^..b>..4........N.J.-..j....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\jenv-hero[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=11, description=Deze ministeriefoto is gemaakt voor de ministerie-verzamelpagina op Rijksoverheid.nl. Er is gek, manufacturer=SONY, model=ILCE-7RM3, xresolution=640, yresolution=648, resolutionunit=2, software=Adobe Photoshop Lightroom 6.10 (Windows), datetime=2018:10:04 13:19:56], baseline, precision 8, 1920x480, frames 3
Category:	downloaded
Size (bytes):	167772
Entropy (8bit):	7.851213146175088
Encrypted:	false
SSDEEP:	3072:HA0AoyY7LYDEs4iSoVSS8BdTXPfwPU2w+/+vOmq5gOXoF8L0hRRPa5t3/0:ghmYxuoVSSmTXoU2J/+WmoGc0hRRyr3M
MD5:	7A46769DAD7785EE2D19A1566611123E
SHA1:	3216A11324181DCBF9191AF307567519820BAABF
SHA-256:	494210F96B3306FD2A6BFEFACC91AA6EA44E738500E4812D39C84CF182E31774
SHA-512:	4C4B2D2A81B98C2537092B75273A911FA366126571494FF29ECF5EED913C172E05C88E679E25B117ECCC0C0B7EA5455C73CCB265905C23B6C5A5496BE9E5C35E
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/widescreen/content/gallery/rijksoverheid/content-afbeeldingen/ministeries/series/hero---nieuw/jenv-hero.jpg
Preview:	......JFIF.............HPhotoshop 3.0.8BIM........................8BIM..........Z...%G...................JenV hero.....Beeldcentrum.....RO.....Rijksoverheid.....beeldverhaal.....beleidsthema.....close-up.....handen.....handenconcept.....mantelfotograaf.....ministerie.....ministerie-onderwerpen.....ministerie-verzamelpagina.....ministeriefoto.....missie.....scherptediepte.....themafotografie.....verzamelpagina..7..20180914..<..143710..>..20180914..?..143710..P. John van Helvert: www.johnvanhel..g..C0502.DP1000..t.SCopyright Rijksoverheid - Deze foto is afgekocht voor gebruik door de Rijksoverheid..x..Deze ministeriefoto is gemaakt voor de ministerie-verzamelpagina op Rijksoverheid.nl. Er is gekozen voor een close-up van handen op de voorgrond. In de afgebeelde handeling wordt een herkenbaar onderwerp van het ministerie vertaald, waarin iedereen zich kan identificeren. De onscherpe achtergrond verduidelijkt het beeldverhaal. Alle 12 ministeries zijn volgens deze beeldtaal, het .handenc

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\jquery-ui[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	71193
Entropy (8bit):	5.267457672392886
Encrypted:	false
SSDEEP:	1536:fprE5RIRf4YAcCbGGY64qWRM+R9QvPS/Bc:yRIbL6y/Bc
MD5:	C483FA820462EB192F732892B81CB27B
SHA1:	4B121DA6EDC27E4FB952EA8C117311C5E3B671A7
SHA-256:	FCB8E8101BA83DBAB538F01E4A86A7E3DDDE03A498E8FE5214AFB9785936B29A
SHA-512:	576370446C4DEDEAED9A1D56061A72401D27CA1F11CB6772CB78E79231EB4A949E9756697930A649E67E2EB1BE60BAE1FD0EF9DD8F8A5ABFC7D0480B0C8CE37A
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/jquery-ui.js
Preview:	!function(e){"function"==typeof define&&define.amd?define(["jquery"],e):e(jQuery)}(function(e){e.ui=e.ui\|\|{};e.ui.version="1.12.1";var t,i=0,s=Array.prototype.slice;e.cleanData=(t=e.cleanData,function(i){var s,n,a;for(a=0;null!=(n=i[a]);a++)try{(s=e._data(n,"events"))&&s.remove&&e(n).triggerHandler("remove")}catch(e){}t(i)}),e.widget=function(t,i,s){var n,a,r,o={},l=t.split(".")[0],u=l+"-"+(t=t.split(".")[1]);return s\|\|(s=i,i=e.Widget),e.isArray(s)&&(s=e.extend.apply(null,[{}].concat(s))),e.expr[":"][u.toLowerCase()]=function(t){return!!e.data(t,u)},e[l]=e[l]\|\|{},n=e[l][t],a=e[l][t]=function(e,t){if(!this._createWidget)return new a(e,t);arguments.length&&this._createWidget(e,t)},e.extend(a,n,{version:s.version,_proto:e.extend({},s),_childConstructors:[]}),(r=new i).options=e.widget.extend({},r.options),e.each(s,function(t,s){e.isFunction(s)?o[t]=function(){function e(){return i.prototype[t].apply(this,arguments)}function n(e){return i.prototype[t].apply(this,e)}return function(){var t,

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\mediaplayer[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	187963
Entropy (8bit):	5.432613376042367
Encrypted:	false
SSDEEP:	3072:GQ2ctb27VH1oqM+8Pe7oXXhORrlZPO60uW/OOG0uCBpHVEsnosnu45D51cjmskqZ:GQ2FPO+nDrFIKD9a+
MD5:	5CB5B30CB2325834E1974842A86232C7
SHA1:	83C0FB1A560114E6145230EE2E42D51EF3AB0282
SHA-256:	4790FD16F16E4A1907EDE9CA974B893B5BD697006BFFEED7A29F1ECA0A15F4A2
SHA-512:	04D13E0D55CB0804AA9D8764B1CB96FAB7A19572988BCA0C8C78EA96BEA4D094CADAADDE6F7A259B4B6E5FD0ACAB69C373D480E5C5E8953F1C9C028293F109E0
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/mediaplayer.js
Preview:	!function(){return function e(t,n,i){function a(o,r){if(!n[o]){if(!t[o]){var l="function"==typeof require&&require;if(!r&&l)return l(o,!0);if(s)return s(o,!0);var d=new Error("Cannot find module '"+o+"'");throw d.code="MODULE_NOT_FOUND",d}var u=n[o]={exports:{}};t[o][0].call(u.exports,function(e){var n=t[o][1][e];return a(n\|\|e)},u,u.exports,e,t,n,i)}return n[o].exports}for(var s="function"==typeof require&&require,o=0;o<i.length;o++)a(i[o]);return a}}()({1:[function(e,t,n){},{}],2:[function(e,t,n){(function(n){var i,a=void 0!==n?n:"undefined"!=typeof window?window:{},s=e(1);"undefined"!=typeof document?i=document:(i=a["__GLOBAL_DOCUMENT_CACHE@4"])\|\|(i=a["__GLOBAL_DOCUMENT_CACHE@4"]=s),t.exports=i}).call(this,"undefined"!=typeof global?global:"undefined"!=typeof self?self:"undefined"!=typeof window?window:{})},{1:1}],3:[function(e,t,n){(function(e){var n;n="undefined"!=typeof window?window:void 0!==e?e:"undefined"!=typeof self?self:{},t.exports=n}).call(this,"undefined"!=typeof global?g

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\onderwerpen[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	60224
Entropy (8bit):	4.204862447073666
Encrypted:	false
SSDEEP:	768:4AWUYF6Ac5OOTW7kDhJYEzI0/RIST8pzYJ:VJ2MTDhJYqiYJ
MD5:	8FDFDAB1C629EA64EAC3590E252BA3DB
SHA1:	1D4F87F8571DD82995F88C9370A4EBE8CFB86AFB
SHA-256:	976BFE0C46E166A0636292286EF318CB0B5C6B9FEFF3ED165DE63F4F6FEE3A70
SHA-512:	1B0321B6C8847E17AB11AA88DCD3613EFF97FC7B7B6FD4CD28CA8ED11DAF1A2484726360E6F6F4DC8105A41E6A91AD34A38BD813309ECD1ACE88A3A5D75D1809
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen
Preview:	<!doctype html>..<html class="no-js fullWidth" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Onderwerpen \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Onderwerpen - Rijksoverheid.nl"/>.<link rel="canonical" href="https://www.rijksoverheid.nl/onderwerpen"/>.<meta name="viewport" content="width=device-width, initial-scale=1"/>.<meta name="DCTERMS.language" title="XSD.language" content="nl-NL"/>. <meta name="DCTERMS.creator" title="RIJKSOVERHEID.Organisatie" content="Ministerie van Algemene Zaken"/>. <meta name="DCTERMS.identifier" title="XSD.anyURI" content="https://www.rijksoverheid.nl/onderwerpen"/>.. <meta name="DCTERMS.available" title="DCTERMS.Period" content="start=2017-06-30;"/>. <meta name="DCTERMS.modified" title="XSD.dateTime" content="20

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\piwik[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Formulier%20'Eigen%20verklaring%20avondklok'%20%7C%20Formulier%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=124924&h=9&m=36&s=27&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19%2Fdocumenten%2Fformulieren%2F2021%2F01%2F21%2Fformulier-eigen-verklaring-avondklok&_id=cd1f4b289902c6c4&_idts=1611596187&_idvc=1&_idn=0&_viewts=1611596187&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22jenv%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%7C%22%5D%2C%223%22%3A%5B%22type%22%2C%22leadingpage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%224f86e7d6-df76-46a0-831e-3c0b24432efc%22%5D%7D&gt_ms=19&t_fs=0&t_ds=0&t_cs=0&t_ce=0&t_qs=0&t_as=0&t_ae=19&t_dl=0&t_di=334&t_ls=334&t_le=334&t_dc=400&t_ee=427&pv_id=wly61G
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\piwik[2].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Coronavirus%20COVID-19%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=192538&h=9&m=36&s=50&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19&_id=cd1f4b289902c6c4&_idts=1611596187&_idvc=1&_idn=0&_viewts=1611596187&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22jenv%7Cvws%7Cbuza%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%22%5D%2C%223%22%3A%5B%22type%22%2C%22topic%22%5D%2C%224%22%3A%5B%22uuid%22%2C%226b570308-087a-42ab-8d2b-a14b8912363f%22%5D%7D&gt_ms=5&t_us=262&t_ue=263&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=253&t_as=255&t_ae=258&t_dl=255&t_di=724&t_ls=724&t_le=724&t_dc=734&t_ee=760&pv_id=pxQ3G5
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\piwik[3].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Avondklok%20%7C%20Coronavirus%20COVID-19%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=164751&h=9&m=36&s=57&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19%2Favondklok&_id=cd1f4b289902c6c4&_idts=1611596187&_idvc=1&_idn=0&_viewts=1611596187&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22jenv%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%22%5D%2C%223%22%3A%5B%22type%22%2C%22webpageextended%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22dd179a04-39ee-4706-8418-6fc32969309e%22%5D%7D&gt_ms=14&t_us=517&t_ue=517&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=502&t_as=503&t_ae=516&t_dl=503&t_di=1302&t_ls=1302&t_le=1302&t_dc=1341&t_ee=1369&pv_id=GITnld
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\rop-survey-bar-and-ergo.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	6598
Entropy (8bit):	5.152596769487846
Encrypted:	false
SSDEEP:	192:9RWdlO52vbCvQNdYLdJTQ9il9fhBXIx98el4s:9RWdlO52vbCvQNduMgqP8el4s
MD5:	DF7403C355C8458E9464E9A7F876D5AB
SHA1:	A38DC318BBDD0144AE968703C30DEAE29C290A09
SHA-256:	B2C9229A212EFC384FB30973542CF340CA08ADEC70F8B5E014BABCAF99B0C548
SHA-512:	167A2FD43912FBB3F11B456932FA95385F9F9E201FFBBB2E056BAAD8A19D6A8339A4BEB2CD61D9933DFD36790C8E01BF06F5A936705D80669218C9523B51F691
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/assets/rijksoverheid/behaviour/rop-survey-bar-and-ergo.min.js
Preview:	var pageFeedback={initiated:!1,showOnPageTypes:["webpageextended","webpage","faq","governmentalproduct"],hideOnPartOfUrl:[{urlPart:"actueel",location:"last"},{urlPart:"actueel/nieuws",location:"last"},{urlPart:"actueel/nieuwsbrieven",location:"all"},{urlPart:"actueel/agenda",location:"all"},{urlPart:"ministeries",location:"first"},{urlPart:"regering",location:"first"},{urlPart:"documenten",location:"all"},{urlPart:"consignatiekas",location:"all"},{urlPart:"wetten-en-regelingen",location:"last"},{urlPart:"coronavirus-covid-19/ondernemers-en-bedrijven",location:"last"},{urlPart:"coronavirus-covid-19/zorg",location:"last"},{urlPart:"coronavirus-covid-19/ouders-scholieren-en-studenten-kinderopvang-en-onderwijs",location:"last"},{urlPart:"coronavirus-covid-19/verkeer-vervoer-en-reizen",location:"last"},{urlPart:"coronavirus-covid-19/werknemers",location:"last"},{urlPart:"coronavirus-covid-19/openbaar-en-dagelijks-leven",location:"last"},{urlPart:"coronavirus-covid-19/coronavirus-beeld-en-vi

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\sander-dekker-2020-1[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=17, height=4000, bps=0, PhotometricIntepretation=RGB, description=Nederland, Den Haag, 19-08-2020. Sander Dekker, Minister voor Rechtsbescherming van het ministe, manufacturer=SONY, model=ILCE-9, orientation=upper-left, width=6000], baseline, precision 8, 830x553, frames 3
Category:	downloaded
Size (bytes):	65383
Entropy (8bit):	7.521693564786096
Encrypted:	false
SSDEEP:	1536:iY74dgbymi6gihBu59TV4yO1mXLv+irVe6NRHzQg38A:i4cogcEVQsLvjXkg38A
MD5:	B8A28085C7728FEDCFCE6E12700747BB
SHA1:	0920F21266FB4F3EA7E133E5BF5D1BFCEEC73EE9
SHA-256:	EE81F5F7B6BDCE4A3DF9A30FCE37F7933FF55B839904DA6D5FEAB2985BCE509C
SHA-512:	C5EB9539FC1130FB28B38333DF36F06759AE0B184B1F32CCF201FEF4C1B0288B36A299F4F52ED0D7830E7802A390D51E9BD9B0B1D579DA1E99B454280B9E7B14
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/regering/bewindspersonen/kabinet-rutte-iii/sander-dekker/fullsize/sander-dekker-2020-1.jpg
Preview:	......JFIF.....,.,.....<Photoshop 3.0.8BIM.........,.......,......8BIM..................8BIM..................8BIM.......H./ff...lff........./ff...............2.....Z...........5.....-..........8BIM.......p................................................................................................................8BIM.......~..Z...%G...................Beeldcentrum Rijksoverheid.....Beeldcentrum Rijksoverhied...."De minister voor Rechtsbescherming.....JenV....%Ministerie van Justitie en Veiligheid.....Rijksoverheid.nl.....Sander Dekker.....bewindspersoon.....kabinet Rutte-3.....minister.....ministeriepagina.....portret.....portretfoto.....regering.....rijksoverheid.....vierkant..7..20140123..P..Arenda Oomen Fotografie..U..Fotograaf..t..Arenda Oomen .06.5383.3039..x.~Nederland, Den Haag, 19-08-2020. Sander Dekker, Minister voor Rechtsbescherming van het ministerie van Justitie en Veiligheid......Sander Dekker..Z..Den Haag.._..Zuid-Holland..e..Nederland8BIM................8BIM........

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\thuiswerken_corona_header[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x313, frames 3
Category:	downloaded
Size (bytes):	49253
Entropy (8bit):	7.978010624114917
Encrypted:	false
SSDEEP:	768:er3aiUeiPVJ/t+JUEaaXVV1CDBHKblrvGmrdojBQ6C4CdG+Dosv1uM82L+l+YXxg:tH/kJUEaaFVwKdv/d064oPUMR+ln15kN
MD5:	54E0851797E06D8DF79AF60237EFD31A
SHA1:	0457074A696063AF3F2EF380AF5E6E4F47C5070B
SHA-256:	4D6DB3BC5F976E8B1B7DC18FCEAA58F02616013E4AA9AC17C09C5298EDD29934
SHA-512:	4570BE4E21814758B36AE05735C4DB309F1EBB7384D784315C18679522881BAAD3FDB9B3D9834FA9118012801EBD67667A03E9B4F3CFBD68DD3375FC1307E8CF
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/large/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/header/thuiswerken_corona_header.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......9...."........................................R.........................!1.AQ."aq.2...#3BRr...$4bs...%56Cc....&S....Dd..TtE.u.................................-......................!.1.A.Q"2.a.Bq..3.$..............?..d..b.4.. ..l..AvB..'L.H.....K.\|P..W.R....\|f.DZm\|.\|X..m+.SS^....!..)j..0.GR...q.3V.sM2.....h.9.R.s....J.S5.%..........+?yE.J.>A3K..E.}<U`..S..lpcF.#..6[.....<..t._xx..........e.m.8x.........s.EU{...&.t.V).g.2....$.Y6..,u.a1... ....j...-0/..@...d ci.......L...F.V....S...BW........m.tV ..i.. ....O..7Cz..6P30.l...t.M{.$nm...R..,y9U.!.W...m...8....F.q_...r....cVQ.....r~..'....[.U...\|.C.g<..#=/...6.h[.E.......7K..SbX.%.5Os......:b[..v.R4r...3qm.W...K..p..tmk..r...\|.#..(v..ENltv.x,@...;c..A2.I.}.hi...5......WFg`{M.'e..@".a.B.j..jj\Z...I.WE,.:6TE'.#..T...... .<...c.....+.#F

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\thuiswerken_corona_header[2].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x480, frames 3
Category:	downloaded
Size (bytes):	102978
Entropy (8bit):	7.977460630164892
Encrypted:	false
SSDEEP:	3072:ChDju8xliRtMTBCm4EE8EN/7msWinMbhXU:CZjRAEUm4EEp5umMbK
MD5:	6B50088E75CB94BBEA63DC21F163B4A5
SHA1:	2CC74189EB67FC948E0581D7351564552F8AC57A
SHA-256:	27E9BFC3959354C7E24031C22E44AB544F3CDDCFDDF1B1C06A883CFD08592D32
SHA-512:	B63D9E16F24482ADE55480C71B8471CC3867B9DC33CD6263C12A90128DC463D29F95F5BAF6ACF213BE86EE0C4A04977BA36DC4C7E2BE2D8077278F9C65A04055
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/widescreen/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/header/thuiswerken_corona_header.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================..........."........................................O........................!.1A.."Qaq2...B..#Rbr....$34..%5CSs...6c..D...&E.FT................................-......................!.1.AQ."2a...q#B3..C.............?..h....(....nG....d@1F..9..k.Q.B5Sq,R.q.jc/QG...3h9T..s..yO.C1fd...w...c.NoY..).....u......q.a.}{p..\|...O8.,....z.Ej..P.q....D=............5dQ..._.k\..?.Kkn.2...2e....m.x.....[[..b.3(\..Z..w.mm) `.b_.&.../....Q......(.OPc.S.<#....8..54....Z....SF..L.ou.ns.E2:.......U..v...zK..j:/....=..J...u...brEQ...Qn.H.W.S.....P.t.H.+.Wa.pbeK"..H..yEB..!F.Y.\|.(._..n.M..<.7.0..9>du.D....N3G.!Q.a'#4~R$S...T..}K]..Q9...C.gUqH......\#.I..a....hp...WS..9.h..nI_..t\|.H.@...7.1P.!r?o.Nx..&..\...wY@.......R .t.^....x.a..@.TO...K?.}0..[..g..IS.q.LBV-..fOqG....9.....oI...i/..Z..1.<.G[..{7..*..r.(hzL:0..Cv..UA.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\wandeling-in-bos[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=12, height=1436, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], baseline, precision 8, 800x533, frames 3
Category:	downloaded
Size (bytes):	114183
Entropy (8bit):	7.930885088196179
Encrypted:	false
SSDEEP:	1536:SSZGSZ2zuh89BEErwJoDBGUY0K3t0aRT//bR4nxoX5czIgE2X7baHXTd80R6:SsGsQuSzrFGU5eKaRHjWEIXyD6L
MD5:	30248009AA369AACCD085385DA9934BD
SHA1:	48C024C5833EC70BF039AAA75FA48E21AFB2EABF
SHA-256:	5E50665FCECC52D51A34CF607824E53B1608E3D01388453CBDA1E5D9B2616317
SHA-512:	5187FF3B6E3025550BF932114559E535E7E134FAE50F25352C805F926B0D7046CA4510CA1EE4CD44F735C88AB5D8057585AC7973E620905A68A0487E15986422
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/veranderingen-2021/wandeling-in-bos.jpg
Preview:	......JFIF.....`.`......Photoshop 3.0.8BIM..........Z...%G.....O..8BIM.%............!......R8BIM.:....................printOutput........ClrSenum....ClrS....RGBC....Inteenum....Inte....Clrm....MpBlbool.....printSixteenBitbool.....printerNameTEXT.......8BIM.;....................printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o..........Bl doub@o..........BrdTUntF#Rlt............Bld UntF#Rlt............RsltUntF#Pxl@X..........vectorDatabool.....PgPsenum....PgPs....PgPC....LeftUntF#Rlt............Top UntF#Rlt............Scl UntF#Prc@Y......8BIM.........`.......`......8BIM.&................?...8BIM............8BIM............8BIM..................8BIM'.................8BIM.......H./ff...lff........./ff...............2.....Z...........5.....-..........8BIM.......p..........................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\2053-fysiek-archief[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	951
Entropy (8bit):	5.341000860458318
Encrypted:	false
SSDEEP:	24:2dNqAiELZK60yVJdRb60yGTlRI0rcxYC9wTRlQRnuM:cQAiMo6b5AkI0rqY1Twz
MD5:	BE191DC76C0A41A12DA0D879438589A9
SHA1:	D978E790431C96D097A869049F843010D4B9CC32
SHA-256:	794940C33E8EB7F6917EF41F1A659D5CA57BB8738D6D460045C099600E258245
SHA-512:	7003DD4DFCE3709F4D769A236A7E44FF521E6FAD4710A1CF7594CCA55A8CB9E065A5462CB86671265913E012F800729F107058C954F054704320D344BB0C8494
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/2053-fysiek-archief.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 19.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="_x36_4px_Box">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<path d="M7,23v33c0,0.5523,0.4477,1,1,1h48c0.5523,0,1-0.4477,1-1V23c0-0.5523-0.4477-1-1-1H8C7.4477,22,7,22.4477,7,23z M25,30 h14v7H25V30z M42,50.5c0,0.8286-0.6719,1.5-1.5,1.5h-17c-0.8281,0-1.5-0.6714-1.5-1.5V47c0-0.8286,0.6719-1.5,1.5-1.5 S25,46.1714,25,47v2h14v-2c0-0.8286,0.6719-1.5,1.5-1.5S42,46.1714,42,47V50.5z"/>...<path d="M51,16H13c-0.5523,0-1,0.4477-1,1v3h40v-3C52,16.4477,51.5523,16,51,16z"/>...<path d="M46,10H18c-0.5523,0-1,0.4477-1,1v3h30v-3C47,10.4477,46.5523,10,46,10z"/>..</g>.</g>.</svg>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\aandacht-voor-elkaar-uitgelicht-lowres[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2020:10:12 23:34:24], baseline, precision 8, 830x553, frames 3
Category:	downloaded
Size (bytes):	53029
Entropy (8bit):	7.3904281627607
Encrypted:	false
SSDEEP:	768:w7cpIHGImYyHbS5H9G5vBLLmBrsw57eNuRcLWBqdIxfU3sSN5Q+D7m:7rLbS5dG5vVLmN757ecR4d/ZNfm
MD5:	14FEC5888510B5755EA5E388BAFFFF5A
SHA1:	C87F1B6E758A7B482A6DEED9FE4B304552952523
SHA-256:	E2167FDDED80D972022A9A22397E9F648ADCA60541CAA2813DAB99B05D4E5C5F
SHA-512:	48E602DD911E4120A24157E49FEA47AB3C8DB3A55790287A88113A63250B0F89E7C652FFFF46C4CFCE107E4C382598A19C332E154AFDB5876F9E13FD121687E7
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/home/2020/aandacht-voor-elkaar-uitgelicht-lowres.jpg
Preview:	......JFIF.....H.H......Photoshop 3.0.8BIM.%......................8BIM.:....................printOutput........PstSbool.....Inteenum....Inte....Clrm....printSixteenBitbool.....printerNameTEXT..........printProofSetupObjc.....P.r.o.o.f. .S.e.t.u.p......proofSetup........Bltnenum....builtinProof....proofCMYK.8BIM.;.....-..............printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o..........Bl doub@o..........BrdTUntF#Rlt............Bld UntF#Rlt............RsltUntF#Pxl@R..........vectorDatabool.....PgPsenum....PgPs....PgPC....LeftUntF#Rlt............Top UntF#Rlt............Scl UntF#Prc@Y..........cropWhenPrintingbool.....cropRectBottomlong........cropRectLeftlong........cropRectRightlong........cropRectToplong.....8BIM.........H.......H......8BIM.&................?...8BIM...........x8BIM............8BIM..................8BIM'.........

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\accordion[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	1607
Entropy (8bit):	4.665070414272165
Encrypted:	false
SSDEEP:	48:039aQxVaQeZaQZ/4laQxoaQe9maQZiaQqaQCaQeaaQAaQqaQCaQeaaQxc8:03DJevZ/4rUe9sZIQoegOQoegxc8
MD5:	4D7F89A1DE3F06769A1F64C4214748FA
SHA1:	17C9341209B9DCEFEB9A55D8D5482F0F9F04313E
SHA-256:	BE6AC51394D0CD2B31FAB9676D1402496EF626048D1ADD8C0D8CD0B6F5AA684B
SHA-512:	016A2BFC9C82255F8C4E482E75B259471A5165B82EC65CA2159AE964BCC75B08667B7A78617E58B692E6ECEB9330C5DB62A9E48B7584F9AC19207E0E529C62C2
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/accordion.js
Preview:	$.fn.accordion=function(){$(".accordion__button").click(function(){if(this.classList.contains("active"))return this.classList.remove("active"),this.setAttribute("aria-expanded","false"),this.removeAttribute("aria-disabled"),this.parentElement.nextElementSibling.setAttribute("aria-hidden","true"),this.parentElement.nextElementSibling.style.maxHeight=null,void this.parentElement.nextElementSibling.classList.remove("active");$(".accordion__button").each(function(t,e){e.classList.remove("active"),e.setAttribute("aria-expanded","false"),e.removeAttribute("aria-disabled"),e.parentElement.nextElementSibling.setAttribute("aria-hidden","true"),e.parentElement.nextElementSibling.style.maxHeight=null,e.parentElement.nextElementSibling.classList.remove("active")}),this.classList.add("active"),this.setAttribute("aria-expanded","true"),this.setAttribute("aria-disabled","true"),this.parentElement.nextElementSibling.setAttribute("aria-hidden","false"),this.parentElement.nextElementSibling.classList.ad

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\ankiebroekersknol_1.jpg_1920[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=5, description=Nederland, Den Haag, 12-06-2019.Ankie Broekers-Knol, Staatssecretaris van Justitie en Veilighei, xresolution=190, yresolution=198, resolutionunit=1], baseline, precision 8, 830x553, frames 3
Category:	downloaded
Size (bytes):	52085
Entropy (8bit):	7.828967349839715
Encrypted:	false
SSDEEP:	1536:DpekeyUQtKVhndcj/xzoP+dM61FXLS+gHdcCjr:hWQtqi/5okMQXLS+gOCX
MD5:	50B05FC1BF5777E91BE8AAE8E405D924
SHA1:	6355BEC4283D1A7B9DE730C11A6A2047D67AF984
SHA-256:	480F110A542FDD496515A1B095D825ABC330B94AF3D2A1D4C28DE3A589178709
SHA-512:	DAA10DB8267DDCDC6B898330E0C6435539F7CBB9C16419DF2A9355402D8C6827EEC34E435443F0987D326DA31A4EB1B6FE474DF0B3604935F9833EFC406B4359
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/regering/bewindspersonen/kabinet-rutte-iii/ankie-broekers-knol/1920-px/ankiebroekersknol_1.jpg_1920.jpg
Preview:	......JFIF.............JPhotoshop 3.0.8BIM.......-.....Ankie Broekers-Knol.....bewindspersoon.....kabinet Rutte 3.....regering.....rijksoverheid.....staatssecretaris..Z..Den Haag..\..Rijnstraat.._..Zuid-Holland..e..Nederland..x.sNederland, Den Haag, 12-06-2019.Ankie Broekers-Knol, Staatssecretaris van Justitie en Veiligheid.Foto: Arenda Oomen............Exif..MM.*.............t...J.........................(..........................Nederland, Den Haag, 12-06-2019.Ankie Broekers-Knol, Staatssecretaris van Justitie en Veiligheid.Foto: Arenda Oomen.....................http://ns.adobe.com/xap/1.0/.<?xpacket begin='.' id='W5M0MpCehiHzreSzNTczkc9d'?>.<x:xmpmeta xmlns:x='adobe:ns:meta/' x:xmptk='Image::ExifTool 10.42'>.<rdf:RDF xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#'>.. <rdf:Description rdf:about=''. xmlns:Iptc4xmpCore='http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/'>. <Iptc4xmpCore:IntellectualGenre>Portretfoto</Iptc4xmpCore:IntellectualGenre>. <Iptc4xmpCore:Location>Rijnst

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\brexit-uitgelicht[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 315x210, frames 3
Category:	downloaded
Size (bytes):	11210
Entropy (8bit):	7.9194407081712255
Encrypted:	false
SSDEEP:	192:Ur0YTeYMZH5RPj5Twhym2iUFEYQvTILbFCRIRb0L1SGLfsRXhG7xwEIQiTG:STe9ZH5RPj5TsyfLQWRC8ssGMhG/I8
MD5:	C0DC6D76D9C6ED1B82925BBACFAFD7C9
SHA1:	78CAA2AD947FC7144BEF94B5DB0676887F3F2E40
SHA-256:	4749B750B99AE3103283435DFEEDEF56D5F6DCFA57058F669E35698237C6A246
SHA-512:	F737CB3C708A156F012FD8794AB997508CD64B2C7E7980851FD24AD130E13A1BD622F765D5F68C68048FBDAED3B2764CF439650E23219BAD96D94E1A8EB9AC44
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/onderwerpen/b/brexit/brexit-uitgelicht.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================........;..........................................:.......................!1.A.Qaq....".....2B.#.Rb...$.%.................................)......................!1..AQ.."a.q2B...............?...R......,.H..H.@H.H.%Zv:.....I.#A.....Od".I.+E.?......h......@7h... ..@..(..d.T.@v..H....R.\.U ,(..........m..O.7lf.XJ.H!+)...e-..t....Gh.,.ZE...)..v.i.BV4.8@.K=.".[.;W......% a@.....%i.A...@.:..Z.5...E......X)1.....r.&Z..D..L(.i.....P)..).M..H.+.E..K.^...H.....4....@.@...$.hP.d....5H7...F.0...... M..v*!....J...h.......=+8h.....aD.h.... (`......B....C....:...R9.....(D]..CGJ..@...,(.i.B4....4.. ...tB.T...(V.C)2..H.l....../EDk..4N......%c%.c..`........Q...B..KV'. ....JE..8.H.).D.........{....Z.D@.'hBl..@%bLi..N.7.D.j.J.@..I...m:E.....?.i1]t`C...@.L.A..(.V.6<......{..... .o.N.Z..d.......Az.@.H..;xH...Q...H6..!...@....&...Zb!..- .ZG..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\corona-in-eenvoudige-taal-lowres[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x320, frames 3
Category:	downloaded
Size (bytes):	17279
Entropy (8bit):	7.971048985955808
Encrypted:	false
SSDEEP:	384:wRl+IORVbbubC9vGektZD4NL/CJvgqsAm1cmBxKBPM8xUvDs:wbORh9atVSC7m11l4
MD5:	8D39F80190FBFBABB260D7B14C05C650
SHA1:	BF0CA8D6B8DB3B84FC3468D5E86125200D93AC56
SHA-256:	B7DD1B70BE0EA91FF736300CEC6F8F55F80048D7689F4B14B0D32FA9C2EE53CF
SHA-512:	DE4D395353C327D09844E919533D4A7CA45A6569354F1F1CECE94FBE4D9B2E62FA143F3F2B19EFDD905D361A97B4FC647A011A8D7CB6CB182B6642279C1C6290
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/uitgelicht/corona-in-eenvoudige-taal-lowres.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......@...."........................................V.........................!1AQ.."aq..2R..3B......#br.....$5ES.....4TUds...%&6CDct..................................'.......................!1A.Q.2"a..qB.............?....x,.g<.(.)...#....U.Ni.n.>.Xb..`..J...U.v^B.`..U$g.....3....uj..g.E..8.TIg.`<.....Qx....."..)7i..hT.S....JAu....EH..'.....U..W..8...ZPT.d.#b...L....7..B.......w.Q.H$.rF.wS...U~.>.N...K...n.........9..B.u...4@.f..v@.w"i.#Xc..n..;...A.(>)Q"}9.Ct.S.V...e..<8#Cj.'X.me.B..7.`&.Vo...KAZh...;...+U...].T..../.g....U.(.:.f.mwN.....pj.....f"p6I.KsO&.;...W..m..Q...@+..m...........A.R....)..?...wO~. ,..aY.S..}^.k.....`..l...K_M.f.....,:.O..fm...........UD.w.S.`..r...(...L#.j)H.e..N.=.p@p.)j...'_x..4..Y^j..E..\..0.\|.g-......{.3..7.ra.l.jG.X.n.M.rq..k.vW1..l..e;\9......HM.u.F.wsN......z\.b3v..".>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\coronavirus-covid-19[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	28535
Entropy (8bit):	4.597790746638992
Encrypted:	false
SSDEEP:	384:QXfKukOspeW2sHUYCDlxIZGfv0Lh5mE674jgo9ZzzYJ:QXSiWHWDTIZGfvgbmE6UjHpzYJ
MD5:	0B33E5006271318199F7EA4FC57E9312
SHA1:	955787D471D07DAEC0ACAD08A0CC866E9A841055
SHA-256:	EB47FD640646EB5986A1D05AECC0D9A6018390AE5C842E98E740CDD19BF504D6
SHA-512:	5D195E7959DD2192DF286373E75EF0B20EEC42697F42D03BFCAB8B45E1CBBB92B52485073311D7CC89CF567594E3C73044FD34B009973B890F8ADDBEA1C3AE39
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19
Preview:	<!doctype html>..<html class="no-js fullWidth" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta name="description" content="Actuele informatie over het coronavirus COVID-19. Zoals de maatregelen tegen verspreiding van het virus."/>.<meta name="DCTERMS.description" content="Actuele informatie over het coronavirus COVID-19. Zoals de maatregelen tegen verspreiding van het virus."/>.<meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Coronavirus COVID-19 \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Coronavirus COVID-19 - Rijksoverheid.nl"/>.<meta property="og:title" content="Coronavirus COVID-19"/>.<meta property="og:type" content="website"/>.<meta property="og:url" content="https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19"/>.<link rel="alternate" href="https://feeds.rijksoverheid.nl/onderwerpen/coro

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\ferdinand-grapperhaus-lg[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=11, description=Ferdinand Grapperhaus, minister van het ministerie van Justitie en veiligheid, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, xresolution=252, yresolution=260, resolutionunit=2, software=Adobe Photoshop CC (Macintosh), datetime=2018:08:22 18:28:09], baseline, precision 8, 829x553, frames 3
Category:	downloaded
Size (bytes):	68075
Entropy (8bit):	7.597225711901583
Encrypted:	false
SSDEEP:	1536:oxbLsjQQsj0dPJSrzDEskLJx77qA9tBXd4G4RFKeWJIVycK:oxbLGQQG0ZJS/oBJUA9t5dr4LKikcK
MD5:	5C3804BB369134CBD388A7AFB5C2F3B6
SHA1:	6F341CACF4808CEA0804A2AC946C2B8687D195F9
SHA-256:	237608EE290FF6A6538702A3CDC0AD7BBE8F6E4884A2F7FD2EBF3C1DAB49393E
SHA-512:	425DE846754BE56B39823CB9165EC1B75F7022C7802545755FA8A8A62E35F3FD3D7E30D6B9F50E1D4AA94F2F2C0E48699AEDCB5C76CBC69A05F4AD12270812E9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/regering/bewindspersonen/kabinet-rutte-iii/ferdinand-grapperhaus/fullsize/ferdinand-grapperhaus-lg.jpg
Preview:	......JFIF.....,.,......Photoshop 3.0.8BIM..........Z...%G............`...P..Arenda Oomen Fotografie..7..20180822..<..095305+0000.....Ferdinand Grapperhaus.....Rijksoverheid.....Rijksoverheid.nl.....bewindspersoon.....minister....%ministerie van Justitie en Veiligheid.....ministeriepagina.....regering..Z..Den Haag..\..Rijnstraat .._..Zuid-Holland..e..Nederland..x.MFerdinand Grapperhaus, minister van het ministerie van Justitie en veiligheid8BIM.%......V.. ....]8..X.'8BIM.:....................printOutput........PstSbool.....Inteenum....Inte....Clrm....printSixteenBitbool.....printerNameTEXT.....S.a.m.s.u.n.g. .S.C.X.-.3.4.0.0. .S.e.r.i.e.s......printProofSetupObjc.....I.n.s.t.e.l.l.e.n. .p.r.o.e.f......proofSetup........Bltnenum....builtinProof....proofCMYK.8BIM.;.....-..............printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\forms[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	20086
Entropy (8bit):	5.0630445414797896
Encrypted:	false
SSDEEP:	384:aRGD5BGn11y6hqZDCgtXZLqTUouR+KL/hWXVZiXGutbHpbWotuMvgEh0qtSY71OK:8GD5BGn11y6+7XZ2QX+KNWFZi2utbHpn
MD5:	FA31C45A4991A91652CC2C7BF84B6B8F
SHA1:	082FED512F6A2B5B5587B4FA02CF622BB3443C70
SHA-256:	FDE12A3EF014C58BFCDCBB13A5DAA868257D9EABE2B6933DA6B8C672471C8149
SHA-512:	5D3CA8723A6658C84A04DBD433E85AD4BCCA490B668164FF76B23A9F978D6CC4EA0D0A281A904F9D7302169717A099FBCC92C247E11C203D774848BFB89BB715
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/forms.js
Preview:	function handleFileUploadChange(t,e){t?($(".fileupload--"+e+" .button-remove-before-submit").css("display","block"),$(".fileupload--"+e+" input[type='hidden']").css("display","block"),$(".upload--"+e).css("display","none"),$(".fileuploadInput--"+e).css("display","none")):($(".fileupload--"+e+" .button-remove-before-submit").css("display","none"),$(".fileupload--"+e+" input[type='hidden']").css("display","none"),$(".upload--"+e).css("display","block"),$(".fileuploadInput--"+e).css("display","block"))}function customSelect(t){t.wrap('<div class="proSelect"></div>')}$.fn.autoGrow=function(t){var e=jQuery.extend({extraLine:!0},t),i=function(t,i){var n=t.val().replace(/&/g,"&").replace(/"/g,""").replace(/'/g,"'").replace(/</g,"<").replace(/>/g,">").replace(/ /g," ").replace(/\n/g,"<br />")+(e.extraLine?".<br/>.":"");i.html(n),t.height()<i.height()&&t.height(i.height())};return this.each(function(){var t=$(this),e=function(t){var e=t.attr("name");return $("<div/>",{cl

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jenv-hero[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=11, description=Deze ministeriefoto is gemaakt voor de ministerie-verzamelpagina op Rijksoverheid.nl. Er is gek, manufacturer=SONY, model=ILCE-7RM3, xresolution=640, yresolution=648, resolutionunit=2, software=Adobe Photoshop Lightroom 6.10 (Windows), datetime=2018:10:04 13:19:56], baseline, precision 8, 1250x313, frames 3
Category:	downloaded
Size (bytes):	96928
Entropy (8bit):	7.733394949107374
Encrypted:	false
SSDEEP:	1536:CsAQnAoarzgLU02yf0yN8w1RQFXgQafVNThzFa/ZgIgdI4BGcZArOy/:HA0Aoyftzw1RqzWNThzY/ZhgdFGAArOy
MD5:	7D60546B655998343C86A1E66E922CE8
SHA1:	AACAFB2E49DC8DFDE2CE094E70754B9B7221FE05
SHA-256:	CE4CD0B6A8B73273022DC30E4FA7FADEA3A9C9E2333BB51EAAE3457247372EF4
SHA-512:	7C78A22D24CE76EA3DDCF005536C8A0D9DE8F6C18D64739305C1A717A4EB676300BD0CE637E15B834A35D4DBCF754AC2D34AF79D1757CBEFD394B5D1444C4F79
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/large/content/gallery/rijksoverheid/content-afbeeldingen/ministeries/series/hero---nieuw/jenv-hero.jpg
Preview:	......JFIF.............HPhotoshop 3.0.8BIM........................8BIM..........Z...%G...................JenV hero.....Beeldcentrum.....RO.....Rijksoverheid.....beeldverhaal.....beleidsthema.....close-up.....handen.....handenconcept.....mantelfotograaf.....ministerie.....ministerie-onderwerpen.....ministerie-verzamelpagina.....ministeriefoto.....missie.....scherptediepte.....themafotografie.....verzamelpagina..7..20180914..<..143710..>..20180914..?..143710..P. John van Helvert: www.johnvanhel..g..C0502.DP1000..t.SCopyright Rijksoverheid - Deze foto is afgekocht voor gebruik door de Rijksoverheid..x..Deze ministeriefoto is gemaakt voor de ministerie-verzamelpagina op Rijksoverheid.nl. Er is gekozen voor een close-up van handen op de voorgrond. In de afgebeelde handeling wordt een herkenbaar onderwerp van het ministerie vertaald, waarin iedereen zich kan identificeren. De onscherpe achtergrond verduidelijkt het beeldverhaal. Alle 12 ministeries zijn volgens deze beeldtaal, het .handenc

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\justitie-en-veiligheid-hero[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=25, height=6336, bps=0, compression=none, PhotometricIntepretation=RGB, description=Verbeelding van de zachte kant van Veiligheid. Politieagent wijst de weg aan passanten. Deze c, manufacturer=SONY, model=ILCE-7RM4, width=9504], baseline, precision 8, 1250x312, frames 3
Category:	downloaded
Size (bytes):	43014
Entropy (8bit):	7.926150649627987
Encrypted:	false
SSDEEP:	768:dJ8ywdTUwUeLSHvPdnd14D2wN1OYA9kqD+2RpY1CIPNY/4EE4cDwWSpN:dJ8yAUeLSHzWDKvpY1CkEUsjpN
MD5:	8BB6FF03A77AE4E0B1B8C1A732D55015
SHA1:	8CC0053F59045DB3D1CB644E58CE4CB249EDDAD8
SHA-256:	9CE8F5467A1980C29170685E820EB56C1C181E961F843F05C1375964F59E6623
SHA-512:	9F4CC92144CD66C265496C202901A9E04F8F649E1FB466F4EAA8FCD557A96F2314A99F6EE7838DBB7E03AB315D133C4C7E22A6E0C5C9C371D2875A494F523774
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/large/content/gallery/rijksoverheid/content-afbeeldingen/ministeries/series/hero---nieuw/justitie-en-veiligheid-hero.jpg
Preview:	......JFIF.....,.,.....(Exif..MM.*..............% .........................:...............................B...@.........................................................................(...........1...........2...........;................T....i...........0...........2.........@.....................................2...........4....................Verbeelding van de zachte kant van Veiligheid. Politieagent wijst de weg aan passanten. Deze corporate ministeriefoto is gemaakt voor de ministerie-verzamelpagina op Rijksoverheid.nl. Er is gekozen voor een close-up van handen op de voorgrond. In de afgebeelde handeling wordt een herkenbaar onderwerp van het ministerie vertaald, waarin iedereen zich kan identificeren. De onscherpe achtergrond verduidelijkt het beeldverhaal. Alle 12 ministeries zijn volgens deze beeldtaal, het .handenconcept., gefotografeerd en staan per oktober 2018 op Rijksoverheid.nl/ministeries...SONY..ILCE-7RM4....,.......,....Paint.NET v3.5.10.2020:01:09 19:06:22.JO

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\logo-ro[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	22480
Entropy (8bit):	3.855461555192788
Encrypted:	false
SSDEEP:	384:PxlBio7+YA5LFu/Y/IIf/gQBj/QPoJq6e8GQzPdgbXXhrLvS38Z7j:Z77RAeIHiT1L489
MD5:	F359BF2CF693B32A4FFB2D40384EC675
SHA1:	F2DF78721517F9797ABA0220298153AA506F513B
SHA-256:	2B702C5D3DE1D9B2D646741C458C148D8F75CD47D9C15DD4E9EC6ADDEF07874A
SHA-512:	E007E16328BF8EA63B99164CBD7BDD0C3D3825A77D904547C6C037FBF3080331098B81E502B710AF4547FCDCF9803AF972457FB9DE376DC4773CD6FBE08A0A99
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/channel-afbeeldingen/logos/logo-ro.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 21.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" height="125px" id="Laag_1" style="enable-background:new 0 0 314 125;" version="1.1" viewBox="0 0 314 125" width="314px" x="0px" xml:space="preserve" y="0px">.<style type="text/css">...st0{fill:none;}...st1{fill:#154273;}...st2{fill:#FFFFFF;}.</style>.<g id="Laag_1_1_">..<g>...<rect class="st0" height="125" width="314"/>...<rect class="st1" height="100" width="50"/>..</g>..<path class="st2" d="M25.9,77.36h-0.87v-2.41h0.87V77.36z M29.83,66.72h-0.87v-2.41h0.87V66.72z M13.71,62.56 c-0.07,0-0.52,0-0.52,0.09c0,0.09,0.21,0.05,0.52,0.1c0.7,0.12,0.97,0.47,1.46,0.47c0.44,0,0.9-0.3,0.72-0.94 c-0.03-0.11-0.09-0.08-0.11-0.01c-0.07,0.29-0.42,0.45-0.79,0.45C14.53,62.72,14.44,62.56,13.71,62.56z M8.92,64.97 c0.08,0.11,0.9,1.17-0.36,1.58c-0.06,0.02-0.07,0.07,0.01,0.11c0.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\magazine-jenv-5-2019[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop Elements 14.0 (Windows), datetime=2019:03:28 09:31:28], baseline, precision 8, 800x533, frames 3
Category:	downloaded
Size (bytes):	103720
Entropy (8bit):	7.901801355308374
Encrypted:	false
SSDEEP:	1536:bNeRgveRT3LI1R07egFY9wtTUl7YgGU2CykS8e7LRVBjKGlYRog91BIRxDXm1MG:bgRbRTf7egjTU1xGUfyjdaGlYRF1MpG
MD5:	F52BE53C0139499B98E4786413C6C26D
SHA1:	F8F1038BD8427CFB1FEC9B4933CF1682F7E11DBE
SHA-256:	F6756AA631706707EB23C100CEC54FAC2A31A12BFA260AC5A66E1E8D28D5A9E8
SHA-512:	F9FD7282E19A19CB6A01A450F08815ED0670E96671D3C6517D26CCEEABFFAC516BBD081F91516E8F4D92CE97E93B9C68749CD77F9BEFCCEAFECF7F2BE051FC24
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/ministeries/justitie-en-veiligheid/magazine-jenv-5-2019.jpg
Preview:	......JFIF.....H.H....$.Photoshop 3.0.8BIM.%......................8BIM.:....................printOutput........PstSbool.....Inteenum....Inte....Clrm....printSixteenBitbool.....printerNameTEXT..........printProofSetupObjc.....I.n.s.t.e.l.l.e.n. .p.r.o.e.f......proofSetup........Bltnenum....builtinProof....proofCMYK.8BIM.;.....-..............printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o..........Bl doub@o..........BrdTUntF#Rlt............Bld UntF#Rlt............RsltUntF#Pxl@R..........vectorDatabool.....PgPsenum....PgPs....PgPC....LeftUntF#Rlt............Top UntF#Rlt............Scl UntF#Prc@Y..........cropWhenPrintingbool.....cropRectBottomlong........cropRectLeftlong........cropRectRightlong........cropRectToplong.....8BIM.........H.......H......8BIM.&................?...8BIM...........Z8BIM............8BIM..................8BIM'.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\piwik[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Instructie%20voor%20formulieren%20avondklok%3A%20downloaden%20en%20meenemen%20%7C%20Publicatie%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=870980&h=9&m=36&s=54&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19%2Fdocumenten%2Fformulieren%2F2021%2F01%2F21%2Fformulier-voor-de-avondklok-downloaden-en-meenemen&_id=cd1f4b289902c6c4&_idts=1611596187&_idvc=1&_idn=0&_viewts=1611596187&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%22%5D%2C%223%22%3A%5B%22type%22%2C%22leadingpage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22f28d5416-c5cd-4283-b4c5-4d8f286274ae%22%5D%7D&gt_ms=4&t_us=35&t_ue=35&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=28&t_as=29&t_ae=32&t_dl=29&t_di=654&t_ls=654&t_le=654&t_dc=674&t_ee=903&pv_id=QLL90u
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\piwik[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	66210
Entropy (8bit):	5.522089969385018
Encrypted:	false
SSDEEP:	1536:6s2uk/Ovn/tdg5NmaVymLj0JfUEQUc2GonbvKfPbTITrVT:C/G/ZWQJt
MD5:	2D695BE38B0A0F20485064FEE4A6A42A
SHA1:	5EACD0F917E94C902A1557D7F0BA30B3B162CF0A
SHA-256:	DD499FF55F3C2A7BCEF3F0F9A43F93CC4CBC00C74EB7A3684AE10C23748C6D66
SHA-512:	7EFCF3F465722C03445FFF717D3D546E9AE2E8B7D0ABBF3DA0C90FCF8E21985EE288FC6F2AAED7A0003EF9BBCBFBC94C51536E3021FD72288D24F7835B8790D1
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.js
Preview:	/!!. JavaScript tracking client. . @source https://github.com/piwik/piwik/blob/master/js/piwik.js. * @license https://opensource.org/licenses/BSD-3-Clause BSD-3 Clause (also in js/LICENSE.txt). * @license magnet:?xt=urn:btih:c80d50af7d3db9be66a4d0a86db0286e4fd33292&dn=bsd-3-clause.txt BSD-3-Clause. /.if(typeof JSON_PIWIK!=="object"&&typeof window.JSON==="object"&&window.JSON.stringify&&window.JSON.parse){JSON_PIWIK=window.JSON}else{(function(){var a={};./!! JSON v3.3.2 \| http://bestiejs.github.io/json3 \| Copyright 2012-2014, Kit Cambridge \| http://kit.mit-license.org */.(function(){var c=typeof define==="function"&&define.amd;var e={"function":true,object:true};var h=e[typeof a]&&a&&!a.nodeType&&a;var i=e[typeof window]&&window\|\|this,b=h&&e[typeof module]&&module&&!module.nodeType&&typeof global=="object"&&global;if(b&&(b.global===b\|\|b.window===b\|\|b.self===b)){i=b}function j(ab,V){ab\|\|(ab=i.Object());V\|\|(V=i.Object());var K=ab.Number\|\|i.Number,R=ab.String\|\|i.String,x=ab.Object\|

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\responsive[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	288040
Entropy (8bit):	5.167373482119021
Encrypted:	false
SSDEEP:	1536:+gk5LbaAXDpaPEUrCEeWo+ffeXKsGA+rxr+D9awQLwrFqeNyvZ4Q/5fd42tUb+9e:PkYe4/5fgN3Oe
MD5:	B8E6120181CE51C76168A9AB8EDBCC5D
SHA1:	936C17A3205EE8E716E8056ED6083B0DC911B3DD
SHA-256:	AB9BF9A250E7C34001D8374540698D65830EF013686F2A372120834204A57C13
SHA-512:	7DE54779B217BAD7BE44166256CC4C5545F5B552BD8F3B28B0A650C0A4866F00E8EE8CA1EF43E843B279A147805B27E1E8DFCB7F851B2DF8BF4C8790090DAD17
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/responsive.css
Preview:	html{-webkit-text-size-adjust:100%;line-height:1.15}body{margin:0}main{display:block}h1{margin:.67em 0;font-size:2em}hr{overflow:visible;-webkit-box-sizing:content-box;box-sizing:content-box;height:0}pre{font-family:monospace, monospace;font-size:1em}a{background-color:transparent}abbr[title]{text-decoration:underline;-webkit-text-decoration:underline dotted;text-decoration:underline dotted;border-bottom:none}b,strong{font-weight:bolder}code,kbd,samp{font-family:monospace, monospace;font-size:1em}small{font-size:80%}sub,sup{position:relative;vertical-align:baseline;font-size:75%;line-height:0}sub{bottom:-.25em}sup{top:-.5em}img{border-style:none}button,input,optgroup,select,textarea{margin:0;font-family:inherit;font-size:100%;line-height:1.15}button,input{overflow:visible}button,select{text-transform:none}button,[type='button'],[type='reset'],[type='submit']{-webkit-appearance:button}button::-moz-focus-inner,[type='button']::-moz-focus-inner,[type='reset']::-moz-focus-inner,[type='subm

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\ro-icons-2.1[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 5168, version 1.0
Category:	downloaded
Size (bytes):	5168
Entropy (8bit):	7.891397020043798
Encrypted:	false
SSDEEP:	96:DYPa98RfYDiswwUf72y7N3jXY+YTFpGK8KIN9u3P4vH9gb0FBWGrPJn:DYPImQzwFz2y7VjXpunGIwcv4WG9n
MD5:	34CA51368BDF14CDC485DE2FA5B56FD0
SHA1:	84B4D157138205EEE33F58C44F035FFA1E5E5D8C
SHA-256:	9218D8DA614CA0EB2B009FCD75306EBCDDF22FBB9B300BE908AD6F556D55441B
SHA-512:	C68D8022965E3FD7523E05622CF30096032D6F72F77C2FF20DA1CFB303F991CE5B150C3A12D0F70B6EE7FD0238E261E72F9A13574679E8C442CE0A12EDE7ECB0
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/icons/ro-icons-2.1.woff
Preview:	wOFF.......0.......8........................GSUB.......;...T .%zOS/2...D...B...V@O.cmap...........F....glyf...\|...J........head.......3...6.E .hhea...........$....hmtx.......K....~...loca...h...H...HW.]6maxp........... .5..name.......2...F..Z.post.......)......q'x.c`d``.b0`.c`rq..a..I,.c.b`a...<2.1'3=.......i. f....&;.H.x.c`d..8.....y?.....................+.HsMapx..J..%.....d..#H.......x...In.@.E.[6&..}... K.2.8k.M8...t(Q.+..z@7\|...7...8M.y.A{^...e.N......W.c.xV.{'.).\.DE?..R3b.)3.,X.b.-;..8r..+7.....Z...w..o.&.+..M.&...i.i.6.(.,.C...M.........uya..4.[....6.z[C.....P.`.w4.;......zWC...^c..l..b..j..f..n.w7._..T.x..Xkp..u.s....}a..x.K... .. ^.. AQdDQ.....e.jY...k[...8.k'r..q.&.Q..ib7.j2n.Lg....q<.3M..u.t.t..D..D.{...r....{..{.9.;...lmmy.G.G..d.&H..W.@.B@.+.4....[...u...{....Rj!..84...H.I.)8Ei..}h.!.\....{.>$.......B2.='..M...Y..1.ai..f..1a..3f..4e.\|.7...1..J;.Y.....o.C......sm:Ov...b..p.U.j..m..6d..z.a.....=...nQ.$........+..#....o.{.>...7Sg.M.....E..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\roze-vlak-homepage-1920x330px-tp[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 1920 x 330, 1-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	365
Entropy (8bit):	4.816587757735429
Encrypted:	false
SSDEEP:	6:6v/lhPilsVrWUyKmv8BRmhnTmFQEXlgzgN4VQIMBeDgK4KEMwoQIMBeDglp:6v/7azUUm4qFQXzS4VQIjDgWEMwoQIj8
MD5:	F6639404A9CCC555FFE795FFB92A1417
SHA1:	74BD8B5BCB7FF9F5D0103F9D9D570542C5BDBDEC
SHA-256:	147E7B3BA7F9F56F443700EE5DD6EC05DBF93ADFED94FFC3D3D4BE281E7ACC35
SHA-512:	52F8C7909C6B392D50928A6F0BB9EE30198248E8E69AD7C2ADAB1956E6BC9DB8844ECFBD40540DAC25B058C225AB2C874E59035A9EA519AF7D4CE7F4982A2CF4
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/widescreen/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/lowres-fotos/roze-vlak-homepage-1920x330px-tp.png
Preview:	.PNG........IHDR.......J........m....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....PLTE..]...A=......bKGD...-.....tIME.......o.....dIDATx...1......Om._..............................................................................^.6....f.....%tEXtdate:create.2020-05-14T06:29:26+00:00D......%tEXtdate:modify.2020-05-14T06:29:26+00:005.......IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\start-vaccinatie[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=12, description=VEGHEL - Pfizer / BioNTech eerste set vaccinaties tegen COVID-19 in de priklocatie in Veghel. S, manufacturer=NIKON CORPORATION, model=NIKON D6, orientation=upper-left, xresolution=187, yresolution=195, resolutionunit=2, software=NIKON D6 Ver.01.11 , datetime=2021:01:06 08:54:15], baseline, precision 8, 830x553, frames 3
Category:	downloaded
Size (bytes):	113955
Entropy (8bit):	7.863601961966462
Encrypted:	false
SSDEEP:	3072:urFzMwTd8XmLLws0gedOi66AXrjk39J5gQb8:MMU82v0dUXXk39q
MD5:	C96BA5E9FFA4DAA9296DC1BAE6F67222
SHA1:	9C27F9C049874B343D9867845207FF6CE73961D2
SHA-256:	04AF7C41E46D42EE69A5AB76E22C5FC7EB469E601E432E24181E5576017F1CC8
SHA-512:	54905A322C816CB8AA23DE0657E5D5FDEE375A4DA018355E20FABD3F5CC620066CFF7594614B130610FF8CE5FD7C88EDCEA480D669359AA7DF8DF31384AC55B4
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/home/2020/start-vaccinatie.jpg
Preview:	......JFIF.....,.,....'.Photoshop 3.0.8BIM..........Z...%G............corona.....coronacrisis.....coronamaatregelen.....coronavirus.....covid19.....crisis.....gevaccineerd.....ggd.....personeel.....prik.....prikken.....priklocatie.....prikstraat.....Vaccin.....vaccinatie.....vaccinatieprik.....vaccinatiestraat.....vaccineren.....verpleegkundige.....virus.....ziekenhuis.....zorg.....zorgpersoneel..(.. ..7..20210106..<..084346..g..426847120..n. Hollandse Hoogte / Robin Utrecht..s..Hollandse Hoogte..t..ROBIN UTRECHT..x..VEGHEL - Pfizer / BioNTech eerste set vaccinaties tegen COVID-19 in de priklocatie in Veghel. Sanna Elkadiri verpleeghuismedewerker die eerste vaccin krijgt een spuit met het vaccin vaccinatieplicht coronavaccin Sanna Elkadiri, medewerkster van verpleeghuis Het Wereldhuis, krijgt het eerste vaccin in Veghel Aanbieders van acute zorg, zoals ambulancepersoneel en IC-medewerkers, worden in verschillende ziekenhuizen geprikkeld tegen het coronavirus8BIM.........,.......,....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\telefoonnummer-corona-uitgelicht[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x400, frames 3
Category:	downloaded
Size (bytes):	78218
Entropy (8bit):	7.955494297479003
Encrypted:	false
SSDEEP:	1536:Z0lpE5HDTFTLadSCeKCv0MJ+OS7qUiawth15GYpGlQY3eUMMU7iK:mpk/hhTJ+7qnawDG7ezM+
MD5:	518480974995F9C4034F90F11E7D06C5
SHA1:	A88A2BFE34F78D21A3D1E36DD329EA177FFAD4C0
SHA-256:	815B7D397808257EA24B94A044DADA238794028C0793DF944BA50349E230FFA0
SHA-512:	E5E90F0807944125686ABFC0DA6E59C9BEE4BCE2212C28B222D10262F400A0C03D1EA79B8432D36272EF3040AF453BA58746073C5DDD8AE6B57377CF04F82600
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/uitgelicht/telefoonnummer-corona-uitgelicht.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================........X.."........................................P......................!...1..AQ"aq..2...#B..R....3..$br.....4CET....%'DG.7S...................................;.........................!1A."Qa..2q......#...3BR.$45SCr.............?.......k.T.>$......{.....ye.P.t.T!@..,.Gx.Hdc..o.yj..p7(..$...].\|RM....]C.$..%...U2.I:T=$..o4..9....K.[.8+.h."...5..o...bb.../#..T.Z..P...].{(LN."~..OK].4.\|....h.^.-.....O..h.m..J.z.0PJ.../,..`TI..2S7.1....c;l...-.4.....H.E#\....R...HL.D......>U.+.O..W4....d..j....v&........b.AB..p..Tb.Q..P.......H..&`..Mb.RAXO0.....x.......d..).....e..cw..\.U...P.... .G.....y.aF.5.np ..\.....7.J..f...jUF.uG...R...I2.d\.Z.)U}.O..i4.......$....\6.\|,..X'.Ut.n..Z..3[n..HB.7.. jP.>......]!+aK%&.9gH...#.A..<Tm.T.w..)......R.>.#x..\yu5.6.w[<.I.!H..{.\|....(.f.p.]..6....*m..5..e%i.)...l;...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\uitgelicht-covid-19-financiele-regelingen[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x320, frames 3
Category:	downloaded
Size (bytes):	21995
Entropy (8bit):	7.965777973548672
Encrypted:	false
SSDEEP:	384:KfsrPq0k8ygwb4QtjklddOVydzQh+bEmPUuGsWyXQ3SS9lAhSiJfmlWqkx63YR9G:jP9ygwb4Ljdwydsh+Q3QCo9YlZ13YXy/
MD5:	E0D74EDCBF6A6707EDD6991FCC408EC1
SHA1:	D7F4B406DE5884AE2476D00F0609DBC78E3ADAD8
SHA-256:	11C8280C2D61D52036807AEC69E714B5D7D410838D12618332D4FE12FF0E963B
SHA-512:	89FFC9A6B9BB519EEF7021F3D0E6EEC8FD8A30EC3F5758ED1A48CCC000A473E5841B696917C19B2683EB5EC9E97545634B9ED92D7E5F0D50CB7BE6547FA70932
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/uitgelicht/uitgelicht-covid-19-financiele-regelingen.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......@...."........................................U........................!..1."AQaq..2......#Rbrs..$3Bct...%&46Cd.....5DS......EU.u......................................................!1A..2Q"a..#Bq3R.............?.o..\|...3.ep..F.s...k.%&..S8.."c......+...N..5T....;t.q.Y].1...>nU.0c:.'..J.-m.o..D.]..(......~n;r..W.7...Xa,..K.O.xc...v.u....V.-!..s.i..w....62.....sn.T.....4`sz...W.{..^SY.(...[......\....1...'.WY.?...n..S...C._.q..:.D....3.........q. .o.I.....I;.#............/.7F~R.Y?.Z}.d^.^..[G{&.aS.m..6.J..$........M...E+....oj..A...r....H......r..q....j..........V.]..y..I....L..{.S.uE..9.=Z..q9F..F...N............Z..\...4r....b.SXn......?j......^.f..)...A.w\...c...~J..,u=.)p.....N:$...CE..vtk.....5....H.dn&<8.@8..Ml..^.-...... ...H.D..PC( ...,....$....A....@........p....."!+...#.)d"..#..'0..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\wij-doen-het-zo-uitgelicht[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=13, height=2825, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=5000], baseline, precision 8, 830x553, frames 3
Category:	downloaded
Size (bytes):	102489
Entropy (8bit):	7.9095441122115275
Encrypted:	false
SSDEEP:	3072:t1Mke1MkKT2d6y8K2XC3AAectVf0Oh/vc/qWv9De0N2jR2qV:R4KNRhXljk0O10f1DkV2qV
MD5:	BB442411060615F45860100F4435F477
SHA1:	28F5FBB2F89B55E9488DDC028703F345263DF631
SHA-256:	A48958F0DAFA3312232CDA743A2062C0E56D115E8EF7D15D1D554D16F2C09365
SHA-512:	70DC8B494B729F9D5DBCE8CF364DC05F71722E9F0DE46FE1CCA0DE7A2CBC032B1B626E755A69C712E562E6CFD058F4F852CA8C913DA765798E966B93F88D0D4F
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/uitgelicht/wij-doen-het-zo-uitgelicht.jpg
Preview:	......JFIF.....,.,....&nPhotoshop 3.0.8BIM.......o..Z...%G..Z...%G.........P..Lex v Lieshout Fotografie..7..20200923..<..153043+0000..>..20200923..?..153043+0200.8BIM.%.......n2c.9..t.pi0..8BIM.:....................printOutput........ClrSenum....ClrS....RGBC....Inteenum....Inte....Clrm....MpBlbool.....printSixteenBitbool.....printerNameTEXT.......8BIM.;....................printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o..........Bl doub@o..........BrdTUntF#Rlt............Bld UntF#Rlt............RsltUntF#Pxl@r..........vectorDatabool.....PgPsenum....PgPs....PgPC....LeftUntF#Rlt............Top UntF#Rlt............Scl UntF#Prc@Y......8BIM.........,.......,......8BIM.&................?...8BIM............8BIM............8BIM..................8BIM'.................8BIM.......H./ff...lff........./ff...............2.....Z...........5.....-

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\1182-avondklok-negen-uur[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1693
Entropy (8bit):	7.791516404764009
Encrypted:	false
SSDEEP:	24:meQgetVeG6YQ4sW2kAgKHhRICbESGyId85NI3h++b9glS6xEG382SZpzitXwWhlV:8ge7eWdkD75GbdYuhV9gF8JZcamHkc
MD5:	5B33BD6A342E5B6AED99830B3CE50C5A
SHA1:	B537AB2884C24490EE9DA15E24820C281F87AA93
SHA-256:	D3B25D65C0F111896D03D993D966D64E4A9F1FE658372AFF15665D60128F2635
SHA-512:	9E77103BD42745F073EDF42AD85AE12F73EA0F4D23D839AAC0B95076FC14AB1EEFF4ED4D623BBB8FBBA1DB2A9552F6B54E705DBFC954001D4AF4970DB6E262DF
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/1182-avondklok-negen-uur.png
Preview:	.PNG........IHDR...@...@......iq.....pHYs...........~....OIDATx..[1OcG......A..B.:R.D..B.x.R.....h.6.......l!......\|.TG.-.4H !..b...h\|k....ow.3vB>i.....y.3..s.R.o..i...... .d.!3.....d..!a....{.........U......\|&.P..].....1BH..#..H.A..m....y..i.<l2._...9..v.:.0.^..yX.......".1......j........`.._.Ac.MC.m..4.........g!..K.+.H.....+.p. +..E.M.....L..;...!BH/.4.I..R..i4.J.....=......j]O..%.Q.k0w.y......b.g..J.2:...^........e.ch.......`d4!..-....\;).."..M0.q...-.&..aY..+.a.$.8z..X..w..`...q..3...T6....O^.y93.a&...%d\|.x.f.......T.Q......u...+.O.Ph...jW...D...........Ey....?.-........###-....wOOO........<>>6+. ...v..gwJ_.RJD...,.....877.:>>nD...!.R....]..?.j.S.P..g.....I..}$....i..............X__...H....-......(.$....C.ZZZ.D..f7U_[[......!XZZ...[cuu..X,....(...>!....................o.p.x<.k.^y.h.......Q..O.x.]__......q..2..(.Q... ....r.).h.T.k..3...e.0........ggg/......k.0...:...{..nvvVc...........p........!...dm.:%.0...\|....4.rx.^\\h.kc..........\....~.I

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\4015-inenting[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1512
Entropy (8bit):	4.968050802321593
Encrypted:	false
SSDEEP:	24:2dNgAiELZK60yVJhRb60yG2Rb60yJOS6XRkO1YIY+YwyAusOE2faJJ7b7EO+:caAiMo6b1ATAT6BZ1ZYwg3aznEB
MD5:	7D54C1B9D88D788B4A45AB48CDF6E9CD
SHA1:	E034DA6D9EB3E37775EC656977CA770711071987
SHA-256:	7560D80CBF9B343DA9CFDB139C66A1E89692D8B9AF15F370317006264B4A4F09
SHA-512:	F31CB3517035653A917E2C9061EFB57D6440E8D6F25B2C055F25DAD282CD7854033C3DCBDEC69B140298D76F8C97B068AACC1CCCE72BD5073083BF8D44C6C348
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/4015-inenting.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 17.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="_x36_4px_Boxes">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Production">..<rect fill="none" height="64" width="64"/>..<path d="M58.3401,14.824c-1.4142-1.4142-7.7499-7.7499-9.1641-9.1641c-1.4991-1.4991-3.6987,0.4681-2.7267,2.2176 c1.1313,2.0365,1.7395,2.984,1.7395,2.984l-5.1636,5.1636c0,0,0.8781,1.7491,2.3942,4.8136 c0.1477,0.2986-0.0263,0.4092-0.0808,0.4342c0,0-8.1265-8.1253-9.8512-9.85c-1.1591-1.1577-3.4915,0.6255-2.4703,2.4323 c0.9985,1.7666,2.4159,4.1052,2.4159,4.1052L18.3721,35.0213c-0.5584,0.5584-0.939,1.2696-1.0939,2.0439l-1.7905,9.3717L5.2795,57 h3.4393l8.8336-8.4854l9.4-1.7709c0.7783-0.1536,1.4932-0.5352,2.0

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\5112-zijaanzicht-auto[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1568
Entropy (8bit):	4.952377203193806
Encrypted:	false
SSDEEP:	24:2dNqAiELZK60yVJJRb60yGW3PF48EZ+UPKcTlMCCXH4lFCVXFxjbstSr9dQtqBgC:cQAiMo6b1Ag8EwUPKnHtxjbsSdfGdk
MD5:	F20665D544861C8D91D4D17569DA560D
SHA1:	9AB295C54648849D7E161107AF1374BD47EA434A
SHA-256:	C9885F8080334DD0DF04AD0C9DAA3890AF47751F1ACCBE0BD417D5653ED63BC0
SHA-512:	F3B067C3E3D9A60D348AD011E840C97BB1B093699ADBAF1369E3A821A71301903A679E29FF0F7A380F79E81A43CA1D805FB3C12788BD09ED42D0C5789BB209BF
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/5112-zijaanzicht-auto.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 19.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="Box">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<circle cx="50" cy="39" r="5"/>...<circle cx="15" cy="39" r="5"/>...<path d="M62.4583,31.9736c-2.8083-4.4124-17.3787-7.4388-17.3787-7.4388s-6.4366-6.101-9.7731-6.8373 c-3.3352-0.7375-13.1176-1.1043-17.5385,0c-4.4197,1.1044-10.0776,5.9188-10.0776,5.9188 c-2.7605,0.8514-4.8602,1.3595-5.6644,3.241c-1.1632,2.7253-1.1632,8.0613-0.4642,9.9019C2.2849,38.662,4.122,40,5.9843,40 c0.0247,0,0.7651,0,2.0447,0C7.9824,39.6725,7.95,39.3405,7.95,39c0-3.8949,3.1552-7.05,7.05-7.05s7.05,3.1551,7.05,7.05 c0,0.3405-0.0323,0.6725-0.0789,1c6.619,0,14.3077,0,21.0579,0c-0.046

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\6024-ondernemingen[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	948
Entropy (8bit):	5.332535587731528
Encrypted:	false
SSDEEP:	24:2dNgAiELZK60yVJJRb60yGRNtE+5zWzL3eTMLSL3q744esoOKg:caAiMo6b1AM1WzreTMLQuReTOKg
MD5:	EA28D2416B8730999265BD4A87E3CD74
SHA1:	068042B5BEC57209832183B811B416BE3DEED067
SHA-256:	8AF91FA624AF5EA82EC9E9E0478C7B3FECCD843B2677BFD56DCDE73E381F11EA
SHA-512:	0E7AADB371F94EEAED8B8F3112C19484CB8B74346D571105255125BFE2990E630887AADE6B39850354273B4EB1EA09A62EF256489332AA1DFFDA9C109C09FA66
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/6024-ondernemingen.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 17.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="Box">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<path d="M40,3.5C40,3.2238,39.7761,3,39.5,3h-25C14.2239,3,14,3.2238,14,3.5V31H7.5C7.2239,31,7,31.2238,7,31.5V61h20V19 c0-0.5523,0.4477-1,1-1h12V3.5z"/>...<path d="M56.5,20h-27c-0.2761,0-0.5,0.2238-0.5,0.5V61h12v-6h4v6h12V20.5C57,20.2238,56.7761,20,56.5,20z M38,51h-4v-4h4V51z M38,44h-4v-4h4V44z M38,37h-4v-4h4V37z M38,30h-4v-4h4V30z M45,51h-4v-4h4V51z M45,44h-4v-4h4V44z M45,37h-4v-4h4V37z M45,30h-4 v-4h4V30z M52,51h-4v-4h4V51z M52,44h-4v-4h4V44z M52,37h-4v-4h4V37z M52,30h-4v-4h4V30z"/>..</g>.</g>.</svg>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\8012-reisbagage[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	961
Entropy (8bit):	5.227523911835233
Encrypted:	false
SSDEEP:	24:2dNcNAiELZK60yVJJRb60yGqHZJZ9oOCvnCReh6ixsQK5T7anG:c4AiMo6b1AnZK90JacqG
MD5:	6FD74E13DD3369F306B5D369594E57BD
SHA1:	B5E797872BBCB082BB50946A10431D3FF9B7CA9D
SHA-256:	4F1A94D140192E6083AA2964538F517318CC9B7D7A4EB7D5DAF1C3B0BE029EF7
SHA-512:	F6B76EBC5877C3FEF431D33EB69D945375A6A6BBCCD7A063D7FDD4FA6E506D26896CC489E4AE97272354BB5E7D84F6B46323FBE045943263EDA84D5B034EA9B4
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/8012-reisbagage.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 18.1.1, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="Box">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Icon">..<path d="M55.3329,22.994C55.1681,20.7866,53.2013,19.0002,51,19c-3.6667,0-7.3333,0-11,0v-4c0-2.2056-1.7939-4-4-4h-8 c-2.2061,0-4,1.7944-4,4v4c-3.6667,0-7.3333,0-11,0c-2.202,0-4.1681,1.7866-4.3329,3.994c-0.625,8.6594-0.625,17.3526,0,26.012 C8.8317,51.2134,10.7983,53.0001,13,53c12.6667,0,25.3333,0,38,0c2.2014-0.0001,4.168-1.7866,4.3329-3.994 C55.9579,40.3466,55.9579,31.6534,55.3329,22.994z M22.0013,34.5024L16,31.5018l3.8897-7.7794L24.0017,23l1.8893,3.723 L22.0013,34.5024z M36,19c-2.6667,0-5.3333,0-8,0v-4h8V19z"/>.</g>.</svg>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\9EW0KY5N.htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	21723
Entropy (8bit):	4.708696998003483
Encrypted:	false
SSDEEP:	384:4aG1ukO3W5HUPzP3a8EVLCmYWzKh8dZzzYJ:4a4IWxWP3a8EVLCmYsxpzYJ
MD5:	A81BDCEA4E78104A788669273D956A00
SHA1:	7145DCCD10C6EB17BFBC02BE3E51F0F1B2E99820
SHA-256:	FE0DDE41F42ACB26FB66A3F8EEA25C5FAA1063FF5053AFA25CE9EC3FF753CF3C
SHA-512:	79BA1A6769490E8391955A19C79252C3E56267A9C8E093AF05A5B68ABA18547987A5991DD7D06CEF35360E1452C907D7D3C14E8EB0EE0259848E9D8556174CF9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/
Preview:	<!doctype html>..<html class="no-js fullWidth hasMainNav" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta name="description" content="Rijksoverheid.nl is de website van het Rijk met uitleg en nieuws over wet- en regelgeving van alle ministeries."/>.<meta name="DCTERMS.description" content="Rijksoverheid.nl is de website van het Rijk met uitleg en nieuws over wet- en regelgeving van alle ministeries."/>.<meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Informatie van de Rijksoverheid \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Informatie van de Rijksoverheid - Rijksoverheid.nl"/>.<link rel="canonical" href="https://www.rijksoverheid.nl/"/>.<meta name="viewport" content="width=device-width, initial-scale=1"/>.<meta name="DCTERMS.language" title="XSD.language" content="nl-NL"/>. <meta name="DCTERMS.crea

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\RO-SansWebText-Bold[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 69459, version 3.0
Category:	downloaded
Size (bytes):	69459
Entropy (8bit):	7.99422923390301
Encrypted:	true
SSDEEP:	1536:c7ZxGkqx3inyQgE1GmYcCt8/wttSZgYsQQyqVsEj25JT4:c7ZxGKVN1ZCG+tagYPQnq5JT4
MD5:	18CBF1D7B4B8721E4E0C33736DEFD62C
SHA1:	E77FF7F1EEBB16085DF92AECF4A03F588070B83B
SHA-256:	5EADEE8E101C2140E44D6F6EF241D504459022F7504F48CBA4960CB29FAAF169
SHA-512:	3C628847F51CF86FC9867B61E8158657C5EF610ECAAAED5F03A15CA1E0B6A3229550F55DA510DFB5040BE06C3F5B1852D3EE4EA19C3013C15430B9BB3AFFB0E9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/webfonts/RO-SansWebText-Bold.woff
Preview:	wOFF.......S.......\.......4................GPOS...,...u.....c.sGSUB............Y.Z.LTSH...$.........f.OS/2...$...U...`lwYlVDMX.......r.....6.cmap...........FG...cvt ..#8.........x.%fpgm.. ........a.5..gasp.............t..glyf..'.............hdmx...L......'h._[Yhead.......6...6.%0Ohhea.......!...$.J.ehmtx...\|........A.FFloca..#....B...B%...maxp....... ... ....name...........:..p.post.......o...a.!prep..!....b...s.............G.h_.<..........H@........8.....{............x.c`d``n.....e.....,=.@.d......................Z...............(....x.c`fbd....................5.....,LLlL.@9v&..ps..`P`P.........Q.(<.$...i..R``...n.....x..MHTQ....9..1...J.L...1......RL3...D`. jcn3ZD.... pa.jQ.h."!...e.2.EH.....yc3...q.....9...K......(.K'.5...&...{....(.e.d?I.>..EZ.e..'..R...o.y.#y...b.9....ex......`L.`_.A.3.DW..Qd&..](...."....0...'8v..u\|.&.l..vr...P>....@m..$....uW.9.....U..m.3.....1..%Z....1~w...b.uH...........r...e....a[:.!./...<L6......STe..R....&.s...9.l=..5=..0U.s.9.=

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\RO-SansWebText-Italic[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 84048, version 3.0
Category:	downloaded
Size (bytes):	84048
Entropy (8bit):	7.995478375858005
Encrypted:	true
SSDEEP:	1536:4/93H1VfWO5nYBpdMc0ML4f/A/3KGu5HyjA1N7g0G+CHtrQYL7o0tbx5X3qfKrC6:IX1BNakcluwaGAwSg+GQg7/bjX3qgnLd
MD5:	BABCD7959F5E9EDD7020CB70B1398787
SHA1:	B7B69D2A371F77CB1785F45AD57C4624469670FA
SHA-256:	1021BA98155F7A0FBC239EDAC80FBCD2B85FB1FA1B7CB7AD3E949DF15A71F44F
SHA-512:	C0211A0A6DBF5039E7276CEE0CCD8CBC1CF8AB567D78807146573EABD0109B2D3EFF194EC90A2E85413C71EE9098889F752D10BFFEC122DD37AA7A0472F77A75
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/webfonts/RO-SansWebText-Italic.woff
Preview:	wOFF......HP......h.......E0... ............GPOS..A..........j..GSUB..D.........Y.Z.LTSH...T..........O.OS/2...$...X...`kPV/VDMX.......}.......Qcmap............>...cvt .." ...y.......qfpgm...........a.5..gasp..A..........{..glyf..%........u.u.hdmx.......P..%..m.head.......6...6..0ehhea.......#...$.w..hmtx...\|..........I.loca.."....B...B.5..maxp....... ... ...Xname..5..........PJpost..;....j...a...prep.. ....\...9...1.........$D._.<..........H@........P...J.t............x.c`d``n..........]./.....H.q.................@...............h....x.c`f<.8.......)..O.o.. ...`....fefab.ebf```gb@.7. ..F...L..........Ar./.&.).......5x..KHTQ....w....(..f$......G.5.).,.(!h.!C...\..$....D!....2.I>.Z..jU....n.s....,~\|.....W..0H...7......t9..M^..1...`..N.Y..r).\.......Q...y$}K.9..k...w.@...R....D.x....PM.a....4..=..2..%6....@./..$+W.U.$.-]......Q.~...d.e.y....c.v...0..5.!...0eq.q-m....O.\|.D.<.....yq:...B..W2.Tk.N......3....~......T.#M.#3.\.9_2.C...t.w..U...1....Y.#M.A.X..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\RO-SansWebText-Regular[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 76457, version 3.0
Category:	downloaded
Size (bytes):	76457
Entropy (8bit):	7.994328709295107
Encrypted:	true
SSDEEP:	1536:5B1qSVnSb4z7VbLu2cg6z3PjdemPvA8bDJNXtWU5eFOoozfv:5B5n14PjImPvA8bDTXtWU5Lb
MD5:	146A58DAF1C3F79A11ED75127D8504AB
SHA1:	2907352928CFCEF0220809359084202C364D6473
SHA-256:	DC492A95CCBB713B1B05DB6E575C9E7F113D23E471E51B16A865832C2D16AB92
SHA-512:	C0ED081BEE1D664039C239AC2A323F9B97FF3B7658D1419416B13475852A16A5A6DFDB477DC3A0312D27B6D9743DE90F66B4A9987A8F5A976511BC310C57E743
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/webfonts/RO-SansWebText-Regular.woff
Preview:	wOFF.............28......'....!............GPOS..#D.......$....GSUB..&.........f~g.LTSH...4..........A.OS/2...$...U...`kOVvVDMX.......i.....B.cmap...D........b...cvt ..#....}.....&.(fpgm..!H.......a.5..gasp..#0.........{..glyf..'P.......<. .hdmx...l......'h.<).head.......6...6.00ohhea.......!...$.V.~hmtx...\|........).W1loca..$....B...B.a?lmaxp....... ... ....name............}.epost.......m...a(;&.prep.."@...K...!p.N............._.<..........H@........G..................x.c`d``n.....e.....,..@.d.....................................(....x.c`f..8.......).....B3.1.1..E.Y.Y.....r.L...........Y.#..s3.8Px6H..%.. ......?.}...x..MHTQ.....O..4g.t...I..JKM........".@.].....AA.A.A-.D..Z.Z..]...UYYB..D......QpZ.8....8..w.y....0..d...&.u...;..,...../Sr.......c..7F/.C".(.c?..N7v[At$.Ls.s-d..].c....T&....8..zx...:xM)c&.M..J.3...uj{....l....u1.>.DU6L!...j..w.......w..d\|hW.F...GF../.....>7...Lp].N...F.11..%\.B....~......6...ze.c_.d..3:..._^..f..$M/.......p_V...9....-".....gm...fN\

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\avondklok_hero[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x313, frames 3
Category:	downloaded
Size (bytes):	52294
Entropy (8bit):	7.972731067994761
Encrypted:	false
SSDEEP:	1536:dgM2eUBk3MUyAam9oS8Dzk98FaQIiCUmBNLB:mgqD+MZ2QIa4T
MD5:	A92F08233638063F2A2EE1B528478946
SHA1:	B4DB761269232718C930015748F5B041B8F2F8C2
SHA-256:	B56FDD871705DB5943D7EE06B23C4E393196901D90B952B406D214C101E4202B
SHA-512:	90BDA8BADE6DD39DD80E3499D67A069FB1535109B35C8681BD2445C5860385946443215EF2CED339BFC83F25519E730FE9AD4716EA72EB737D967E430B7E8BB9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/large/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/header/avondklok_hero.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......9....".......................................N.........................!1AQq.."a.2...#34Br...$Rbs..%5C.....Sc..&D..t.6T......................................................!1..A2."BQa..q..#..............?.....Ti....q.k.'B.Th....:+V..V.l.Z\aMT.....k..&)...b..+...k...]......2.S9..N......M.p~\|.Hk...s...\|'.v"...6.<.....~#I.... 5.G..kgA.k......B.k\.q...,n...L.a.....?\oB.....%......v0...Z.P.B.k.z.B...e..F}...3_2.. ...-.6t./.....4....S.....N.9..^.?.pU./.....].n.H&....T.OO....@....i.y...g....!L?4.9"x......1.`S..O.Uj.L}S.L...(..!.!c......C.T.?^..).N.G.?........7.H...~{!..Xe.I....8.>...I..t;..P...E..7.F]C...l}...B..W...H..P.A.h.{.W...].}...P...Y....x.....v=...Q....E\|l."......:.........>#.....7q.-..u.ek.5.1...F..L.g.\F.O...>...?.[...Q'....W...K`............[_....K.....FTx.L....V4.....pq...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\avondklok_hero[2].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=10, manufacturer=Canon, model=Canon EOS R5, orientation=upper-left, xresolution=154, yresolution=162, resolutionunit=2, software=Adobe Photoshop 22.1 (Macintosh), datetime=2021:01:13 21:03:30], baseline, precision 8, 830x554, frames 3
Category:	downloaded
Size (bytes):	98251
Entropy (8bit):	7.745059467279069
Encrypted:	false
SSDEEP:	1536:oul4S0ypW+0P6hnUirAXNE/rzu3jkFSYmMfB3wwjqBYy9+bgYSk5:oul4SVW5CHUNETzwkFSliA9BTEbgtk5
MD5:	1E2C742A6289643D06E88E7D7AB508E1
SHA1:	575E3794F376DDE32E63B0EFD2A2DD5796B51339
SHA-256:	FE907BFC5ED096F002908D44FA3ECD25E451AB1FEB02E85EDCAF588C9907DB01
SHA-512:	E6AD7C9F66E4AFB42DFD943D19E6445729005AE9FBB006C0A4A492E4CCBE554B22653D26121AC754611A63FC4D09B1B3B1BA00F6C1D13620DBA827EBBB2694D5
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/header/avondklok_hero.jpg
Preview:	......JFIF.....,.,....#.Photoshop 3.0.8BIM.......C..Z...%G.........7..20210113..<..172738..Z..Den Bosch..e..Nederland..d..NLD.....19.....avond.....britse.....buiten.....corona.....coronavirus.....covid.....covid19.....covid-19.....donker.....klok.....s.nachts.....variant.....zijn..(.. ..P..Ramon van Flymen..U..Ramon van Flymen..g..427075918..n.$Hollandse Hoogte / Ramon van Flymen ..s..Hollandse Hoogte..x..Nederland, Den Bosch. 13 Januari 2020. Het is erg rustig in de binnenstad van Den Bosch in de avond. Het kabinet denkt na over een eventuele avondklok. Foto: Ramon van Flymen / Hollande-Hoogte / ANP......1:0:0:004690.8BIM.%........m N.[......I 8BIM.:....................printOutput........PstSbool.....Inteenum....Inte....Clrm....printSixteenBitbool.....printerNameTEXT..........printProofSetupObjc.....I.n.s.t.e.l.l.e.n. .p.r.o.e.f......proofSetup........Bltnenum....builtinProof....proofCMYK.8BIM.;.....-..............printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....C

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\cultuur-uitgaan-sport[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	958
Entropy (8bit):	7.665208359525332
Encrypted:	false
SSDEEP:	12:6v/7/6iSPSHYPdvZfxjS3qGPV0uCuglDfaFB+PykJw6WspGDGkpTiehBv6TH98z3:K6iPHYlPsBP/6le5kJgsQSG2eniTHQ7
MD5:	09FF59129DC72C9B2CEE339B19930025
SHA1:	EEA6C815155E3EED28450C8D9A393FC0265924DD
SHA-256:	BB3BD443C1F0DB3DB457A3D2818DFC463E5A384FCDECB54075FAA2E176838048
SHA-512:	0DA4F6ED705584BBE182E3A4A8EBD67EA9B02199C82A2846E629AC20EBB0DE7C57191C9134B1B43273B32C825B28D9386CD6AFAD82AD9E3985F4BE8008E64E5B
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/cultuur-uitgaan-sport.png
Preview:	.PNG........IHDR...@...@......iq.....pHYs...........~....pIDATx..[.q.0..r}.7h6.;A5.FP_.R...2.6.6.......<.z.W.!%Z?`X.w8.4!.....a$".ez.1wD.!b..$l.-.X.(...........S..<%.mN...a(..N.m.S.( ..98...5...c......+......<aDl.q......%.r.Q=...h..9J`..;.q)M.M.....F..p.r..........q........,.........j!SC..........k.v..L.....HV.~5%(.@?b.'..\.[7...$..Ld....O.h......i.-..r......i.?J#..F.v.}`_.JD..v.jP.+A...7r5...N.NqL..0....Y..Z..>.N.+.\|....#......Y)?\+...6...........Ok...H;#.@.S..E,..=.....{.......-`.}6.c}6%m..)K".%m.\..,.!b....\.-r.J..p..C..O.lJ9-........G.....nF....w............#}7.....a....qv.j....\|.1d..W.......e....}G..;......Rd....\........&cxL....m....,.......#;..X".....-..$.=%;....]....<. .:hM..>oa..s.....M:..er.D.v.i.}).jD...ON57...-J>bb.......C.p.y.M...%.R.."e.^..}!.h.;.I9.)K>.".....@.(..$.-.I..S.I....B."#......$7o..l-o/..A?+R.1..z~.......e...sE.....4.w.P..}._...........d""....(J.a.....u....]...EG.....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\dit-is-jenv[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=15, height=4425, bps=194, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark IV, orientation=upper-left, width=6638], baseline, precision 8, 830x553, frames 3
Category:	downloaded
Size (bytes):	210367
Entropy (8bit):	7.939563435669795
Encrypted:	false
SSDEEP:	3072:mjGRG9w+aqSPilLkYGDpxwKIffUKTPk4Z2xCQMhcQGXp2tEy79991rJxMuY:SvciNQp2KOcKTPkihc5Xp2V9IB
MD5:	321C04D14C4CB2FFD89436D22BBDD867
SHA1:	0BC818E1CA669CC48A5CD035765358C4BECD4F2B
SHA-256:	CBFD7BF6202AE5DED70BAA5F17F93B0CB4BE2DCBFC350E0A05C32BF11697E9E1
SHA-512:	09C69E694A12BAFD8065DA052E59D2294CEC6F2822C0C3E56F8E5BD1F1CC545EC2C37C3C17ADE705E401ACA00728BBCD95B5F0B008B6D9AD55F73933B4B25DAC
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/ministeries/justitie-en-veiligheid/dit-is-jenv.jpg
Preview:	......JFIF.....,.,....1NPhotoshop 3.0.8BIM.......Q..Z...%G.........P..Valerie Kuypers..7..20180814..<..140204+0100.....0:6:0:006816.8BIM.%...........D3.5b)$.>.8BIM.:.....c..............printOutput........ClrSenum....ClrS....RGBC....Nm TEXT.....s.R.G.B. .I.E.C.6.1.9.6.6.-.2...1......Inteenum....Inte....Clrm....MpBlbool.....printSixteenBitbool.....printerNameTEXT.....C.a.n.o.n. .M.G.7.5.0.0. .s.e.r.i.e.s......printProofSetupObjc.....I.n.s.t.e.l.l.e.n. .p.r.o.e.f......proofSetup........Bltnenum....builtinProof....proofCMYK.8BIM.;.....-..............printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o..........Bl doub@o..........BrdTUntF#Rlt............Bld UntF#Rlt............RsltUntF#Pxl@r..........vectorDatabool.....PgPsenum....PgPs....PgPC....LeftUntF#Rlt............Top UntF#Rlt............Scl UntF#Prc@Y..........cropWhenPrintingbool..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\img-helpers[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	19474
Entropy (8bit):	5.126004100473408
Encrypted:	false
SSDEEP:	384:6xlRv5qfYWBwK+i+nHnfebLahDmHiklM3V5zkeBgwtPQ4ywvm+mDxgGxgst4vOwP:6xlRhdK+i+n/ebLa8HiklM3V5zkeBTtX
MD5:	80A90D742AFACB572E64194595B8D254
SHA1:	5888D04E386478F0B32EA3E0749E634F825B1D06
SHA-256:	8B94CF4B63020D52A52972A68B8F7236DD3B624F7A68701E2D09C6BF025D5459
SHA-512:	BD6FBBBA121C39E5C2A54547D36F5AFAA8A2F979003A7FB70A22F03027535FA4FFAF8E0E0236643165A070EC47E8CA9ECFA7FECCC264ABCD82B19EEB5443C96B
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/img-helpers.js
Preview:	if($.widget("img.lightbox",{isBuild:!1,currentSlideNr:0,nrSlides:0,transitionTime:400,$slides:[],options:{type:"single"},_create:function(){this.lightboxUniqIdBase="lb_"+Math.random().toString(36).replace(/[^a-z]+/g,"").substr(0,6)+"_",this.$images=$(this.element).find("img"),this.$triggers=this.$images.closest("a"),this.nrSlides=this.$images.length,this._catchClicks()},_catchClicks:function(){var t=this;this.$triggers.on("click",function(e){e.preventDefault(),t.currentSlideNr=t.$triggers.index(this),t.$selectedImg=t.$images.eq(t.currentSlideNr),t.openLightbox()})},_createElements:function(){var t=this;this.$overlay=$("<div/>",{class:"lightboxOverlay","aria-hidden":"true","aria-modal":"true",role:"dialog",tabindex:"0"}).prependTo("body"),this.$modal=$("<div/>",{class:"lightboxModal",tabindex:"-1"}).appendTo(t.$overlay),this.$rail=$("<div/>",{class:"slideRail"}).appendTo(t.$modal),this.$images.each(function(e){t.$slides[e]=$("<div/>",{class:"slide"}).data("hasContent",!1).appendTo(t.$ra

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\jv-dv-20181220-id0i0q33x-ondertiteling[1].srt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	3379
Entropy (8bit):	4.847424360375029
Encrypted:	false
SSDEEP:	96:X9xhiHxGa9sgAQhL3eXoiXX32Wkc/KZryAVPoUpUc9bgC0e:X9xwRVsgAkL322YSZGibgpe
MD5:	332722E51B84D0272EDC2DD335335BB1
SHA1:	23C8579179A1F95E1EFB76DE6C32EF74A3065FDB
SHA-256:	B968F7DADA801B99472FEBDA8A9B4ACF3EB139E9C59235408A6330724226F7E5
SHA-512:	30774553777E5A3B32008FA861A1C75853D0454375F1ED1BDA1D352B64828611F84B605992B503DF5C7FAA6D853803204E87B2F6A4D5C05FE4B755DB6A4C457A
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rovid.nl/jv/dv/2018/jv-dv-20181220-id0i0q33x-ondertiteling.srt
Preview:	.1..00:00:03,440 --> 00:00:06,440..Ga je mee, Jack?..Kom!....2..00:00:08,840 --> 00:00:12,560..Ik haal even een dossier op bij de planning.....3..00:00:13,160 --> 00:00:14,640..Aan het verbouwen.......4..00:00:17,320 --> 00:00:18,760..We gaan nu naar binnen.....5..00:00:18,760 --> 00:00:20,640..Daar worden de voetgangers gecontrolleerd.....6..00:00:20,840 --> 00:00:23,560..We komen steeds meer drugsafval tegen.....7..00:00:23,560 --> 00:00:26,960..Alleen ik al honderden keren per jaar hennepafval.....8..00:00:26,960 --> 00:00:31,400..Arbeidsmigranten tot prostitutie.......9..00:00:32,280 --> 00:00:37,200..Zodra hier een melding binnenkomt via 112 ..willen we als eerste weten waar iemand is.....10..00:00:37,200 --> 00:00:39,440..We willen weten wat er aan de hand is.....11..00:00:39,440 --> 00:00:43,000..Zodra we dat weten gaat er al een alarmering uit.....12..00:00:43,000 --> 00:00:46,200..Je leest iemands verhaal, je kijkt of de identiteit vaststaat.....13..00:00:46,200 --> 00:00:49

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_player_controls[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	6892
Entropy (8bit):	4.763802411629559
Encrypted:	false
SSDEEP:	96:xmpi4tK6wSwc3FNS/7ZkgHuP6ewRJVpMMhPc8MjUyc23A:f7cV8jZkgHuP67RJVpMMhYc
MD5:	1E30E3E441D628F2BE006DCDFF02B57E
SHA1:	CA417736C4C5110A2EB202C217D632C4DB1732DD
SHA-256:	62628A9753CC738D59B24741458C5E97E9425C9840F31D8D3A54C3AA426228A7
SHA-512:	6F7A7B376B4090E32FF75CD2B37BC7A52A0288EA26ECFC643DC0C764D142E05014B4FDE7D19612B14670AE57CB0BF6223BB69AE386C7A4080F2C651F242C4B67
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/images/media_player_controls.svg
Preview:	<svg id="Laag_1" data-name="Laag 1" xmlns="http://www.w3.org/2000/svg" width="280" height="200" viewBox="0 0 280 200"><defs><style>.cls-1,.cls-13{fill:#01689b;}.cls-10,.cls-2,.cls-4,.cls-5,.cls-6,.cls-7,.cls-8,.cls-9{fill:#fff;}.cls-3{fill:#f3f3f3;}.cls-4{opacity:0.4;}.cls-10,.cls-4,.cls-5,.cls-6,.cls-7,.cls-8,.cls-9{isolation:isolate;}.cls-5{opacity:0.6;}.cls-6{opacity:0.8;}.cls-7{opacity:0.9;}.cls-8{opacity:0.3;}.cls-9{opacity:0.5;}.cls-10{opacity:0.7;}.cls-11{fill:none;}.cls-11,.cls-13{stroke:#01689b;stroke-miterlimit:10;stroke-width:2px;}.cls-12{fill:#02689b;}</style></defs><title>media_player_controls</title><g id="Laag_1-2" data-name="Laag 1-2"><path class="cls-1" d="M22.69,19l-9.44,6.8a1.79,1.79,0,0,1-.78.22,1.15,1.15,0,0,1-.55-.11,1.2,1.2,0,0,1-.67-1.07V11.26a1.19,1.19,0,0,1,.67-1.07,1.48,1.48,0,0,1,1.33,0L22.69,17a1.15,1.15,0,0,1,.39,1.58h0a1.06,1.06,0,0,1-.37.36Z"/><g id="pause"><rect class="cls-1" x="11.25" y="30.01" width="4" height="16"/><rect class="cls-1" x="19.92" y="30

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\nl-alert-8-juni-2020[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x300, frames 3
Category:	downloaded
Size (bytes):	13696
Entropy (8bit):	7.954820043051657
Encrypted:	false
SSDEEP:	384:1lK02KPmqQV/Tj/e9A3IWFIt0FwE4sPMcNAIqn:i0Dvm/Tq9APIt0FwEAIq
MD5:	C7F750297F53DEAFBF9BF1A88063BF2E
SHA1:	063B03A10C8B87B032F5D6657FE9F52120775568
SHA-256:	0A66153A80CA9D3CB001618FAB6B3DCBDBB4B80EFA7294D97746B8DAE9E37327
SHA-512:	B0BEA8EBD24B0C5CBC1A31C7F9A5F1DBDA477133C338A1E3122C7F98E64494FD9DB27D5E54ED911C32574B4DBF7EA39293E776E627F523189CC228B9C4C196FA
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/home/2020/nl-alert-8-juni-2020.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......,...."........................................Q........................!1..AQ.."aq........2BRT...#6rs.$&3SUb....45Cc.....%7Et.................................2........................!.1.AQa."2qR........3#B.............?.....Y<....H..T......d..V.'d..v@+$[su"...+'...oJ,... .....c..;..4....H.dqG...N.)Z....#.D..4.t.\|.l..B.$%l... ...R..@..;Y....$[;)d........#...9.$..VH.YD.............7K.eH..E+d..G..HK...2@G...;w.D.,...$..H..TP..B....T...Z...4FH..A.v..v....;..!.$.BG4.,...Y.CD...2.!.L...I.02@G4.jv.+Y.......d..#.........h.h....5$..@$..7A....J'U.y.....##....u.\.wH.....$...ae........-.*a.}.KX..u..W.V....)+..."...Q....i..e; #t".&md.RR.....y.G.I. #.JV(!.....$....OR...)..\..!=..,..Y.vA,...:)..d.].....G$.......@^....d..V.K..H.).E.....v..d.5FA.....VE.8.2@.E.....KM....Y..i...$.#.-.?....qFH:.$..$..J8 ..$...D ..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\paging-menu[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	350
Entropy (8bit):	4.964936724886392
Encrypted:	false
SSDEEP:	6:L2C5hIpAzZtuz7ALxRHKjhlD/rnwt6NeBPqKa951NdVlqKagD7VlqKaupfrGYf:L2C5KuomRQl7rnm6NiPq9951Ndq9uq9A
MD5:	A56DAE07C4D7FEFFCC291EEAD0260548
SHA1:	2BF056F2C550C3CFC5BDFE55363F3F039655A2FE
SHA-256:	4319E43CE717A1AD21C9B814A0211DA7F9580FAC830B7B75F7EB05A2F805398B
SHA-512:	2B08B77449873556C4D8D56F116D68B5BEEC52930096DC588E831FF15A4DDA2C83A3B8FAC9BD0330F993FA36AC91CF6A4A239798C92EFCAC1C0F8AA84C4918BF
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/paging-menu.js
Preview:	$.fn.pagingMenu=function(){var n=window.innerWidth\|\|document.documentElement.clientWidth,e=$(".paging__number:first"),g=$(".paging__number:last");n<375&&(2===$(".paging__number--dot").length?e.next().remove():(g.hasClass("paging__number--dot")&&g.prev().remove(),e.hasClass("paging__number--dot")&&e.next().remove()))},$(".paging-menu").pagingMenu();

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\piwik[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Formulier%20'Werkgeversverklaring%20avondklok'%20%7C%20Formulier%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=755260&h=9&m=36&s=52&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19%2Fdocumenten%2Fformulieren%2F2021%2F01%2F21%2Fformulier-werkgeversverklaring-avondklok&_id=cd1f4b289902c6c4&_idts=1611596187&_idvc=1&_idn=0&_viewts=1611596187&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22jenv%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%7C%22%5D%2C%223%22%3A%5B%22type%22%2C%22leadingpage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22e9134736-1ad0-4f21-af21-2ec5462efa72%22%5D%7D&gt_ms=3&t_us=33&t_ue=33&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=27&t_as=28&t_ae=30&t_dl=28&t_di=211&t_ls=211&t_le=211&t_dc=222&t_ee=249&pv_id=iEuL5j
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\piwik[2].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Abonneren%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=303247&h=9&m=37&s=5&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fabonneren&_id=cd1f4b289902c6c4&_idts=1611596187&_idvc=1&_idn=0&_viewts=1611596187&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22-%22%5D%2C%223%22%3A%5B%22type%22%2C%22webpage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22f4f07141-bfea-4154-aa70-7820927185f7%22%5D%7D&gt_ms=3&t_us=38&t_ue=38&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=30&t_as=32&t_ae=33&t_dl=32&t_di=263&t_ls=263&t_le=263&t_dc=283&t_ee=316&pv_id=mIwneg
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\topic-list[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	401
Entropy (8bit):	4.765987664274307
Encrypted:	false
SSDEEP:	12:IMI7ee3nlN/H8YVEpASSX4aGhFGDNNh3/NwEHmB:jI6efH8+SSXrGhFGDNNhvNwEGB
MD5:	EDFB27E99A504C23313634109CFB11D3
SHA1:	8970A15766E8024C7B98F3A779B896DFDCA4DC81
SHA-256:	5EA7D64E8CB171BB7A1C9B8D3F09C1E63E0E4B8985411A2F8EAB053967115F42
SHA-512:	ABAAD0A971A087A6D1B98F5606E310AA7A118B776E163976563D07F249890D1068696321E8EABAF805F135FE0159BEA943E8E68AD7E9D4BB49F1FD59D94CF9A7
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/topic-list.js
Preview:	$.fn.collapsibleList=function(){$(this).hasClass("alphabetical")\|\|$(this).find("h3 a").on("click",function(e){if("mobile"===Core.viewport\|\|"phablet"===Core.viewport){e.preventDefault();var a=$(this),l=$(this).parent("h3").next("ul");a.hasClass("panelOpen")?(a.removeClass("panelOpen"),l.removeClass("panelOpen")):(a.addClass("panelOpen"),l.addClass("panelOpen"))}})},$(".topicList").collapsibleList();

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\0045-filmend-persoon[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1813
Entropy (8bit):	4.758908553620278
Encrypted:	false
SSDEEP:	48:cWAiMrec2XwDOKq8fOpISN2OoHY/Tbpgo/QU/Lg:yzqT8OKROuSZx7bfPLg
MD5:	ADA6F8259DFBDC4F2C3384CBF5FA9F41
SHA1:	9A02987B5CFAF546B4177760EBE8BC69F5DF2387
SHA-256:	0A29197E777D924A283A905AFD791B230677FB373C61048F205BB59B99F8F7C9
SHA-512:	E73168042CA116A65E90B1723BF3BCBA3325BAEE3E14179849EE1DC6B907D3F6E06EE55E26CE99D41E1989F269AEC17A69EAAE30988F9AE1AAAC30A2C97B05CB
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/0045-filmend-persoon.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 23.1.1, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" style="enable-background:new 0 0 64 64;" version="1.1" viewBox="0 0 64 64" x="0px" xml:space="preserve" y="0px">.<style type="text/css">...st0{fill:none;}.</style>.<g id="Box">..<rect class="st0" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<path d="M31,27v8c0,1.1,0.9,2,2,2h13c1.1,0,2-0.9,2-2v-8c0-1.1-0.9-2-2-2H33C31.9,25,31,25.9,31,27z"/>...<path d="M52.6,44.1c-2-2.2-7.4-4.1-10.5-5.1h-3.8c0.1,0.5,0.1,1,0.1,1.3c0.3,3.5-3.6,7.3-6,9.1c-1.5-1.1-3.7-3-5-5.2 c0.3-0.7,0.5-1.4,0.6-2.2H28c1.1,0,2-0.9,2-2V27c0-2.1-1.3-3.9-3.2-4.6c0.3-0.8,0.4-1.5,0.3-2.3c-0.3-1.4-1.1-1.9-1.6-2.2 c-0.6-0.3-1.1-0.2-1.5-0.2v-1.5c2.1-0.2,6.2-0.8,10.8-3.1l5.2,3.5V23c0,0,0.8,0.1,1-0.8c0-0.2,0.1-0.7,0.3-1.3 c0.2-0.1,0.6-0.3,1-0.1c0.5,0.2,0.8,0.9,0.8,2.2H46c0-0.7,0-2.7-1.2-4c0.3

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\4012-verpleegkundige[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	2327
Entropy (8bit):	4.729396180383936
Encrypted:	false
SSDEEP:	48:caAiM36b1AoAezQnjrd8IYJbePeqB4+kedSs2k9zGb/fNKzA:azqRtzQnjrd8/CPtBNG7FKc
MD5:	B42DB3B35A2E426756394E16882C81E1
SHA1:	1D52A4BAA182D38BB3AFF9B1EB8ADC5B7E8BC4B4
SHA-256:	0FC0EACDEAC56B932E5F3611C835F4DA227B9C84811D9F695F75A7F4B64D037B
SHA-512:	42AB5B06A5235AFFC660AD87B92A28669B34D1F2646A09CC95FDB33C812B763A576757B9D50C44DA0FA6A4BB8CC0DB6B19B826D4779CFA63F6EBED7E7DBE584F
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/4012-verpleegkundige.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 17.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" id="Layer_1" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="_x36_4px_Boxes">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Production">..<g>...<path d="M51.2886,45.2578c-2.4563-2.5671-9.2193-4.1663-11.0196-5.6074c-0.0018-0.0156-0.004-0.0333-0.0059-0.049 c-0.0965-0.8401-0.235-1.8577-0.3792-2.8415c2.0215,0.2135,5.0197,0.5701,6.9231,1.2385c0.375,0.1318,0.771-0.1191,0.875-0.5381 c1.0144-4.1027,1.8078-8.0523,1.8078-12.2415c0-7.2238-2.6247-14.9078-6.6863-17.7604l0.1899-2.1381 c0.041-0.4497-0.1152-0.8877-0.43-1.2036C41.3973,2.9526,38.4742,1,32,1c-6.4743,0-9.3973,1.9526-10.5659,3.1187 c-0.3123,0.314-0.4685,0.752-0.428,1.1997l0.1944,2.1863c-4.6627,3.6752-7.6941,9.95-7.6

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\4057-basisonderwijs[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	2957
Entropy (8bit):	4.550303428034783
Encrypted:	false
SSDEEP:	48:caAiMo6b1A4znGEk7SDaBWYELLxq7gXxQszUuEEQBQdK5xcCHnXsl3JN6w+jp8lD:azxZk8QVoxUgxQE1/c5ZHXsRJNp+jpSD
MD5:	9C0161D45B85BA29C996863AF1E2F09A
SHA1:	DA1CDA0A636CA079901FBFA06DB104F9239D50FB
SHA-256:	51A09DE42392BD305FF2526EB6689A30EEC1DA2949BCFF22C690C45D553DD875
SHA-512:	073D4F0FF97C484C160F9AEB83B00B2635C86C68DE3B1E5290203EAD6F336A491D1DAB09B908A275E46F07F8046F2999D2092998BA951D6E2437E6ADBF7DAA17
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/4057-basisonderwijs.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 17.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="Box">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<path d="M21.1421,23.2949c-0.1011-0.314-0.4692-1.0186-1.7212-0.9194c-2.7603,0.2246-4.2036,3.4521-4.0234,5.6665 c0.1812,2.2261,1.582,2.1123,2.0474,2.0752c2.7798-0.2266,3.4614-2.4692,3.4678-2.4917c0.0046-0.0159,0.013-0.0294,0.0181-0.0449 c-0.1111-1.4193,0.0381-2.9049,0.2568-4.1711C21.1729,23.3708,21.1536,23.3353,21.1421,23.2949z"/>...<path d="M60,3H4v40h16c0.0209,0.0562-0.0531,0.2623-0.3703,0.3641l-5.4017,1.075L11,63h7l1.7391-10h24.5217L46,63h7 l-3.228-18.5609l-5.4017-1.075C44.0531,43.2623,43.9791,43.0562,44,43h16V3z M17.688,33.1074 c-0.1597,0.0127-0.3

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\RO-SerifWeb-Italic[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 110541, version 3.0
Category:	downloaded
Size (bytes):	110541
Entropy (8bit):	7.996245326669617
Encrypted:	true
SSDEEP:	3072:9weTz3H/X6dN9vfAy/x2qN2H2CV7ukdcWb9A1:9/f6NJJ/fN2Ww7ulWpA1
MD5:	778E789CD8180DEBD9B4DD5D8B8AE0E3
SHA1:	B79791FF50B98EF46FA606CA2D26D24FFE894AE5
SHA-256:	AB448317578C648868C6394CFFE2760264A193E30147C52BD16434BCC214EE5C
SHA-512:	681DBF76DBAE8E8CCD67710553A7F1D3C903CA3D95D87C2AB7DA0428A3414B2B4DFD5A59F99F0823C48F7EF62C4BD94B8FC5FABF98FFB694166D78BBFF02F572
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/webfonts/RO-SerifWeb-Italic.woff
Preview:	wOFF...............X...........%...q........GPOS...............3GSUB...0...u....ujv.LTSH...X............OS/2...$...]...`..[.VDMX.......y.......Ecmap...p.........BEcvt .."l.........g..fpgm...........a.5..gasp...x.........z..glyf..'\..pz.....6o.hdmx..........%hr&=Dhead.......6...6..1@hhea.......$...$....hmtx...........t.-.loca..#....V...x...maxp....... ... ...Hname.......p...z...Wpost...H.........V..prep.. x........)X.D..........;._.<..........H@................................K...............i.........................X...............@....x.c`f..8.......)....o.....`.(..e`ecc`.d`a``X.............F...LLO..a8...h.....c..T.........A...x..KHTa.....fFG.u..]8....hF.4..ad!.d..B...7.=..Z(....R....Q..T.0. I..H..%.R._.{g..Qr.?.....s..j.p5D..p\&.)o.n1........4.oc(/.!.....e.g.A.8.g..A..1...k..5..Lr.H.......CU....T?2bI...G.7V/..T..f..#...4.w.c.~.Y..J..n!'.w./.X+{.q...-....zP....^`...(.`..)..S...}. ...lcX...M...E."wIw.$=...qH..}.(6..{.~..tux!....O-..F).../..zP5.#.. .:.5...0..< ..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\RO-SerifWeb-Regular[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 97062, version 3.0
Category:	downloaded
Size (bytes):	97062
Entropy (8bit):	7.99494849002823
Encrypted:	true
SSDEEP:	1536:DRUCAGqFHjh1GLAEVjwMWn0Xj3uSZ6N404unMYrzF7AYqAe67X/g6GpHbjlklMr4:S7ljyBw50z+SAN40TnMyFMYqAe0O7pk/
MD5:	5AB4F20384346FD9FF46B662E4196F86
SHA1:	3D8D7B29AC8A997E5138F17ACD7CC24A8497280B
SHA-256:	55D2C25ABDD0F5D8BAE058C9E3CF6CAA090A286CB210F47D0D0D123DC77BD96B
SHA-512:	306FFF974AF3F0A356BC058343ADDA10B077A28279D457BE2B4798CA475BD2FCF23BBF4AFEE6950340E75B8F8858E17EB1C7F04F2494627CEA9DA230242DF7E7
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/webfonts/RO-SerifWeb-Regular.woff
Preview:	wOFF......{&..............x....&...r........GPOS..o....l...../.[GSUB..w....u....ujv.LTSH...$.........b!OS/2...$...I...`c.x.VDMX.......r.......gcmap.............BEcvt ..,..........'.jfpgm..)........a.;..gasp..o..........z..glyf..1...4...7...5,hdmx...\...t..B..R8.head.......6...6.>1@hhea.......!...$...xhmtx...p.......t.H5.loca..-4...Y...x...maxp....... ... ....name..fx...e....$#..post..i....%......pprep.........................G_.<..........H@...........................x.c`d``..w........1.b.. ......r..............c...............'....x.c`f\|.8.......).....B3...,.`gB.....080(.fbz......oF..... 9.;L5@.......'...x..MH.A....<o...[.....*+.n..Yb...Td&v.:t(. . :H..K..%...M.....t.K..%2...L.4....h....~<.3..<.!...J..^..>...?n%.w;.E...s\|.6.T(.^c..q...c.........;R...x......."......i.j.A.Q..".....[I.^V..g.YxS.^f.+.....W.(\|..~.Y..>7...a...5.G...Y.!.>..{.F..7......cnJ..X...J.g....B~..9..+C..;.Z..y.q.T.?.a.. F.FYR..Wy.IM._jL.g...N.ru....y.9.S.^e.M(5...._...^.X.....@.....(.......5.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\collapsible-panels[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	737
Entropy (8bit):	4.6942994524433965
Encrypted:	false
SSDEEP:	12:2yTmIzXSPIUrnJi4hEHLHTaMeUFIY011ibTY+469uaBuaMCjUMU11c7QTY+43Pus:KAXSPIU4TY+nuuu11ccTY+cPuBbiu1gn
MD5:	44ECE5C9B5274C1E7FF2E3860E5F1867
SHA1:	64D624D819339BF108FDE04578BB20271BB87043
SHA-256:	463C73A52654C24219A7D110E8C0A3E8823084E52B9C7B6424D0B74A13917DC3
SHA-512:	755EC005300B1ED0D7A3E9C2403E20B58621DA67063059502C7124D7B9D48079820F92E631BE1CF4E982A7353924F2C702DDB528890E94FBBA2A787372EABE8D
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/collapsible-panels.js
Preview:	$.widget("panels.createCollapsePanel",{options:{open:!1,speed:400,easing:"easeOutExpo"},_init:function(){var e=$(this.element),n=e.find("button"),t=e.find(".panelContent");this.options.open\|\|e.hasClass("open")?this.expand(e,n,t):this.collapse(e,n,t),this.toggle(e,n,t)},expand:function(e,n,t){n.attr("aria-expanded","true"),t.attr("aria-hidden","false"),t.slideDown(this.options.speed,this.options.easing,function(){e.addClass("open")})},collapse:function(e,n,t){n.attr("aria-expanded","false"),t.attr("aria-hidden","true"),t.slideUp(this.options.speed,this.options.easing,function(){e.removeClass("open")})},toggle:function(e,n,t){var s=this;n.on("click",function(){e.hasClass("open")?s.collapse(e,n,t):(s.expand(e,n,t),t.focus())})}});

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\formulier-eigen-verklaring-avondklok[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	9751
Entropy (8bit):	5.041743461676945
Encrypted:	false
SSDEEP:	96:Q7MP/ekVVknk1k2UYrsTdgAGjGmHUuDKhn43SJe8/y3WHHaz9GHZzRrlKGoCQF:qaVVukO21A2AW1HUPWrstaEHZzRxYJ
MD5:	39A67FA400CF6D70EF17AE454D943186
SHA1:	BC5F2650B8F5BDBCC585CC38C419C23C6F45764E
SHA-256:	9FA867F6BE0EEE9BF490F6A36488F66F13708696A08622BBD9E30A52DBD95F3F
SHA-512:	0EBE80D89B876F29019C70A9FF18DCDA6C8631036EDE6D077AF4D6ECAECDC4E22B4814A30511CE6E52FA5DDF9C0EFBC5A4CB62F1F88C9E2A38F49A9BFFFC24BE
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Formulier 'Eigen verklaring avondklok' \| Formulier \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Formulier 'Eigen verklaring avondklok' - Formulier - Rijksoverheid.nl"/>.<meta property="og:title" content="Formulier 'Eigen verklaring avondklok'"/>.<meta property="og:description" content="Als het noodzakelijk is dat u tijdens de avondklok naar buiten gaat, dan moet u het formulier .Eigen verklaring avondklok. bij zich hebben."/>.<meta property="og:type" content="website"/>.<meta property="og:url" content="https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok"/>.<link rel="canonical" href="https://www.rij

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\formulier-voor-de-avondklok-downloaden-en-meenemen[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	16782
Entropy (8bit):	4.897056452057007
Encrypted:	false
SSDEEP:	384:cUukOMWeFHUXj3HEjZeETzKjcQuZ0Y9ZzzYJ:ZXWwEj3CxzKjbA02pzYJ
MD5:	D8E2FDD4FE9BDB696C592D27FA9727BA
SHA1:	CEE4FD2712246563E60CA7179D94CA9A08C1BDA0
SHA-256:	6215CF0F5A33ADDD4FAF2FB7C9219BE9919B782789C0B8F5739568DAF1067EA4
SHA-512:	1A021E5D2FB3AB999C334C46D6DAC8C08E35D6DE5B9E81CFAE1EEADA92022953D2F62CB52A7FA7B7E7FB0D98455FCAE2FFA224A947CA478930827D603172BA45
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloaden-en-meenemen
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Instructie voor formulieren avondklok: downloaden en meenemen \| Publicatie \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Instructie voor formulieren avondklok: downloaden en meenemen - Publicatie - Rijksoverheid.nl"/>.<meta property="og:title" content="Instructie voor formulieren avondklok: downloaden en meenemen"/>.<meta property="og:description" content="Als u tijdens de avondklok buiten moet zijn, heeft u hiervoor een ingevuld formulier nodig. Dit moet u bij u hebben en kunnen laten zien aan de politie. Lees hier hoe u het formulier kunt downloaden, invullen en printen."/>.<meta property="og:type" content="website"/>.<meta property="og:url" content="https://www.rijksoverheid.n

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\huwelijken-uitvaarten-feestdagen[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1500
Entropy (8bit):	7.788549845119078
Encrypted:	false
SSDEEP:	24:/iUpOz9ZszIQQJd+jL/SRNfQtWGW9rAmgL47SDrwqbDCjjT6s+6f3RANMQ0+XD0D:/NpXzIsjL/KN46rAXEAbcj+s+658MQJ8
MD5:	5286215F75A785E7541DEDAB95587C7D
SHA1:	ED71EC24F9E2C78385552D0C135F5A389C7F6CA5
SHA-256:	443256FB149B078FE76315020D4C4CEB1A63C9BC510CB6E726A22DC853865508
SHA-512:	96E48437E7A863F1F5970B204571311C372154FA25B2D5035E953198F54C55C3B97B27EDCDDF9AE1B33BF08FA10492821E7D9D2640065CF72E052BF5AD5A2DB3
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/huwelijken-uitvaarten-feestdagen.png
Preview:	.PNG........IHDR...@...@......iq.....sBIT....\|.d.....pHYs.........B(.x....tEXtSoftware.www.inkscape.org..<....YIDATx..Yh^E...Z..k.[.HUPJ.Z.........X....."...uA..'....B.VMQR.$"..J.fmj>..L......;.&_.~...7....g.3...Zha.q...0.......k.."........9p..{).#PSB...(.n`...(...a....8g6~.....A..E.....{....4..T......~... ......../..!..<._...2....j.J.4..a..............+.....3'o..oT.w..?r.N..sPT.yc.....A....?..}k..B'.......v._....2..7..%.,.Rx.........=..1........dt...6...-.o.....eV...."...@.p..@..~d....Gvf..{.;...\......q..L..o..\.J.!.M...r...?..1.....!.g(.g._......0.t...9b...=.?.<U..;......D.>...8yy[`..(....=......Jv.Q`.2tR..#x!<.XY....>...~......~K..i.B.^.....tg"..!i}D.E......;.....Rv.YQ..Zg....(.:p[_.1.(+.l.j...;.o...y.3}.[....b.N..B...,......]..@:f9u.....JS..Q....~..>J?h.....E.4B_._........2.Y.{...q..#?...c.{...#Q.<....)...F... .<....=...i......i.4.\...W......N..k.]d~..&...h.."..,..!T.o.l.....M...j..PfY..NN.X..V..q..p,....p.Ui..m.o..._..F.+X..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\jv-dv-20181220-id0i0q33x-still-middel[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, frames 3
Category:	dropped
Size (bytes):	15822
Entropy (8bit):	7.93419008309866
Encrypted:	false
SSDEEP:	384:QmpXwYgsWYDYajKonNQDke5BBCfVSbLoP6x2+jOHaQY:Q6S/YDTm8NQDkTfY26M+je/Y
MD5:	3AFE92025D79E9E845595048A7E512A6
SHA1:	5A3D987563D65E66111124CE9070FB8E00B11A3C
SHA-256:	D4A9C8F440BA9A8009EC29EC9C7721735748CB7E43017F9CBCB1458A5CFF621F
SHA-512:	82EC5965E3E43FED1B95C9716FCE1B8D7C8056515D9AFD2718758A53270FAB37268D7548BBFD60B4B0091C71B73E69B105926EF32E3088EB0D9E0EFDBE67E394
Malicious:	false
Reputation:	low
Preview:	......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."................................................................................X.C$.......m[R...rI,.lh..%.2.I7$..$.T.D.k, d.e[W....qz.{....SV..l......h...~...t.+.W.Xue.0..<...m....VZ..[Y.;.PY.....m..-....I...$"..Kww..K2z..e&K.......z.Q.c.#.I.."....(B......PY........0C.Q..... .@.!..ipMm)Zk.+I.._"..L.$..U....-F.I.I!.......MGj.....j.].ql6f.^?g....+.X.M..\.]...u..z?...zn2\|..n...@.!...(xV]U. Y.CE...%fGE.Fr.T..I.H..b<.O../.=.K.5C.....]<.tQ..=+.8V\..aXd..$..h0...h.p.Y.cX.....]...u...<B2.H.....D.E'..VBYMP...(..&..[f1.Wfl..$...I,.TU]a.]%v"..e!.o;.&.V..Td.T.......{.Zp.=..FV.o.;b.L..:.7...w..o.D2c.a(2...!.%..V...%.W+..eZ.!..V.`....f_K\.M.\.._(.V<+.6U4WP,....X...n.;...0l..*JHx.1."....[.n%&.V.......N7g.,...Mf.H......@.X...`X..f5.].......K,...v.Fy...d0...MK..F+V...rI$.53i.(.,.B...!..}>f5..Aj

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\logo-fallback-ro[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	22192
Entropy (8bit):	3.7890730903705303
Encrypted:	false
SSDEEP:	384:DW309mPNYV8wLCIpc8IVN1wVZ9P3TqA1JYSmfwel4MADZtr:e0bBYCPOKjEZAV9
MD5:	AD7B7F13A1B30C8B4E7BBE17E4B7C6B5
SHA1:	94FDBD8C2928E7508847B4B2E5A41B8A0D802B27
SHA-256:	09BF69D29882694FA99C8730B853ECA8E855BBDE4FE62B2DF167D177FDBD7DF1
SHA-512:	C173B5531D3539D5F0A62BC39CBC8725C2C32F7AE352ED0E6FE103305D8F417502FA8DEC3A5BDEDFDA62E5ED8A0BAE57392636CF59DB54AF6D659BA7304B6A8C
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/channel-afbeeldingen/logos/logo-fallback-ro.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 21.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" height="69.96px" id="Laag_1" style="enable-background:new 0 0 120 69.96;" version="1.1" viewBox="0 0 120 69.96" width="120px" x="0px" xml:space="preserve" y="0px">.<style type="text/css">...st0{fill:#154273;}...st1{fill:#FFFFFF;}.</style>.<g>..<rect class="st0" height="60" width="40"/>.</g>.<path class="st1" d="M20.72,41.89h-0.7v-1.93h0.7V41.89z M23.86,33.38h-0.7v-1.93h0.7V33.38z M10.97,30.05c-0.05,0-0.41,0-0.41,0.08 c0,0.07,0.17,0.04,0.41,0.08c0.56,0.1,0.78,0.38,1.17,0.38c0.35,0,0.72-0.24,0.58-0.75c-0.02-0.09-0.07-0.07-0.08-0.01 c-0.05,0.23-0.34,0.36-0.63,0.36C11.63,30.18,11.55,30.05,10.97,30.05z M7.14,31.98c0.06,0.08,0.72,0.94-0.29,1.26 c-0.04,0.01-0.06,0.06,0.01,0.09c0.74,0.31,1.11-0.26,1.11-0.26c0.37,0.86-0.2,1.33-0.2,1.33c0.08,0.15,0.44,0.41,0.98,0.53

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\ministerie-van-justitie-en-veiligheid[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	27104
Entropy (8bit):	4.821648877205483
Encrypted:	false
SSDEEP:	384:x5L5hjhS9ukOtW+HU9d3GIdzMEbfC3Secy8DIq8mGREEdgx9ZzzYJ:x5L5j2oWMSd3bZjaSWL/mGREEopzYJ
MD5:	CE8EEB8662B43920BD05AB327D8CDDCD
SHA1:	19D4E92BE31AF2C940493B1EA1DDE0531625D0F4
SHA-256:	127AA617BC8398A83D178E139F9C0FA077ABED207377D3BDD2EC296279FE8D09
SHA-512:	B9F755B3CCF1FCE42B34637E25935D91D4DB91F094FC37CBD47B368BADE931324F632109604234445E26302ED55E8DE833C67F79AB52298F6C6D4D97478B6754
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid
Preview:	<!doctype html>..<html class="no-js fullWidth" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta name="description" content="Informatie over het ministerie van JenV, zoals adresgegevens, beleidsterreinen en informatie voor de pers."/>.<meta name="DCTERMS.description" content="Informatie over het ministerie van JenV, zoals adresgegevens, beleidsterreinen en informatie voor de pers."/>.<meta property="og:image" content="www.rovid.nl/jv/dv/2018/jv-dv-20181220-id0i0q33x-still-middel.jpg"/>.<title>Ministerie van Justitie en Veiligheid \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Ministerie van Justitie en Veiligheid - Rijksoverheid.nl"/>.<meta property="og:title" content="Ministerie van Justitie en Veiligheid"/>.<meta property="og:description" content="Het ministerie van Justitie en.Veiligheid zorgt voor de rechtsstaat in Nederland, zodat mensen in vrijheid kunnen samenleven, ongeacht hun levensstijl of opvattingen. Ju

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\mondkapjes[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1192
Entropy (8bit):	7.762744338222622
Encrypted:	false
SSDEEP:	24:yxlDSHJjt7ilo4ztgRifZSATQzQlADjaz12hhm8TWtq0a033S5dJ:yxZSHJh7dgO2AATmaohsBtLa03Cl
MD5:	858449A94F216796D108896FDC40F4AC
SHA1:	383910F2BD8F3F990AC73FB5D247BEED1829ED13
SHA-256:	656A9EA6299679181C33215F76C75AF3A405C3C161FC2BBB95467C0642A8A229
SHA-512:	8CEA854DB3F8C20D1602D0E49D45E9E70231BD56E828C8C91A4D84491F29DA95AA2069CB9B0C2A437639263A340EC21B47FCFEAFE8586ECB42AB930409B6B564
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/mondkapjes.png
Preview:	.PNG........IHDR...@...@......iq.....pHYs...........~....ZIDATx..[.u.@..x..v...d.......o@. ....& ..N@2.......8.>[....{M.;Y...>_XD.%.K....f..#\|^.k.&.sy.3.......e.?..\Djo..=.O:(......k.o.~S...ADU..."..k...@.....Edg(..],...s..}... "..,g....D.$.=...9`..#Q.......Q.r.fp....h.O..e/d..cj..D...\|........#..]e.d...-.5tDW..]B.Py...x.... n+$6K: .L{...(..'.,...z..~W..CG......Z.?"?.Im.~.m...6.........k...E..S....$p.Q<c....d......5\|.Y...7..TE.G...w+...<.>.F...`..n...0..G........._[.....yi....U.d.Ez..3.Q..U".m....("6{.....!.Dt.........y).R~.(.X.1....r..xK<..2.j..D.H..3<.8D...f.67\.....q.w!J..).z!=C..I....(P..:rC.\|s........S..}.y.#D.......g.1A.-..b.o...../W...0k. P.O/-`m.....% b...}....U...x5.c4y....}...N.$...8S../.......#B%@.uT!V.n/....T.....Dh. Aq.?.....iN....w;e......"~),V[.35..q.)..)...l.L.....m5.`.6Y..)N...2...x..4.;....x..zH.M..l.<..zc.....[........Cf.5(Va...R.n....~...V=x4...'.....r.....~"...,.O3}l. U...B...m...6.+....{..6.{..h..T.>..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\page-feedback-bar[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	2405
Entropy (8bit):	4.6732100482972445
Encrypted:	false
SSDEEP:	48:CtMcX80McX8t8IyI9i4kRpk27oym3jXT5IXNV6TTNkTThTTPy:CtLXxLXVIxzk37o/zXNIXqXKXhy
MD5:	D6FF9DA6F04AF41AA60A9DABE0CFA89B
SHA1:	47550216ABA2FB8185BF2197C22F005C07B4961C
SHA-256:	13405707E0F3CFA9D8F30A1CBBC1ECC040B0B33387914D0618E550C8AC855B21
SHA-512:	49BA5F28519DFF14356826F16F3F5F3ECCD14AD02511F50F6005A26BA96CA2F65FAF279D4112B4BB5D556F20CC47A46DF1CF5690E20DF303A631CA520FCF41DB
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/assets/rijksoverheid/presentation/css/page-feedback-bar.css
Preview:	.feedbackBar {. display: block !important;. background: #f3f3f3;. padding: 10px 0 0 0;. margin: 30px 0 0 0; }. .feedbackBar .wrapper {. margin-right: auto;. margin-left: auto;. padding-left: 15px;. padding-right: 15px;. max-width: 1200px;. position: relative; }. .feedbackBar .wrapper:before, .feedbackBar .wrapper:after {. content: " ";. display: table; }. .feedbackBar .wrapper:after {. clear: both; }. .feedbackBar .wrapper:before, .feedbackBar .wrapper:after {. content: " ";. display: table; }. .feedbackBar .wrapper:after {. clear: both; }. .feedbackBar .formContainer {. width: 100%;. padding: 0 15px 0 15px; }. @media (min-width: 992px) {. .feedbackBar .formContainer {. margin-left: 16.666667%;. width: 66.66667%; }. .fullWidth .feedbackBar .formContainer {. margin-left: 0%;. width: 100%; } }. .feedbackBar fieldset {. margin: 10px 0 20px 0; }. .feedbackBar legend {

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\piwik[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Informatie%20van%20de%20Rijksoverheid%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=241218&h=9&m=36&s=47&url=https%3A%2F%2Fwww.rijksoverheid.nl%2F&_id=cd1f4b289902c6c4&_idts=1611596187&_idvc=1&_idn=0&_viewts=1611596187&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22-%22%5D%2C%223%22%3A%5B%22type%22%2C%22homepage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22fb90d6cd-af1f-4e99-810f-58f024dea98c%22%5D%7D&gt_ms=4&t_us=91&t_ue=91&t_fs=4&t_ds=4&t_cs=4&t_ce=4&t_qs=80&t_as=83&t_ae=84&t_dl=83&t_di=335&t_ls=335&t_le=335&t_dc=349&t_ee=377&pv_id=zcpY0T
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\piwik[2].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Onderwerpen%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=402791&h=9&m=36&s=48&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen&_id=cd1f4b289902c6c4&_idts=1611596187&_idvc=1&_idn=0&_viewts=1611596187&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22-%22%5D%2C%223%22%3A%5B%22type%22%2C%22placeholder%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22912d5da2-9b1b-41bd-99da-7ed38787b691%22%5D%7D&gt_ms=11&t_us=45&t_ue=45&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=31&t_as=34&t_ae=42&t_dl=34&t_di=217&t_ls=217&t_le=218&t_dc=237&t_ee=272&pv_id=TB3dYI
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\piwik[3].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Onderwerpen%20%7C%20Coronavirus%20COVID-19%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=866594&h=9&m=36&s=51&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19%2Fdocumenten&_id=cd1f4b289902c6c4&_idts=1611596187&_idvc=1&_idn=0&_viewts=1611596187&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%22%5D%2C%223%22%3A%5B%22type%22%2C%22-%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22-%22%5D%7D&gt_ms=5&t_us=36&t_ue=36&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=27&t_as=30&t_ae=32&t_dl=30&t_di=212&t_ls=212&t_le=212&t_dc=226&t_ee=270&pv_id=svXZWK
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\piwik[4].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Ministerie%20van%20Justitie%20en%20Veiligheid%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=873249&h=9&m=37&s=1&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fministeries%2Fministerie-van-justitie-en-veiligheid&_id=cd1f4b289902c6c4&_idts=1611596187&_idvc=1&_idn=0&_viewts=1611596187&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22-%22%5D%2C%223%22%3A%5B%22type%22%2C%22unithomepage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22df52230b-304e-4a67-8703-ae85e137e3fc%22%5D%7D&gt_ms=3&t_us=39&t_ue=39&t_fs=4&t_ds=4&t_cs=4&t_ce=4&t_qs=33&t_as=35&t_ae=36&t_dl=35&t_di=2019&t_ls=2019&t_le=2019&t_dc=2039&t_ee=2207&pv_id=pmp93s
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\piwik[5].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Contact%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=956224&h=9&m=37&s=3&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fcontact&_id=cd1f4b289902c6c4&_idts=1611596187&_idvc=1&_idn=0&_viewts=1611596187&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22az%22%5D%2C%222%22%3A%5B%22subject%22%2C%22-%22%5D%2C%223%22%3A%5B%22type%22%2C%22webpage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%224285508d-8cdf-4b73-ba3a-55f8657f109c%22%5D%7D&gt_ms=3&t_us=57&t_ue=57&t_fs=13&t_ds=13&t_cs=13&t_ce=13&t_qs=49&t_as=51&t_ae=52&t_dl=51&t_di=390&t_ls=390&t_le=391&t_dc=403&t_ee=415&pv_id=MImGQi
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\roze-vlak-homepage-1920x330px-tp[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 1250 x 215, 1-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	321
Entropy (8bit):	5.289622470502654
Encrypted:	false
SSDEEP:	6:6v/lhPKtUyKmv8BRmhWS2f2zgN4VQIMBeDgK4KEMwoQIMBeDglp:6v/7ytUUml92zS4VQIjDgWEMwoQIjDgL
MD5:	F8DBB2D68641518DC3996E618D77E24E
SHA1:	74519AD8C86A2E1D5FA16B4B5DAB47F0AFAEF341
SHA-256:	5323637FCF2CCCE316BDE2693B2670C9C97C626C4DF99D390338EF10631E89DF
SHA-512:	50289050FB74DA895127CFB12E4537986669F7CC567CFEBE19D2DB2DF34BDD363EF1A9BD95EA742374B494F405171E661CC047737885FC167140F4A82FA7C892
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/large/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/lowres-fotos/roze-vlak-homepage-1920x330px-tp.png
Preview:	.PNG........IHDR...............l.....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....PLTE..]...A=......bKGD...-.....tIME.......o.....8IDATx..........Om.7........................................v..2...%tEXtdate:create.2020-05-14T06:29:26+00:00D......%tEXtdate:modify.2020-05-14T06:29:26+00:005.......IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\touch-icon[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 300 x 300, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	5844
Entropy (8bit):	7.830114096965188
Encrypted:	false
SSDEEP:	96:UU0A/fyOGMqVJfA0ej4fiN2cXLJeoi8eFBIYZoO1Q3wNKg5i8Je:JGpO0ejsA2c7JeLFB1oO1Ag5i8E
MD5:	027BA518208DDF1EECAE028AA010F18D
SHA1:	DA0DF8D34682EE459EF06DF372FAE792B85870D5
SHA-256:	5003E83080240861EE63A1436F8A12417EAAAD416843A87B831F04DBEE8C75BC
SHA-512:	5D135B78B7501845B3C32F204ABE1DA9B7611D08DF3E7DF53CC0C90FBBC6FB2346CF263DCA1462D3A1BF6A18193F84EA909367C5D5E2E72A5548493B6F1EA01C
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/assets/rijksoverheid/iconen/touch-icon.png
Preview:	.PNG........IHDR...,...,.....N.~G....tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c021 79.155772, 2014/01/13-19:44:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:6f6c313d-0fc9-43fa-a7e3-6d6a1fb54f66" xmpMM:DocumentID="xmp.did:281C48E103A411E49AE0B91D93329B9D" xmpMM:InstanceID="xmp.iid:281C48E003A411E49AE0B91D93329B9D" xmp:CreatorTool="Adobe Photoshop CC 2014 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:4f9f6108-2bc1-4621-953a-defda2345a90" stRef:documentID="adobe:docid:photoshop:4965252c-4c0d-1177-b2db-beb79a4e3726"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..i.....PLTE.i..@q..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\winkelen[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	892
Entropy (8bit):	7.611518875104057
Encrypted:	false
SSDEEP:	24:/iUpNyj9QzJK8ana1o7Rb3KuJr2AKsbRvhHi6N:/NpNa92K8anGoFbxr2FsbbJ
MD5:	600D63170E55B075CC13F951EFB783B4
SHA1:	7BFD3DA4F19D6FD8DDA200D294E538A301310E98
SHA-256:	71D7504ED749C805B89940680BAC309D135314F99EB4B6AF6CC1A84A20DF251F
SHA-512:	5332A568F14C4EED5B064D627A91BD6F1DCDCCC693D2C369DDC755675B5C7FCC6F342587E69674E649E0B27F193434EE66BE4E19207C582C491FD693A1B96CD0
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/winkelen.png
Preview:	.PNG........IHDR...@...@......iq.....sBIT....\|.d.....pHYs.........B(.x....tEXtSoftware.www.inkscape.org..<.....IDATx..kTA....Q.~.#H4Zja!...ZD,.{..Am...l..D..)...F-Lc.....LT.FcL.f-f.wgg..g..q>8..{f...sf.H$..D..g.Q.n..........gm.8.+@..,\|..>...0...$..Y.:V...~.A..p...l..e\|..@.e...8..?j4..!....j...:v.;..+j.m...4l.s6NR......7.3.9..t2.W..sb3"..v.O....u......F`...........~...Y.(.@.B..A.E..\|0..b.>`m.z.u~.e...O..o....\..3{............GP.I..h-.o,....U..!.1......(....;...?Y;a...#.....v+<..Y..W....o.6e.....Z.k..,....`...1w....U.X.3 ....`..Y..v...J.I.W.U..G}.!...8.<A=..].k4....Y`.q..{.7.f........p.g.:7=$Q....q...xi.....p. S4'?F.&.).+.}.......f.^Gu..."#...{....J.i."5..j.\|o.....Q.$....!g.u....).W.E...$.._"X_6.9W#...%..a..$..L....]..j=Y..#\|9..\A.M.1........l..q.1..;...;.^..0...m...).D....QW...[.n...:.{.....f'jE..8....}.m...P.$..D".?....B.W.J....IEND.B`.

C:\Users\user\AppData\Local\Temp\~DF037A670368A334A6.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	25441
Entropy (8bit):	0.27918767598683664
Encrypted:	false
SSDEEP:	24:c9lLh9lLh9lIn9lIn9lRx/9lRJ9lTb9lTb9lSSU9lSSU9laAa/9laA:kBqoxxJhHWSVSEab
MD5:	AB889A32AB9ACD33E816C2422337C69A
SHA1:	1190C6B34DED2D295827C2A88310D10A8B90B59B
SHA-256:	4D6EC54B8D244E63B0F04FBE2B97402A3DF722560AD12F218665BA440F4CEFDA
SHA-512:	BD250855747BB4CEC61814D0E44F810156D390E3E9F120A12935EFDF80ACA33C4777AD66257CCA4E4003FEF0741692894980B9298F01C4CDD2D8A9C7BB522FB6
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\~DF39AA4FEEDC27AB5D.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	149683
Entropy (8bit):	1.2083927610860543
Encrypted:	false
SSDEEP:	384:kBqoxKAuqR+Jn1kHg/6+UR+Ddj+UR+Ddd+Z+M/xPQkdcoq9gg9BDSpWhoyDM+ucP:Dzm
MD5:	147DE5444B19B50B56CC335B255F078F
SHA1:	2DAD052D7667076E001081DC6A7B79875A84E5CF
SHA-256:	EB32350A69C0CEB4DA613C6334B070AA7B3A5711EE87B5C2858F08C225627CC4
SHA-512:	6BCC03EBE768D231C46ECD3D2E97FE74F60B3397F7B94B0DE653CD04198357C090B5F6B3E6F9B93B8AC380D743A4DE75AF8CCFF88A7D552699DF7EC0406B8673
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\~DF786A98532573F663.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	13029
Entropy (8bit):	0.48017161534761993
Encrypted:	false
SSDEEP:	24:c9lLh9lLh9lIn9lIn9lodVF9lodP9lWdjr+/+68V:kBqoIdQdudjy264
MD5:	5100BB7A16C61E6E5D0A4C94F143F311
SHA1:	AE49C2ADF501F051D2FEC7176F8AD5E3A0109619
SHA-256:	B17CD09E4477F8266032F966AAE5114E77D4A75D07A1FC87124E7B11EC466CFE
SHA-512:	FBBBFB55D3D74B30948D8216445E32F319783FAAA7C3CDAF4357A40B93BE5C9131E521A9EF4BCE2D397F7AEE2356B50CF1E420059FE6685115F339CAA956FCEC
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\LQKH77V1YDDOY8AYZKRZ.temp Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	3440
Entropy (8bit):	3.1823817549122335
Encrypted:	false
SSDEEP:	48:XfdifPxIYC9GrIocAsASFhdifPxIYh683GrIocAczH:qPxy9S8AJ3Pxf3S8AG
MD5:	48AC04EA22512E4DDF56B8AE7C2A0EE7
SHA1:	E0DC0C2EE91B1E4D9D366598670F98D7F29B7894
SHA-256:	449A90BAC00657B4DE4325C618E31E2B2F83E4A7BE01EB74D551ECB17DE9AF50
SHA-512:	35C9D62B4E236F1E84131C749B2089BF3E0EA2487C0E5CBA4A492CF5FDD38569D15B524E63380D093215B283236D1C574C7088D2B33905E9661D2EE402B8C7F8
Malicious:	false
Reputation:	low
Preview:	...................................FL..................F.@.. .....@.>...wTB.@.....?.c................................P.O. .:i.....+00.../C:\.....................1.....>Q=w..PROGRA~1..t......L.>Qqx....E...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....l.1......L.J..INTERN~1..T......L.9R................................i.n.t.e.r.n.e.t. .e.x.p.l.o.r.e.r.....f.2......L.9 .iexplore.exe..J......L.J9R.......R..........x.............i.e.x.p.l.o.r.e...e.x.e.......^...............-.......]............?......C:\Program Files\internet explorer\iexplore.exe....-.p.r.i.v.a.t.e...C.:.\.W.i.n.d.o.w.s.\.S.Y.S.T.E.M.3.2.\.I.E.F.R.A.M.E...d.l.l.........%SystemRoot%\SYSTEM32\IEFRAME.dll...................................................................................................................................................................................................................................%.S.y.s.t.e.m.R.o.o.t.%.\.S.Y.S.T.E.M.3.2.\.I

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 25, 2021 09:36:25.970642090 CET	49726	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:25.970974922 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:25.991774082 CET	443	49726	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:25.991915941 CET	49726	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:25.991954088 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:25.992047071 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:25.997558117 CET	49726	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:25.998145103 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.020131111 CET	443	49726	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.020174026 CET	443	49726	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.020210981 CET	443	49726	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.020247936 CET	443	49726	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.020273924 CET	443	49726	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.020277977 CET	49726	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.020298958 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.020317078 CET	49726	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.020323992 CET	49726	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.020338058 CET	443	49726	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.020375013 CET	443	49726	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.020382881 CET	49726	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.020416975 CET	49726	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.020421982 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.020431995 CET	49726	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.020462990 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.020500898 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.020509005 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.020528078 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.020540953 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.020555973 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.020565987 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.020585060 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.020601988 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.020638943 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.020679951 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.065480947 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.065579891 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.090111971 CET	443	49726	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.090265036 CET	49726	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.094836950 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.094923019 CET	49726	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.100837946 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.116166115 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.116219044 CET	443	49726	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.116267920 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.116296053 CET	49726	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.122003078 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.122056961 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.122080088 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.122095108 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.122113943 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.122158051 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.168796062 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.169539928 CET	49726	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.171428919 CET	49729	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.172175884 CET	49730	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.189986944 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190046072 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190093994 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190109015 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190140009 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190171957 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190180063 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190187931 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190197945 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190220118 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190243006 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190259933 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190268993 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190296888 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190311909 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190339088 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190347910 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190376997 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190397978 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190424919 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190427065 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190469980 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190479994 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190510035 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190517902 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190548897 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190563917 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190587044 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190602064 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190625906 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190632105 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190665960 CET	443	49727	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190675020 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190706968 CET	443	49726	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190715075 CET	49727	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190756083 CET	443	49726	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190797091 CET	443	49726	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190834999 CET	443	49726	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190871954 CET	443	49726	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190887928 CET	49726	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190911055 CET	443	49726	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190931082 CET	49726	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190937042 CET	49726	443	192.168.2.3	178.22.85.6
Jan 25, 2021 09:36:26.190942049 CET	443	49726	178.22.85.6	192.168.2.3
Jan 25, 2021 09:36:26.190942049 CET	49726	443	192.168.2.3	178.22.85.6

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 25, 2021 09:36:20.500868082 CET	53023	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:20.523941040 CET	53	53023	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:21.498718977 CET	49563	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:21.521593094 CET	53	49563	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:23.380198956 CET	51352	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:23.403455019 CET	53	51352	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:24.064234972 CET	59349	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:24.087207079 CET	53	59349	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:24.694758892 CET	57084	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:24.727405071 CET	53	57084	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:25.004911900 CET	58823	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:25.028036118 CET	53	58823	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:25.922869921 CET	57568	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:25.954324961 CET	53	57568	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:26.132426023 CET	50540	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:26.158376932 CET	53	50540	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:26.690160990 CET	54366	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:26.703329086 CET	53034	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:26.725343943 CET	53	54366	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:26.728549004 CET	53	53034	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:31.503494024 CET	57762	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:31.535327911 CET	53	57762	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:33.604290009 CET	55435	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:33.627545118 CET	53	55435	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:34.694567919 CET	50713	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:34.723326921 CET	53	50713	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:36.798741102 CET	56132	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:36.824759007 CET	53	56132	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:37.431010962 CET	58987	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:37.453926086 CET	53	58987	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:43.281472921 CET	56579	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:43.312758923 CET	53	56579	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:47.499361038 CET	60633	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:47.530828953 CET	53	60633	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:55.093159914 CET	61292	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:55.126825094 CET	53	61292	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:56.247421980 CET	63619	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:56.278703928 CET	53	63619	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:56.400033951 CET	61292	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:56.431580067 CET	53	61292	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:57.247381926 CET	63619	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:57.279249907 CET	53	63619	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:57.556730986 CET	61292	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:57.579761982 CET	53	61292	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:58.564251900 CET	63619	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:58.587587118 CET	53	63619	8.8.8.8	192.168.2.3
Jan 25, 2021 09:36:59.841546059 CET	61292	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:36:59.872895956 CET	53	61292	8.8.8.8	192.168.2.3
Jan 25, 2021 09:37:00.580533028 CET	63619	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:37:00.612037897 CET	53	63619	8.8.8.8	192.168.2.3
Jan 25, 2021 09:37:01.706125021 CET	64938	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:37:01.737535954 CET	53	64938	8.8.8.8	192.168.2.3
Jan 25, 2021 09:37:03.850979090 CET	61292	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:37:03.874212980 CET	53	61292	8.8.8.8	192.168.2.3
Jan 25, 2021 09:37:04.312004089 CET	61946	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:37:04.338046074 CET	53	61946	8.8.8.8	192.168.2.3
Jan 25, 2021 09:37:04.594728947 CET	63619	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:37:04.617791891 CET	53	63619	8.8.8.8	192.168.2.3
Jan 25, 2021 09:37:09.957779884 CET	64910	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:37:09.979572058 CET	52123	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:37:09.980885983 CET	53	64910	8.8.8.8	192.168.2.3
Jan 25, 2021 09:37:10.005601883 CET	53	52123	8.8.8.8	192.168.2.3
Jan 25, 2021 09:37:10.038832903 CET	56130	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:37:10.064670086 CET	53	56130	8.8.8.8	192.168.2.3
Jan 25, 2021 09:37:21.766597033 CET	56338	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:37:21.801548004 CET	53	56338	8.8.8.8	192.168.2.3
Jan 25, 2021 09:37:44.513115883 CET	59420	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:37:44.546766996 CET	53	59420	8.8.8.8	192.168.2.3
Jan 25, 2021 09:37:52.594281912 CET	58784	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:37:52.617506981 CET	53	58784	8.8.8.8	192.168.2.3
Jan 25, 2021 09:37:54.810820103 CET	63978	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:37:54.843621016 CET	53	63978	8.8.8.8	192.168.2.3
Jan 25, 2021 09:38:16.756835938 CET	62938	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:38:16.782797098 CET	53	62938	8.8.8.8	192.168.2.3
Jan 25, 2021 09:38:17.138602972 CET	55708	53	192.168.2.3	8.8.8.8
Jan 25, 2021 09:38:17.179775953 CET	53	55708	8.8.8.8	192.168.2.3

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Jan 25, 2021 09:36:25.922869921 CET	192.168.2.3	8.8.8.8	0x3839	Standard query (0)	www.rijksoverheid.nl	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:26.690160990 CET	192.168.2.3	8.8.8.8	0xb4ce	Standard query (0)	statistiek.rijksoverheid.nl	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:26.703329086 CET	192.168.2.3	8.8.8.8	0x8c79	Standard query (0)	onderzoek.platformrijksoverheid.nl	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:43.281472921 CET	192.168.2.3	8.8.8.8	0xcf05	Standard query (0)	www.rijksoverheid.nl	A (IP address)	IN (0x0001)
Jan 25, 2021 09:37:01.706125021 CET	192.168.2.3	8.8.8.8	0xd55f	Standard query (0)	www.rovid.nl	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Jan 25, 2021 09:36:25.954324961 CET	8.8.8.8	192.168.2.3	0x3839	No error (0)	www.rijksoverheid.nl	rijksoverheid.nl		CNAME (Canonical name)	IN (0x0001)
Jan 25, 2021 09:36:25.954324961 CET	8.8.8.8	192.168.2.3	0x3839	No error (0)	rijksoverheid.nl		178.22.85.6	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:25.954324961 CET	8.8.8.8	192.168.2.3	0x3839	No error (0)	rijksoverheid.nl		178.22.85.5	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:25.954324961 CET	8.8.8.8	192.168.2.3	0x3839	No error (0)	rijksoverheid.nl		178.22.85.4	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:25.954324961 CET	8.8.8.8	192.168.2.3	0x3839	No error (0)	rijksoverheid.nl		178.22.85.3	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:26.725343943 CET	8.8.8.8	192.168.2.3	0xb4ce	No error (0)	statistiek.rijksoverheid.nl		13.94.196.189	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:26.728549004 CET	8.8.8.8	192.168.2.3	0x8c79	No error (0)	onderzoek.platformrijksoverheid.nl		78.31.116.148	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:43.312758923 CET	8.8.8.8	192.168.2.3	0xcf05	No error (0)	www.rijksoverheid.nl	rijksoverheid.nl		CNAME (Canonical name)	IN (0x0001)
Jan 25, 2021 09:36:43.312758923 CET	8.8.8.8	192.168.2.3	0xcf05	No error (0)	rijksoverheid.nl		178.22.85.6	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:43.312758923 CET	8.8.8.8	192.168.2.3	0xcf05	No error (0)	rijksoverheid.nl		178.22.85.5	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:43.312758923 CET	8.8.8.8	192.168.2.3	0xcf05	No error (0)	rijksoverheid.nl		178.22.85.4	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:43.312758923 CET	8.8.8.8	192.168.2.3	0xcf05	No error (0)	rijksoverheid.nl		178.22.85.3	A (IP address)	IN (0x0001)
Jan 25, 2021 09:37:01.737535954 CET	8.8.8.8	192.168.2.3	0xd55f	No error (0)	www.rovid.nl		178.22.85.97	A (IP address)	IN (0x0001)

HTTPS Packets

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
Jan 25, 2021 09:36:26.020375013 CET	178.22.85.6	443	192.168.2.3	49726	CN=rijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 17:24:25 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:34:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:26.020601988 CET	178.22.85.6	443	192.168.2.3	49727	CN=rijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 17:24:25 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:34:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:26.792979002 CET	13.94.196.189	443	192.168.2.3	49734	CN=statistiek.rijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Tue Aug 25 14:49:57 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Wed Aug 25 14:59:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:26.803695917 CET	13.94.196.189	443	192.168.2.3	49733	CN=statistiek.rijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Tue Aug 25 14:49:57 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Wed Aug 25 14:59:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:43.361253977 CET	178.22.85.6	443	192.168.2.3	49740	CN=rijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 17:24:25 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:34:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:37:01.822927952 CET	178.22.85.97	443	192.168.2.3	49759	CN=mediatheekrijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 16:56:42 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:06:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:37:01.843101978 CET	178.22.85.97	443	192.168.2.3	49760	CN=mediatheekrijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 16:56:42 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:06:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:37:03.342794895 CET	178.22.85.97	443	192.168.2.3	49761	CN=mediatheekrijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 16:56:42 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:06:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:37:03.433950901 CET	178.22.85.97	443	192.168.2.3	49763	CN=mediatheekrijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 16:56:42 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:06:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022

Code Manipulations

Statistics

Behavior

Click to jump to process

System Behavior

Analysis Process: iexplore.exe PID: 3152 Parent PID: 792

General

Start time:	09:36:24
Start date:	25/01/2021
Path:	C:\Program Files\internet explorer\iexplore.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Imagebase:	0x7ff652160000
File size:	823560 bytes
MD5 hash:	6465CB92B25A7BC1DF8E01D8AC5E7596
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Analysis Process: iexplore.exe PID: 5524 Parent PID: 3152

General

Start time:	09:36:25
Start date:	25/01/2021
Path:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3152 CREDAT:17410 /prefetch:2
Imagebase:	0xbb0000
File size:	822536 bytes
MD5 hash:	071277CC2E3DF41EEEA8013E2AB58D5A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Disassembly

Reset < >

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok

Overview

General Information

Detection

Signatures

Classification

Startup

Malware Configuration

Yara Overview

Sigma Overview

Signature Overview

Compliance:

Networking:

System Summary:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTPS Packets

Code Manipulations

Statistics

Behavior

System Behavior

Analysis Process: iexplore.exe PID: 3152 Parent PID: 792

General

Analysis Process: iexplore.exe PID: 5524 Parent PID: 3152

General

Disassembly