Play interactive tour

Edit tour

Analysis Report https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok

Overview

General Information

Sample URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok
Analysis ID:	343643
Most interesting Screenshot:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

No high impact signatures.

Classification

Startup

System is w10x64

iexplore.exe (PID: 6864 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)

iexplore.exe (PID: 6912 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6864 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)

cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Compliance:

Uses new MSVCR Dlls

Show sources

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Uses secure TLS version for HTTPS connections

Show sources

Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.4:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.94.196.189:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.94.196.189:443 -> 192.168.2.4:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.4:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.4:49768 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.4:49770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.4:49771 version: TLS 1.2

Networking:

Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: <a href="https://www.facebook.com/MinisterievanJustitieenVeiligheid/" class="facebook"> equals www.facebook.com (Facebook)
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: <a href="https://www.linkedin.com/company/ministerie-van-justitie-en-veiligheid-/" class="linkedin"> equals www.linkedin.com (Linkedin)
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: <a href="https://www.youtube.com/user/MinisterieJustitie" class="youtube"> equals www.youtube.com (Youtube)
Source: onderwerpen[1].htm.2.dr	String found in binary or memory: <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/> equals www.facebook.com (Facebook)
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/> equals www.facebook.com (Facebook)

Source: unknown

DNS traffic detected: queries for: www.rijksoverheid.nl

Source: piwik[1].js.2.dr	String found in binary or memory: http://bestiejs.github.io/json3
Source: ankiebroekersknol_1.jpg_1920[1].jpg.2.dr, sander-dekker-2020-1[1].jpg.2.dr	String found in binary or memory: http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/
Source: piwik[1].js.2.dr	String found in binary or memory: http://kit.mit-license.org
Source: ankiebroekersknol_1.jpg_1920[1].jpg.2.dr, sander-dekker-2020-1[1].jpg.2.dr	String found in binary or memory: http://ns.useplus.org/ldf/xmp/1.0/
Source: contact[1].htm.2.dr	String found in binary or memory: http://wetten.overheid.nl/BWBR0019219
Source: contact[1].htm.2.dr	String found in binary or memory: https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://crisis.nl/nl-alert
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://feeds.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid/nieuws.rss
Source: documenten[1].htm.2.dr	String found in binary or memory: https://feeds.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten.rss
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://feeds.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/nieuws.rss
Source: piwik[1].js.2.dr	String found in binary or memory: https://github.com/piwik/piwik/blob/master/js/piwik.js
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://ind.nl/Paginas/Coronavirus.aspx
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://magazines.rijksoverheid.nl/jenv/jenvmagazine
Source: rop-survey-bar-and-ergo.min[1].js.2.dr	String found in binary or memory: https://onderzoek.platformrijksoverheid.nl/CnTMVC/pub/108108108pre/cnt108108108pre.js
Source: piwik[1].js.2.dr	String found in binary or memory: https://opensource.org/licenses/BSD-3-Clause
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://twitter.com/ministerieJenV
Source: avondklok[1].htm.2.dr	String found in binary or memory: https://we.tl/t-1RCY6GmWbX
Source: contact[1].htm.2.dr	String found in binary or memory: https://wetten.overheid.nl/BWBR0007376/2020-01-01
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.aandachtvoorelkaar.nl/
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.ecdc.europa.eu/en/coronavirus
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.gobiernodireino.nl/
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.gobiernudireino.nl/
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.government.nl
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.government.nl/topics/c/coronavirus-covid-19
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://www.instagram.com/ministeriejenv/
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.kpnteletolk.nl/
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.kvk.nl/coronaloket/
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://www.linkedin.com/company/ministerie-van-justitie-en-veiligheid-/
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.overheid.nl/contact/e-mailgedragslijn-voor-overheden
Source: {6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.Root
Source: KEKSHZAX.htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/
Source: abonneren[1].htm.2.dr, ~DFA9C3FD9DAD52A256.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/abonneren
Source: ~DFA9C3FD9DAD52A256.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/abonneren/ministerie-van-justitie-en-veiligheidd.nl/
Source: ~DFA9C3FD9DAD52A256.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/abonneren8Abonneren
Source: KEKSHZAX.htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/actueel/nieuwsbrieven/regeringsnieuws
Source: imagestore.dat.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/binaries/content/assets/rijksoverheid/iconen/touch-icon.png
Source: coronavirus-covid-19[1].htm.2.dr, onderwerpen[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos
Source: {6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/contact
Source: {6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/contact4Contact
Source: ~DFA9C3FD9DAD52A256.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/contactes/ministerie-van-justitie-en-veiligheid
Source: {6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/dInformatie
Source: abonneren[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten
Source: formulier-eigen-verklaring-avondklok[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok
Source: formulier-voor-de-avondklok-downloaden-en-meenemen[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloade
Source: formulier-werkgeversverklaring-avondklok[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondk
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten?trefwoord=coronavirus&startdatum=&einddatum=&onderdeel=Alle
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries
Source: {6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/minister2
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr, ~DFA9C3FD9DAD52A256.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid
Source: ~DFA9C3FD9DAD52A256.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheideren/2021/01/21/formul
Source: ~DFA9C3FD9DAD52A256.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheidpMinisterie
Source: ~DFA9C3FD9DAD52A256.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/nderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formu
Source: {6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr, ~DFA9C3FD9DAD52A256.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen
Source: {6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-c
Source: {6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-cRoot
Source: {6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-coverheid.nl/contact4Contact
Source: {6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr, ~DFA9C3FD9DAD52A256.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19
Source: {6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok
Source: ~DFA9C3FD9DAD52A256.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok/formulieren/2021/01/21/formu
Source: {6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklokfAvondklok
Source: documenten[1].htm.2.dr, ~DFA9C3FD9DAD52A256.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten
Source: ~DFA9C3FD9DAD52A256.TMP.1.dr, formulier-werkgeversverklaring-avondklok[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/form
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=2
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=3
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=4
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=5
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=6
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?sorteren%2Dop=relevantie
Source: {6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documentenjOnderwerpen
Source: {6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19NCoronavirus
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/overheidscommunicatie/nederlandse-gebarentaal
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/privacy-en-persoonsgegevens/burgerservicenummer-bsn
Source: ~DFA9C3FD9DAD52A256.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpenoronavirus-covid-19/documenten/formulieren/2021/01/21/formul
Source: ~DFA9C3FD9DAD52A256.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpenr
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/over-rijksoverheid-nl
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.who.int/emergencies/diseases/novel-coronavirus-2019
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://www.youtube.com/user/MinisterieJustitie

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443

Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.4:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.94.196.189:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.94.196.189:443 -> 192.168.2.4:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.4:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.4:49768 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.4:49770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.4:49771 version: TLS 1.2

System Summary:

Source: classification engine

Classification label: clean0.win@3/98@5/4

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{6701F4C4-5EE8-11EB-90EB-ECF4BBEA1588}.dat

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DFF63FF4DD2D95D176.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: unknown	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6864 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6864 CREDAT:17410 /prefetch:2

Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading1	OS Credential Dumping	File and Directory Discovery1	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection1	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol1	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol2	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok	0%	Virustotal		Browse
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok	0%	Avira URL Cloud	safe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

Source	Detection	Scanner	Label
https://www.kpnteletolk.nl/	0%	Avira URL Cloud	safe
https://crisis.nl/nl-alert	0%	Avira URL Cloud	safe
https://www.gobiernodireino.nl/	0%	Avira URL Cloud	safe
https://we.tl/t-1RCY6GmWbX	0%	Avira URL Cloud	safe
https://www.gobiernudireino.nl/	0%	Avira URL Cloud	safe
http://ns.useplus.org/ldf/xmp/1.0/	0%	URL Reputation	safe
http://ns.useplus.org/ldf/xmp/1.0/	0%	URL Reputation	safe
http://ns.useplus.org/ldf/xmp/1.0/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	0%	URL Reputation	safe
https://www.aandachtvoorelkaar.nl/	0%	Avira URL Cloud	safe
http://bestiejs.github.io/json3	0%	Avira URL Cloud	safe
https://www.rijksoverheid.Root	0%	Avira URL Cloud	safe
https://onderzoek.platformrijksoverheid.nl/CnTMVC/pub/108108108pre/cnt108108108pre.js	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
onderzoek.platformrijksoverheid.nl	78.31.116.148	true	false	unknown
www.rovid.nl	178.22.85.97	true	false	unknown
statistiek.rijksoverheid.nl	13.94.196.189	true	false	high
rijksoverheid.nl	178.22.85.6	true	false	high
www.rijksoverheid.nl	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Reputation
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloaden-en-meenemen	false	high
https://www.rijksoverheid.nl/onderwerpen	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondklok	false	high
https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok#content-wrapper	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok	false	high
https://www.rijksoverheid.nl/contact	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19	false	high
https://www.rijksoverheid.nl/	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok	false	high
https://www.rijksoverheid.nl/abonneren	false	high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://www.rijksoverheid.nl/contact	{6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	false		high
https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok	formulier-eigen-verklaring-avondklok[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheideren/2021/01/21/formul	~DFA9C3FD9DAD52A256.TMP.1.dr	false		high
https://twitter.com/ministerieJenV	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheidpMinisterie	~DFA9C3FD9DAD52A256.TMP.1.dr	false		high
https://www.government.nl	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/contactes/ministerie-van-justitie-en-veiligheid	~DFA9C3FD9DAD52A256.TMP.1.dr	false		high
https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondk	formulier-werkgeversverklaring-avondklok[1].htm.2.dr	false		high
https://www.youtube.com/user/MinisterieJustitie	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/privacy-en-persoonsgegevens/burgerservicenummer-bsn	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/binaries/content/assets/rijksoverheid/iconen/touch-icon.png	imagestore.dat.2.dr	false		high
https://feeds.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid/nieuws.rss	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://www.who.int/emergencies/diseases/novel-coronavirus-2019	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/actueel/nieuwsbrieven/regeringsnieuws	KEKSHZAX.htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/form	~DFA9C3FD9DAD52A256.TMP.1.dr, formulier-werkgeversverklaring-avondklok[1].htm.2.dr	false		high
https://www.kpnteletolk.nl/	contact[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/onderwerpen/overheidscommunicatie/nederlandse-gebarentaal	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpenoronavirus-covid-19/documenten/formulieren/2021/01/21/formul	~DFA9C3FD9DAD52A256.TMP.1.dr	false		high
https://opensource.org/licenses/BSD-3-Clause	piwik[1].js.2.dr	false		high
https://crisis.nl/nl-alert	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/contact4Contact	{6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	false		high
https://www.rijksoverheid.nl/abonneren	abonneren[1].htm.2.dr, ~DFA9C3FD9DAD52A256.TMP.1.dr	false		high
https://www.gobiernodireino.nl/	coronavirus-covid-19[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?sorteren%2Dop=relevantie	documenten[1].htm.2.dr	false		high
https://magazines.rijksoverheid.nl/jenv/jenvmagazine	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://we.tl/t-1RCY6GmWbX	avondklok[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/nderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formu	~DFA9C3FD9DAD52A256.TMP.1.dr	false		high
https://www.gobiernudireino.nl/	coronavirus-covid-19[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/abonneren8Abonneren	~DFA9C3FD9DAD52A256.TMP.1.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-c	{6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-coverheid.nl/contact4Contact	{6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten	documenten[1].htm.2.dr, ~DFA9C3FD9DAD52A256.TMP.1.dr	false		high
https://www.rijksoverheid.nl/ministeries	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/dInformatie	{6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	false		high
https://www.rijksoverheid.nl/over-rijksoverheid-nl	contact[1].htm.2.dr	false		high
https://ind.nl/Paginas/Coronavirus.aspx	coronavirus-covid-19[1].htm.2.dr	false		high
https://feeds.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/nieuws.rss	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.kvk.nl/coronaloket/	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok/formulieren/2021/01/21/formu	~DFA9C3FD9DAD52A256.TMP.1.dr	false		high
http://ns.useplus.org/ldf/xmp/1.0/	ankiebroekersknol_1.jpg_1920[1].jpg.2.dr, sander-dekker-2020-1[1].jpg.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=4	documenten[1].htm.2.dr	false		high
http://kit.mit-license.org	piwik[1].js.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=3	documenten[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documentenjOnderwerpen	{6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=6	documenten[1].htm.2.dr	false		high
https://www.linkedin.com/company/ministerie-van-justitie-en-veiligheid-/	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=5	documenten[1].htm.2.dr	false		high
https://wetten.overheid.nl/BWBR0007376/2020-01-01	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloade	formulier-voor-de-avondklok-downloaden-en-meenemen[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok	{6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	false		high
https://www.overheid.nl/contact/e-mailgedragslijn-voor-overheden	contact[1].htm.2.dr	false		high
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	ankiebroekersknol_1.jpg_1920[1].jpg.2.dr, sander-dekker-2020-1[1].jpg.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://www.aandachtvoorelkaar.nl/	coronavirus-covid-19[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos	coronavirus-covid-19[1].htm.2.dr, onderwerpen[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/abonneren/ministerie-van-justitie-en-veiligheidd.nl/	~DFA9C3FD9DAD52A256.TMP.1.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-cRoot	{6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	false		high
https://www.instagram.com/ministeriejenv/	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/documenten	abonneren[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/documenten?trefwoord=coronavirus&startdatum=&einddatum=&onderdeel=Alle	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=2	documenten[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19NCoronavirus	{6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	false		high
https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpenr	~DFA9C3FD9DAD52A256.TMP.1.dr	false		high
https://github.com/piwik/piwik/blob/master/js/piwik.js	piwik[1].js.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklokfAvondklok	{6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	false		high
https://www.government.nl/topics/c/coronavirus-covid-19	coronavirus-covid-19[1].htm.2.dr	false		high
https://feeds.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten.rss	documenten[1].htm.2.dr	false		high
http://bestiejs.github.io/json3	piwik[1].js.2.dr	false	Avira URL Cloud: safe	unknown
http://wetten.overheid.nl/BWBR0019219	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/	KEKSHZAX.htm.2.dr	false		high
https://www.rijksoverheid.Root	{6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	false	Avira URL Cloud: safe	unknown
https://www.ecdc.europa.eu/en/coronavirus	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19	{6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr, ~DFA9C3FD9DAD52A256.TMP.1.dr	false		high
https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid	ministerie-van-justitie-en-veiligheid[1].htm.2.dr, ~DFA9C3FD9DAD52A256.TMP.1.dr	false		high
https://www.rijksoverheid.nl/ministeries/minister2	{6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr	false		high
https://www.rijksoverheid.nl/onderwerpen	{6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat.1.dr, ~DFA9C3FD9DAD52A256.TMP.1.dr	false		high
https://onderzoek.platformrijksoverheid.nl/CnTMVC/pub/108108108pre/cnt108108108pre.js	rop-survey-bar-and-ergo.min[1].js.2.dr	false	Avira URL Cloud: safe	unknown

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
13.94.196.189	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
78.31.116.148	unknown	Netherlands	12859	NL-BITBITBVNL	false
178.22.85.97	unknown	Netherlands	41887	PROLOCATIONTransitpolicypref100NL	false
178.22.85.6	unknown	Netherlands	41887	PROLOCATIONTransitpolicypref100NL	false

General Information

Joe Sandbox Version:	31.0.0 Red Diamond
Analysis ID:	343643
Start date:	25.01.2021
Start time:	09:35:29
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 6m 19s
Hypervisor based Inspection enabled:	false
Report type:	light
Cookbook file name:	browseurl.jbs
Sample URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	17
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@3/98@5/4
Cookbook Comments:	Adjust boot time Enable AMSI Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok#content-wrapper Browsing link: https://www.rijksoverheid.nl/ Browsing link: https://www.rijksoverheid.nl/onderwerpen Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19 Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondklok Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloaden-en-meenemen Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok Browsing link: https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid Browsing link: https://www.rijksoverheid.nl/contact Browsing link: https://www.rijksoverheid.nl/abonneren
Warnings:	Show All Exclude process from analysis (whitelisted): taskhostw.exe, BackgroundTransferHost.exe, ielowutil.exe, backgroundTaskHost.exe, svchost.exe, wuapihost.exe TCP Packets have been reduced to 100 Excluded IPs from analysis (whitelisted): 52.255.188.83, 13.64.90.137, 104.83.120.32, 51.104.139.180, 152.199.19.161, 92.122.213.247, 92.122.213.194, 67.27.159.126, 8.248.141.254, 8.248.117.254, 8.248.113.254, 67.27.159.254, 52.155.217.156, 20.54.26.129, 92.122.213.201 Excluded domains from analysis (whitelisted): displaycatalog-europeeap.md.mp.microsoft.com.akadns.net, skypedataprdcolwus17.cloudapp.net, arc.msn.com.nsatc.net, ie9comview.vo.msecnd.net, displaycatalog.md.mp.microsoft.com.akadns.net, ris-prod.trafficmanager.net, ctldl.windowsupdate.com, a1449.dscg2.akamai.net, arc.msn.com, e11290.dspg.akamaiedge.net, iecvlist.microsoft.com, db5eap.displaycatalog.md.mp.microsoft.com.akadns.net, ris.api.iris.microsoft.com, skypedataprdcoleus17.cloudapp.net, go.microsoft.com, blobcollector.events.data.trafficmanager.net, go.microsoft.com.edgekey.net, audownload.windowsupdate.nsatc.net, displaycatalog.mp.microsoft.com, watson.telemetry.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, auto.au.download.windowsupdate.com.c.footprint.net, au-bg-shim.trafficmanager.net, cs9.wpc.v0cdn.net Report size getting too big, too many NtDeviceIoControlFile calls found.

Simulations

Behavior and APIs

No simulations

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\E5F0NRSV\www.rijksoverheid[1].xml Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	13
Entropy (8bit):	2.469670487371862
Encrypted:	false
SSDEEP:	3:D90aKb:JFKb
MD5:	C1DDEA3EF6BBEF3E7060A1A9AD89E4C5
SHA1:	35E3224FCBD3E1AF306F2B6A2C6BBEA9B0867966
SHA-256:	B71E4D17274636B97179BA2D97C742735B6510EB54F22893D3A2DAFF2CEB28DB
SHA-512:	6BE8CEC7C862AFAE5B37AA32DC5BB45912881A3276606DA41BF808A4EF92C318B355E616BF45A257B995520D72B7C08752C0BE445DCEADE5CF79F73480910FED
Malicious:	false
Reputation:	low
Preview:	<root></root>

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{6701F4C4-5EE8-11EB-90EB-ECF4BBEA1588}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	30296
Entropy (8bit):	1.8501039202915162
Encrypted:	false
SSDEEP:	192:rIZvZz2I9WJtAifS53zM//BDFDkfsfk4d5WjX:rIRKIUbNjBpkKk4y
MD5:	D29B786CE934BB7F46BA96C8A89CB96A
SHA1:	BABB24B7BE9C6B28DBC0F4A9F217567E52F281C3
SHA-256:	BF89CE1860E24CCE0CB92EB7A8D4931C03B43ED48EA97766822D54E9F36F252C
SHA-512:	6D3ECF92CF309A2177B2EBE1D810DAAA95C524E323E6A7AC5D528E36215767A6371F6783C560CFF7073017E934CB22DFFFBD4447BC1F3041A024D779C84B4FE4
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6701F4C6-5EE8-11EB-90EB-ECF4BBEA1588}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	190118
Entropy (8bit):	2.704789115801349
Encrypted:	false
SSDEEP:	384:r/zEoLhgTKwGm7+UR+DdY+OR+DdQ+Z+HxAG6+ACL2G+A3+acoq97vzG+9hW0dM1s:s2LqYh66h
MD5:	1F7B6C4FA1FE00D1DC3D3E30E4039840
SHA1:	C8AF0F7353120DF72338190F6F40700B697A2448
SHA-256:	16DC1FC75998D48E2A63DE7878AAC273023638EB4867B0A064216B32CD5BBD1C
SHA-512:	49CB2F36376FD836CFA10787DAF0AE31E3DCE7890936ACD57872DFF3497303562F848C8E211663C1C61EA807B2202F31C7630F33D671BFB5CFEDBEB414B1ED52
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6701F4C7-5EE8-11EB-90EB-ECF4BBEA1588}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	16984
Entropy (8bit):	1.5654382253442918
Encrypted:	false
SSDEEP:	48:IwPGcprQhGwpa9G4pQxGrapbSzrGQpKRG7HpRqXsTGIpG:rFZQ7Q/6BBSzFAATK4A
MD5:	C22B2D773C75B33F1380F4901BDF8E71
SHA1:	DEBFA588470713DD3A13E25778D8B97B419E7BBD
SHA-256:	2452C6F73928C4A77014F30AA1FDDB1EF94FCBEA78CD0106A37DDCC6D83F3743
SHA-512:	D6B5E47101FF024C073C571C2A83E48E4A370F2FA32552C80933FA1A720597FA8076A1025EE1DA12102C61BA430B17D3900499ED8FDDE49C0E99666121639C4A
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\gee00pr\imagestore.dat Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	6058
Entropy (8bit):	7.764759711377452
Encrypted:	false
SSDEEP:	96:zEcU0A/fyOGMqVJfA0ej4fiN2cXLJeoi8eFBIYZoO1Q3wNKg5i8JV:yGpO0ejsA2c7JeLFB1oO1Ag5i8j
MD5:	816EF8DA2A0F7A9DCC9B77AC3AA44E0E
SHA1:	BA48C527006EE883121F231FA594EDF01D2FD13B
SHA-256:	00077887AC1C78902F16CABFCE416733FA1EA342714A5EE4E5D5C076C3521996
SHA-512:	BE629AB1729A4D3BC5737DE77686DD4C2F68734AFAA8BE968B1B853C72C8DB7EC39317D8FBD1A804B7C2E068F870B69403EE4EC44638416A3BAB6B30C93A26DB
Malicious:	false
Reputation:	low
Preview:	X.h.t.t.p.s.:././.w.w.w...r.i.j.k.s.o.v.e.r.h.e.i.d...n.l./.b.i.n.a.r.i.e.s./.c.o.n.t.e.n.t./.a.s.s.e.t.s./.r.i.j.k.s.o.v.e.r.h.e.i.d./.i.c.o.n.e.n./.t.o.u.c.h.-.i.c.o.n...p.n.g......PNG........IHDR...,...,.....N.~G....tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c021 79.155772, 2014/01/13-19:44:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:6f6c313d-0fc9-43fa-a7e3-6d6a1fb54f66" xmpMM:DocumentID="xmp.did:281C48E103A411E49AE0B91D93329B9D" xmpMM:InstanceID="xmp.iid:281C48E003A411E49AE0B91D93329B9D" xmp:CreatorTool="Adobe Photoshop CC 2014 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:4f9f6108-2bc1-4621

C:\Users\user\AppData\Local\Microsoft\Windows\History\History.IE5\mms\MVSWCKN5\jv-dv-20181220-id0i0q33x-web-hd[1].dat Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ISO Media, MP4 v2 [ISO 14496-14]
Category:	dropped
Size (bytes):	458752
Entropy (8bit):	5.8560119357616065
Encrypted:	false
SSDEEP:	3072:nYkdA4ynt7RN3HZsguZfWD8Lb7NwtFVWkBQQ9ZnWsnyd7MbeVMw87z2s:rdAvkWi7NGWqHTWsyuFwW2
MD5:	FA44EF3DE21DC49F413CB14E9501CE3C
SHA1:	3C75826DAF6DD67D93FDBF60508DA118FC69C4EB
SHA-256:	2913CE1608D363A84781A6F4E0F258B4BA54867B48F8234B83F8CFDBBBA97ABD
SHA-512:	EB3DA3935654FBEAF7E673BE2478D70A92956CB224CF587BEA89A9AA95E4FCC16D7A3020CA3327DDC0368118D31BD02A9381F3560756963D33A64C2A3690796F
Malicious:	false
Reputation:	low
Preview:	....ftypmp42....mp42mp41..:Hmoov...lmvhd.....?.'.?.o.._....................................................@..................................dtrak...\tkhd.....?.'.?.'...........................................................@..............$edts....elst.......................mdia... mdhd.....?.'.?.'..a..70........@hdlr........vide.............Mainconcept Video Media Handler...tminf....vmhd...............3hdlr........alis............Alias Data Handler....$dinf....dref............url ........stbl....stsd............avc1.............................H...H.........AVC Coding............................2avcC.M.)....'M.)..`(......00.]...p^..@...(.. ....stts...........!.......\|stss.......[.......3...[...................K...}...............0...b...y...................:...]...................,...;...m...................5...g...o..............."...T...a.......................M.......................-..._...b...................,...Q.......................2...d...................5...g...t.....

C:\Users\user\AppData\Local\Microsoft\Windows\History\History.IE5\mms\NL9QAEX3\jv-dv-20181220-id0i0q33x-web-hd[1].dat Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ISO Media, MP4 v2 [ISO 14496-14]
Category:	dropped
Size (bytes):	983040
Entropy (8bit):	5.669202621794998
Encrypted:	false
SSDEEP:	12288:y3KNGZzAuSoBoV/KGPkp4D0lj82sqP9FxvKX:y30GZUuQ8p7Y4JvKX
MD5:	E1F808E2125E384D34015EE8ED322232
SHA1:	EC93FE8103C05CAFFC641790037F1F3CCB73DA87
SHA-256:	C2FA2D4D9508A9689D50CC47C8561094B2FC8E1101D2E561D75B13A31BF4E934
SHA-512:	7082081CD58AA676CDEAC44E76BE5D3B292DB8E789E148837D7C991DE735F7AEC458334EB5EFE9485D2B6201FDEDA4CF6E0FE25EBA243D32BFEB2FCB8ED8C6B7
Malicious:	false
Reputation:	low
Preview:	....ftypmp42....mp42mp41..:Hmoov...lmvhd.....?.'.?.o.._....................................................@..................................dtrak...\tkhd.....?.'.?.'...........................................................@..............$edts....elst.......................mdia... mdhd.....?.'.?.'..a..70........@hdlr........vide.............Mainconcept Video Media Handler...tminf....vmhd...............3hdlr........alis............Alias Data Handler....$dinf....dref............url ........stbl....stsd............avc1.............................H...H.........AVC Coding............................2avcC.M.)....'M.)..`(......00.]...p^..@...(.. ....stts...........!.......\|stss.......[.......3...[...................K...}...............0...b...y...................:...]...................,...;...m...................5...g...o..............."...T...a.......................M.......................-..._...b...................,...Q.......................2...d...................5...g...t.....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\4057-basisonderwijs[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	2957
Entropy (8bit):	4.550303428034783
Encrypted:	false
SSDEEP:	48:caAiMo6b1A4znGEk7SDaBWYELLxq7gXxQszUuEEQBQdK5xcCHnXsl3JN6w+jp8lD:azxZk8QVoxUgxQE1/c5ZHXsRJNp+jpSD
MD5:	9C0161D45B85BA29C996863AF1E2F09A
SHA1:	DA1CDA0A636CA079901FBFA06DB104F9239D50FB
SHA-256:	51A09DE42392BD305FF2526EB6689A30EEC1DA2949BCFF22C690C45D553DD875
SHA-512:	073D4F0FF97C484C160F9AEB83B00B2635C86C68DE3B1E5290203EAD6F336A491D1DAB09B908A275E46F07F8046F2999D2092998BA951D6E2437E6ADBF7DAA17
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/4057-basisonderwijs.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 17.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="Box">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<path d="M21.1421,23.2949c-0.1011-0.314-0.4692-1.0186-1.7212-0.9194c-2.7603,0.2246-4.2036,3.4521-4.0234,5.6665 c0.1812,2.2261,1.582,2.1123,2.0474,2.0752c2.7798-0.2266,3.4614-2.4692,3.4678-2.4917c0.0046-0.0159,0.013-0.0294,0.0181-0.0449 c-0.1111-1.4193,0.0381-2.9049,0.2568-4.1711C21.1729,23.3708,21.1536,23.3353,21.1421,23.2949z"/>...<path d="M60,3H4v40h16c0.0209,0.0562-0.0531,0.2623-0.3703,0.3641l-5.4017,1.075L11,63h7l1.7391-10h24.5217L46,63h7 l-3.228-18.5609l-5.4017-1.075C44.0531,43.2623,43.9791,43.0562,44,43h16V3z M17.688,33.1074 c-0.1597,0.0127-0.3

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\5112-zijaanzicht-auto[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1568
Entropy (8bit):	4.952377203193806
Encrypted:	false
SSDEEP:	24:2dNqAiELZK60yVJJRb60yGW3PF48EZ+UPKcTlMCCXH4lFCVXFxjbstSr9dQtqBgC:cQAiMo6b1Ag8EwUPKnHtxjbsSdfGdk
MD5:	F20665D544861C8D91D4D17569DA560D
SHA1:	9AB295C54648849D7E161107AF1374BD47EA434A
SHA-256:	C9885F8080334DD0DF04AD0C9DAA3890AF47751F1ACCBE0BD417D5653ED63BC0
SHA-512:	F3B067C3E3D9A60D348AD011E840C97BB1B093699ADBAF1369E3A821A71301903A679E29FF0F7A380F79E81A43CA1D805FB3C12788BD09ED42D0C5789BB209BF
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/5112-zijaanzicht-auto.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 19.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="Box">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<circle cx="50" cy="39" r="5"/>...<circle cx="15" cy="39" r="5"/>...<path d="M62.4583,31.9736c-2.8083-4.4124-17.3787-7.4388-17.3787-7.4388s-6.4366-6.101-9.7731-6.8373 c-3.3352-0.7375-13.1176-1.1043-17.5385,0c-4.4197,1.1044-10.0776,5.9188-10.0776,5.9188 c-2.7605,0.8514-4.8602,1.3595-5.6644,3.241c-1.1632,2.7253-1.1632,8.0613-0.4642,9.9019C2.2849,38.662,4.122,40,5.9843,40 c0.0247,0,0.7651,0,2.0447,0C7.9824,39.6725,7.95,39.3405,7.95,39c0-3.8949,3.1552-7.05,7.05-7.05s7.05,3.1551,7.05,7.05 c0,0.3405-0.0323,0.6725-0.0789,1c6.619,0,14.3077,0,21.0579,0c-0.046

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\6024-ondernemingen[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	948
Entropy (8bit):	5.332535587731528
Encrypted:	false
SSDEEP:	24:2dNgAiELZK60yVJJRb60yGRNtE+5zWzL3eTMLSL3q744esoOKg:caAiMo6b1AM1WzreTMLQuReTOKg
MD5:	EA28D2416B8730999265BD4A87E3CD74
SHA1:	068042B5BEC57209832183B811B416BE3DEED067
SHA-256:	8AF91FA624AF5EA82EC9E9E0478C7B3FECCD843B2677BFD56DCDE73E381F11EA
SHA-512:	0E7AADB371F94EEAED8B8F3112C19484CB8B74346D571105255125BFE2990E630887AADE6B39850354273B4EB1EA09A62EF256489332AA1DFFDA9C109C09FA66
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/6024-ondernemingen.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 17.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="Box">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<path d="M40,3.5C40,3.2238,39.7761,3,39.5,3h-25C14.2239,3,14,3.2238,14,3.5V31H7.5C7.2239,31,7,31.2238,7,31.5V61h20V19 c0-0.5523,0.4477-1,1-1h12V3.5z"/>...<path d="M56.5,20h-27c-0.2761,0-0.5,0.2238-0.5,0.5V61h12v-6h4v6h12V20.5C57,20.2238,56.7761,20,56.5,20z M38,51h-4v-4h4V51z M38,44h-4v-4h4V44z M38,37h-4v-4h4V37z M38,30h-4v-4h4V30z M45,51h-4v-4h4V51z M45,44h-4v-4h4V44z M45,37h-4v-4h4V37z M45,30h-4 v-4h4V30z M52,51h-4v-4h4V51z M52,44h-4v-4h4V44z M52,37h-4v-4h4V37z M52,30h-4v-4h4V30z"/>..</g>.</g>.</svg>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\RO-SansWebText-Bold[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 69459, version 3.0
Category:	downloaded
Size (bytes):	69459
Entropy (8bit):	7.99422923390301
Encrypted:	true
SSDEEP:	1536:c7ZxGkqx3inyQgE1GmYcCt8/wttSZgYsQQyqVsEj25JT4:c7ZxGKVN1ZCG+tagYPQnq5JT4
MD5:	18CBF1D7B4B8721E4E0C33736DEFD62C
SHA1:	E77FF7F1EEBB16085DF92AECF4A03F588070B83B
SHA-256:	5EADEE8E101C2140E44D6F6EF241D504459022F7504F48CBA4960CB29FAAF169
SHA-512:	3C628847F51CF86FC9867B61E8158657C5EF610ECAAAED5F03A15CA1E0B6A3229550F55DA510DFB5040BE06C3F5B1852D3EE4EA19C3013C15430B9BB3AFFB0E9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/webfonts/RO-SansWebText-Bold.woff
Preview:	wOFF.......S.......\.......4................GPOS...,...u.....c.sGSUB............Y.Z.LTSH...$.........f.OS/2...$...U...`lwYlVDMX.......r.....6.cmap...........FG...cvt ..#8.........x.%fpgm.. ........a.5..gasp.............t..glyf..'.............hdmx...L......'h._[Yhead.......6...6.%0Ohhea.......!...$.J.ehmtx...\|........A.FFloca..#....B...B%...maxp....... ... ....name...........:..p.post.......o...a.!prep..!....b...s.............G.h_.<..........H@........8.....{............x.c`d``n.....e.....,=.@.d......................Z...............(....x.c`fbd....................5.....,LLlL.@9v&..ps..`P`P.........Q.(<.$...i..R``...n.....x..MHTQ....9..1...J.L...1......RL3...D`. jcn3ZD.... pa.jQ.h."!...e.2.EH.....yc3...q.....9...K......(.K'.5...&...{....(.e.d?I.>..EZ.e..'..R...o.y.#y...b.9....ex......`L.`_.A.3.DW..Qd&..](...."....0...'8v..u\|.&.l..vr...P>....@m..$....uW.9.....U..m.3.....1..%Z....1~w...b.uH...........r...e....a[:.!./...<L6......STe..R....&.s...9.l=..5=..0U.s.9.=

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\RO-SansWebText-Italic[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 84048, version 3.0
Category:	downloaded
Size (bytes):	84048
Entropy (8bit):	7.995478375858005
Encrypted:	true
SSDEEP:	1536:4/93H1VfWO5nYBpdMc0ML4f/A/3KGu5HyjA1N7g0G+CHtrQYL7o0tbx5X3qfKrC6:IX1BNakcluwaGAwSg+GQg7/bjX3qgnLd
MD5:	BABCD7959F5E9EDD7020CB70B1398787
SHA1:	B7B69D2A371F77CB1785F45AD57C4624469670FA
SHA-256:	1021BA98155F7A0FBC239EDAC80FBCD2B85FB1FA1B7CB7AD3E949DF15A71F44F
SHA-512:	C0211A0A6DBF5039E7276CEE0CCD8CBC1CF8AB567D78807146573EABD0109B2D3EFF194EC90A2E85413C71EE9098889F752D10BFFEC122DD37AA7A0472F77A75
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/webfonts/RO-SansWebText-Italic.woff
Preview:	wOFF......HP......h.......E0... ............GPOS..A..........j..GSUB..D.........Y.Z.LTSH...T..........O.OS/2...$...X...`kPV/VDMX.......}.......Qcmap............>...cvt .." ...y.......qfpgm...........a.5..gasp..A..........{..glyf..%........u.u.hdmx.......P..%..m.head.......6...6..0ehhea.......#...$.w..hmtx...\|..........I.loca.."....B...B.5..maxp....... ... ...Xname..5..........PJpost..;....j...a...prep.. ....\...9...1.........$D._.<..........H@........P...J.t............x.c`d``n..........]./.....H.q.................@...............h....x.c`f<.8.......)..O.o.. ...`....fefab.ebf```gb@.7. ..F...L..........Ar./.&.).......5x..KHTQ....w....(..f$......G.5.).,.(!h.!C...\..$....D!....2.I>.Z..jU....n.s....,~\|.....W..0H...7......t9..M^..1...`..N.Y..r).\.......Q...y$}K.9..k...w.@...R....D.x....PM.a....4..=..2..%6....@./..$+W.U.$.-]......Q.~...d.e.y....c.v...0..5.!...0eq.q-m....O.\|.D.<.....yq:...B..W2.Tk.N......3....~......T.#M.#3.\.9_2.C...t.w..U...1....Y.#M.A.X..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\RO-SansWebText-Regular[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 76457, version 3.0
Category:	downloaded
Size (bytes):	76457
Entropy (8bit):	7.994328709295107
Encrypted:	true
SSDEEP:	1536:5B1qSVnSb4z7VbLu2cg6z3PjdemPvA8bDJNXtWU5eFOoozfv:5B5n14PjImPvA8bDTXtWU5Lb
MD5:	146A58DAF1C3F79A11ED75127D8504AB
SHA1:	2907352928CFCEF0220809359084202C364D6473
SHA-256:	DC492A95CCBB713B1B05DB6E575C9E7F113D23E471E51B16A865832C2D16AB92
SHA-512:	C0ED081BEE1D664039C239AC2A323F9B97FF3B7658D1419416B13475852A16A5A6DFDB477DC3A0312D27B6D9743DE90F66B4A9987A8F5A976511BC310C57E743
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/webfonts/RO-SansWebText-Regular.woff
Preview:	wOFF.............28......'....!............GPOS..#D.......$....GSUB..&.........f~g.LTSH...4..........A.OS/2...$...U...`kOVvVDMX.......i.....B.cmap...D........b...cvt ..#....}.....&.(fpgm..!H.......a.5..gasp..#0.........{..glyf..'P.......<. .hdmx...l......'h.<).head.......6...6.00ohhea.......!...$.V.~hmtx...\|........).W1loca..$....B...B.a?lmaxp....... ... ....name............}.epost.......m...a(;&.prep.."@...K...!p.N............._.<..........H@........G..................x.c`d``n.....e.....,..@.d.....................................(....x.c`f..8.......).....B3.1.1..E.Y.Y.....r.L...........Y.#..s3.8Px6H..%.. ......?.}...x..MHTQ.....O..4g.t...I..JKM........".@.].....AA.A.A-.D..Z.Z..]...UYYB..D......QpZ.8....8..w.y....0..d...&.u...;..,...../Sr.......c..7F/.C".(.c?..N7v[At$.Ls.s-d..].c....T&....8..zx...:xM)c&.M..J.3...uj{....l....u1.>.DU6L!...j..w.......w..d\|hW.F...GF../.....>7...Lp].N...F.11..%\.B....~......6...ze.c_.d..3:..._^..f..$M/.......p_V...9....-".....gm...fN\

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\avondklok_hero[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x313, frames 3
Category:	downloaded
Size (bytes):	52294
Entropy (8bit):	7.972731067994761
Encrypted:	false
SSDEEP:	1536:dgM2eUBk3MUyAam9oS8Dzk98FaQIiCUmBNLB:mgqD+MZ2QIa4T
MD5:	A92F08233638063F2A2EE1B528478946
SHA1:	B4DB761269232718C930015748F5B041B8F2F8C2
SHA-256:	B56FDD871705DB5943D7EE06B23C4E393196901D90B952B406D214C101E4202B
SHA-512:	90BDA8BADE6DD39DD80E3499D67A069FB1535109B35C8681BD2445C5860385946443215EF2CED339BFC83F25519E730FE9AD4716EA72EB737D967E430B7E8BB9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/large/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/header/avondklok_hero.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......9....".......................................N.........................!1AQq.."a.2...#34Br...$Rbs..%5C.....Sc..&D..t.6T......................................................!1..A2."BQa..q..#..............?.....Ti....q.k.'B.Th....:+V..V.l.Z\aMT.....k..&)...b..+...k...]......2.S9..N......M.p~\|.Hk...s...\|'.v"...6.<.....~#I.... 5.G..kgA.k......B.k\.q...,n...L.a.....?\oB.....%......v0...Z.P.B.k.z.B...e..F}...3_2.. ...-.6t./.....4....S.....N.9..^.?.pU./.....].n.H&....T.OO....@....i.y...g....!L?4.9"x......1.`S..O.Uj.L}S.L...(..!.!c......C.T.?^..).N.G.?........7.H...~{!..Xe.I....8.>...I..t;..P...E..7.F]C...l}...B..W...H..P.A.h.{.W...].}...P...Y....x.....v=...Q....E\|l."......:.........>#.....7q.-..u.ek.5.1...F..L.g.\F.O...>...?.[...Q'....W...K`............[_....K.....FTx.L....V4.....pq...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\formulier-eigen-verklaring-avondklok[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	9751
Entropy (8bit):	5.041743461676945
Encrypted:	false
SSDEEP:	96:Q7MP/ekVVknk1k2UYrsTdgAGjGmHUuDKhn43SJe8/y3WHHaz9GHZzRrlKGoCQF:qaVVukO21A2AW1HUPWrstaEHZzRxYJ
MD5:	39A67FA400CF6D70EF17AE454D943186
SHA1:	BC5F2650B8F5BDBCC585CC38C419C23C6F45764E
SHA-256:	9FA867F6BE0EEE9BF490F6A36488F66F13708696A08622BBD9E30A52DBD95F3F
SHA-512:	0EBE80D89B876F29019C70A9FF18DCDA6C8631036EDE6D077AF4D6ECAECDC4E22B4814A30511CE6E52FA5DDF9C0EFBC5A4CB62F1F88C9E2A38F49A9BFFFC24BE
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Formulier 'Eigen verklaring avondklok' \| Formulier \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Formulier 'Eigen verklaring avondklok' - Formulier - Rijksoverheid.nl"/>.<meta property="og:title" content="Formulier 'Eigen verklaring avondklok'"/>.<meta property="og:description" content="Als het noodzakelijk is dat u tijdens de avondklok naar buiten gaat, dan moet u het formulier .Eigen verklaring avondklok. bij zich hebben."/>.<meta property="og:type" content="website"/>.<meta property="og:url" content="https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok"/>.<link rel="canonical" href="https://www.rij

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\formulier-voor-de-avondklok-downloaden-en-meenemen[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	16782
Entropy (8bit):	4.897056452057007
Encrypted:	false
SSDEEP:	384:cUukOMWeFHUXj3HEjZeETzKjcQuZ0Y9ZzzYJ:ZXWwEj3CxzKjbA02pzYJ
MD5:	D8E2FDD4FE9BDB696C592D27FA9727BA
SHA1:	CEE4FD2712246563E60CA7179D94CA9A08C1BDA0
SHA-256:	6215CF0F5A33ADDD4FAF2FB7C9219BE9919B782789C0B8F5739568DAF1067EA4
SHA-512:	1A021E5D2FB3AB999C334C46D6DAC8C08E35D6DE5B9E81CFAE1EEADA92022953D2F62CB52A7FA7B7E7FB0D98455FCAE2FFA224A947CA478930827D603172BA45
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloaden-en-meenemen
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Instructie voor formulieren avondklok: downloaden en meenemen \| Publicatie \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Instructie voor formulieren avondklok: downloaden en meenemen - Publicatie - Rijksoverheid.nl"/>.<meta property="og:title" content="Instructie voor formulieren avondklok: downloaden en meenemen"/>.<meta property="og:description" content="Als u tijdens de avondklok buiten moet zijn, heeft u hiervoor een ingevuld formulier nodig. Dit moet u bij u hebben en kunnen laten zien aan de politie. Lees hier hoe u het formulier kunt downloaden, invullen en printen."/>.<meta property="og:type" content="website"/>.<meta property="og:url" content="https://www.rijksoverheid.n

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jenv-hero[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=11, description=Deze ministeriefoto is gemaakt voor de ministerie-verzamelpagina op Rijksoverheid.nl. Er is gek, manufacturer=SONY, model=ILCE-7RM3, xresolution=640, yresolution=648, resolutionunit=2, software=Adobe Photoshop Lightroom 6.10 (Windows), datetime=2018:10:04 13:19:56], baseline, precision 8, 1920x480, frames 3
Category:	downloaded
Size (bytes):	167772
Entropy (8bit):	7.851213146175088
Encrypted:	false
SSDEEP:	3072:HA0AoyY7LYDEs4iSoVSS8BdTXPfwPU2w+/+vOmq5gOXoF8L0hRRPa5t3/0:ghmYxuoVSSmTXoU2J/+WmoGc0hRRyr3M
MD5:	7A46769DAD7785EE2D19A1566611123E
SHA1:	3216A11324181DCBF9191AF307567519820BAABF
SHA-256:	494210F96B3306FD2A6BFEFACC91AA6EA44E738500E4812D39C84CF182E31774
SHA-512:	4C4B2D2A81B98C2537092B75273A911FA366126571494FF29ECF5EED913C172E05C88E679E25B117ECCC0C0B7EA5455C73CCB265905C23B6C5A5496BE9E5C35E
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/widescreen/content/gallery/rijksoverheid/content-afbeeldingen/ministeries/series/hero---nieuw/jenv-hero.jpg
Preview:	......JFIF.............HPhotoshop 3.0.8BIM........................8BIM..........Z...%G...................JenV hero.....Beeldcentrum.....RO.....Rijksoverheid.....beeldverhaal.....beleidsthema.....close-up.....handen.....handenconcept.....mantelfotograaf.....ministerie.....ministerie-onderwerpen.....ministerie-verzamelpagina.....ministeriefoto.....missie.....scherptediepte.....themafotografie.....verzamelpagina..7..20180914..<..143710..>..20180914..?..143710..P. John van Helvert: www.johnvanhel..g..C0502.DP1000..t.SCopyright Rijksoverheid - Deze foto is afgekocht voor gebruik door de Rijksoverheid..x..Deze ministeriefoto is gemaakt voor de ministerie-verzamelpagina op Rijksoverheid.nl. Er is gekozen voor een close-up van handen op de voorgrond. In de afgebeelde handeling wordt een herkenbaar onderwerp van het ministerie vertaald, waarin iedereen zich kan identificeren. De onscherpe achtergrond verduidelijkt het beeldverhaal. Alle 12 ministeries zijn volgens deze beeldtaal, het .handenc

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jquery-ui[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	71193
Entropy (8bit):	5.267457672392886
Encrypted:	false
SSDEEP:	1536:fprE5RIRf4YAcCbGGY64qWRM+R9QvPS/Bc:yRIbL6y/Bc
MD5:	C483FA820462EB192F732892B81CB27B
SHA1:	4B121DA6EDC27E4FB952EA8C117311C5E3B671A7
SHA-256:	FCB8E8101BA83DBAB538F01E4A86A7E3DDDE03A498E8FE5214AFB9785936B29A
SHA-512:	576370446C4DEDEAED9A1D56061A72401D27CA1F11CB6772CB78E79231EB4A949E9756697930A649E67E2EB1BE60BAE1FD0EF9DD8F8A5ABFC7D0480B0C8CE37A
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/jquery-ui.js
Preview:	!function(e){"function"==typeof define&&define.amd?define(["jquery"],e):e(jQuery)}(function(e){e.ui=e.ui\|\|{};e.ui.version="1.12.1";var t,i=0,s=Array.prototype.slice;e.cleanData=(t=e.cleanData,function(i){var s,n,a;for(a=0;null!=(n=i[a]);a++)try{(s=e._data(n,"events"))&&s.remove&&e(n).triggerHandler("remove")}catch(e){}t(i)}),e.widget=function(t,i,s){var n,a,r,o={},l=t.split(".")[0],u=l+"-"+(t=t.split(".")[1]);return s\|\|(s=i,i=e.Widget),e.isArray(s)&&(s=e.extend.apply(null,[{}].concat(s))),e.expr[":"][u.toLowerCase()]=function(t){return!!e.data(t,u)},e[l]=e[l]\|\|{},n=e[l][t],a=e[l][t]=function(e,t){if(!this._createWidget)return new a(e,t);arguments.length&&this._createWidget(e,t)},e.extend(a,n,{version:s.version,_proto:e.extend({},s),_childConstructors:[]}),(r=new i).options=e.widget.extend({},r.options),e.each(s,function(t,s){e.isFunction(s)?o[t]=function(){function e(){return i.prototype[t].apply(this,arguments)}function n(e){return i.prototype[t].apply(this,e)}return function(){var t,

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\mediaplayer[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	187963
Entropy (8bit):	5.432613376042367
Encrypted:	false
SSDEEP:	3072:GQ2ctb27VH1oqM+8Pe7oXXhORrlZPO60uW/OOG0uCBpHVEsnosnu45D51cjmskqZ:GQ2FPO+nDrFIKD9a+
MD5:	5CB5B30CB2325834E1974842A86232C7
SHA1:	83C0FB1A560114E6145230EE2E42D51EF3AB0282
SHA-256:	4790FD16F16E4A1907EDE9CA974B893B5BD697006BFFEED7A29F1ECA0A15F4A2
SHA-512:	04D13E0D55CB0804AA9D8764B1CB96FAB7A19572988BCA0C8C78EA96BEA4D094CADAADDE6F7A259B4B6E5FD0ACAB69C373D480E5C5E8953F1C9C028293F109E0
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/mediaplayer.js
Preview:	!function(){return function e(t,n,i){function a(o,r){if(!n[o]){if(!t[o]){var l="function"==typeof require&&require;if(!r&&l)return l(o,!0);if(s)return s(o,!0);var d=new Error("Cannot find module '"+o+"'");throw d.code="MODULE_NOT_FOUND",d}var u=n[o]={exports:{}};t[o][0].call(u.exports,function(e){var n=t[o][1][e];return a(n\|\|e)},u,u.exports,e,t,n,i)}return n[o].exports}for(var s="function"==typeof require&&require,o=0;o<i.length;o++)a(i[o]);return a}}()({1:[function(e,t,n){},{}],2:[function(e,t,n){(function(n){var i,a=void 0!==n?n:"undefined"!=typeof window?window:{},s=e(1);"undefined"!=typeof document?i=document:(i=a["__GLOBAL_DOCUMENT_CACHE@4"])\|\|(i=a["__GLOBAL_DOCUMENT_CACHE@4"]=s),t.exports=i}).call(this,"undefined"!=typeof global?global:"undefined"!=typeof self?self:"undefined"!=typeof window?window:{})},{1:1}],3:[function(e,t,n){(function(e){var n;n="undefined"!=typeof window?window:void 0!==e?e:"undefined"!=typeof self?self:{},t.exports=n}).call(this,"undefined"!=typeof global?g

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\ministerie-van-justitie-en-veiligheid[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	27104
Entropy (8bit):	4.821648877205483
Encrypted:	false
SSDEEP:	384:x5L5hjhS9ukOtW+HU9d3GIdzMEbfC3Secy8DIq8mGREEdgx9ZzzYJ:x5L5j2oWMSd3bZjaSWL/mGREEopzYJ
MD5:	CE8EEB8662B43920BD05AB327D8CDDCD
SHA1:	19D4E92BE31AF2C940493B1EA1DDE0531625D0F4
SHA-256:	127AA617BC8398A83D178E139F9C0FA077ABED207377D3BDD2EC296279FE8D09
SHA-512:	B9F755B3CCF1FCE42B34637E25935D91D4DB91F094FC37CBD47B368BADE931324F632109604234445E26302ED55E8DE833C67F79AB52298F6C6D4D97478B6754
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid
Preview:	<!doctype html>..<html class="no-js fullWidth" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta name="description" content="Informatie over het ministerie van JenV, zoals adresgegevens, beleidsterreinen en informatie voor de pers."/>.<meta name="DCTERMS.description" content="Informatie over het ministerie van JenV, zoals adresgegevens, beleidsterreinen en informatie voor de pers."/>.<meta property="og:image" content="www.rovid.nl/jv/dv/2018/jv-dv-20181220-id0i0q33x-still-middel.jpg"/>.<title>Ministerie van Justitie en Veiligheid \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Ministerie van Justitie en Veiligheid - Rijksoverheid.nl"/>.<meta property="og:title" content="Ministerie van Justitie en Veiligheid"/>.<meta property="og:description" content="Het ministerie van Justitie en.Veiligheid zorgt voor de rechtsstaat in Nederland, zodat mensen in vrijheid kunnen samenleven, ongeacht hun levensstijl of opvattingen. Ju

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\piwik[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Onderwerpen%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=668728&h=9&m=36&s=46&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen&_id=b90b13402c4c6b2f&_idts=1611563785&_idvc=1&_idn=0&_viewts=1611563785&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22-%22%5D%2C%223%22%3A%5B%22type%22%2C%22placeholder%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22912d5da2-9b1b-41bd-99da-7ed38787b691%22%5D%7D&gt_ms=4&t_us=44&t_ue=44&t_fs=2&t_ds=2&t_cs=2&t_ce=2&t_qs=37&t_as=40&t_ae=41&t_dl=40&t_di=220&t_ls=220&t_le=220&t_dc=231&t_ee=265&pv_id=9uApOx
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\piwik[2].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Coronavirus%20COVID-19%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=389059&h=9&m=36&s=48&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19&_id=b90b13402c4c6b2f&_idts=1611563785&_idvc=1&_idn=0&_viewts=1611563785&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22jenv%7Cvws%7Cbuza%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%22%5D%2C%223%22%3A%5B%22type%22%2C%22topic%22%5D%2C%224%22%3A%5B%22uuid%22%2C%226b570308-087a-42ab-8d2b-a14b8912363f%22%5D%7D&gt_ms=4&t_us=36&t_ue=36&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=26&t_as=29&t_ae=30&t_dl=29&t_di=719&t_ls=719&t_le=719&t_dc=749&t_ee=780&pv_id=Icmzb9
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\piwik[3].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Onderwerpen%20%7C%20Coronavirus%20COVID-19%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=692265&h=9&m=36&s=49&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19%2Fdocumenten&_id=b90b13402c4c6b2f&_idts=1611563785&_idvc=1&_idn=0&_viewts=1611563785&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%22%5D%2C%223%22%3A%5B%22type%22%2C%22-%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22-%22%5D%7D&gt_ms=5&t_us=46&t_ue=46&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=35&t_as=38&t_ae=40&t_dl=38&t_di=225&t_ls=225&t_le=225&t_dc=240&t_ee=292&pv_id=D1LARd
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\piwik[4].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Ministerie%20van%20Justitie%20en%20Veiligheid%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=479494&h=9&m=36&s=57&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fministeries%2Fministerie-van-justitie-en-veiligheid&_id=b90b13402c4c6b2f&_idts=1611563785&_idvc=1&_idn=0&_viewts=1611563785&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22-%22%5D%2C%223%22%3A%5B%22type%22%2C%22unithomepage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22df52230b-304e-4a67-8703-ae85e137e3fc%22%5D%7D&gt_ms=3&t_us=129&t_ue=129&t_fs=2&t_ds=2&t_cs=2&t_ce=2&t_qs=123&t_as=125&t_ae=126&t_dl=125&t_di=1033&t_ls=1033&t_le=1034&t_dc=1052&t_ee=1135&pv_id=VdzcC2
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\piwik[5].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Contact%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=244513&h=9&m=36&s=58&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fcontact&_id=b90b13402c4c6b2f&_idts=1611563785&_idvc=1&_idn=0&_viewts=1611563785&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22az%22%5D%2C%222%22%3A%5B%22subject%22%2C%22-%22%5D%2C%223%22%3A%5B%22type%22%2C%22webpage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%224285508d-8cdf-4b73-ba3a-55f8657f109c%22%5D%7D&gt_ms=3&t_us=40&t_ue=40&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=35&t_as=37&t_ae=38&t_dl=37&t_di=562&t_ls=562&t_le=563&t_dc=592&t_ee=616&pv_id=MFIuCM
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\roze-vlak-homepage-1920x330px-tp[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 1250 x 215, 1-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	321
Entropy (8bit):	5.289622470502654
Encrypted:	false
SSDEEP:	6:6v/lhPKtUyKmv8BRmhWS2f2zgN4VQIMBeDgK4KEMwoQIMBeDglp:6v/7ytUUml92zS4VQIjDgWEMwoQIjDgL
MD5:	F8DBB2D68641518DC3996E618D77E24E
SHA1:	74519AD8C86A2E1D5FA16B4B5DAB47F0AFAEF341
SHA-256:	5323637FCF2CCCE316BDE2693B2670C9C97C626C4DF99D390338EF10631E89DF
SHA-512:	50289050FB74DA895127CFB12E4537986669F7CC567CFEBE19D2DB2DF34BDD363EF1A9BD95EA742374B494F405171E661CC047737885FC167140F4A82FA7C892
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/large/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/lowres-fotos/roze-vlak-homepage-1920x330px-tp.png
Preview:	.PNG........IHDR...............l.....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....PLTE..]...A=......bKGD...-.....tIME.......o.....8IDATx..........Om.7........................................v..2...%tEXtdate:create.2020-05-14T06:29:26+00:00D......%tEXtdate:modify.2020-05-14T06:29:26+00:005.......IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\roze-vlak-homepage-1920x330px-tp[2].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 1920 x 330, 1-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	365
Entropy (8bit):	4.816587757735429
Encrypted:	false
SSDEEP:	6:6v/lhPilsVrWUyKmv8BRmhnTmFQEXlgzgN4VQIMBeDgK4KEMwoQIMBeDglp:6v/7azUUm4qFQXzS4VQIjDgWEMwoQIj8
MD5:	F6639404A9CCC555FFE795FFB92A1417
SHA1:	74BD8B5BCB7FF9F5D0103F9D9D570542C5BDBDEC
SHA-256:	147E7B3BA7F9F56F443700EE5DD6EC05DBF93ADFED94FFC3D3D4BE281E7ACC35
SHA-512:	52F8C7909C6B392D50928A6F0BB9EE30198248E8E69AD7C2ADAB1956E6BC9DB8844ECFBD40540DAC25B058C225AB2C874E59035A9EA519AF7D4CE7F4982A2CF4
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/widescreen/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/lowres-fotos/roze-vlak-homepage-1920x330px-tp.png
Preview:	.PNG........IHDR.......J........m....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....PLTE..]...A=......bKGD...-.....tIME.......o.....dIDATx...1......Om._..............................................................................^.6....f.....%tEXtdate:create.2020-05-14T06:29:26+00:00D......%tEXtdate:modify.2020-05-14T06:29:26+00:005.......IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\thuiswerken_corona_header[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x480, frames 3
Category:	downloaded
Size (bytes):	102978
Entropy (8bit):	7.977460630164892
Encrypted:	false
SSDEEP:	3072:ChDju8xliRtMTBCm4EE8EN/7msWinMbhXU:CZjRAEUm4EEp5umMbK
MD5:	6B50088E75CB94BBEA63DC21F163B4A5
SHA1:	2CC74189EB67FC948E0581D7351564552F8AC57A
SHA-256:	27E9BFC3959354C7E24031C22E44AB544F3CDDCFDDF1B1C06A883CFD08592D32
SHA-512:	B63D9E16F24482ADE55480C71B8471CC3867B9DC33CD6263C12A90128DC463D29F95F5BAF6ACF213BE86EE0C4A04977BA36DC4C7E2BE2D8077278F9C65A04055
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/widescreen/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/header/thuiswerken_corona_header.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================..........."........................................O........................!.1A.."Qaq2...B..#Rbr....$34..%5CSs...6c..D...&E.FT................................-......................!.1.AQ."2a...q#B3..C.............?..h....(....nG....d@1F..9..k.Q.B5Sq,R.q.jc/QG...3h9T..s..yO.C1fd...w...c.NoY..).....u......q.a.}{p..\|...O8.,....z.Ej..P.q....D=............5dQ..._.k\..?.Kkn.2...2e....m.x.....[[..b.3(\..Z..w.mm) `.b_.&.../....Q......(.OPc.S.<#....8..54....Z....SF..L.ou.ns.E2:.......U..v...zK..j:/....=..J...u...brEQ...Qn.H.W.S.....P.t.H.+.Wa.pbeK"..H..yEB..!F.Y.\|.(._..n.M..<.7.0..9>du.D....N3G.!Q.a'#4~R$S...T..}K]..Q9...C.gUqH......\#.I..a....hp...WS..9.h..nI_..t\|.H.@...7.1P.!r?o.Nx..&..\...wY@.......R .t.^....x.a..@.TO...K?.}0..[..g..IS.q.LBV-..fOqG....9.....oI...i/..Z..1.<.G[..{7..*..r.(hzL:0..Cv..UA.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\winkelen[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	892
Entropy (8bit):	7.611518875104057
Encrypted:	false
SSDEEP:	24:/iUpNyj9QzJK8ana1o7Rb3KuJr2AKsbRvhHi6N:/NpNa92K8anGoFbxr2FsbbJ
MD5:	600D63170E55B075CC13F951EFB783B4
SHA1:	7BFD3DA4F19D6FD8DDA200D294E538A301310E98
SHA-256:	71D7504ED749C805B89940680BAC309D135314F99EB4B6AF6CC1A84A20DF251F
SHA-512:	5332A568F14C4EED5B064D627A91BD6F1DCDCCC693D2C369DDC755675B5C7FCC6F342587E69674E649E0B27F193434EE66BE4E19207C582C491FD693A1B96CD0
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/winkelen.png
Preview:	.PNG........IHDR...@...@......iq.....sBIT....\|.d.....pHYs.........B(.x....tEXtSoftware.www.inkscape.org..<.....IDATx..kTA....Q.~.#H4Zja!...ZD,.{..Am...l..D..)...F-Lc.....LT.FcL.f-f.wgg..g..q>8..{f...sf.H$..D..g.Q.n..........gm.8.+@..,\|..>...0...$..Y.:V...~.A..p...l..e\|..@.e...8..?j4..!....j...:v.;..+j.m...4l.s6NR......7.3.9..t2.W..sb3"..v.O....u......F`...........~...Y.(.@.B..A.E..\|0..b.>`m.z.u~.e...O..o....\..3{............GP.I..h-.o,....U..!.1......(....;...?Y;a...#.....v+<..Y..W....o.6e.....Z.k..,....`...1w....U.X.3 ....`..Y..v...J.I.W.U..G}.!...8.<A=..].k4....Y`.q..{.7.f........p.g.:7=$Q....q...xi.....p. S4'?F.&.).+.}.......f.^Gu..."#...{....J.i."5..j.\|o.....Q.$....!g.u....).W.E...$.._"X_6.9W#...%..a..$..L....]..j=Y..#\|9..\A.M.1........l..q.1..;...;.^..0...m...).D....QW...[.n...:.{.....f'jE..8....}.m...P.$..D".?....B.W.J....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\1182-avondklok-negen-uur[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1693
Entropy (8bit):	7.791516404764009
Encrypted:	false
SSDEEP:	24:meQgetVeG6YQ4sW2kAgKHhRICbESGyId85NI3h++b9glS6xEG382SZpzitXwWhlV:8ge7eWdkD75GbdYuhV9gF8JZcamHkc
MD5:	5B33BD6A342E5B6AED99830B3CE50C5A
SHA1:	B537AB2884C24490EE9DA15E24820C281F87AA93
SHA-256:	D3B25D65C0F111896D03D993D966D64E4A9F1FE658372AFF15665D60128F2635
SHA-512:	9E77103BD42745F073EDF42AD85AE12F73EA0F4D23D839AAC0B95076FC14AB1EEFF4ED4D623BBB8FBBA1DB2A9552F6B54E705DBFC954001D4AF4970DB6E262DF
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/1182-avondklok-negen-uur.png
Preview:	.PNG........IHDR...@...@......iq.....pHYs...........~....OIDATx..[1OcG......A..B.:R.D..B.x.R.....h.6.......l!......\|.TG.-.4H !..b...h\|k....ow.3vB>i.....y.3..s.R.o..i...... .d.!3.....d..!a....{.........U......\|&.P..].....1BH..#..H.A..m....y..i.<l2._...9..v.:.0.^..yX.......".1......j........`.._.Ac.MC.m..4.........g!..K.+.H.....+.p. +..E.M.....L..;...!BH/.4.I..R..i4.J.....=......j]O..%.Q.k0w.y......b.g..J.2:...^........e.ch.......`d4!..-....\;).."..M0.q...-.&..aY..+.a.$.8z..X..w..`...q..3...T6....O^.y93.a&...%d\|.x.f.......T.Q......u...+.O.Ph...jW...D...........Ey....?.-........###-....wOOO........<>>6+. ...v..gwJ_.RJD...,.....877.:>>nD...!.R....]..?.j.S.P..g.....I..}$....i..............X__...H....-......(.$....C.ZZZ.D..f7U_[[......!XZZ...[cuu..X,....(...>!....................o.p.x<.k.^y.h.......Q..O.x.]__......q..2..(.Q... ....r.).h.T.k..3...e.0........ggg/......k.0...:...{..nvvVc...........p........!...dm.:%.0...\|....4.rx.^\\h.kc..........\....~.I

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\4215-afstand-houden[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	2162
Entropy (8bit):	4.8377742015761145
Encrypted:	false
SSDEEP:	48:cWAiMrePL4tiwo1XLO9brj8MJq7lsXLO9brDZukM5qOQILP8Q2zACVGf:KzqM891XLM9XLMp43gr84Gf
MD5:	18AFC3C5B03B5C25E13DB168E0DA222F
SHA1:	76CABC3FD38AB96D005DD1B0FA110BB7DE0EFE8E
SHA-256:	B59703506EAA2623A4F902A643FD300CC226964BEC7B1F4E097A6DBEF30AF93C
SHA-512:	F6FEECFE827A268EDFCAE48DC9EFC64B97EAFEB542612BFE58007CF81E1937180B4D535EA9C08FFA5C312D02991F2360F7A01D253F29ABD535233FDB2A47242C
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/4215-afstand-houden.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 24.0.3, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" style="enable-background:new 0 0 64 64;" version="1.1" viewBox="0 0 64 64" x="0px" xml:space="preserve" y="0px">.<style type="text/css">...st0{fill:none;}...st1{fill:#FF1D25;}...st2{fill:#1D1D1B;}.</style>.<g id="Box">..<rect class="st0" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<path d="M8.5,16.8c2.2,0,3.5-1.6,3.5-3.8c0-2.6-1.3-4-3.5-4C6.2,9,5,10.6,5,13C5,15.4,6.3,16.8,8.5,16.8z"/>...<path d="M12.5,18.6c-2.4-0.6-5.7-0.6-8,0c-4.6,1.1-4.4,8.8-4.4,15.1c0.2,2.2,1.8,2.8,2.8,2.8c0-0.1,0-1.2,0-2.2c0-0.5,0-3.3,0-3.6 c0-2.7,0.5-5.6,0.8-6.6C3.8,23.8,4,23.9,4,23.9v12V54c0,0,3.3,0,3.6-3.7c0,0,0.5-14,0.5-14.1c0-0.2,0.1-0.4,0.4-0.4 s0.4,0.2,0.4,0.4c0,0.2,0.5,14,0.5,14C9.6,54,13,54,13,54V35.8v-12c0,0,0.2-0.1,0.3,0.2c0.3,0.9,0.8,3.8,0.8,6.5 c0,0.5,0,3.4,0,

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\aandacht-voor-elkaar-uitgelicht-lowres[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2020:10:12 23:34:24], baseline, precision 8, 830x553, frames 3
Category:	downloaded
Size (bytes):	53029
Entropy (8bit):	7.3904281627607
Encrypted:	false
SSDEEP:	768:w7cpIHGImYyHbS5H9G5vBLLmBrsw57eNuRcLWBqdIxfU3sSN5Q+D7m:7rLbS5dG5vVLmN757ecR4d/ZNfm
MD5:	14FEC5888510B5755EA5E388BAFFFF5A
SHA1:	C87F1B6E758A7B482A6DEED9FE4B304552952523
SHA-256:	E2167FDDED80D972022A9A22397E9F648ADCA60541CAA2813DAB99B05D4E5C5F
SHA-512:	48E602DD911E4120A24157E49FEA47AB3C8DB3A55790287A88113A63250B0F89E7C652FFFF46C4CFCE107E4C382598A19C332E154AFDB5876F9E13FD121687E7
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/home/2020/aandacht-voor-elkaar-uitgelicht-lowres.jpg
Preview:	......JFIF.....H.H......Photoshop 3.0.8BIM.%......................8BIM.:....................printOutput........PstSbool.....Inteenum....Inte....Clrm....printSixteenBitbool.....printerNameTEXT..........printProofSetupObjc.....P.r.o.o.f. .S.e.t.u.p......proofSetup........Bltnenum....builtinProof....proofCMYK.8BIM.;.....-..............printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o..........Bl doub@o..........BrdTUntF#Rlt............Bld UntF#Rlt............RsltUntF#Pxl@R..........vectorDatabool.....PgPsenum....PgPs....PgPC....LeftUntF#Rlt............Top UntF#Rlt............Scl UntF#Prc@Y..........cropWhenPrintingbool.....cropRectBottomlong........cropRectLeftlong........cropRectRightlong........cropRectToplong.....8BIM.........H.......H......8BIM.&................?...8BIM...........x8BIM............8BIM..................8BIM'.........

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\accordion[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	1607
Entropy (8bit):	4.665070414272165
Encrypted:	false
SSDEEP:	48:039aQxVaQeZaQZ/4laQxoaQe9maQZiaQqaQCaQeaaQAaQqaQCaQeaaQxc8:03DJevZ/4rUe9sZIQoegOQoegxc8
MD5:	4D7F89A1DE3F06769A1F64C4214748FA
SHA1:	17C9341209B9DCEFEB9A55D8D5482F0F9F04313E
SHA-256:	BE6AC51394D0CD2B31FAB9676D1402496EF626048D1ADD8C0D8CD0B6F5AA684B
SHA-512:	016A2BFC9C82255F8C4E482E75B259471A5165B82EC65CA2159AE964BCC75B08667B7A78617E58B692E6ECEB9330C5DB62A9E48B7584F9AC19207E0E529C62C2
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/accordion.js
Preview:	$.fn.accordion=function(){$(".accordion__button").click(function(){if(this.classList.contains("active"))return this.classList.remove("active"),this.setAttribute("aria-expanded","false"),this.removeAttribute("aria-disabled"),this.parentElement.nextElementSibling.setAttribute("aria-hidden","true"),this.parentElement.nextElementSibling.style.maxHeight=null,void this.parentElement.nextElementSibling.classList.remove("active");$(".accordion__button").each(function(t,e){e.classList.remove("active"),e.setAttribute("aria-expanded","false"),e.removeAttribute("aria-disabled"),e.parentElement.nextElementSibling.setAttribute("aria-hidden","true"),e.parentElement.nextElementSibling.style.maxHeight=null,e.parentElement.nextElementSibling.classList.remove("active")}),this.classList.add("active"),this.setAttribute("aria-expanded","true"),this.setAttribute("aria-disabled","true"),this.parentElement.nextElementSibling.setAttribute("aria-hidden","false"),this.parentElement.nextElementSibling.classList.ad

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\ankiebroekersknol_1.jpg_1920[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=5, description=Nederland, Den Haag, 12-06-2019.Ankie Broekers-Knol, Staatssecretaris van Justitie en Veilighei, xresolution=190, yresolution=198, resolutionunit=1], baseline, precision 8, 830x553, frames 3
Category:	downloaded
Size (bytes):	52085
Entropy (8bit):	7.828967349839715
Encrypted:	false
SSDEEP:	1536:DpekeyUQtKVhndcj/xzoP+dM61FXLS+gHdcCjr:hWQtqi/5okMQXLS+gOCX
MD5:	50B05FC1BF5777E91BE8AAE8E405D924
SHA1:	6355BEC4283D1A7B9DE730C11A6A2047D67AF984
SHA-256:	480F110A542FDD496515A1B095D825ABC330B94AF3D2A1D4C28DE3A589178709
SHA-512:	DAA10DB8267DDCDC6B898330E0C6435539F7CBB9C16419DF2A9355402D8C6827EEC34E435443F0987D326DA31A4EB1B6FE474DF0B3604935F9833EFC406B4359
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/regering/bewindspersonen/kabinet-rutte-iii/ankie-broekers-knol/1920-px/ankiebroekersknol_1.jpg_1920.jpg
Preview:	......JFIF.............JPhotoshop 3.0.8BIM.......-.....Ankie Broekers-Knol.....bewindspersoon.....kabinet Rutte 3.....regering.....rijksoverheid.....staatssecretaris..Z..Den Haag..\..Rijnstraat.._..Zuid-Holland..e..Nederland..x.sNederland, Den Haag, 12-06-2019.Ankie Broekers-Knol, Staatssecretaris van Justitie en Veiligheid.Foto: Arenda Oomen............Exif..MM.*.............t...J.........................(..........................Nederland, Den Haag, 12-06-2019.Ankie Broekers-Knol, Staatssecretaris van Justitie en Veiligheid.Foto: Arenda Oomen.....................http://ns.adobe.com/xap/1.0/.<?xpacket begin='.' id='W5M0MpCehiHzreSzNTczkc9d'?>.<x:xmpmeta xmlns:x='adobe:ns:meta/' x:xmptk='Image::ExifTool 10.42'>.<rdf:RDF xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#'>.. <rdf:Description rdf:about=''. xmlns:Iptc4xmpCore='http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/'>. <Iptc4xmpCore:IntellectualGenre>Portretfoto</Iptc4xmpCore:IntellectualGenre>. <Iptc4xmpCore:Location>Rijnst

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\core[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	130174
Entropy (8bit):	5.282961614447641
Encrypted:	false
SSDEEP:	1536:xaMJrMdu2VNp1Xtdi6VHGEdLSHxJ4bx60BWSesUhtXQTXu3P58EAhPB+5/Ns1iIK:T0PpZatQTX+aG/C1iXtiy48DUyMbO
MD5:	B4B3996AF6CBB9A1D3F35B9ACD1D6F28
SHA1:	327B6EE197399176142378C61E375B7F1222693B
SHA-256:	A909BBFB230F9E848C59CCAA8E7E95CC2EE4A4CB73F6AE686633C7358991E665
SHA-512:	66D670D7DA5EFE7EA993C384E91FEB3D0C2A89E12116BCE06A9FE7F36125552A4F4A9EB4CC8392007561EE72884F2799BE72037EB6B6560755CAE0501766F750
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/core.js
Preview:	var requirejs,require,define;!function(global,setTimeout){var req,s,head,baseElement,dataMain,src,interactiveScript,currentlyAddingScript,mainScript,subPath,version="2.3.6",commentRegExp=/\/\[\s\S]?\\/\|([^:"'=]\|^)\/\/.$/gm,cjsRequireRegExp=/[^.]\srequire\s$\s["']([^'"\s]+)["']\s$/g,jsSuffixRegExp=/\.js$/,currDirRegExp=/^\.\//,op=Object.prototype,ostring=op.toString,hasOwn=op.hasOwnProperty,isBrowser=!("undefined"==typeof window\|\|"undefined"==typeof navigator\|\|!window.document),isWebWorker=!isBrowser&&"undefined"!=typeof importScripts,readyRegExp=isBrowser&&"PLAYSTATION 3"===navigator.platform?/^complete$/:/^(complete\|loaded)$/,defContextName="_",isOpera="undefined"!=typeof opera&&"[object Opera]"===opera.toString(),contexts={},cfg={},globalDefQueue=[],useInteractive=!1;function commentReplace(e,t){return t\|\|""}function isFunction(e){return"[object Function]"===ostring.call(e)}function isArray(e){return"[object Array]"===ostring.call(e)}function each(e,t){var n;if(e)for(n=0;n<

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\corona-in-eenvoudige-taal-lowres[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x320, frames 3
Category:	downloaded
Size (bytes):	17279
Entropy (8bit):	7.971048985955808
Encrypted:	false
SSDEEP:	384:wRl+IORVbbubC9vGektZD4NL/CJvgqsAm1cmBxKBPM8xUvDs:wbORh9atVSC7m11l4
MD5:	8D39F80190FBFBABB260D7B14C05C650
SHA1:	BF0CA8D6B8DB3B84FC3468D5E86125200D93AC56
SHA-256:	B7DD1B70BE0EA91FF736300CEC6F8F55F80048D7689F4B14B0D32FA9C2EE53CF
SHA-512:	DE4D395353C327D09844E919533D4A7CA45A6569354F1F1CECE94FBE4D9B2E62FA143F3F2B19EFDD905D361A97B4FC647A011A8D7CB6CB182B6642279C1C6290
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/uitgelicht/corona-in-eenvoudige-taal-lowres.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......@...."........................................V.........................!1AQ.."aq..2R..3B......#br.....$5ES.....4TUds...%&6CDct..................................'.......................!1A.Q.2"a..qB.............?....x,.g<.(.)...#....U.Ni.n.>.Xb..`..J...U.v^B.`..U$g.....3....uj..g.E..8.TIg.`<.....Qx....."..)7i..hT.S....JAu....EH..'.....U..W..8...ZPT.d.#b...L....7..B.......w.Q.H$.rF.wS...U~.>.N...K...n.........9..B.u...4@.f..v@.w"i.#Xc..n..;...A.(>)Q"}9.Ct.S.V...e..<8#Cj.'X.me.B..7.`&.Vo...KAZh...;...+U...].T..../.g....U.(.:.f.mwN.....pj.....f"p6I.KsO&.;...W..m..Q...@+..m...........A.R....)..?...wO~. ,..aY.S..}^.k.....`..l...K_M.f.....,:.O..fm...........UD.w.S.`..r...(...L#.j)H.e..N.=.p@p.)j...'_x..4..Y^j..E..\..0.\|.g-......{.3..7.ra.l.jG.X.n.M.rq..k.vW1..l..e;\9......HM.u.F.wsN......z\.b3v..".>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\coronavirus-supermarkt-vakkenvuller[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x320, frames 3
Category:	downloaded
Size (bytes):	38358
Entropy (8bit):	7.972462884921573
Encrypted:	false
SSDEEP:	768:IPHTqgdRJm7uImzHpIg+B3ejRzDQO9zymqXD2XqludGEw+VwBn+:IPzodsJITgVzDQGzymqi6wROZ+
MD5:	A10C2179DE17DE5CF6023F7B0ED08A34
SHA1:	93428CC1DB3AB76E0CB7C1BBD70D7BC847E26D4A
SHA-256:	FE4D5DD125E8EF304CB59DCC22615C0E5B2545887414CA9DABC02CA51D5B47CF
SHA-512:	F4C4E9A5671A1A7CF2E625F197EBCDB5020F06DA5AF4973697A2ED114C6E0D000EE98B18495E4E7429DEAAB4C2207E1C20F57E5431167D377C1F4BC68C058C2D
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/uitgelicht/coronavirus-supermarkt-vakkenvuller.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......@...."........................................M.........................!1..AQa."q..2.....#BR..3b...$Sr..Cs.%4Dc....5TUt.......................................................!.1.."AQ.2aq#....3BR..............?...Uj.......4...Z..\..)..z...R.....z..G....pp....S.....PW.$P..B:.Fy.L.C@...b:.G.j.OJ..E...a..=...,.1m.E.\|t.R<.P.B.w.D.A..yof...5.......M0.:..KZ.z..2..../.M...=.........Vm......&..W..\|..7..\|c..^.u=.....QV...,..TR.N...'.{K;%.u+.m0....o....V.8..W=....... . ...EO...........4...x..<q.qYN.6.T..]..Kvy-..!...E.$......j....P4.\-.}..3 ..Nq.F.oG.t{K..I.n.$K..$....sM.....Z.....eF.6..^\|..$.N...p.[tW....#.O.B..Y.y.....8........^..p..$L......d....>B..Z..w.Ao%...A ..:~..Q."..\|.h.{....Y>.<y.....8.K....N\|....G.V......1....9.3..@j..Z_{....:.../y.r3....#8.............ng.$.......,.4.....6.'.P..2.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\dit-is-jenv[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=15, height=4425, bps=194, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark IV, orientation=upper-left, width=6638], baseline, precision 8, 830x553, frames 3
Category:	downloaded
Size (bytes):	210367
Entropy (8bit):	7.939563435669795
Encrypted:	false
SSDEEP:	3072:mjGRG9w+aqSPilLkYGDpxwKIffUKTPk4Z2xCQMhcQGXp2tEy79991rJxMuY:SvciNQp2KOcKTPkihc5Xp2V9IB
MD5:	321C04D14C4CB2FFD89436D22BBDD867
SHA1:	0BC818E1CA669CC48A5CD035765358C4BECD4F2B
SHA-256:	CBFD7BF6202AE5DED70BAA5F17F93B0CB4BE2DCBFC350E0A05C32BF11697E9E1
SHA-512:	09C69E694A12BAFD8065DA052E59D2294CEC6F2822C0C3E56F8E5BD1F1CC545EC2C37C3C17ADE705E401ACA00728BBCD95B5F0B008B6D9AD55F73933B4B25DAC
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/ministeries/justitie-en-veiligheid/dit-is-jenv.jpg
Preview:	......JFIF.....,.,....1NPhotoshop 3.0.8BIM.......Q..Z...%G.........P..Valerie Kuypers..7..20180814..<..140204+0100.....0:6:0:006816.8BIM.%...........D3.5b)$.>.8BIM.:.....c..............printOutput........ClrSenum....ClrS....RGBC....Nm TEXT.....s.R.G.B. .I.E.C.6.1.9.6.6.-.2...1......Inteenum....Inte....Clrm....MpBlbool.....printSixteenBitbool.....printerNameTEXT.....C.a.n.o.n. .M.G.7.5.0.0. .s.e.r.i.e.s......printProofSetupObjc.....I.n.s.t.e.l.l.e.n. .p.r.o.e.f......proofSetup........Bltnenum....builtinProof....proofCMYK.8BIM.;.....-..............printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o..........Bl doub@o..........BrdTUntF#Rlt............Bld UntF#Rlt............RsltUntF#Pxl@r..........vectorDatabool.....PgPsenum....PgPs....PgPC....LeftUntF#Rlt............Top UntF#Rlt............Scl UntF#Prc@Y..........cropWhenPrintingbool..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\ferdinand-grapperhaus-lg[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=11, description=Ferdinand Grapperhaus, minister van het ministerie van Justitie en veiligheid, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, xresolution=252, yresolution=260, resolutionunit=2, software=Adobe Photoshop CC (Macintosh), datetime=2018:08:22 18:28:09], baseline, precision 8, 829x553, frames 3
Category:	downloaded
Size (bytes):	68075
Entropy (8bit):	7.597225711901583
Encrypted:	false
SSDEEP:	1536:oxbLsjQQsj0dPJSrzDEskLJx77qA9tBXd4G4RFKeWJIVycK:oxbLGQQG0ZJS/oBJUA9t5dr4LKikcK
MD5:	5C3804BB369134CBD388A7AFB5C2F3B6
SHA1:	6F341CACF4808CEA0804A2AC946C2B8687D195F9
SHA-256:	237608EE290FF6A6538702A3CDC0AD7BBE8F6E4884A2F7FD2EBF3C1DAB49393E
SHA-512:	425DE846754BE56B39823CB9165EC1B75F7022C7802545755FA8A8A62E35F3FD3D7E30D6B9F50E1D4AA94F2F2C0E48699AEDCB5C76CBC69A05F4AD12270812E9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/regering/bewindspersonen/kabinet-rutte-iii/ferdinand-grapperhaus/fullsize/ferdinand-grapperhaus-lg.jpg
Preview:	......JFIF.....,.,......Photoshop 3.0.8BIM..........Z...%G............`...P..Arenda Oomen Fotografie..7..20180822..<..095305+0000.....Ferdinand Grapperhaus.....Rijksoverheid.....Rijksoverheid.nl.....bewindspersoon.....minister....%ministerie van Justitie en Veiligheid.....ministeriepagina.....regering..Z..Den Haag..\..Rijnstraat .._..Zuid-Holland..e..Nederland..x.MFerdinand Grapperhaus, minister van het ministerie van Justitie en veiligheid8BIM.%......V.. ....]8..X.'8BIM.:....................printOutput........PstSbool.....Inteenum....Inte....Clrm....printSixteenBitbool.....printerNameTEXT.....S.a.m.s.u.n.g. .S.C.X.-.3.4.0.0. .S.e.r.i.e.s......printProofSetupObjc.....I.n.s.t.e.l.l.e.n. .p.r.o.e.f......proofSetup........Bltnenum....builtinProof....proofCMYK.8BIM.;.....-..............printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\formulier-werkgeversverklaring-avondklok[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	9949
Entropy (8bit):	5.048415249967825
Encrypted:	false
SSDEEP:	96:Q7MoCek2Vknk1k2UYrsTdgAGj5FmHUuDKhn43yuJeyWcazWHHaz9GHZzRrlKGoCA:qp+2ukO21A2AWCHUPWmj12aEHZzRxYJ
MD5:	2BD25403DBCFAA4828C13E8F18EA70F4
SHA1:	194147C9A2648DFDC51A13F71DB5CF35F9C70A6E
SHA-256:	D03239D6AA1DAB4AB1CB8B6ED2D858F6423F3C5B7BADDD5DEAEA0C97F890F695
SHA-512:	166E850FF98C7C72EDCCDFD4E4A83EDBE50286FBD90EB26FF722C640E5D0235F95FF64169745F89F26FBFB2617A382090D10E63062DDABBD1D04B41C55BA3911
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondklok
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Formulier 'Werkgeversverklaring avondklok' \| Formulier \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Formulier 'Werkgeversverklaring avondklok' - Formulier - Rijksoverheid.nl"/>.<meta property="og:title" content="Formulier 'Werkgeversverklaring avondklok'"/>.<meta property="og:description" content="Als u tijdens de avondklok voor het werk buiten moet zijn, dan heeft u het formulier 'Eigen verklaring avondklok' en een .Werkgeversverklaring avondklok. nodig. De werkgever geeft deze verklaring aan werknemers."/>.<meta property="og:type" content="website"/>.<meta property="og:url" content="https://www.rijksoverheid.nl/documenten/formulieren/

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\icoon-reageerbuis[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	537
Entropy (8bit):	7.114134753084636
Encrypted:	false
SSDEEP:	12:6v/7O/6Tog8WTnmf0qkfYlKKKKKKKKKKAPE8Bsv2y7wSTSLK:D/6Bbmf0VfYgPE8GRL/
MD5:	1213634A486D16E8C356FAC9CA7561F6
SHA1:	AAD69F1067962A1AE4CF1F604D5B5986E036F49E
SHA-256:	B78B84462184D5CA319C008DAC17BF54BCB73F4F15AA7396FA07AB08EF6E12BC
SHA-512:	80EBC0CC903A01FB25234755A67AAE806E11F4C17D6D454579A74B40C2CBD6C69148723B6D88436ACDA6151F0C505F14D9F769E47B46CC5264296EAAFC71CED2
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/icoon-reageerbuis.png
Preview:	.PNG........IHDR...@...@......iq.....pHYs.................tEXtSoftware.Adobe ImageReadyq.e<....IDATx...m.0.............t.F..`...........L.S/.D..`;..Y:YX.s.\|...v!..r......&.&r.5......t.I.N....h2..nh..,....R....9*.....?`..\|..$.s..4do..]..F.....pW[..~.9.}.P...1.X..V.....imJ...-J.....e}J........P..pR&.5W..3F.......................................@Y.z..t.L..Y..}...........y.........7.N....H..w..0.^x@....rE+......0.....e(.yD...D..k[..&.....I=.(.;.6....X.`{,._..v:v..@.U.^0l+c.`..'%..kb\..."+^..b>..4........N.J.-..j....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\img-helpers[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	19474
Entropy (8bit):	5.126004100473408
Encrypted:	false
SSDEEP:	384:6xlRv5qfYWBwK+i+nHnfebLahDmHiklM3V5zkeBgwtPQ4ywvm+mDxgGxgst4vOwP:6xlRhdK+i+n/ebLa8HiklM3V5zkeBTtX
MD5:	80A90D742AFACB572E64194595B8D254
SHA1:	5888D04E386478F0B32EA3E0749E634F825B1D06
SHA-256:	8B94CF4B63020D52A52972A68B8F7236DD3B624F7A68701E2D09C6BF025D5459
SHA-512:	BD6FBBBA121C39E5C2A54547D36F5AFAA8A2F979003A7FB70A22F03027535FA4FFAF8E0E0236643165A070EC47E8CA9ECFA7FECCC264ABCD82B19EEB5443C96B
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/img-helpers.js
Preview:	if($.widget("img.lightbox",{isBuild:!1,currentSlideNr:0,nrSlides:0,transitionTime:400,$slides:[],options:{type:"single"},_create:function(){this.lightboxUniqIdBase="lb_"+Math.random().toString(36).replace(/[^a-z]+/g,"").substr(0,6)+"_",this.$images=$(this.element).find("img"),this.$triggers=this.$images.closest("a"),this.nrSlides=this.$images.length,this._catchClicks()},_catchClicks:function(){var t=this;this.$triggers.on("click",function(e){e.preventDefault(),t.currentSlideNr=t.$triggers.index(this),t.$selectedImg=t.$images.eq(t.currentSlideNr),t.openLightbox()})},_createElements:function(){var t=this;this.$overlay=$("<div/>",{class:"lightboxOverlay","aria-hidden":"true","aria-modal":"true",role:"dialog",tabindex:"0"}).prependTo("body"),this.$modal=$("<div/>",{class:"lightboxModal",tabindex:"-1"}).appendTo(t.$overlay),this.$rail=$("<div/>",{class:"slideRail"}).appendTo(t.$modal),this.$images.each(function(e){t.$slides[e]=$("<div/>",{class:"slide"}).data("hasContent",!1).appendTo(t.$ra

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\logo-fallback-ro[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	22192
Entropy (8bit):	3.7890730903705303
Encrypted:	false
SSDEEP:	384:DW309mPNYV8wLCIpc8IVN1wVZ9P3TqA1JYSmfwel4MADZtr:e0bBYCPOKjEZAV9
MD5:	AD7B7F13A1B30C8B4E7BBE17E4B7C6B5
SHA1:	94FDBD8C2928E7508847B4B2E5A41B8A0D802B27
SHA-256:	09BF69D29882694FA99C8730B853ECA8E855BBDE4FE62B2DF167D177FDBD7DF1
SHA-512:	C173B5531D3539D5F0A62BC39CBC8725C2C32F7AE352ED0E6FE103305D8F417502FA8DEC3A5BDEDFDA62E5ED8A0BAE57392636CF59DB54AF6D659BA7304B6A8C
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/channel-afbeeldingen/logos/logo-fallback-ro.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 21.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" height="69.96px" id="Laag_1" style="enable-background:new 0 0 120 69.96;" version="1.1" viewBox="0 0 120 69.96" width="120px" x="0px" xml:space="preserve" y="0px">.<style type="text/css">...st0{fill:#154273;}...st1{fill:#FFFFFF;}.</style>.<g>..<rect class="st0" height="60" width="40"/>.</g>.<path class="st1" d="M20.72,41.89h-0.7v-1.93h0.7V41.89z M23.86,33.38h-0.7v-1.93h0.7V33.38z M10.97,30.05c-0.05,0-0.41,0-0.41,0.08 c0,0.07,0.17,0.04,0.41,0.08c0.56,0.1,0.78,0.38,1.17,0.38c0.35,0,0.72-0.24,0.58-0.75c-0.02-0.09-0.07-0.07-0.08-0.01 c-0.05,0.23-0.34,0.36-0.63,0.36C11.63,30.18,11.55,30.05,10.97,30.05z M7.14,31.98c0.06,0.08,0.72,0.94-0.29,1.26 c-0.04,0.01-0.06,0.06,0.01,0.09c0.74,0.31,1.11-0.26,1.11-0.26c0.37,0.86-0.2,1.33-0.2,1.33c0.08,0.15,0.44,0.41,0.98,0.53

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\nl-alert-8-juni-2020[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x300, frames 3
Category:	downloaded
Size (bytes):	13696
Entropy (8bit):	7.954820043051657
Encrypted:	false
SSDEEP:	384:1lK02KPmqQV/Tj/e9A3IWFIt0FwE4sPMcNAIqn:i0Dvm/Tq9APIt0FwEAIq
MD5:	C7F750297F53DEAFBF9BF1A88063BF2E
SHA1:	063B03A10C8B87B032F5D6657FE9F52120775568
SHA-256:	0A66153A80CA9D3CB001618FAB6B3DCBDBB4B80EFA7294D97746B8DAE9E37327
SHA-512:	B0BEA8EBD24B0C5CBC1A31C7F9A5F1DBDA477133C338A1E3122C7F98E64494FD9DB27D5E54ED911C32574B4DBF7EA39293E776E627F523189CC228B9C4C196FA
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/home/2020/nl-alert-8-juni-2020.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......,...."........................................Q........................!1..AQ.."aq........2BRT...#6rs.$&3SUb....45Cc.....%7Et.................................2........................!.1.AQa."2qR........3#B.............?.....Y<....H..T......d..V.'d..v@+$[su"...+'...oJ,... .....c..;..4....H.dqG...N.)Z....#.D..4.t.\|.l..B.$%l... ...R..@..;Y....$[;)d........#...9.$..VH.YD.............7K.eH..E+d..G..HK...2@G...;w.D.,...$..H..TP..B....T...Z...4FH..A.v..v....;..!.$.BG4.,...Y.CD...2.!.L...I.02@G4.jv.+Y.......d..#.........h.h....5$..@$..7A....J'U.y.....##....u.\.wH.....$...ae........-.*a.}.KX..u..W.V....)+..."...Q....i..e; #t".&md.RR.....y.G.I. #.JV(!.....$....OR...)..\..!=..,..Y.vA,...:)..d.].....G$.......@^....d..V.K..H.).E.....v..d.5FA.....VE.8.2@.E.....KM....Y..i...$.#.-.?....qFH:.$..$..J8 ..$...D ..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\piwik[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Formulier%20'Eigen%20verklaring%20avondklok'%20%7C%20Formulier%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=117657&h=9&m=36&s=25&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19%2Fdocumenten%2Fformulieren%2F2021%2F01%2F21%2Fformulier-eigen-verklaring-avondklok&_id=b90b13402c4c6b2f&_idts=1611563785&_idvc=1&_idn=0&_viewts=1611563785&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22jenv%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%7C%22%5D%2C%223%22%3A%5B%22type%22%2C%22leadingpage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%224f86e7d6-df76-46a0-831e-3c0b24432efc%22%5D%7D&gt_ms=21&t_fs=0&t_ds=0&t_cs=0&t_ce=0&t_qs=0&t_as=0&t_ae=21&t_dl=0&t_di=320&t_ls=320&t_le=320&t_dc=404&t_ee=426&pv_id=CTNpS2
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\piwik[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	66210
Entropy (8bit):	5.522089969385018
Encrypted:	false
SSDEEP:	1536:6s2uk/Ovn/tdg5NmaVymLj0JfUEQUc2GonbvKfPbTITrVT:C/G/ZWQJt
MD5:	2D695BE38B0A0F20485064FEE4A6A42A
SHA1:	5EACD0F917E94C902A1557D7F0BA30B3B162CF0A
SHA-256:	DD499FF55F3C2A7BCEF3F0F9A43F93CC4CBC00C74EB7A3684AE10C23748C6D66
SHA-512:	7EFCF3F465722C03445FFF717D3D546E9AE2E8B7D0ABBF3DA0C90FCF8E21985EE288FC6F2AAED7A0003EF9BBCBFBC94C51536E3021FD72288D24F7835B8790D1
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.js
Preview:	/!!. JavaScript tracking client. . @source https://github.com/piwik/piwik/blob/master/js/piwik.js. * @license https://opensource.org/licenses/BSD-3-Clause BSD-3 Clause (also in js/LICENSE.txt). * @license magnet:?xt=urn:btih:c80d50af7d3db9be66a4d0a86db0286e4fd33292&dn=bsd-3-clause.txt BSD-3-Clause. /.if(typeof JSON_PIWIK!=="object"&&typeof window.JSON==="object"&&window.JSON.stringify&&window.JSON.parse){JSON_PIWIK=window.JSON}else{(function(){var a={};./!! JSON v3.3.2 \| http://bestiejs.github.io/json3 \| Copyright 2012-2014, Kit Cambridge \| http://kit.mit-license.org */.(function(){var c=typeof define==="function"&&define.amd;var e={"function":true,object:true};var h=e[typeof a]&&a&&!a.nodeType&&a;var i=e[typeof window]&&window\|\|this,b=h&&e[typeof module]&&module&&!module.nodeType&&typeof global=="object"&&global;if(b&&(b.global===b\|\|b.window===b\|\|b.self===b)){i=b}function j(ab,V){ab\|\|(ab=i.Object());V\|\|(V=i.Object());var K=ab.Number\|\|i.Number,R=ab.String\|\|i.String,x=ab.Object\|

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\piwik[2].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Avondklok%20%7C%20Coronavirus%20COVID-19%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=821286&h=9&m=36&s=53&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19%2Favondklok&_id=b90b13402c4c6b2f&_idts=1611563785&_idvc=1&_idn=0&_viewts=1611563785&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22jenv%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%22%5D%2C%223%22%3A%5B%22type%22%2C%22webpageextended%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22dd179a04-39ee-4706-8418-6fc32969309e%22%5D%7D&gt_ms=3&t_us=33&t_ue=33&t_fs=2&t_ds=2&t_cs=2&t_ce=2&t_qs=28&t_as=30&t_ae=31&t_dl=30&t_di=511&t_ls=511&t_le=511&t_dc=533&t_ee=568&pv_id=0KUpf0
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\responsive[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	288040
Entropy (8bit):	5.167373482119021
Encrypted:	false
SSDEEP:	1536:+gk5LbaAXDpaPEUrCEeWo+ffeXKsGA+rxr+D9awQLwrFqeNyvZ4Q/5fd42tUb+9e:PkYe4/5fgN3Oe
MD5:	B8E6120181CE51C76168A9AB8EDBCC5D
SHA1:	936C17A3205EE8E716E8056ED6083B0DC911B3DD
SHA-256:	AB9BF9A250E7C34001D8374540698D65830EF013686F2A372120834204A57C13
SHA-512:	7DE54779B217BAD7BE44166256CC4C5545F5B552BD8F3B28B0A650C0A4866F00E8EE8CA1EF43E843B279A147805B27E1E8DFCB7F851B2DF8BF4C8790090DAD17
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/responsive.css
Preview:	html{-webkit-text-size-adjust:100%;line-height:1.15}body{margin:0}main{display:block}h1{margin:.67em 0;font-size:2em}hr{overflow:visible;-webkit-box-sizing:content-box;box-sizing:content-box;height:0}pre{font-family:monospace, monospace;font-size:1em}a{background-color:transparent}abbr[title]{text-decoration:underline;-webkit-text-decoration:underline dotted;text-decoration:underline dotted;border-bottom:none}b,strong{font-weight:bolder}code,kbd,samp{font-family:monospace, monospace;font-size:1em}small{font-size:80%}sub,sup{position:relative;vertical-align:baseline;font-size:75%;line-height:0}sub{bottom:-.25em}sup{top:-.5em}img{border-style:none}button,input,optgroup,select,textarea{margin:0;font-family:inherit;font-size:100%;line-height:1.15}button,input{overflow:visible}button,select{text-transform:none}button,[type='button'],[type='reset'],[type='submit']{-webkit-appearance:button}button::-moz-focus-inner,[type='button']::-moz-focus-inner,[type='reset']::-moz-focus-inner,[type='subm

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\sander-dekker-2020-1[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=17, height=4000, bps=0, PhotometricIntepretation=RGB, description=Nederland, Den Haag, 19-08-2020. Sander Dekker, Minister voor Rechtsbescherming van het ministe, manufacturer=SONY, model=ILCE-9, orientation=upper-left, width=6000], baseline, precision 8, 830x553, frames 3
Category:	downloaded
Size (bytes):	65383
Entropy (8bit):	7.521693564786096
Encrypted:	false
SSDEEP:	1536:iY74dgbymi6gihBu59TV4yO1mXLv+irVe6NRHzQg38A:i4cogcEVQsLvjXkg38A
MD5:	B8A28085C7728FEDCFCE6E12700747BB
SHA1:	0920F21266FB4F3EA7E133E5BF5D1BFCEEC73EE9
SHA-256:	EE81F5F7B6BDCE4A3DF9A30FCE37F7933FF55B839904DA6D5FEAB2985BCE509C
SHA-512:	C5EB9539FC1130FB28B38333DF36F06759AE0B184B1F32CCF201FEF4C1B0288B36A299F4F52ED0D7830E7802A390D51E9BD9B0B1D579DA1E99B454280B9E7B14
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/regering/bewindspersonen/kabinet-rutte-iii/sander-dekker/fullsize/sander-dekker-2020-1.jpg
Preview:	......JFIF.....,.,.....<Photoshop 3.0.8BIM.........,.......,......8BIM..................8BIM..................8BIM.......H./ff...lff........./ff...............2.....Z...........5.....-..........8BIM.......p................................................................................................................8BIM.......~..Z...%G...................Beeldcentrum Rijksoverheid.....Beeldcentrum Rijksoverhied...."De minister voor Rechtsbescherming.....JenV....%Ministerie van Justitie en Veiligheid.....Rijksoverheid.nl.....Sander Dekker.....bewindspersoon.....kabinet Rutte-3.....minister.....ministeriepagina.....portret.....portretfoto.....regering.....rijksoverheid.....vierkant..7..20140123..P..Arenda Oomen Fotografie..U..Fotograaf..t..Arenda Oomen .06.5383.3039..x.~Nederland, Den Haag, 19-08-2020. Sander Dekker, Minister voor Rechtsbescherming van het ministerie van Justitie en Veiligheid......Sander Dekker..Z..Den Haag.._..Zuid-Holland..e..Nederland8BIM................8BIM........

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\telefoonnummer-corona-uitgelicht[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x400, frames 3
Category:	downloaded
Size (bytes):	78218
Entropy (8bit):	7.955494297479003
Encrypted:	false
SSDEEP:	1536:Z0lpE5HDTFTLadSCeKCv0MJ+OS7qUiawth15GYpGlQY3eUMMU7iK:mpk/hhTJ+7qnawDG7ezM+
MD5:	518480974995F9C4034F90F11E7D06C5
SHA1:	A88A2BFE34F78D21A3D1E36DD329EA177FFAD4C0
SHA-256:	815B7D397808257EA24B94A044DADA238794028C0793DF944BA50349E230FFA0
SHA-512:	E5E90F0807944125686ABFC0DA6E59C9BEE4BCE2212C28B222D10262F400A0C03D1EA79B8432D36272EF3040AF453BA58746073C5DDD8AE6B57377CF04F82600
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/uitgelicht/telefoonnummer-corona-uitgelicht.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================........X.."........................................P......................!...1..AQ"aq..2...#B..R....3..$br.....4CET....%'DG.7S...................................;.........................!1A."Qa..2q......#...3BR.$45SCr.............?.......k.T.>$......{.....ye.P.t.T!@..,.Gx.Hdc..o.yj..p7(..$...].\|RM....]C.$..%...U2.I:T=$..o4..9....K.[.8+.h."...5..o...bb.../#..T.Z..P...].{(LN."~..OK].4.\|....h.^.-.....O..h.m..J.z.0PJ.../,..`TI..2S7.1....c;l...-.4.....H.E#\....R...HL.D......>U.+.O..W4....d..j....v&........b.AB..p..Tb.Q..P.......H..&`..Mb.RAXO0.....x.......d..).....e..cw..\.U...P.... .G.....y.aF.5.np ..\.....7.J..f...jUF.uG...R...I2.d\.Z.)U}.O..i4.......$....\6.\|,..X'.Ut.n..Z..3[n..HB.7.. jP.>......]!+aK%&.9gH...#.A..<Tm.T.w..)......R.>.#x..\yu5.6.w[<.I.!H..{.\|....(.f.p.]..6....*m..5..e%i.)...l;...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\wandeling-in-bos[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=12, height=1436, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], baseline, precision 8, 800x533, frames 3
Category:	downloaded
Size (bytes):	114183
Entropy (8bit):	7.930885088196179
Encrypted:	false
SSDEEP:	1536:SSZGSZ2zuh89BEErwJoDBGUY0K3t0aRT//bR4nxoX5czIgE2X7baHXTd80R6:SsGsQuSzrFGU5eKaRHjWEIXyD6L
MD5:	30248009AA369AACCD085385DA9934BD
SHA1:	48C024C5833EC70BF039AAA75FA48E21AFB2EABF
SHA-256:	5E50665FCECC52D51A34CF607824E53B1608E3D01388453CBDA1E5D9B2616317
SHA-512:	5187FF3B6E3025550BF932114559E535E7E134FAE50F25352C805F926B0D7046CA4510CA1EE4CD44F735C88AB5D8057585AC7973E620905A68A0487E15986422
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/veranderingen-2021/wandeling-in-bos.jpg
Preview:	......JFIF.....`.`......Photoshop 3.0.8BIM..........Z...%G.....O..8BIM.%............!......R8BIM.:....................printOutput........ClrSenum....ClrS....RGBC....Inteenum....Inte....Clrm....MpBlbool.....printSixteenBitbool.....printerNameTEXT.......8BIM.;....................printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o..........Bl doub@o..........BrdTUntF#Rlt............Bld UntF#Rlt............RsltUntF#Pxl@X..........vectorDatabool.....PgPsenum....PgPs....PgPC....LeftUntF#Rlt............Top UntF#Rlt............Scl UntF#Prc@Y......8BIM.........`.......`......8BIM.&................?...8BIM............8BIM............8BIM..................8BIM'.................8BIM.......H./ff...lff........./ff...............2.....Z...........5.....-..........8BIM.......p..........................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\4015-inenting[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1512
Entropy (8bit):	4.968050802321593
Encrypted:	false
SSDEEP:	24:2dNgAiELZK60yVJhRb60yG2Rb60yJOS6XRkO1YIY+YwyAusOE2faJJ7b7EO+:caAiMo6b1ATAT6BZ1ZYwg3aznEB
MD5:	7D54C1B9D88D788B4A45AB48CDF6E9CD
SHA1:	E034DA6D9EB3E37775EC656977CA770711071987
SHA-256:	7560D80CBF9B343DA9CFDB139C66A1E89692D8B9AF15F370317006264B4A4F09
SHA-512:	F31CB3517035653A917E2C9061EFB57D6440E8D6F25B2C055F25DAD282CD7854033C3DCBDEC69B140298D76F8C97B068AACC1CCCE72BD5073083BF8D44C6C348
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/4015-inenting.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 17.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="_x36_4px_Boxes">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Production">..<rect fill="none" height="64" width="64"/>..<path d="M58.3401,14.824c-1.4142-1.4142-7.7499-7.7499-9.1641-9.1641c-1.4991-1.4991-3.6987,0.4681-2.7267,2.2176 c1.1313,2.0365,1.7395,2.984,1.7395,2.984l-5.1636,5.1636c0,0,0.8781,1.7491,2.3942,4.8136 c0.1477,0.2986-0.0263,0.4092-0.0808,0.4342c0,0-8.1265-8.1253-9.8512-9.85c-1.1591-1.1577-3.4915,0.6255-2.4703,2.4323 c0.9985,1.7666,2.4159,4.1052,2.4159,4.1052L18.3721,35.0213c-0.5584,0.5584-0.939,1.2696-1.0939,2.0439l-1.7905,9.3717L5.2795,57 h3.4393l8.8336-8.4854l9.4-1.7709c0.7783-0.1536,1.4932-0.5352,2.0

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\KEKSHZAX.htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	21723
Entropy (8bit):	4.708696998003483
Encrypted:	false
SSDEEP:	384:4aG1ukO3W5HUPzP3a8EVLCmYWzKh8dZzzYJ:4a4IWxWP3a8EVLCmYsxpzYJ
MD5:	A81BDCEA4E78104A788669273D956A00
SHA1:	7145DCCD10C6EB17BFBC02BE3E51F0F1B2E99820
SHA-256:	FE0DDE41F42ACB26FB66A3F8EEA25C5FAA1063FF5053AFA25CE9EC3FF753CF3C
SHA-512:	79BA1A6769490E8391955A19C79252C3E56267A9C8E093AF05A5B68ABA18547987A5991DD7D06CEF35360E1452C907D7D3C14E8EB0EE0259848E9D8556174CF9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/
Preview:	<!doctype html>..<html class="no-js fullWidth hasMainNav" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta name="description" content="Rijksoverheid.nl is de website van het Rijk met uitleg en nieuws over wet- en regelgeving van alle ministeries."/>.<meta name="DCTERMS.description" content="Rijksoverheid.nl is de website van het Rijk met uitleg en nieuws over wet- en regelgeving van alle ministeries."/>.<meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Informatie van de Rijksoverheid \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Informatie van de Rijksoverheid - Rijksoverheid.nl"/>.<link rel="canonical" href="https://www.rijksoverheid.nl/"/>.<meta name="viewport" content="width=device-width, initial-scale=1"/>.<meta name="DCTERMS.language" title="XSD.language" content="nl-NL"/>. <meta name="DCTERMS.crea

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\RO-SerifWeb-Italic[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 110541, version 3.0
Category:	downloaded
Size (bytes):	110541
Entropy (8bit):	7.996245326669617
Encrypted:	true
SSDEEP:	3072:9weTz3H/X6dN9vfAy/x2qN2H2CV7ukdcWb9A1:9/f6NJJ/fN2Ww7ulWpA1
MD5:	778E789CD8180DEBD9B4DD5D8B8AE0E3
SHA1:	B79791FF50B98EF46FA606CA2D26D24FFE894AE5
SHA-256:	AB448317578C648868C6394CFFE2760264A193E30147C52BD16434BCC214EE5C
SHA-512:	681DBF76DBAE8E8CCD67710553A7F1D3C903CA3D95D87C2AB7DA0428A3414B2B4DFD5A59F99F0823C48F7EF62C4BD94B8FC5FABF98FFB694166D78BBFF02F572
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/webfonts/RO-SerifWeb-Italic.woff
Preview:	wOFF...............X...........%...q........GPOS...............3GSUB...0...u....ujv.LTSH...X............OS/2...$...]...`..[.VDMX.......y.......Ecmap...p.........BEcvt .."l.........g..fpgm...........a.5..gasp...x.........z..glyf..'\..pz.....6o.hdmx..........%hr&=Dhead.......6...6..1@hhea.......$...$....hmtx...........t.-.loca..#....V...x...maxp....... ... ...Hname.......p...z...Wpost...H.........V..prep.. x........)X.D..........;._.<..........H@................................K...............i.........................X...............@....x.c`f..8.......)....o.....`.(..e`ecc`.d`a``X.............F...LLO..a8...h.....c..T.........A...x..KHTa.....fFG.u..]8....hF.4..ad!.d..B...7.=..Z(....R....Q..T.0. I..H..%.R._.{g..Qr.?.....s..j.p5D..p\&.)o.n1........4.oc(/.!.....e.g.A.8.g..A..1...k..5..Lr.H.......CU....T?2bI...G.7V/..T..f..#...4.w.c.~.Y..J..n!'.w./.X+{.q...-....zP....^`...(.`..)..S...}. ...lcX...M...E."wIw.$=...qH..}.(6..{.~..tux!....O-..F).../..zP5.#.. .:.5...0..< ..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\avondklok[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	13738
Entropy (8bit):	4.92964801303821
Encrypted:	false
SSDEEP:	192:+QhJukO2EA2AWiYHUPoKSURfPSHwqJV3qEHZzRxYJ:TJukOcWiYHUlZo3vNZzzYJ
MD5:	ABEA088952259A7155681CB08739A4E5
SHA1:	C542FA7C725A2760D250629C7F1B5E1682CCC276
SHA-256:	28631F48FB4AD5F9892AB9A3C695D0EB732F060175948356640DA9FA9B5F4557
SHA-512:	1E97FCD4AE9A98B6C79D4E027A8A2637CE7446116417E1016E160DF696DF97D01D0BD0591C30CC947E1F627C0ACD70A136E04788C4A141BB274B86516D61AD58
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta name="description" content="In heel Nederland gaat een avondklok gelden: van 21.00 uur .s avonds tot 4.30 uur .s ochtends blijft u binnen. De avondklok geldt tot 10 februari 2021 04.30 uur."/>.<meta name="DCTERMS.description" content="In heel Nederland gaat een avondklok gelden: van 21.00 uur .s avonds tot 4.30 uur .s ochtends blijft u binnen. De avondklok geldt tot 10 februari 2021 04.30 uur."/>.<meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Avondklok \| Coronavirus COVID-19 \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Avondklok - Coronavirus COVID-19 - Rijksoverheid.nl"/>.<meta property="og:title" content="Avondklok"/>.<meta property="og:description" content="In heel Nederland geldt vanaf zaterdag 23 januari ee

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\avondklok_hero[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=10, manufacturer=Canon, model=Canon EOS R5, orientation=upper-left, xresolution=154, yresolution=162, resolutionunit=2, software=Adobe Photoshop 22.1 (Macintosh), datetime=2021:01:13 21:03:30], baseline, precision 8, 830x554, frames 3
Category:	downloaded
Size (bytes):	98251
Entropy (8bit):	7.745059467279069
Encrypted:	false
SSDEEP:	1536:oul4S0ypW+0P6hnUirAXNE/rzu3jkFSYmMfB3wwjqBYy9+bgYSk5:oul4SVW5CHUNETzwkFSliA9BTEbgtk5
MD5:	1E2C742A6289643D06E88E7D7AB508E1
SHA1:	575E3794F376DDE32E63B0EFD2A2DD5796B51339
SHA-256:	FE907BFC5ED096F002908D44FA3ECD25E451AB1FEB02E85EDCAF588C9907DB01
SHA-512:	E6AD7C9F66E4AFB42DFD943D19E6445729005AE9FBB006C0A4A492E4CCBE554B22653D26121AC754611A63FC4D09B1B3B1BA00F6C1D13620DBA827EBBB2694D5
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/header/avondklok_hero.jpg
Preview:	......JFIF.....,.,....#.Photoshop 3.0.8BIM.......C..Z...%G.........7..20210113..<..172738..Z..Den Bosch..e..Nederland..d..NLD.....19.....avond.....britse.....buiten.....corona.....coronavirus.....covid.....covid19.....covid-19.....donker.....klok.....s.nachts.....variant.....zijn..(.. ..P..Ramon van Flymen..U..Ramon van Flymen..g..427075918..n.$Hollandse Hoogte / Ramon van Flymen ..s..Hollandse Hoogte..x..Nederland, Den Bosch. 13 Januari 2020. Het is erg rustig in de binnenstad van Den Bosch in de avond. Het kabinet denkt na over een eventuele avondklok. Foto: Ramon van Flymen / Hollande-Hoogte / ANP......1:0:0:004690.8BIM.%........m N.[......I 8BIM.:....................printOutput........PstSbool.....Inteenum....Inte....Clrm....printSixteenBitbool.....printerNameTEXT..........printProofSetupObjc.....I.n.s.t.e.l.l.e.n. .p.r.o.e.f......proofSetup........Bltnenum....builtinProof....proofCMYK.8BIM.;.....-..............printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....C

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\collapsible-panels[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	737
Entropy (8bit):	4.6942994524433965
Encrypted:	false
SSDEEP:	12:2yTmIzXSPIUrnJi4hEHLHTaMeUFIY011ibTY+469uaBuaMCjUMU11c7QTY+43Pus:KAXSPIU4TY+nuuu11ccTY+cPuBbiu1gn
MD5:	44ECE5C9B5274C1E7FF2E3860E5F1867
SHA1:	64D624D819339BF108FDE04578BB20271BB87043
SHA-256:	463C73A52654C24219A7D110E8C0A3E8823084E52B9C7B6424D0B74A13917DC3
SHA-512:	755EC005300B1ED0D7A3E9C2403E20B58621DA67063059502C7124D7B9D48079820F92E631BE1CF4E982A7353924F2C702DDB528890E94FBBA2A787372EABE8D
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/collapsible-panels.js
Preview:	$.widget("panels.createCollapsePanel",{options:{open:!1,speed:400,easing:"easeOutExpo"},_init:function(){var e=$(this.element),n=e.find("button"),t=e.find(".panelContent");this.options.open\|\|e.hasClass("open")?this.expand(e,n,t):this.collapse(e,n,t),this.toggle(e,n,t)},expand:function(e,n,t){n.attr("aria-expanded","true"),t.attr("aria-hidden","false"),t.slideDown(this.options.speed,this.options.easing,function(){e.addClass("open")})},collapse:function(e,n,t){n.attr("aria-expanded","false"),t.attr("aria-hidden","true"),t.slideUp(this.options.speed,this.options.easing,function(){e.removeClass("open")})},toggle:function(e,n,t){var s=this;n.on("click",function(){e.hasClass("open")?s.collapse(e,n,t):(s.expand(e,n,t),t.focus())})}});

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\contact[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	18982
Entropy (8bit):	4.951131037586637
Encrypted:	false
SSDEEP:	384:VVHjaukOqWEHUw4EoEbeEthqKYEZ8RhfbaH40kH40mvH40mX5XNZzzYJ:VVHuvWijrLhq88Rhf2Y0kY0KY0mXrpz4
MD5:	EF540E59744D7CA3C64F87882DD784F9
SHA1:	CFD2AA785788141C9735B4FB9AD990DB586CB964
SHA-256:	44E87472A8CFE964EC3DB2A242E33A8F65F93B22CC39A2CEC817432FA695C235
SHA-512:	2D916BB8E739D25E2A69ACB2E1B5C3000DEBFA93D91F7A86B110F428ECC0504C47566590CF82F92D739EE21B4BC4F20741129F278F3CB5A1F9B61DC5D1C17FDB
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/contact
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta name="description" content="Voor vragen over de website Rijksoverheid.nl kunt u contact opnemen met het loket Informatie Rijksoverheid."/>.<meta name="DCTERMS.description" content="Voor vragen over de website Rijksoverheid.nl kunt u contact opnemen met het loket Informatie Rijksoverheid."/>.<meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Contact \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Contact - Rijksoverheid.nl"/>.<meta property="og:title" content="Contact"/>.<meta property="og:description" content="Heeft u vragen over het coronavirus en de maatregelen? U kunt dan terecht bij het publieksinformatienummer 0800 - 1351 (tussen 08:00 en 20:00 uur). Voor het maken van een afspraak voor een coronatest kunt u bellen met 0

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\cultuur-uitgaan-sport[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	958
Entropy (8bit):	7.665208359525332
Encrypted:	false
SSDEEP:	12:6v/7/6iSPSHYPdvZfxjS3qGPV0uCuglDfaFB+PykJw6WspGDGkpTiehBv6TH98z3:K6iPHYlPsBP/6le5kJgsQSG2eniTHQ7
MD5:	09FF59129DC72C9B2CEE339B19930025
SHA1:	EEA6C815155E3EED28450C8D9A393FC0265924DD
SHA-256:	BB3BD443C1F0DB3DB457A3D2818DFC463E5A384FCDECB54075FAA2E176838048
SHA-512:	0DA4F6ED705584BBE182E3A4A8EBD67EA9B02199C82A2846E629AC20EBB0DE7C57191C9134B1B43273B32C825B28D9386CD6AFAD82AD9E3985F4BE8008E64E5B
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/cultuur-uitgaan-sport.png
Preview:	.PNG........IHDR...@...@......iq.....pHYs...........~....pIDATx..[.q.0..r}.7h6.;A5.FP_.R...2.6.6.......<.z.W.!%Z?`X.w8.4!.....a$".ez.1wD.!b..$l.-.X.(...........S..<%.mN...a(..N.m.S.( ..98...5...c......+......<aDl.q......%.r.Q=...h..9J`..;.q)M.M.....F..p.r..........q........,.........j!SC..........k.v..L.....HV.~5%(.@?b.'..\.[7...$..Ld....O.h......i.-..r......i.?J#..F.v.}`_.JD..v.jP.+A...7r5...N.NqL..0....Y..Z..>.N.+.\|....#......Y)?\+...6...........Ok...H;#.@.S..E,..=.....{.......-`.}6.c}6%m..)K".%m.\..,.!b....\.-r.J..p..C..O.lJ9-........G.....nF....w............#}7.....a....qv.j....\|.1d..W.......e....}G..;......Rd....\........&cxL....m....,.......#;..X".....-..$.=%;....]....<. .:hM..>oa..s.....M:..er.D.v.i.}).jD...ON57...-J>bb.......C.p.y.M...%.R.."e.^..}!.h.;.I9.)K>.".....@.(..$.-.I..S.I....B."#......$7o..l-o/..A?+R.1..z~.......e...sE.....4.w.P..}._...........d""....(J.a.....u....]...EG.....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\documenten[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	54994
Entropy (8bit):	4.60724486549776
Encrypted:	false
SSDEEP:	768:SaWO+ht6UtWwalPSrszPW7mVUnMxXwCiBO7VoRspzYJ:ZXrPSrsy7Yzi2VoOYJ
MD5:	CD11928F30FB3583BE7A9488FDF015D3
SHA1:	95E7D85D906E89AA93C6162D40037D9CD0339E37
SHA-256:	58EEEADDD6E00224087F11936AE6625D697EE02570B4D1379DFE6E94FDA53263
SHA-512:	151CB3E3EF9CE83DF1BB0B61D9F1E49EF5FA7629A0AFF0AB3D651DB394DC60FBA97E0B8174C605BFA681525393DCC1B29CA14C7A33AFAC1E45BAB4421B47A047
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <title>Onderwerpen \| Coronavirus COVID-19 \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Onderwerpen - Coronavirus COVID-19 - Rijksoverheid.nl"/>.<link rel="alternate" href="https://feeds.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten.rss" title="Documenten via RSS" type="application/rss+xml"/>.<link rel="canonical" href="https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten"/>.<link rel="next" href="https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=2"/>.<meta name="viewport" content="width=device-width, initial-scale=1"/>.<meta name="DCTERMS.language" title="XSD.language" content="nl-NL"/>. <meta name="DCTERMS.creator" title="RIJKSOVERHEID.Organisatie" content="Ministerie van Algemene Zaken"/>. <meta name="DCTERMS.identifier" title="XSD.anyURI" content="https://www.rij

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\jv-dv-20181220-id0i0q33x-ondertiteling[1].srt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	3379
Entropy (8bit):	4.847424360375029
Encrypted:	false
SSDEEP:	96:X9xhiHxGa9sgAQhL3eXoiXX32Wkc/KZryAVPoUpUc9bgC0e:X9xwRVsgAkL322YSZGibgpe
MD5:	332722E51B84D0272EDC2DD335335BB1
SHA1:	23C8579179A1F95E1EFB76DE6C32EF74A3065FDB
SHA-256:	B968F7DADA801B99472FEBDA8A9B4ACF3EB139E9C59235408A6330724226F7E5
SHA-512:	30774553777E5A3B32008FA861A1C75853D0454375F1ED1BDA1D352B64828611F84B605992B503DF5C7FAA6D853803204E87B2F6A4D5C05FE4B755DB6A4C457A
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rovid.nl/jv/dv/2018/jv-dv-20181220-id0i0q33x-ondertiteling.srt
Preview:	.1..00:00:03,440 --> 00:00:06,440..Ga je mee, Jack?..Kom!....2..00:00:08,840 --> 00:00:12,560..Ik haal even een dossier op bij de planning.....3..00:00:13,160 --> 00:00:14,640..Aan het verbouwen.......4..00:00:17,320 --> 00:00:18,760..We gaan nu naar binnen.....5..00:00:18,760 --> 00:00:20,640..Daar worden de voetgangers gecontrolleerd.....6..00:00:20,840 --> 00:00:23,560..We komen steeds meer drugsafval tegen.....7..00:00:23,560 --> 00:00:26,960..Alleen ik al honderden keren per jaar hennepafval.....8..00:00:26,960 --> 00:00:31,400..Arbeidsmigranten tot prostitutie.......9..00:00:32,280 --> 00:00:37,200..Zodra hier een melding binnenkomt via 112 ..willen we als eerste weten waar iemand is.....10..00:00:37,200 --> 00:00:39,440..We willen weten wat er aan de hand is.....11..00:00:39,440 --> 00:00:43,000..Zodra we dat weten gaat er al een alarmering uit.....12..00:00:43,000 --> 00:00:46,200..Je leest iemands verhaal, je kijkt of de identiteit vaststaat.....13..00:00:46,200 --> 00:00:49

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\magazine-jenv-5-2019[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop Elements 14.0 (Windows), datetime=2019:03:28 09:31:28], baseline, precision 8, 800x533, frames 3
Category:	downloaded
Size (bytes):	103720
Entropy (8bit):	7.901801355308374
Encrypted:	false
SSDEEP:	1536:bNeRgveRT3LI1R07egFY9wtTUl7YgGU2CykS8e7LRVBjKGlYRog91BIRxDXm1MG:bgRbRTf7egjTU1xGUfyjdaGlYRF1MpG
MD5:	F52BE53C0139499B98E4786413C6C26D
SHA1:	F8F1038BD8427CFB1FEC9B4933CF1682F7E11DBE
SHA-256:	F6756AA631706707EB23C100CEC54FAC2A31A12BFA260AC5A66E1E8D28D5A9E8
SHA-512:	F9FD7282E19A19CB6A01A450F08815ED0670E96671D3C6517D26CCEEABFFAC516BBD081F91516E8F4D92CE97E93B9C68749CD77F9BEFCCEAFECF7F2BE051FC24
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/ministeries/justitie-en-veiligheid/magazine-jenv-5-2019.jpg
Preview:	......JFIF.....H.H....$.Photoshop 3.0.8BIM.%......................8BIM.:....................printOutput........PstSbool.....Inteenum....Inte....Clrm....printSixteenBitbool.....printerNameTEXT..........printProofSetupObjc.....I.n.s.t.e.l.l.e.n. .p.r.o.e.f......proofSetup........Bltnenum....builtinProof....proofCMYK.8BIM.;.....-..............printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o..........Bl doub@o..........BrdTUntF#Rlt............Bld UntF#Rlt............RsltUntF#Pxl@R..........vectorDatabool.....PgPsenum....PgPs....PgPC....LeftUntF#Rlt............Top UntF#Rlt............Scl UntF#Prc@Y..........cropWhenPrintingbool.....cropRectBottomlong........cropRectLeftlong........cropRectRightlong........cropRectToplong.....8BIM.........H.......H......8BIM.&................?...8BIM...........Z8BIM............8BIM..................8BIM'.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\paging-menu[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	350
Entropy (8bit):	4.964936724886392
Encrypted:	false
SSDEEP:	6:L2C5hIpAzZtuz7ALxRHKjhlD/rnwt6NeBPqKa951NdVlqKagD7VlqKaupfrGYf:L2C5KuomRQl7rnm6NiPq9951Ndq9uq9A
MD5:	A56DAE07C4D7FEFFCC291EEAD0260548
SHA1:	2BF056F2C550C3CFC5BDFE55363F3F039655A2FE
SHA-256:	4319E43CE717A1AD21C9B814A0211DA7F9580FAC830B7B75F7EB05A2F805398B
SHA-512:	2B08B77449873556C4D8D56F116D68B5BEEC52930096DC588E831FF15A4DDA2C83A3B8FAC9BD0330F993FA36AC91CF6A4A239798C92EFCAC1C0F8AA84C4918BF
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/paging-menu.js
Preview:	$.fn.pagingMenu=function(){var n=window.innerWidth\|\|document.documentElement.clientWidth,e=$(".paging__number:first"),g=$(".paging__number:last");n<375&&(2===$(".paging__number--dot").length?e.next().remove():(g.hasClass("paging__number--dot")&&g.prev().remove(),e.hasClass("paging__number--dot")&&e.next().remove()))},$(".paging-menu").pagingMenu();

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\piwik[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Informatie%20van%20de%20Rijksoverheid%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=956961&h=9&m=36&s=45&url=https%3A%2F%2Fwww.rijksoverheid.nl%2F&_id=b90b13402c4c6b2f&_idts=1611563785&_idvc=1&_idn=0&_viewts=1611563785&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22-%22%5D%2C%223%22%3A%5B%22type%22%2C%22homepage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22fb90d6cd-af1f-4e99-810f-58f024dea98c%22%5D%7D&gt_ms=3&t_us=81&t_ue=81&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=74&t_as=76&t_ae=77&t_dl=76&t_di=257&t_ls=257&t_le=257&t_dc=271&t_ee=296&pv_id=0VQBsG
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\piwik[2].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Formulier%20'Werkgeversverklaring%20avondklok'%20%7C%20Formulier%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=100983&h=9&m=36&s=50&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19%2Fdocumenten%2Fformulieren%2F2021%2F01%2F21%2Fformulier-werkgeversverklaring-avondklok&_id=b90b13402c4c6b2f&_idts=1611563785&_idvc=1&_idn=0&_viewts=1611563785&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22jenv%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%7C%22%5D%2C%223%22%3A%5B%22type%22%2C%22leadingpage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22e9134736-1ad0-4f21-af21-2ec5462efa72%22%5D%7D&gt_ms=2&t_us=35&t_ue=35&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=30&t_as=31&t_ae=32&t_dl=31&t_di=193&t_ls=193&t_le=193&t_dc=204&t_ee=235&pv_id=MivDE0
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\piwik[3].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Abonneren%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=068467&h=9&m=36&s=59&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fabonneren&_id=b90b13402c4c6b2f&_idts=1611563785&_idvc=1&_idn=0&_viewts=1611563785&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22-%22%5D%2C%223%22%3A%5B%22type%22%2C%22webpage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22f4f07141-bfea-4154-aa70-7820927185f7%22%5D%7D&gt_ms=3&t_us=37&t_ue=37&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=31&t_as=33&t_ae=34&t_dl=33&t_di=247&t_ls=247&t_le=247&t_dc=260&t_ee=277&pv_id=vx6JtJ
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\ro-icons-2.1[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 5168, version 1.0
Category:	downloaded
Size (bytes):	5168
Entropy (8bit):	7.891397020043798
Encrypted:	false
SSDEEP:	96:DYPa98RfYDiswwUf72y7N3jXY+YTFpGK8KIN9u3P4vH9gb0FBWGrPJn:DYPImQzwFz2y7VjXpunGIwcv4WG9n
MD5:	34CA51368BDF14CDC485DE2FA5B56FD0
SHA1:	84B4D157138205EEE33F58C44F035FFA1E5E5D8C
SHA-256:	9218D8DA614CA0EB2B009FCD75306EBCDDF22FBB9B300BE908AD6F556D55441B
SHA-512:	C68D8022965E3FD7523E05622CF30096032D6F72F77C2FF20DA1CFB303F991CE5B150C3A12D0F70B6EE7FD0238E261E72F9A13574679E8C442CE0A12EDE7ECB0
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/icons/ro-icons-2.1.woff
Preview:	wOFF.......0.......8........................GSUB.......;...T .%zOS/2...D...B...V@O.cmap...........F....glyf...\|...J........head.......3...6.E .hhea...........$....hmtx.......K....~...loca...h...H...HW.]6maxp........... .5..name.......2...F..Z.post.......)......q'x.c`d``.b0`.c`rq..a..I,.c.b`a...<2.1'3=.......i. f....&;.H.x.c`d..8.....y?.....................+.HsMapx..J..%.....d..#H.......x...In.@.E.[6&..}... K.2.8k.M8...t(Q.+..z@7\|...7...8M.y.A{^...e.N......W.c.xV.{'.).\.DE?..R3b.)3.,X.b.-;..8r..+7.....Z...w..o.&.+..M.&...i.i.6.(.,.C...M.........uya..4.[....6.z[C.....P.`.w4.;......zWC...^c..l..b..j..f..n.w7._..T.x..Xkp..u.s....}a..x.K... .. ^.. AQdDQ.....e.jY...k[...8.k'r..q.&.Q..ib7.j2n.Lg....q<.3M..u.t.t..D..D.{...r....{..{.9.;...lmmy.G.G..d.&H..W.@.B@.+.4....[...u...{....Rj!..84...H.I.)8Ei..}h.!.\....{.>$.......B2.='..M...Y..1.ai..f..1a..3f..4e.\|.7...1..J;.Y.....o.C......sm:Ov...b..p.U.j..m..6d..z.a.....=...nQ.$........+..#....o.{.>...7Sg.M.....E..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\rop-survey-bar-and-ergo.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	6598
Entropy (8bit):	5.152596769487846
Encrypted:	false
SSDEEP:	192:9RWdlO52vbCvQNdYLdJTQ9il9fhBXIx98el4s:9RWdlO52vbCvQNduMgqP8el4s
MD5:	DF7403C355C8458E9464E9A7F876D5AB
SHA1:	A38DC318BBDD0144AE968703C30DEAE29C290A09
SHA-256:	B2C9229A212EFC384FB30973542CF340CA08ADEC70F8B5E014BABCAF99B0C548
SHA-512:	167A2FD43912FBB3F11B456932FA95385F9F9E201FFBBB2E056BAAD8A19D6A8339A4BEB2CD61D9933DFD36790C8E01BF06F5A936705D80669218C9523B51F691
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/assets/rijksoverheid/behaviour/rop-survey-bar-and-ergo.min.js
Preview:	var pageFeedback={initiated:!1,showOnPageTypes:["webpageextended","webpage","faq","governmentalproduct"],hideOnPartOfUrl:[{urlPart:"actueel",location:"last"},{urlPart:"actueel/nieuws",location:"last"},{urlPart:"actueel/nieuwsbrieven",location:"all"},{urlPart:"actueel/agenda",location:"all"},{urlPart:"ministeries",location:"first"},{urlPart:"regering",location:"first"},{urlPart:"documenten",location:"all"},{urlPart:"consignatiekas",location:"all"},{urlPart:"wetten-en-regelingen",location:"last"},{urlPart:"coronavirus-covid-19/ondernemers-en-bedrijven",location:"last"},{urlPart:"coronavirus-covid-19/zorg",location:"last"},{urlPart:"coronavirus-covid-19/ouders-scholieren-en-studenten-kinderopvang-en-onderwijs",location:"last"},{urlPart:"coronavirus-covid-19/verkeer-vervoer-en-reizen",location:"last"},{urlPart:"coronavirus-covid-19/werknemers",location:"last"},{urlPart:"coronavirus-covid-19/openbaar-en-dagelijks-leven",location:"last"},{urlPart:"coronavirus-covid-19/coronavirus-beeld-en-vi

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\thuiswerken_corona_header[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x313, frames 3
Category:	downloaded
Size (bytes):	49253
Entropy (8bit):	7.978010624114917
Encrypted:	false
SSDEEP:	768:er3aiUeiPVJ/t+JUEaaXVV1CDBHKblrvGmrdojBQ6C4CdG+Dosv1uM82L+l+YXxg:tH/kJUEaaFVwKdv/d064oPUMR+ln15kN
MD5:	54E0851797E06D8DF79AF60237EFD31A
SHA1:	0457074A696063AF3F2EF380AF5E6E4F47C5070B
SHA-256:	4D6DB3BC5F976E8B1B7DC18FCEAA58F02616013E4AA9AC17C09C5298EDD29934
SHA-512:	4570BE4E21814758B36AE05735C4DB309F1EBB7384D784315C18679522881BAAD3FDB9B3D9834FA9118012801EBD67667A03E9B4F3CFBD68DD3375FC1307E8CF
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/large/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/header/thuiswerken_corona_header.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......9...."........................................R.........................!1.AQ."aq.2...#3BRr...$4bs...%56Cc....&S....Dd..TtE.u.................................-......................!.1.A.Q"2.a.Bq..3.$..............?..d..b.4.. ..l..AvB..'L.H.....K.\|P..W.R....\|f.DZm\|.\|X..m+.SS^....!..)j..0.GR...q.3V.sM2.....h.9.R.s....J.S5.%..........+?yE.J.>A3K..E.}<U`..S..lpcF.#..6[.....<..t._xx..........e.m.8x.........s.EU{...&.t.V).g.2....$.Y6..,u.a1... ....j...-0/..@...d ci.......L...F.V....S...BW........m.tV ..i.. ....O..7Cz..6P30.l...t.M{.$nm...R..,y9U.!.W...m...8....F.q_...r....cVQ.....r~..'....[.U...\|.C.g<..#=/...6.h[.E.......7K..SbX.%.5Os......:b[..v.R4r...3qm.W...K..p..tmk..r...\|.#..(v..ENltv.x,@...;c..A2.I.}.hi...5......WFg`{M.'e..@".a.B.j..jj\Z...I.WE,.:6TE'.#..T...... .<...c.....+.#F

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\topic-list[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	401
Entropy (8bit):	4.765987664274307
Encrypted:	false
SSDEEP:	12:IMI7ee3nlN/H8YVEpASSX4aGhFGDNNh3/NwEHmB:jI6efH8+SSXrGhFGDNNhvNwEGB
MD5:	EDFB27E99A504C23313634109CFB11D3
SHA1:	8970A15766E8024C7B98F3A779B896DFDCA4DC81
SHA-256:	5EA7D64E8CB171BB7A1C9B8D3F09C1E63E0E4B8985411A2F8EAB053967115F42
SHA-512:	ABAAD0A971A087A6D1B98F5606E310AA7A118B776E163976563D07F249890D1068696321E8EABAF805F135FE0159BEA943E8E68AD7E9D4BB49F1FD59D94CF9A7
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/topic-list.js
Preview:	$.fn.collapsibleList=function(){$(this).hasClass("alphabetical")\|\|$(this).find("h3 a").on("click",function(e){if("mobile"===Core.viewport\|\|"phablet"===Core.viewport){e.preventDefault();var a=$(this),l=$(this).parent("h3").next("ul");a.hasClass("panelOpen")?(a.removeClass("panelOpen"),l.removeClass("panelOpen")):(a.addClass("panelOpen"),l.addClass("panelOpen"))}})},$(".topicList").collapsibleList();

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\uitgelicht-covid-19-financiele-regelingen[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x320, frames 3
Category:	downloaded
Size (bytes):	21995
Entropy (8bit):	7.965777973548672
Encrypted:	false
SSDEEP:	384:KfsrPq0k8ygwb4QtjklddOVydzQh+bEmPUuGsWyXQ3SS9lAhSiJfmlWqkx63YR9G:jP9ygwb4Ljdwydsh+Q3QCo9YlZ13YXy/
MD5:	E0D74EDCBF6A6707EDD6991FCC408EC1
SHA1:	D7F4B406DE5884AE2476D00F0609DBC78E3ADAD8
SHA-256:	11C8280C2D61D52036807AEC69E714B5D7D410838D12618332D4FE12FF0E963B
SHA-512:	89FFC9A6B9BB519EEF7021F3D0E6EEC8FD8A30EC3F5758ED1A48CCC000A473E5841B696917C19B2683EB5EC9E97545634B9ED92D7E5F0D50CB7BE6547FA70932
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/uitgelicht/uitgelicht-covid-19-financiele-regelingen.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......@...."........................................U........................!..1."AQaq..2......#Rbrs..$3Bct...%&46Cd.....5DS......EU.u......................................................!1A..2Q"a..#Bq3R.............?.o..\|...3.ep..F.s...k.%&..S8.."c......+...N..5T....;t.q.Y].1...>nU.0c:.'..J.-m.o..D.]..(......~n;r..W.7...Xa,..K.O.xc...v.u....V.-!..s.i..w....62.....sn.T.....4`sz...W.{..^SY.(...[......\....1...'.WY.?...n..S...C._.q..:.D....3.........q. .o.I.....I;.#............/.7F~R.Y?.Z}.d^.^..[G{&.aS.m..6.J..$........M...E+....oj..A...r....H......r..q....j..........V.]..y..I....L..{.S.uE..9.=Z..q9F..F...N............Z..\...4r....b.SXn......?j......^.f..)...A.w\...c...~J..,u=.)p.....N:$...CE..vtk.....5....H.dn&<8.@8..Ml..^.-...... ...H.D..PC( ...,....$....A....@........p....."!+...#.)d"..#..'0..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\wij-doen-het-zo-uitgelicht[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=13, height=2825, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=5000], baseline, precision 8, 830x553, frames 3
Category:	downloaded
Size (bytes):	102489
Entropy (8bit):	7.9095441122115275
Encrypted:	false
SSDEEP:	3072:t1Mke1MkKT2d6y8K2XC3AAectVf0Oh/vc/qWv9De0N2jR2qV:R4KNRhXljk0O10f1DkV2qV
MD5:	BB442411060615F45860100F4435F477
SHA1:	28F5FBB2F89B55E9488DDC028703F345263DF631
SHA-256:	A48958F0DAFA3312232CDA743A2062C0E56D115E8EF7D15D1D554D16F2C09365
SHA-512:	70DC8B494B729F9D5DBCE8CF364DC05F71722E9F0DE46FE1CCA0DE7A2CBC032B1B626E755A69C712E562E6CFD058F4F852CA8C913DA765798E966B93F88D0D4F
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/uitgelicht/wij-doen-het-zo-uitgelicht.jpg
Preview:	......JFIF.....,.,....&nPhotoshop 3.0.8BIM.......o..Z...%G..Z...%G.........P..Lex v Lieshout Fotografie..7..20200923..<..153043+0000..>..20200923..?..153043+0200.8BIM.%.......n2c.9..t.pi0..8BIM.:....................printOutput........ClrSenum....ClrS....RGBC....Inteenum....Inte....Clrm....MpBlbool.....printSixteenBitbool.....printerNameTEXT.......8BIM.;....................printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o..........Bl doub@o..........BrdTUntF#Rlt............Bld UntF#Rlt............RsltUntF#Pxl@r..........vectorDatabool.....PgPsenum....PgPs....PgPC....LeftUntF#Rlt............Top UntF#Rlt............Scl UntF#Prc@Y......8BIM.........,.......,......8BIM.&................?...8BIM............8BIM............8BIM..................8BIM'.................8BIM.......H./ff...lff........./ff...............2.....Z...........5.....-

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\0045-filmend-persoon[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1813
Entropy (8bit):	4.758908553620278
Encrypted:	false
SSDEEP:	48:cWAiMrec2XwDOKq8fOpISN2OoHY/Tbpgo/QU/Lg:yzqT8OKROuSZx7bfPLg
MD5:	ADA6F8259DFBDC4F2C3384CBF5FA9F41
SHA1:	9A02987B5CFAF546B4177760EBE8BC69F5DF2387
SHA-256:	0A29197E777D924A283A905AFD791B230677FB373C61048F205BB59B99F8F7C9
SHA-512:	E73168042CA116A65E90B1723BF3BCBA3325BAEE3E14179849EE1DC6B907D3F6E06EE55E26CE99D41E1989F269AEC17A69EAAE30988F9AE1AAAC30A2C97B05CB
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/0045-filmend-persoon.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 23.1.1, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" style="enable-background:new 0 0 64 64;" version="1.1" viewBox="0 0 64 64" x="0px" xml:space="preserve" y="0px">.<style type="text/css">...st0{fill:none;}.</style>.<g id="Box">..<rect class="st0" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<path d="M31,27v8c0,1.1,0.9,2,2,2h13c1.1,0,2-0.9,2-2v-8c0-1.1-0.9-2-2-2H33C31.9,25,31,25.9,31,27z"/>...<path d="M52.6,44.1c-2-2.2-7.4-4.1-10.5-5.1h-3.8c0.1,0.5,0.1,1,0.1,1.3c0.3,3.5-3.6,7.3-6,9.1c-1.5-1.1-3.7-3-5-5.2 c0.3-0.7,0.5-1.4,0.6-2.2H28c1.1,0,2-0.9,2-2V27c0-2.1-1.3-3.9-3.2-4.6c0.3-0.8,0.4-1.5,0.3-2.3c-0.3-1.4-1.1-1.9-1.6-2.2 c-0.6-0.3-1.1-0.2-1.5-0.2v-1.5c2.1-0.2,6.2-0.8,10.8-3.1l5.2,3.5V23c0,0,0.8,0.1,1-0.8c0-0.2,0.1-0.7,0.3-1.3 c0.2-0.1,0.6-0.3,1-0.1c0.5,0.2,0.8,0.9,0.8,2.2H46c0-0.7,0-2.7-1.2-4c0.3

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\2053-fysiek-archief[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	951
Entropy (8bit):	5.341000860458318
Encrypted:	false
SSDEEP:	24:2dNqAiELZK60yVJdRb60yGTlRI0rcxYC9wTRlQRnuM:cQAiMo6b5AkI0rqY1Twz
MD5:	BE191DC76C0A41A12DA0D879438589A9
SHA1:	D978E790431C96D097A869049F843010D4B9CC32
SHA-256:	794940C33E8EB7F6917EF41F1A659D5CA57BB8738D6D460045C099600E258245
SHA-512:	7003DD4DFCE3709F4D769A236A7E44FF521E6FAD4710A1CF7594CCA55A8CB9E065A5462CB86671265913E012F800729F107058C954F054704320D344BB0C8494
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/2053-fysiek-archief.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 19.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="_x36_4px_Box">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<path d="M7,23v33c0,0.5523,0.4477,1,1,1h48c0.5523,0,1-0.4477,1-1V23c0-0.5523-0.4477-1-1-1H8C7.4477,22,7,22.4477,7,23z M25,30 h14v7H25V30z M42,50.5c0,0.8286-0.6719,1.5-1.5,1.5h-17c-0.8281,0-1.5-0.6714-1.5-1.5V47c0-0.8286,0.6719-1.5,1.5-1.5 S25,46.1714,25,47v2h14v-2c0-0.8286,0.6719-1.5,1.5-1.5S42,46.1714,42,47V50.5z"/>...<path d="M51,16H13c-0.5523,0-1,0.4477-1,1v3h40v-3C52,16.4477,51.5523,16,51,16z"/>...<path d="M46,10H18c-0.5523,0-1,0.4477-1,1v3h30v-3C47,10.4477,46.5523,10,46,10z"/>..</g>.</g>.</svg>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\4012-verpleegkundige[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	2327
Entropy (8bit):	4.729396180383936
Encrypted:	false
SSDEEP:	48:caAiM36b1AoAezQnjrd8IYJbePeqB4+kedSs2k9zGb/fNKzA:azqRtzQnjrd8/CPtBNG7FKc
MD5:	B42DB3B35A2E426756394E16882C81E1
SHA1:	1D52A4BAA182D38BB3AFF9B1EB8ADC5B7E8BC4B4
SHA-256:	0FC0EACDEAC56B932E5F3611C835F4DA227B9C84811D9F695F75A7F4B64D037B
SHA-512:	42AB5B06A5235AFFC660AD87B92A28669B34D1F2646A09CC95FDB33C812B763A576757B9D50C44DA0FA6A4BB8CC0DB6B19B826D4779CFA63F6EBED7E7DBE584F
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/4012-verpleegkundige.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 17.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" id="Layer_1" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="_x36_4px_Boxes">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Production">..<g>...<path d="M51.2886,45.2578c-2.4563-2.5671-9.2193-4.1663-11.0196-5.6074c-0.0018-0.0156-0.004-0.0333-0.0059-0.049 c-0.0965-0.8401-0.235-1.8577-0.3792-2.8415c2.0215,0.2135,5.0197,0.5701,6.9231,1.2385c0.375,0.1318,0.771-0.1191,0.875-0.5381 c1.0144-4.1027,1.8078-8.0523,1.8078-12.2415c0-7.2238-2.6247-14.9078-6.6863-17.7604l0.1899-2.1381 c0.041-0.4497-0.1152-0.8877-0.43-1.2036C41.3973,2.9526,38.4742,1,32,1c-6.4743,0-9.3973,1.9526-10.5659,3.1187 c-0.3123,0.314-0.4685,0.752-0.428,1.1997l0.1944,2.1863c-4.6627,3.6752-7.6941,9.95-7.6

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\8012-reisbagage[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	961
Entropy (8bit):	5.227523911835233
Encrypted:	false
SSDEEP:	24:2dNcNAiELZK60yVJJRb60yGqHZJZ9oOCvnCReh6ixsQK5T7anG:c4AiMo6b1AnZK90JacqG
MD5:	6FD74E13DD3369F306B5D369594E57BD
SHA1:	B5E797872BBCB082BB50946A10431D3FF9B7CA9D
SHA-256:	4F1A94D140192E6083AA2964538F517318CC9B7D7A4EB7D5DAF1C3B0BE029EF7
SHA-512:	F6B76EBC5877C3FEF431D33EB69D945375A6A6BBCCD7A063D7FDD4FA6E506D26896CC489E4AE97272354BB5E7D84F6B46323FBE045943263EDA84D5B034EA9B4
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/8012-reisbagage.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 18.1.1, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="Box">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Icon">..<path d="M55.3329,22.994C55.1681,20.7866,53.2013,19.0002,51,19c-3.6667,0-7.3333,0-11,0v-4c0-2.2056-1.7939-4-4-4h-8 c-2.2061,0-4,1.7944-4,4v4c-3.6667,0-7.3333,0-11,0c-2.202,0-4.1681,1.7866-4.3329,3.994c-0.625,8.6594-0.625,17.3526,0,26.012 C8.8317,51.2134,10.7983,53.0001,13,53c12.6667,0,25.3333,0,38,0c2.2014-0.0001,4.168-1.7866,4.3329-3.994 C55.9579,40.3466,55.9579,31.6534,55.3329,22.994z M22.0013,34.5024L16,31.5018l3.8897-7.7794L24.0017,23l1.8893,3.723 L22.0013,34.5024z M36,19c-2.6667,0-5.3333,0-8,0v-4h8V19z"/>.</g>.</svg>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\RO-SerifWeb-Regular[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 97062, version 3.0
Category:	downloaded
Size (bytes):	97062
Entropy (8bit):	7.99494849002823
Encrypted:	true
SSDEEP:	1536:DRUCAGqFHjh1GLAEVjwMWn0Xj3uSZ6N404unMYrzF7AYqAe67X/g6GpHbjlklMr4:S7ljyBw50z+SAN40TnMyFMYqAe0O7pk/
MD5:	5AB4F20384346FD9FF46B662E4196F86
SHA1:	3D8D7B29AC8A997E5138F17ACD7CC24A8497280B
SHA-256:	55D2C25ABDD0F5D8BAE058C9E3CF6CAA090A286CB210F47D0D0D123DC77BD96B
SHA-512:	306FFF974AF3F0A356BC058343ADDA10B077A28279D457BE2B4798CA475BD2FCF23BBF4AFEE6950340E75B8F8858E17EB1C7F04F2494627CEA9DA230242DF7E7
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/webfonts/RO-SerifWeb-Regular.woff
Preview:	wOFF......{&..............x....&...r........GPOS..o....l...../.[GSUB..w....u....ujv.LTSH...$.........b!OS/2...$...I...`c.x.VDMX.......r.......gcmap.............BEcvt ..,..........'.jfpgm..)........a.;..gasp..o..........z..glyf..1...4...7...5,hdmx...\...t..B..R8.head.......6...6.>1@hhea.......!...$...xhmtx...p.......t.H5.loca..-4...Y...x...maxp....... ... ....name..fx...e....$#..post..i....%......pprep.........................G_.<..........H@...........................x.c`d``..w........1.b.. ......r..............c...............'....x.c`f\|.8.......).....B3...,.`gB.....080(.fbz......oF..... 9.;L5@.......'...x..MH.A....<o...[.....*+.n..Yb...Td&v.:t(. . :H..K..%...M.....t.K..%2...L.4....h....~<.3..<.!...J..^..>...?n%.w;.E...s\|.6.T(.^c..q...c.........;R...x......."......i.j.A.Q..".....[I.^V..g.YxS.^f.+.....W.(\|..~.Y..>7...a...5.G...Y.!.>..{.F..7......cnJ..X...J.g....B~..9..+C..;.Z..y.q.T.?.a.. F.FYR..Wy.IM._jL.g...N.ru....y.9.S.^e.M(5...._...^.X.....@.....(.......5.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\abonneren[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	10782
Entropy (8bit):	4.9703975708926285
Encrypted:	false
SSDEEP:	192:q9JG8ukOjA2AWL3HUPEX8G7eYb+qblzMVsqE5ZzRxYJ:T8ukOqWL3HUMZlAeHZzzYJ
MD5:	33E1CE9EFA75B7843AE6508D08291E66
SHA1:	171EA61A4ECC7CF4F06E0528269B4B0D2932F385
SHA-256:	DCD15892D9FE65F39DA6EC45D2766521C0A223CEB6687016D131F77EDC45A8A9
SHA-512:	4DCAF9F5B11317E6CD3889D38EAE0C0220D7B9A93195AAB4B5F9866F8CC5933FB83D4FA57882AD88AB08C17CA88C3761D95E23CEEE6AEF3DED9F2873354B63B6
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/abonneren
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Abonneren \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Abonneren - Rijksoverheid.nl"/>.<meta property="og:title" content="Abonneren"/>.<meta property="og:description" content="U kunt zich abonneren op de e-maildiensten van Rijksoverheid.nl. Abonneren kan op twee manieren: Abonneren op e-mailattenderingen Abonneren op nieuwsbrieven"/>.<meta property="og:type" content="website"/>.<meta property="og:url" content="https://www.rijksoverheid.nl/abonneren"/>.<link rel="canonical" href="https://www.rijksoverheid.nl/abonneren"/>.<meta name="viewport" content="width=device-width, initial-scale=1"/>.<meta name="DCTERMS.language" title="XSD.language" content="nl-NL"/>. <meta name="D

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\brexit-uitgelicht[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 315x210, frames 3
Category:	downloaded
Size (bytes):	11210
Entropy (8bit):	7.9194407081712255
Encrypted:	false
SSDEEP:	192:Ur0YTeYMZH5RPj5Twhym2iUFEYQvTILbFCRIRb0L1SGLfsRXhG7xwEIQiTG:STe9ZH5RPj5TsyfLQWRC8ssGMhG/I8
MD5:	C0DC6D76D9C6ED1B82925BBACFAFD7C9
SHA1:	78CAA2AD947FC7144BEF94B5DB0676887F3F2E40
SHA-256:	4749B750B99AE3103283435DFEEDEF56D5F6DCFA57058F669E35698237C6A246
SHA-512:	F737CB3C708A156F012FD8794AB997508CD64B2C7E7980851FD24AD130E13A1BD622F765D5F68C68048FBDAED3B2764CF439650E23219BAD96D94E1A8EB9AC44
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/onderwerpen/b/brexit/brexit-uitgelicht.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================........;..........................................:.......................!1.A.Qaq....".....2B.#.Rb...$.%.................................)......................!1..AQ.."a.q2B...............?...R......,.H..H.@H.H.%Zv:.....I.#A.....Od".I.+E.?......h......@7h... ..@..(..d.T.@v..H....R.\.U ,(..........m..O.7lf.XJ.H!+)...e-..t....Gh.,.ZE...)..v.i.BV4.8@.K=.".[.;W......% a@.....%i.A...@.:..Z.5...E......X)1.....r.&Z..D..L(.i.....P)..).M..H.+.E..K.^...H.....4....@.@...$.hP.d....5H7...F.0...... M..v*!....J...h.......=+8h.....aD.h.... (`......B....C....:...R9.....(D]..CGJ..@...,(.i.B4....4.. ...tB.T...(V.C)2..H.l....../EDk..4N......%c%.c..`........Q...B..KV'. ....JE..8.H.).D.........{....Z.D@.'hBl..@%bLi..N.7.D.j.J.@..I...m:E.....?.i1]t`C...@.L.A..(.V.6<......{..... .o.N.Z..d.......Az.@.H..;xH...Q...H6..!...@....&...Zb!..- .ZG..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\cnt108108108pre[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	1588
Entropy (8bit):	5.312711930573112
Encrypted:	false
SSDEEP:	24:qQqBJOYHpT+EeGI/xsgnj+kd6UTmom2fE6o2gsgnGgsrmJMENBAeAv0M9UA8:nqBPJNeGIxljdd6AmR2/glGgYRLfv8
MD5:	4BC3E7D220FC4BF15C6A2DB817C6C80D
SHA1:	CB4562FAB68F6A86C065DE28FCC36BE8F51BC961
SHA-256:	5B339DBF9E3D74B66AFA8580CD11ECB07E5F002DF54D3BA3D4A2C70A7E33BF10
SHA-512:	D300084B3A36CD93303BBAB248A783438497B43F021B9956AEE0C60823425157C411F280F783CE7D20D187E6ADB59D5DE6B87BCB849B07F3189157FAC37B079B
Malicious:	false
Reputation:	low
IE Cache URL:	https://onderzoek.platformrijksoverheid.nl/CnTMVC/pub/108108108pre/cnt108108108pre.js
Preview:	//Rijksoverheid.nl 108108108, fileId: 108108108pre, version: 20210122-152753.(function(){if(!sessionStorage){return}var g=window.location.host.indexOf("a-")===0;var f=[];if(g){}else{}var e=function(l){for(var m=0;m<f.length;m++){if(l.indexOf(f[m])!==-1){return true}}return false};var c=function(){var l=sessionStorage.getItem("ErgoCnTSessionSelection");if(!l){l="undetermined"}if("P"==="O"){console.info("CnT PREselectionscript: fetchCurrentSessionSelectionStatus="+l)}return l};var d=function(m,n){var l;if(m!=="include"&&e(n.pathname)){l=1;if("P"==="O"){console.info('CnT PREselectionscript: you are on a special "inclusionSubPath" hence session will be INcluded')}}else{if(m==="undetermined"){switch(n.host.toLowerCase()){case"www.rijksoverheid.nl":l=10;if("P"==="O"){l=3}break;case"a-www.rijksoverheid.nl":l=1;break;default:l=0;break}}else{l=-9}}if("P"==="O"){console.info("CnT PREselectionscript: getSelectionFactor="+l)}return l};var a=function(o,l){var n;if(o===-9){n=l}else{var m=Math.round(

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\coronavirus-covid-19[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	28535
Entropy (8bit):	4.597790746638992
Encrypted:	false
SSDEEP:	384:QXfKukOspeW2sHUYCDlxIZGfv0Lh5mE674jgo9ZzzYJ:QXSiWHWDTIZGfvgbmE6UjHpzYJ
MD5:	0B33E5006271318199F7EA4FC57E9312
SHA1:	955787D471D07DAEC0ACAD08A0CC866E9A841055
SHA-256:	EB47FD640646EB5986A1D05AECC0D9A6018390AE5C842E98E740CDD19BF504D6
SHA-512:	5D195E7959DD2192DF286373E75EF0B20EEC42697F42D03BFCAB8B45E1CBBB92B52485073311D7CC89CF567594E3C73044FD34B009973B890F8ADDBEA1C3AE39
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19
Preview:	<!doctype html>..<html class="no-js fullWidth" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta name="description" content="Actuele informatie over het coronavirus COVID-19. Zoals de maatregelen tegen verspreiding van het virus."/>.<meta name="DCTERMS.description" content="Actuele informatie over het coronavirus COVID-19. Zoals de maatregelen tegen verspreiding van het virus."/>.<meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Coronavirus COVID-19 \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Coronavirus COVID-19 - Rijksoverheid.nl"/>.<meta property="og:title" content="Coronavirus COVID-19"/>.<meta property="og:type" content="website"/>.<meta property="og:url" content="https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19"/>.<link rel="alternate" href="https://feeds.rijksoverheid.nl/onderwerpen/coro

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\forms[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	20086
Entropy (8bit):	5.0630445414797896
Encrypted:	false
SSDEEP:	384:aRGD5BGn11y6hqZDCgtXZLqTUouR+KL/hWXVZiXGutbHpbWotuMvgEh0qtSY71OK:8GD5BGn11y6+7XZ2QX+KNWFZi2utbHpn
MD5:	FA31C45A4991A91652CC2C7BF84B6B8F
SHA1:	082FED512F6A2B5B5587B4FA02CF622BB3443C70
SHA-256:	FDE12A3EF014C58BFCDCBB13A5DAA868257D9EABE2B6933DA6B8C672471C8149
SHA-512:	5D3CA8723A6658C84A04DBD433E85AD4BCCA490B668164FF76B23A9F978D6CC4EA0D0A281A904F9D7302169717A099FBCC92C247E11C203D774848BFB89BB715
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/forms.js
Preview:	function handleFileUploadChange(t,e){t?($(".fileupload--"+e+" .button-remove-before-submit").css("display","block"),$(".fileupload--"+e+" input[type='hidden']").css("display","block"),$(".upload--"+e).css("display","none"),$(".fileuploadInput--"+e).css("display","none")):($(".fileupload--"+e+" .button-remove-before-submit").css("display","none"),$(".fileupload--"+e+" input[type='hidden']").css("display","none"),$(".upload--"+e).css("display","block"),$(".fileuploadInput--"+e).css("display","block"))}function customSelect(t){t.wrap('<div class="proSelect"></div>')}$.fn.autoGrow=function(t){var e=jQuery.extend({extraLine:!0},t),i=function(t,i){var n=t.val().replace(/&/g,"&").replace(/"/g,""").replace(/'/g,"'").replace(/</g,"<").replace(/>/g,">").replace(/ /g," ").replace(/\n/g,"<br />")+(e.extraLine?".<br/>.":"");i.html(n),t.height()<i.height()&&t.height(i.height())};return this.each(function(){var t=$(this),e=function(t){var e=t.attr("name");return $("<div/>",{cl

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\huwelijken-uitvaarten-feestdagen[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1500
Entropy (8bit):	7.788549845119078
Encrypted:	false
SSDEEP:	24:/iUpOz9ZszIQQJd+jL/SRNfQtWGW9rAmgL47SDrwqbDCjjT6s+6f3RANMQ0+XD0D:/NpXzIsjL/KN46rAXEAbcj+s+658MQJ8
MD5:	5286215F75A785E7541DEDAB95587C7D
SHA1:	ED71EC24F9E2C78385552D0C135F5A389C7F6CA5
SHA-256:	443256FB149B078FE76315020D4C4CEB1A63C9BC510CB6E726A22DC853865508
SHA-512:	96E48437E7A863F1F5970B204571311C372154FA25B2D5035E953198F54C55C3B97B27EDCDDF9AE1B33BF08FA10492821E7D9D2640065CF72E052BF5AD5A2DB3
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/huwelijken-uitvaarten-feestdagen.png
Preview:	.PNG........IHDR...@...@......iq.....sBIT....\|.d.....pHYs.........B(.x....tEXtSoftware.www.inkscape.org..<....YIDATx..Yh^E...Z..k.[.HUPJ.Z.........X....."...uA..'....B.VMQR.$"..J.fmj>..L......;.&_.~...7....g.3...Zha.q...0.......k.."........9p..{).#PSB...(.n`...(...a....8g6~.....A..E.....{....4..T......~... ......../..!..<._...2....j.J.4..a..............+.....3'o..oT.w..?r.N..sPT.yc.....A....?..}k..B'.......v._....2..7..%.,.Rx.........=..1........dt...6...-.o.....eV...."...@.p..@..~d....Gvf..{.;...\......q..L..o..\.J.!.M...r...?..1.....!.g(.g._......0.t...9b...=.?.<U..;......D.>...8yy[`..(....=......Jv.Q`.2tR..#x!<.XY....>...~......~K..i.B.^.....tg"..!i}D.E......;.....Rv.YQ..Zg....(.:p[_.1.(+.l.j...;.o...y.3}.[....b.N..B...,......]..@:f9u.....JS..Q....~..>J?h.....E.4B_._........2.Y.{...q..#?...c.{...#Q.<....)...F... .<....=...i......i.4.\...W......N..k.]d~..&...h.."..,..!T.o.l.....M...j..PfY..NN.X..V..q..p,....p.Ui..m.o..._..F.+X..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\jenv-hero[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=11, description=Deze ministeriefoto is gemaakt voor de ministerie-verzamelpagina op Rijksoverheid.nl. Er is gek, manufacturer=SONY, model=ILCE-7RM3, xresolution=640, yresolution=648, resolutionunit=2, software=Adobe Photoshop Lightroom 6.10 (Windows), datetime=2018:10:04 13:19:56], baseline, precision 8, 1250x313, frames 3
Category:	downloaded
Size (bytes):	96928
Entropy (8bit):	7.733394949107374
Encrypted:	false
SSDEEP:	1536:CsAQnAoarzgLU02yf0yN8w1RQFXgQafVNThzFa/ZgIgdI4BGcZArOy/:HA0Aoyftzw1RqzWNThzY/ZhgdFGAArOy
MD5:	7D60546B655998343C86A1E66E922CE8
SHA1:	AACAFB2E49DC8DFDE2CE094E70754B9B7221FE05
SHA-256:	CE4CD0B6A8B73273022DC30E4FA7FADEA3A9C9E2333BB51EAAE3457247372EF4
SHA-512:	7C78A22D24CE76EA3DDCF005536C8A0D9DE8F6C18D64739305C1A717A4EB676300BD0CE637E15B834A35D4DBCF754AC2D34AF79D1757CBEFD394B5D1444C4F79
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/large/content/gallery/rijksoverheid/content-afbeeldingen/ministeries/series/hero---nieuw/jenv-hero.jpg
Preview:	......JFIF.............HPhotoshop 3.0.8BIM........................8BIM..........Z...%G...................JenV hero.....Beeldcentrum.....RO.....Rijksoverheid.....beeldverhaal.....beleidsthema.....close-up.....handen.....handenconcept.....mantelfotograaf.....ministerie.....ministerie-onderwerpen.....ministerie-verzamelpagina.....ministeriefoto.....missie.....scherptediepte.....themafotografie.....verzamelpagina..7..20180914..<..143710..>..20180914..?..143710..P. John van Helvert: www.johnvanhel..g..C0502.DP1000..t.SCopyright Rijksoverheid - Deze foto is afgekocht voor gebruik door de Rijksoverheid..x..Deze ministeriefoto is gemaakt voor de ministerie-verzamelpagina op Rijksoverheid.nl. Er is gekozen voor een close-up van handen op de voorgrond. In de afgebeelde handeling wordt een herkenbaar onderwerp van het ministerie vertaald, waarin iedereen zich kan identificeren. De onscherpe achtergrond verduidelijkt het beeldverhaal. Alle 12 ministeries zijn volgens deze beeldtaal, het .handenc

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\justitie-en-veiligheid-hero[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=25, height=6336, bps=0, compression=none, PhotometricIntepretation=RGB, description=Verbeelding van de zachte kant van Veiligheid. Politieagent wijst de weg aan passanten. Deze c, manufacturer=SONY, model=ILCE-7RM4, width=9504], baseline, precision 8, 1250x312, frames 3
Category:	downloaded
Size (bytes):	43014
Entropy (8bit):	7.926150649627987
Encrypted:	false
SSDEEP:	768:dJ8ywdTUwUeLSHvPdnd14D2wN1OYA9kqD+2RpY1CIPNY/4EE4cDwWSpN:dJ8yAUeLSHzWDKvpY1CkEUsjpN
MD5:	8BB6FF03A77AE4E0B1B8C1A732D55015
SHA1:	8CC0053F59045DB3D1CB644E58CE4CB249EDDAD8
SHA-256:	9CE8F5467A1980C29170685E820EB56C1C181E961F843F05C1375964F59E6623
SHA-512:	9F4CC92144CD66C265496C202901A9E04F8F649E1FB466F4EAA8FCD557A96F2314A99F6EE7838DBB7E03AB315D133C4C7E22A6E0C5C9C371D2875A494F523774
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/large/content/gallery/rijksoverheid/content-afbeeldingen/ministeries/series/hero---nieuw/justitie-en-veiligheid-hero.jpg
Preview:	......JFIF.....,.,.....(Exif..MM.*..............% .........................:...............................B...@.........................................................................(...........1...........2...........;................T....i...........0...........2.........@.....................................2...........4....................Verbeelding van de zachte kant van Veiligheid. Politieagent wijst de weg aan passanten. Deze corporate ministeriefoto is gemaakt voor de ministerie-verzamelpagina op Rijksoverheid.nl. Er is gekozen voor een close-up van handen op de voorgrond. In de afgebeelde handeling wordt een herkenbaar onderwerp van het ministerie vertaald, waarin iedereen zich kan identificeren. De onscherpe achtergrond verduidelijkt het beeldverhaal. Alle 12 ministeries zijn volgens deze beeldtaal, het .handenconcept., gefotografeerd en staan per oktober 2018 op Rijksoverheid.nl/ministeries...SONY..ILCE-7RM4....,.......,....Paint.NET v3.5.10.2020:01:09 19:06:22.JO

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\jv-dv-20181220-id0i0q33x-still-middel[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, frames 3
Category:	downloaded
Size (bytes):	118460
Entropy (8bit):	7.9774253017456935
Encrypted:	false
SSDEEP:	3072:QNiD/4sRnz4U/IR5A/oRU9JSFNtOzjRkNyInz:VD5nf/IR+ouJSFizjGN1
MD5:	773DC21E1FB3E376946B6F37D5B6C2AB
SHA1:	56D00B3DDB5F3ABE0E5D63E5347AFEEF09850BE9
SHA-256:	64AE302E13B2576CCF1E1133C12199CC9664C4708F51BEDBDF63EC53E727D4F2
SHA-512:	286DE796721368F843FEB96858BBEBF8B61211C23D5C84457651D0B57E2700D1B70B75B140F4797196C97398D88B9267318CD35AD066E375904C7BF502806D44
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rovid.nl/jv/dv/2018/jv-dv-20181220-id0i0q33x-still-middel.jpg
Preview:	......JFIF.............C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."................................................................................X.C$.......m[R...rI,.lh..%.2.I7$..$.T.D.k, d.e[W....qz.{....SV..l......h...~...t.+.W.Xue.0..<...m....VZ..[Y.;.PY.....m..-....I...$"..Kww..K2z..e&K.......z.Q.c.#.I.."....(B......PY........0C.Q..... .@.!..ipMm)Zk.+I.._"..L.$..U....-F.I.I!.......MGj.....j.].ql6f.^?g....+.X.M..\.]...u..z?...zn2\|..n...@.!...(xV]U. Y.CE...%fGE.Fr.T..I.H..b<.O../.=.K.5C.....]<.tQ..=+.8V\..aXd..$..h0...h.p.Y.cX.....]...u...<B2.H.....D.E'..VBYMP...(..&..[f1.Wfl..$...I,.TU]a.]%v"..e!.o;.&.V..Td.T.......{.Zp.=..FV.o.;b.L..:.7...w..o.D2c.a(2...!.%..V...%.W+..eZ.!..V.`....f_K\.M.\.._(.V<+.6U4WP,....X...n.;...0l..*JHx.1."....[.n%&.V.......N7g.,...Mf.H......@.X...`X..f5.].......K,...v.Fy...d0...MK..F+V...rI$.53i.(.,.B...!..}>f5..Aj

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\logo-ro[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	22480
Entropy (8bit):	3.855461555192788
Encrypted:	false
SSDEEP:	384:PxlBio7+YA5LFu/Y/IIf/gQBj/QPoJq6e8GQzPdgbXXhrLvS38Z7j:Z77RAeIHiT1L489
MD5:	F359BF2CF693B32A4FFB2D40384EC675
SHA1:	F2DF78721517F9797ABA0220298153AA506F513B
SHA-256:	2B702C5D3DE1D9B2D646741C458C148D8F75CD47D9C15DD4E9EC6ADDEF07874A
SHA-512:	E007E16328BF8EA63B99164CBD7BDD0C3D3825A77D904547C6C037FBF3080331098B81E502B710AF4547FCDCF9803AF972457FB9DE376DC4773CD6FBE08A0A99
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/channel-afbeeldingen/logos/logo-ro.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 21.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" height="125px" id="Laag_1" style="enable-background:new 0 0 314 125;" version="1.1" viewBox="0 0 314 125" width="314px" x="0px" xml:space="preserve" y="0px">.<style type="text/css">...st0{fill:none;}...st1{fill:#154273;}...st2{fill:#FFFFFF;}.</style>.<g id="Laag_1_1_">..<g>...<rect class="st0" height="125" width="314"/>...<rect class="st1" height="100" width="50"/>..</g>..<path class="st2" d="M25.9,77.36h-0.87v-2.41h0.87V77.36z M29.83,66.72h-0.87v-2.41h0.87V66.72z M13.71,62.56 c-0.07,0-0.52,0-0.52,0.09c0,0.09,0.21,0.05,0.52,0.1c0.7,0.12,0.97,0.47,1.46,0.47c0.44,0,0.9-0.3,0.72-0.94 c-0.03-0.11-0.09-0.08-0.11-0.01c-0.07,0.29-0.42,0.45-0.79,0.45C14.53,62.72,14.44,62.56,13.71,62.56z M8.92,64.97 c0.08,0.11,0.9,1.17-0.36,1.58c-0.06,0.02-0.07,0.07,0.01,0.11c0.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\media_player_controls[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	6892
Entropy (8bit):	4.763802411629559
Encrypted:	false
SSDEEP:	96:xmpi4tK6wSwc3FNS/7ZkgHuP6ewRJVpMMhPc8MjUyc23A:f7cV8jZkgHuP67RJVpMMhYc
MD5:	1E30E3E441D628F2BE006DCDFF02B57E
SHA1:	CA417736C4C5110A2EB202C217D632C4DB1732DD
SHA-256:	62628A9753CC738D59B24741458C5E97E9425C9840F31D8D3A54C3AA426228A7
SHA-512:	6F7A7B376B4090E32FF75CD2B37BC7A52A0288EA26ECFC643DC0C764D142E05014B4FDE7D19612B14670AE57CB0BF6223BB69AE386C7A4080F2C651F242C4B67
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/images/media_player_controls.svg
Preview:	<svg id="Laag_1" data-name="Laag 1" xmlns="http://www.w3.org/2000/svg" width="280" height="200" viewBox="0 0 280 200"><defs><style>.cls-1,.cls-13{fill:#01689b;}.cls-10,.cls-2,.cls-4,.cls-5,.cls-6,.cls-7,.cls-8,.cls-9{fill:#fff;}.cls-3{fill:#f3f3f3;}.cls-4{opacity:0.4;}.cls-10,.cls-4,.cls-5,.cls-6,.cls-7,.cls-8,.cls-9{isolation:isolate;}.cls-5{opacity:0.6;}.cls-6{opacity:0.8;}.cls-7{opacity:0.9;}.cls-8{opacity:0.3;}.cls-9{opacity:0.5;}.cls-10{opacity:0.7;}.cls-11{fill:none;}.cls-11,.cls-13{stroke:#01689b;stroke-miterlimit:10;stroke-width:2px;}.cls-12{fill:#02689b;}</style></defs><title>media_player_controls</title><g id="Laag_1-2" data-name="Laag 1-2"><path class="cls-1" d="M22.69,19l-9.44,6.8a1.79,1.79,0,0,1-.78.22,1.15,1.15,0,0,1-.55-.11,1.2,1.2,0,0,1-.67-1.07V11.26a1.19,1.19,0,0,1,.67-1.07,1.48,1.48,0,0,1,1.33,0L22.69,17a1.15,1.15,0,0,1,.39,1.58h0a1.06,1.06,0,0,1-.37.36Z"/><g id="pause"><rect class="cls-1" x="11.25" y="30.01" width="4" height="16"/><rect class="cls-1" x="19.92" y="30

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\mondkapjes[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1192
Entropy (8bit):	7.762744338222622
Encrypted:	false
SSDEEP:	24:yxlDSHJjt7ilo4ztgRifZSATQzQlADjaz12hhm8TWtq0a033S5dJ:yxZSHJh7dgO2AATmaohsBtLa03Cl
MD5:	858449A94F216796D108896FDC40F4AC
SHA1:	383910F2BD8F3F990AC73FB5D247BEED1829ED13
SHA-256:	656A9EA6299679181C33215F76C75AF3A405C3C161FC2BBB95467C0642A8A229
SHA-512:	8CEA854DB3F8C20D1602D0E49D45E9E70231BD56E828C8C91A4D84491F29DA95AA2069CB9B0C2A437639263A340EC21B47FCFEAFE8586ECB42AB930409B6B564
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/mondkapjes.png
Preview:	.PNG........IHDR...@...@......iq.....pHYs...........~....ZIDATx..[.u.@..x..v...d.......o@. ....& ..N@2.......8.>[....{M.;Y...>_XD.%.K....f..#\|^.k.&.sy.3.......e.?..\Djo..=.O:(......k.o.~S...ADU..."..k...@.....Edg(..],...s..}... "..,g....D.$.=...9`..#Q.......Q.r.fp....h.O..e/d..cj..D...\|........#..]e.d...-.5tDW..]B.Py...x.... n+$6K: .L{...(..'.,...z..~W..CG......Z.?"?.Im.~.m...6.........k...E..S....$p.Q<c....d......5\|.Y...7..TE.G...w+...<.>.F...`..n...0..G........._[.....yi....U.d.Ez..3.Q..U".m....("6{.....!.Dt.........y).R~.(.X.1....r..xK<..2.j..D.H..3<.8D...f.67\.....q.w!J..).z!=C..I....(P..:rC.\|s........S..}.y.#D.......g.1A.-..b.o...../W...0k. P.O/-`m.....% b...}....U...x5.c4y....}...N.$...8S../.......#B%@.uT!V.n/....T.....Dh. Aq.?.....iN....w;e......"~),V[.35..q.)..)...l.L.....m5.`.6Y..)N...2...x..4.;....x..zH.M..l.<..zc.....[........Cf.5(Va...R.n....~...V=x4...'.....r.....~"...,.O3}l. U...B...m...6.+....{..6.{..h..T.>..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\onderwerpen[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	60224
Entropy (8bit):	4.204862447073666
Encrypted:	false
SSDEEP:	768:4AWUYF6Ac5OOTW7kDhJYEzI0/RIST8pzYJ:VJ2MTDhJYqiYJ
MD5:	8FDFDAB1C629EA64EAC3590E252BA3DB
SHA1:	1D4F87F8571DD82995F88C9370A4EBE8CFB86AFB
SHA-256:	976BFE0C46E166A0636292286EF318CB0B5C6B9FEFF3ED165DE63F4F6FEE3A70
SHA-512:	1B0321B6C8847E17AB11AA88DCD3613EFF97FC7B7B6FD4CD28CA8ED11DAF1A2484726360E6F6F4DC8105A41E6A91AD34A38BD813309ECD1ACE88A3A5D75D1809
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen
Preview:	<!doctype html>..<html class="no-js fullWidth" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Onderwerpen \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Onderwerpen - Rijksoverheid.nl"/>.<link rel="canonical" href="https://www.rijksoverheid.nl/onderwerpen"/>.<meta name="viewport" content="width=device-width, initial-scale=1"/>.<meta name="DCTERMS.language" title="XSD.language" content="nl-NL"/>. <meta name="DCTERMS.creator" title="RIJKSOVERHEID.Organisatie" content="Ministerie van Algemene Zaken"/>. <meta name="DCTERMS.identifier" title="XSD.anyURI" content="https://www.rijksoverheid.nl/onderwerpen"/>.. <meta name="DCTERMS.available" title="DCTERMS.Period" content="start=2017-06-30;"/>. <meta name="DCTERMS.modified" title="XSD.dateTime" content="20

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\page-feedback-bar[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	2405
Entropy (8bit):	4.6732100482972445
Encrypted:	false
SSDEEP:	48:CtMcX80McX8t8IyI9i4kRpk27oym3jXT5IXNV6TTNkTThTTPy:CtLXxLXVIxzk37o/zXNIXqXKXhy
MD5:	D6FF9DA6F04AF41AA60A9DABE0CFA89B
SHA1:	47550216ABA2FB8185BF2197C22F005C07B4961C
SHA-256:	13405707E0F3CFA9D8F30A1CBBC1ECC040B0B33387914D0618E550C8AC855B21
SHA-512:	49BA5F28519DFF14356826F16F3F5F3ECCD14AD02511F50F6005A26BA96CA2F65FAF279D4112B4BB5D556F20CC47A46DF1CF5690E20DF303A631CA520FCF41DB
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/assets/rijksoverheid/presentation/css/page-feedback-bar.css
Preview:	.feedbackBar {. display: block !important;. background: #f3f3f3;. padding: 10px 0 0 0;. margin: 30px 0 0 0; }. .feedbackBar .wrapper {. margin-right: auto;. margin-left: auto;. padding-left: 15px;. padding-right: 15px;. max-width: 1200px;. position: relative; }. .feedbackBar .wrapper:before, .feedbackBar .wrapper:after {. content: " ";. display: table; }. .feedbackBar .wrapper:after {. clear: both; }. .feedbackBar .wrapper:before, .feedbackBar .wrapper:after {. content: " ";. display: table; }. .feedbackBar .wrapper:after {. clear: both; }. .feedbackBar .formContainer {. width: 100%;. padding: 0 15px 0 15px; }. @media (min-width: 992px) {. .feedbackBar .formContainer {. margin-left: 16.666667%;. width: 66.66667%; }. .fullWidth .feedbackBar .formContainer {. margin-left: 0%;. width: 100%; } }. .feedbackBar fieldset {. margin: 10px 0 20px 0; }. .feedbackBar legend {

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\piwik[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Instructie%20voor%20formulieren%20avondklok%3A%20downloaden%20en%20meenemen%20%7C%20Publicatie%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=017578&h=9&m=36&s=51&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19%2Fdocumenten%2Fformulieren%2F2021%2F01%2F21%2Fformulier-voor-de-avondklok-downloaden-en-meenemen&_id=b90b13402c4c6b2f&_idts=1611563785&_idvc=1&_idn=0&_viewts=1611563785&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%22%5D%2C%223%22%3A%5B%22type%22%2C%22leadingpage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22f28d5416-c5cd-4283-b4c5-4d8f286274ae%22%5D%7D&gt_ms=2&t_us=34&t_ue=34&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=30&t_as=31&t_ae=32&t_dl=31&t_di=203&t_ls=203&t_le=203&t_dc=219&t_ee=255&pv_id=oR5EpP
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\start-vaccinatie[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=12, description=VEGHEL - Pfizer / BioNTech eerste set vaccinaties tegen COVID-19 in de priklocatie in Veghel. S, manufacturer=NIKON CORPORATION, model=NIKON D6, orientation=upper-left, xresolution=187, yresolution=195, resolutionunit=2, software=NIKON D6 Ver.01.11 , datetime=2021:01:06 08:54:15], baseline, precision 8, 830x553, frames 3
Category:	downloaded
Size (bytes):	113955
Entropy (8bit):	7.863601961966462
Encrypted:	false
SSDEEP:	3072:urFzMwTd8XmLLws0gedOi66AXrjk39J5gQb8:MMU82v0dUXXk39q
MD5:	C96BA5E9FFA4DAA9296DC1BAE6F67222
SHA1:	9C27F9C049874B343D9867845207FF6CE73961D2
SHA-256:	04AF7C41E46D42EE69A5AB76E22C5FC7EB469E601E432E24181E5576017F1CC8
SHA-512:	54905A322C816CB8AA23DE0657E5D5FDEE375A4DA018355E20FABD3F5CC620066CFF7594614B130610FF8CE5FD7C88EDCEA480D669359AA7DF8DF31384AC55B4
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/home/2020/start-vaccinatie.jpg
Preview:	......JFIF.....,.,....'.Photoshop 3.0.8BIM..........Z...%G............corona.....coronacrisis.....coronamaatregelen.....coronavirus.....covid19.....crisis.....gevaccineerd.....ggd.....personeel.....prik.....prikken.....priklocatie.....prikstraat.....Vaccin.....vaccinatie.....vaccinatieprik.....vaccinatiestraat.....vaccineren.....verpleegkundige.....virus.....ziekenhuis.....zorg.....zorgpersoneel..(.. ..7..20210106..<..084346..g..426847120..n. Hollandse Hoogte / Robin Utrecht..s..Hollandse Hoogte..t..ROBIN UTRECHT..x..VEGHEL - Pfizer / BioNTech eerste set vaccinaties tegen COVID-19 in de priklocatie in Veghel. Sanna Elkadiri verpleeghuismedewerker die eerste vaccin krijgt een spuit met het vaccin vaccinatieplicht coronavaccin Sanna Elkadiri, medewerkster van verpleeghuis Het Wereldhuis, krijgt het eerste vaccin in Veghel Aanbieders van acute zorg, zoals ambulancepersoneel en IC-medewerkers, worden in verschillende ziekenhuizen geprikkeld tegen het coronavirus8BIM.........,.......,....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\touch-icon[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 300 x 300, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	5844
Entropy (8bit):	7.830114096965188
Encrypted:	false
SSDEEP:	96:UU0A/fyOGMqVJfA0ej4fiN2cXLJeoi8eFBIYZoO1Q3wNKg5i8Je:JGpO0ejsA2c7JeLFB1oO1Ag5i8E
MD5:	027BA518208DDF1EECAE028AA010F18D
SHA1:	DA0DF8D34682EE459EF06DF372FAE792B85870D5
SHA-256:	5003E83080240861EE63A1436F8A12417EAAAD416843A87B831F04DBEE8C75BC
SHA-512:	5D135B78B7501845B3C32F204ABE1DA9B7611D08DF3E7DF53CC0C90FBBC6FB2346CF263DCA1462D3A1BF6A18193F84EA909367C5D5E2E72A5548493B6F1EA01C
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/assets/rijksoverheid/iconen/touch-icon.png
Preview:	.PNG........IHDR...,...,.....N.~G....tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c021 79.155772, 2014/01/13-19:44:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:6f6c313d-0fc9-43fa-a7e3-6d6a1fb54f66" xmpMM:DocumentID="xmp.did:281C48E103A411E49AE0B91D93329B9D" xmpMM:InstanceID="xmp.iid:281C48E003A411E49AE0B91D93329B9D" xmp:CreatorTool="Adobe Photoshop CC 2014 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:4f9f6108-2bc1-4621-953a-defda2345a90" stRef:documentID="adobe:docid:photoshop:4965252c-4c0d-1177-b2db-beb79a4e3726"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..i.....PLTE.i..@q..

C:\Users\user\AppData\Local\Temp\~DF29BF0A5DAB48FD47.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	25441
Entropy (8bit):	0.27918767598683664
Encrypted:	false
SSDEEP:	24:c9lLh9lLh9lIn9lIn9lRx/9lRJ9lTb9lTb9lSSU9lSSU9laAa/9laA:kBqoxxJhHWSVSEab
MD5:	AB889A32AB9ACD33E816C2422337C69A
SHA1:	1190C6B34DED2D295827C2A88310D10A8B90B59B
SHA-256:	4D6EC54B8D244E63B0F04FBE2B97402A3DF722560AD12F218665BA440F4CEFDA
SHA-512:	BD250855747BB4CEC61814D0E44F810156D390E3E9F120A12935EFDF80ACA33C4777AD66257CCA4E4003FEF0741692894980B9298F01C4CDD2D8A9C7BB522FB6
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\~DFA9C3FD9DAD52A256.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	148969
Entropy (8bit):	1.5213372471714464
Encrypted:	false
SSDEEP:	384:kBqoxKAuqR++4y7o/m6+UR+Ddj+UR+Ddd+Z+BRh+od2RxBdcoq9g190DSxYuvM+4:nI/L
MD5:	6D2FF960BB13F763BB66E834119D36E8
SHA1:	7442BE8F44C04C27C4E3EA83740AF7123E4DDBEE
SHA-256:	7E189BD3ADA481D60AC8748797E3579CF74E842E9C3EA03278A6EF25A7EAAD92
SHA-512:	4C657F783BFADC7D451D5425296347E3C525E38654DE6B02F78700D2E0A77EE4DC1DC5232071B9354760B3F68BD13019571F667FCD62A4A0FBD5B780AC7ADE0C
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\~DFF63FF4DD2D95D176.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	13029
Entropy (8bit):	0.47362878523628044
Encrypted:	false
SSDEEP:	24:c9lLh9lLh9lIn9lIn9lok9lo09lWkfyQU1k7dkX:kBqoIPZkuk5kX
MD5:	EAC6C965AAD2030EF16337F315A1265E
SHA1:	D872D22A8CC3EF9C754D0464E91D00F5BDCBA72D
SHA-256:	C59EB4B3C66700D443EFE5DB06234ABBD898F55EF02B0571D3070496C67F28DD
SHA-512:	CF2313A6DD0620920C3C4D17C31BC6EFC3ABEADCCD40B5E6E4EAEC11824D5FF1BB651DA56D1083AAD0113A9E123D620A75D71D575903002FECC3CB40A72C3C2F
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\XJJW76JE60QSXM6C9NXP.temp Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	5149
Entropy (8bit):	3.185942840413698
Encrypted:	false
SSDEEP:	48:IdinPsIaC9GrIoXAsASFzdinPsIah683GrIoXAczodinPsIax9GrIoXAV1H:rPsc9S3AJNPsd3S3AMPsL9S3Af
MD5:	0C4FB8B20C7231BD19BE8652B9DAB951
SHA1:	C99EE93FFD1E5F74E260D0F4A815BA5B7B0C5B1F
SHA-256:	396AB8493E3B7518BC994F965CEE25EE43131355F45040BEE8F8CFF6CB20806E
SHA-512:	ED5411ADBD9FAAE00748BF73268BA1DCB7A11B2B836EEAF32228E07549BC520ED7D2852F171895B01A18DC1D25A4C9C45C29052689BBA8BB8A85C9DF572366E0
Malicious:	false
Reputation:	low
Preview:	...................................FL..................F.@.. .....@.>....~I)......?.c................................P.O. .:i.....+00.../C:\.....................1.....>Q.;..PROGRA~1..t......L.>Qv<....E...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....l.1......L.J..INTERN~1..T......L.9R.D..............................i.n.t.e.r.n.e.t. .e.x.p.l.o.r.e.r.....f.2......L.9 .iexplore.exe..J......L.J9R.D.....R..........x.............i.e.x.p.l.o.r.e...e.x.e.......^...............-.......]...................C:\Program Files\internet explorer\iexplore.exe....-.p.r.i.v.a.t.e...C.:.\.W.i.n.d.o.w.s.\.S.Y.S.T.E.M.3.2.\.I.E.F.R.A.M.E...d.l.l.........%SystemRoot%\SYSTEM32\IEFRAME.dll...................................................................................................................................................................................................................................%.S.y.s.t.e.m.R.o.o.t.%.\.S.Y.S.T.E.M.3.2.\.I

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 25, 2021 09:36:24.898703098 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:24.899274111 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:24.920283079 CET	443	49733	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:24.920330048 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:24.920418024 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:24.920470953 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:24.927318096 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:24.927511930 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:24.948350906 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:24.948419094 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:24.948460102 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:24.948508978 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:24.948513031 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:24.948543072 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:24.948574066 CET	443	49733	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:24.948594093 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:24.948602915 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:24.948652029 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:24.949009895 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:24.949049950 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:24.949090004 CET	443	49733	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:24.949100018 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:24.949137926 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:24.949139118 CET	443	49733	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:24.949177980 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:24.949183941 CET	443	49733	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:24.949201107 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:24.949213028 CET	443	49733	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:24.949239969 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:24.949278116 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:24.949649096 CET	443	49733	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:24.949693918 CET	443	49733	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:24.949740887 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:24.949795961 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.012562037 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.012633085 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.019651890 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.033835888 CET	443	49733	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.033884048 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.034050941 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.034053087 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.040865898 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.040909052 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.040954113 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.041075945 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.041105032 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.117360115 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.117980957 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.120558023 CET	49735	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.120841026 CET	49736	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.138448000 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.138490915 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.138561010 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.138602972 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.138612986 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.138628006 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.138633966 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.138657093 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.138659954 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.138696909 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.138735056 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.138740063 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.138750076 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.138775110 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.138792038 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.138813019 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.138850927 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.138856888 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.138870001 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.138889074 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.138896942 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.138936043 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.138981104 CET	443	49733	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.138983965 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.138994932 CET	49734	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.139018059 CET	443	49733	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.139046907 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.139072895 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.139139891 CET	443	49733	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.139178038 CET	443	49733	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.139194012 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.139226913 CET	443	49733	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.139229059 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.139277935 CET	443	49733	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.139285088 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.139312983 CET	443	49733	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.139329910 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.139367104 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.141446114 CET	443	49735	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.141568899 CET	49735	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.141664982 CET	443	49736	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.141865015 CET	49736	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.142231941 CET	49735	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.143049955 CET	49736	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.144882917 CET	49733	443	192.168.2.4	178.22.85.6
Jan 25, 2021 09:36:25.160028934 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.160059929 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.160079956 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.160100937 CET	443	49734	178.22.85.6	192.168.2.4
Jan 25, 2021 09:36:25.160121918 CET	443	49734	178.22.85.6	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 25, 2021 09:36:19.325433969 CET	64549	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:19.348392010 CET	53	64549	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:20.163760900 CET	63153	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:20.187037945 CET	53	63153	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:23.599782944 CET	52991	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:23.632925034 CET	53	52991	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:24.578511000 CET	53700	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:24.601867914 CET	53	53700	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:24.852576971 CET	51726	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:24.884130955 CET	53	51726	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:25.665616035 CET	56794	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:25.695184946 CET	56534	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:25.696914911 CET	53	56794	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:25.726444960 CET	53	56534	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:27.722548962 CET	56627	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:27.748219013 CET	53	56627	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:29.267462969 CET	56621	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:29.293535948 CET	53	56621	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:30.403675079 CET	63116	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:30.434848070 CET	53	63116	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:31.769737005 CET	64078	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:31.803764105 CET	53	64078	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:32.998465061 CET	64801	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:33.021554947 CET	53	64801	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:34.046585083 CET	61721	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:34.069581032 CET	53	61721	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:34.717185974 CET	51255	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:34.744719028 CET	53	51255	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:35.605690956 CET	61522	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:35.631397009 CET	53	61522	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:41.366455078 CET	52337	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:41.389656067 CET	53	52337	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:47.722160101 CET	55046	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:47.745126009 CET	53	55046	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:54.361840010 CET	49612	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:54.385222912 CET	53	49612	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:54.697519064 CET	49285	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:54.720489025 CET	53	49285	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:55.419516087 CET	49612	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:55.442545891 CET	53	49612	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:55.710556984 CET	49285	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:55.733660936 CET	53	49285	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:56.053097963 CET	50601	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:56.096726894 CET	53	50601	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:57.572951078 CET	49285	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:57.596085072 CET	53	49285	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:57.619453907 CET	49612	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:57.652245998 CET	53	49612	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:59.576129913 CET	49285	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:59.599720001 CET	53	49285	8.8.8.8	192.168.2.4
Jan 25, 2021 09:36:59.621592999 CET	49612	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:36:59.646137953 CET	53	49612	8.8.8.8	192.168.2.4
Jan 25, 2021 09:37:02.370296001 CET	60875	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:37:02.404886961 CET	53	60875	8.8.8.8	192.168.2.4
Jan 25, 2021 09:37:03.577116966 CET	49285	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:37:03.600121975 CET	53	49285	8.8.8.8	192.168.2.4
Jan 25, 2021 09:37:03.624025106 CET	49612	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:37:03.647211075 CET	53	49612	8.8.8.8	192.168.2.4
Jan 25, 2021 09:37:08.195882082 CET	56448	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:37:08.219800949 CET	53	56448	8.8.8.8	192.168.2.4
Jan 25, 2021 09:37:22.628791094 CET	59172	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:37:22.654793978 CET	53	59172	8.8.8.8	192.168.2.4
Jan 25, 2021 09:37:25.439699888 CET	62420	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:37:25.474009991 CET	53	62420	8.8.8.8	192.168.2.4
Jan 25, 2021 09:37:25.924196959 CET	60579	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:37:25.956908941 CET	53	60579	8.8.8.8	192.168.2.4
Jan 25, 2021 09:37:26.391467094 CET	50183	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:37:26.422872066 CET	53	50183	8.8.8.8	192.168.2.4
Jan 25, 2021 09:37:26.991872072 CET	61531	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:37:27.026407003 CET	53	61531	8.8.8.8	192.168.2.4
Jan 25, 2021 09:37:27.429907084 CET	49228	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:37:27.456028938 CET	53	49228	8.8.8.8	192.168.2.4
Jan 25, 2021 09:37:29.367733002 CET	59794	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:37:29.399060011 CET	53	59794	8.8.8.8	192.168.2.4
Jan 25, 2021 09:37:29.889847040 CET	55916	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:37:29.938390017 CET	53	55916	8.8.8.8	192.168.2.4
Jan 25, 2021 09:37:30.098875999 CET	52752	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:37:30.133125067 CET	53	52752	8.8.8.8	192.168.2.4
Jan 25, 2021 09:37:31.333450079 CET	60542	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:37:31.367496014 CET	53	60542	8.8.8.8	192.168.2.4
Jan 25, 2021 09:37:31.686573029 CET	60689	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:37:31.718313932 CET	53	60689	8.8.8.8	192.168.2.4
Jan 25, 2021 09:37:31.821177959 CET	64206	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:37:31.853208065 CET	53	64206	8.8.8.8	192.168.2.4
Jan 25, 2021 09:38:07.594610929 CET	50904	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:38:07.617687941 CET	53	50904	8.8.8.8	192.168.2.4
Jan 25, 2021 09:38:12.151161909 CET	57525	53	192.168.2.4	8.8.8.8
Jan 25, 2021 09:38:12.182641029 CET	53	57525	8.8.8.8	192.168.2.4

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Jan 25, 2021 09:36:24.852576971 CET	192.168.2.4	8.8.8.8	0xf8e6	Standard query (0)	www.rijksoverheid.nl	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:25.665616035 CET	192.168.2.4	8.8.8.8	0x8191	Standard query (0)	statistiek.rijksoverheid.nl	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:25.695184946 CET	192.168.2.4	8.8.8.8	0x7f09	Standard query (0)	onderzoek.platformrijksoverheid.nl	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:41.366455078 CET	192.168.2.4	8.8.8.8	0x4c17	Standard query (0)	www.rijksoverheid.nl	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:56.053097963 CET	192.168.2.4	8.8.8.8	0x7f17	Standard query (0)	www.rovid.nl	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Jan 25, 2021 09:36:24.884130955 CET	8.8.8.8	192.168.2.4	0xf8e6	No error (0)	www.rijksoverheid.nl	rijksoverheid.nl		CNAME (Canonical name)	IN (0x0001)
Jan 25, 2021 09:36:24.884130955 CET	8.8.8.8	192.168.2.4	0xf8e6	No error (0)	rijksoverheid.nl		178.22.85.6	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:24.884130955 CET	8.8.8.8	192.168.2.4	0xf8e6	No error (0)	rijksoverheid.nl		178.22.85.5	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:24.884130955 CET	8.8.8.8	192.168.2.4	0xf8e6	No error (0)	rijksoverheid.nl		178.22.85.4	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:24.884130955 CET	8.8.8.8	192.168.2.4	0xf8e6	No error (0)	rijksoverheid.nl		178.22.85.3	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:25.696914911 CET	8.8.8.8	192.168.2.4	0x8191	No error (0)	statistiek.rijksoverheid.nl		13.94.196.189	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:25.726444960 CET	8.8.8.8	192.168.2.4	0x7f09	No error (0)	onderzoek.platformrijksoverheid.nl		78.31.116.148	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:41.389656067 CET	8.8.8.8	192.168.2.4	0x4c17	No error (0)	www.rijksoverheid.nl	rijksoverheid.nl		CNAME (Canonical name)	IN (0x0001)
Jan 25, 2021 09:36:41.389656067 CET	8.8.8.8	192.168.2.4	0x4c17	No error (0)	rijksoverheid.nl		178.22.85.6	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:41.389656067 CET	8.8.8.8	192.168.2.4	0x4c17	No error (0)	rijksoverheid.nl		178.22.85.3	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:41.389656067 CET	8.8.8.8	192.168.2.4	0x4c17	No error (0)	rijksoverheid.nl		178.22.85.5	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:41.389656067 CET	8.8.8.8	192.168.2.4	0x4c17	No error (0)	rijksoverheid.nl		178.22.85.4	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:56.096726894 CET	8.8.8.8	192.168.2.4	0x7f17	No error (0)	www.rovid.nl		178.22.85.97	A (IP address)	IN (0x0001)

HTTPS Packets

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
Jan 25, 2021 09:36:24.949049950 CET	178.22.85.6	443	192.168.2.4	49734	CN=rijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 17:24:25 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:34:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:24.949693918 CET	178.22.85.6	443	192.168.2.4	49733	CN=rijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 17:24:25 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:34:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:25.752425909 CET	13.94.196.189	443	192.168.2.4	49738	CN=statistiek.rijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Tue Aug 25 14:49:57 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Wed Aug 25 14:59:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:25.754374027 CET	13.94.196.189	443	192.168.2.4	49737	CN=statistiek.rijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Tue Aug 25 14:49:57 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Wed Aug 25 14:59:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:41.445593119 CET	178.22.85.6	443	192.168.2.4	49749	CN=rijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 17:24:25 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:34:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:57.602816105 CET	178.22.85.97	443	192.168.2.4	49767	CN=mediatheekrijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 16:56:42 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:06:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:57.613569021 CET	178.22.85.97	443	192.168.2.4	49768	CN=mediatheekrijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 16:56:42 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:06:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:58.242542028 CET	178.22.85.97	443	192.168.2.4	49770	CN=mediatheekrijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 16:56:42 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:06:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:58.301712036 CET	178.22.85.97	443	192.168.2.4	49771	CN=mediatheekrijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 16:56:42 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:06:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022

Code Manipulations

Statistics

Behavior

Click to jump to process

System Behavior

Analysis Process: iexplore.exe PID: 6864 Parent PID: 800

General

Start time:	09:36:22
Start date:	25/01/2021
Path:	C:\Program Files\internet explorer\iexplore.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Imagebase:	0x7ff6f1e10000
File size:	823560 bytes
MD5 hash:	6465CB92B25A7BC1DF8E01D8AC5E7596
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Analysis Process: iexplore.exe PID: 6912 Parent PID: 6864

General

Start time:	09:36:23
Start date:	25/01/2021
Path:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6864 CREDAT:17410 /prefetch:2
Imagebase:	0x13b0000
File size:	822536 bytes
MD5 hash:	071277CC2E3DF41EEEA8013E2AB58D5A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Disassembly

Reset < >

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok

Overview

General Information

Detection

Signatures

Classification

Startup

Malware Configuration

Yara Overview

Sigma Overview

Signature Overview

Compliance:

Networking:

System Summary:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTPS Packets

Code Manipulations

Statistics

Behavior

System Behavior

Analysis Process: iexplore.exe PID: 6864 Parent PID: 800

General

Analysis Process: iexplore.exe PID: 6912 Parent PID: 6864

General

Disassembly