Analysis Report https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok

Overview

General Information

Sample URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok
Analysis ID:	343644
Most interesting Screenshot:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

No high impact signatures.

Classification

Signatures

There are no high impact signatures.

Compliance:

Uses new MSVCR Dlls

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Uses secure TLS version for HTTPS connections

Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.5:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.5:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.94.196.189:443 -> 192.168.2.5:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.94.196.189:443 -> 192.168.2.5:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.5:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.5:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.5:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.5:49749 version: TLS 1.2

Networking:

Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: <a href="https://www.facebook.com/MinisterievanJustitieenVeiligheid/" class="facebook"> equals www.facebook.com (Facebook)
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: <a href="https://www.linkedin.com/company/ministerie-van-justitie-en-veiligheid-/" class="linkedin"> equals www.linkedin.com (Linkedin)
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: <a href="https://www.youtube.com/user/MinisterieJustitie" class="youtube"> equals www.youtube.com (Youtube)
Source: onderwerpen[1].htm.2.dr	String found in binary or memory: <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/> equals www.facebook.com (Facebook)
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/> equals www.facebook.com (Facebook)

Source: unknown

DNS traffic detected: queries for: www.rijksoverheid.nl

Source: piwik[1].js.2.dr	String found in binary or memory: http://bestiejs.github.io/json3
Source: ankiebroekersknol_1.jpg_1920[1].jpg.2.dr, sander-dekker-2020-1[1].jpg.2.dr	String found in binary or memory: http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/
Source: piwik[1].js.2.dr	String found in binary or memory: http://kit.mit-license.org
Source: ankiebroekersknol_1.jpg_1920[1].jpg.2.dr, sander-dekker-2020-1[1].jpg.2.dr	String found in binary or memory: http://ns.useplus.org/ldf/xmp/1.0/
Source: contact[1].htm.2.dr	String found in binary or memory: http://wetten.overheid.nl/BWBR0019219
Source: contact[1].htm.2.dr	String found in binary or memory: https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://crisis.nl/nl-alert
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://feeds.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid/nieuws.rss
Source: documenten[1].htm.2.dr	String found in binary or memory: https://feeds.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten.rss
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://feeds.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/nieuws.rss
Source: piwik[1].js.2.dr	String found in binary or memory: https://github.com/piwik/piwik/blob/master/js/piwik.js
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://ind.nl/Paginas/Coronavirus.aspx
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://magazines.rijksoverheid.nl/jenv/jenvmagazine
Source: rop-survey-bar-and-ergo.min[1].js.2.dr	String found in binary or memory: https://onderzoek.platformrijksoverheid.nl/CnTMVC/pub/108108108pre/cnt108108108pre.js
Source: piwik[1].js.2.dr	String found in binary or memory: https://opensource.org/licenses/BSD-3-Clause
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://twitter.com/ministerieJenV
Source: avondklok[1].htm.2.dr	String found in binary or memory: https://we.tl/t-1RCY6GmWbX
Source: contact[1].htm.2.dr	String found in binary or memory: https://wetten.overheid.nl/BWBR0007376/2020-01-01
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.aandachtvoorelkaar.nl/
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.ecdc.europa.eu/en/coronavirus
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.gobiernodireino.nl/
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.gobiernudireino.nl/
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.government.nl
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.government.nl/topics/c/coronavirus-covid-19
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://www.instagram.com/ministeriejenv/
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.kpnteletolk.nl/
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.kvk.nl/coronaloket/
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://www.linkedin.com/company/ministerie-van-justitie-en-veiligheid-/
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.overheid.nl/contact/e-mailgedragslijn-voor-overheden
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/
Source: abonneren[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/abonneren
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/abonneren/ministerie-van-justitie-en-veiligheideren/2021/01/21/formulie
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/abonneren/ministerie-van-justitie-en-veiligheidverheid/iconen/touch-ico
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/abonneren8Abonneren
Source: 7PS93889.htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/actueel/nieuwsbrieven/regeringsnieuws
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/binaries/content/assets/rijksoverheid/iconen/touch-icon.png
Source: coronavirus-covid-19[1].htm.2.dr, onderwerpen[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/contact
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/contact4Contact
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/contactes/ministerie-van-justitie-en-veiligheidrijksoverheid/iconen/tou
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/contactes/ministerie-van-justitie-en-veiligheidverheid/iconen/touch-ico
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/dInformatie
Source: abonneren[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten
Source: formulier-eigen-verklaring-avondklok[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok
Source: formulier-voor-de-avondklok-downloaden-en-meenemen[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloade
Source: formulier-werkgeversverklaring-avondklok[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondk
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten?trefwoord=coronavirus&startdatum=&einddatum=&onderdeel=Alle
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/minister2
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheideren/2021/01/21/formul
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheidlaring-avondklok
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheidpMinisterie
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/nderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formu
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr, ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-c
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-c-justitie-en-veiligheid
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-cRoot
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr, ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok/formulieren/2021/01/21/formu
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklokfAvondklok
Source: documenten[1].htm.2.dr, ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten
Source: ~DF6DEB08E07A068F4A.TMP.1.dr, formulier-werkgeversverklaring-avondklok[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/form
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=2
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=3
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=4
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=5
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=6
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?sorteren%2Dop=relevantie
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documentenjOnderwerpen
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19NCoronavirus
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/overheidscommunicatie/nederlandse-gebarentaal
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/privacy-en-persoonsgegevens/burgerservicenummer-bsn
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen6t
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpenoronavirus-covid-19/documenten/formulieren/2021/01/21/formul
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/over-rijksoverheid-nl
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.who.int/emergencies/diseases/novel-coronavirus-2019
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://www.youtube.com/user/MinisterieJustitie

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.5:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.5:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.94.196.189:443 -> 192.168.2.5:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.94.196.189:443 -> 192.168.2.5:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.5:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.5:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.5:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.5:49749 version: TLS 1.2

System Summary:

Source: classification engine

Classification label: clean0.win@3/107@5/4

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D740A6F7-5F33-11EB-90E5-ECF4BB570DC9}.dat

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DF4B626F40B47736E5.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: unknown	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:1000 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:1000 CREDAT:17410 /prefetch:2	Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.94.196.189	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
78.31.116.148	unknown	Netherlands	12859	NL-BITBITBVNL	false
178.22.85.97	unknown	Netherlands	41887	PROLOCATIONTransitpolicypref100NL	false
178.22.85.6	unknown	Netherlands	41887	PROLOCATIONTransitpolicypref100NL	false

Contacted Domains

Name	IP	Active
onderzoek.platformrijksoverheid.nl	78.31.116.148	true
www.rovid.nl	178.22.85.97	true
statistiek.rijksoverheid.nl	13.94.196.189	true
rijksoverheid.nl	178.22.85.6	true
www.rijksoverheid.nl	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloaden-en-meenemen	false	high
https://www.rijksoverheid.nl/onderwerpen	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondklok	false	high
https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok#content-wrapper	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok	false	high
https://www.rijksoverheid.nl/contact	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19	false	high
https://www.rijksoverheid.nl/	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok	false	high
https://www.rijksoverheid.nl/abonneren	false	high

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\DURNCK2N\www.rijksoverheid[1].xml	ASCII text, with no line terminators	132294CA22370B52822C17DCB5BE3AF6	DD26B82638AD38AD471F7621A9EB79FED448A71C	451ABBE0AEFC000F49967DABF8D42344D146429F03C8C8D4AE5E33FF9963CF77
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D740A6F7-5F33-11EB-90E5-ECF4BB570DC9}.dat	Microsoft Word Document	FD3B9C20D0F63652D72F89A2F20DFA90	C93DD21E951BE63901972FA05E776B486206FA1B	AB4338786E8BAE8EBC3B063444A9E27960D34870FDF957B57EB83D779C11F5C9
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat	Microsoft Word Document	7042C81D435EF453F70C61E768BE935F	C6F3F8CD600F46ECB92E3B475A735E0287335036	A8694A3D4ED84904832DFD24C4EA2238A099393820CD5EC6561A79B53530990E
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D740A6FA-5F33-11EB-90E5-ECF4BB570DC9}.dat	Microsoft Word Document	A9E2A48A2A54565F9500BE8E6BDF4449	2FE7363714EA0EC33E1F0B70C53860B01B6A7DFB	FC1BC5B30BA6D5E415530BE830AC22DF9B2CD9B236DE25C63A8F8E5CB561DF8D
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\dikxvqf\imagestore.dat	data	1DC980E6E0E9B4E8AEC6BBAF31AC884D	A040E9614BF018809142120CBB12D82C096930C5	BBD2DF446E9F066EA4A6DF89999023346FB356D206CD9B23F9F7E0A077C86C82
C:\Users\user\AppData\Local\Microsoft\Windows\History\History.IE5\mms\LR8U2KYG\jv-dv-20181220-id0i0q33x-web-hd[1].dat	data	176F10E73F639D7DA6CCD87AE1847924	766A537DBE67F63317FBC35C42810A8439041081	BF35FC9C64931E1BC07A497EFB0BD31001CF574E81572BD3CCE4F82980392774
C:\Users\user\AppData\Local\Microsoft\Windows\History\History.IE5\mms\LR8U2KYG\jv-dv-20181220-id0i0q33x-web-hd[2].dat	ISO Media, MP4 v2 [ISO 14496-14]	75FFAB4D0AA79BDEA44F12B768329B5A	DBA2C74B8AC2295A1E6D05763A5B489E17ADFBE1	A72EA4A316F16D5856E75FCFC89E1F74B5F2B30636F1509E46D7232C192FA8C4
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\1182-avondklok-negen-uur[1].png	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	5B33BD6A342E5B6AED99830B3CE50C5A	B537AB2884C24490EE9DA15E24820C281F87AA93	D3B25D65C0F111896D03D993D966D64E4A9F1FE658372AFF15665D60128F2635
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\4012-verpleegkundige[1].svg	SVG Scalable Vector Graphics image	B42DB3B35A2E426756394E16882C81E1	1D52A4BAA182D38BB3AFF9B1EB8ADC5B7E8BC4B4	0FC0EACDEAC56B932E5F3611C835F4DA227B9C84811D9F695F75A7F4B64D037B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\4057-basisonderwijs[1].svg	SVG Scalable Vector Graphics image	9C0161D45B85BA29C996863AF1E2F09A	DA1CDA0A636CA079901FBFA06DB104F9239D50FB	51A09DE42392BD305FF2526EB6689A30EEC1DA2949BCFF22C690C45D553DD875
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\4215-afstand-houden[1].svg	SVG Scalable Vector Graphics image	18AFC3C5B03B5C25E13DB168E0DA222F	76CABC3FD38AB96D005DD1B0FA110BB7DE0EFE8E	B59703506EAA2623A4F902A643FD300CC226964BEC7B1F4E097A6DBEF30AF93C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\CnTAjastServiceV2[1].ashx	ASCII text, with no line terminators	3BCDA0D7F2F2B1EFAB0633194F4BA8C7	E636378389A1CED5AD96F7D5F551F9191D7F0828	C48C7C5AF9D720089DC3635383C085937A0F3934F242019870001079F5AC98A7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\CnTAjastServiceV2[2].ashx	ASCII text, with no line terminators	8BE2FF879EEA1F9F5DBF5E892CAE6153	2D4531A35A9317B967C3FA484937A05E54103C41	ED72EEB30892F5B6C4C907FA38427685FBC2D82F0C96F88E53121AFF880F6656
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\CnTAjastServiceV2[3].ashx	ASCII text, with no line terminators	1125D1869D7E74177501A857BD6BDFBB	213AFDB24CCE40E4A618E4E5E50BE271106A670F	BEAD26E323A49C2A162BA139E1EA5A71E37A4A01BBFBF482E701177993B5F549
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\CnTAjastServiceV2[4].ashx	ASCII text, with no line terminators	51C54EDC2B8379522881DF6FB99B10BB	BEC65F3AFB9E6DD59EAF4A0CB77B0FDB601B18AE	A64E05B7DE20435B260D538EF5DAE4636786974227629811DBAFC30ED0757352
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\cnt108108108pre[1].js	ASCII text, with very long lines	4BC3E7D220FC4BF15C6A2DB817C6C80D	CB4562FAB68F6A86C065DE28FCC36BE8F51BC961	5B339DBF9E3D74B66AFA8580CD11ECB07E5F002DF54D3BA3D4A2C70A7E33BF10
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\core[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	B4B3996AF6CBB9A1D3F35B9ACD1D6F28	327B6EE197399176142378C61E375B7F1222693B	A909BBFB230F9E848C59CCAA8E7E95CC2EE4A4CB73F6AE686633C7358991E665
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\dit-is-jenv[1].jpg	[TIFF image data, little-endian, direntries=15, height=4425, bps=194, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark IV, orientation=upper-left, width=6638], baseline, precision 8, 830x553, frames 3	321C04D14C4CB2FFD89436D22BBDD867	0BC818E1CA669CC48A5CD035765358C4BECD4F2B	CBFD7BF6202AE5DED70BAA5F17F93B0CB4BE2DCBFC350E0A05C32BF11697E9E1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\ferdinand-grapperhaus-lg[1].jpg	[TIFF image data, little-endian, direntries=11, description=Ferdinand Grapperhaus, minister van het ministerie van Justitie en veiligheid, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, xresolution=252, yresolution=260, resolutionunit=2, software=Adobe Photoshop CC (Macintosh), datetime=2018:08:22 18:28:09], baseline, precision 8, 829x553, frames 3	5C3804BB369134CBD388A7AFB5C2F3B6	6F341CACF4808CEA0804A2AC946C2B8687D195F9	237608EE290FF6A6538702A3CDC0AD7BBE8F6E4884A2F7FD2EBF3C1DAB49393E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\jenv-hero[1].jpg	[TIFF image data, little-endian, direntries=11, description=Deze ministeriefoto is gemaakt voor de ministerie-verzamelpagina op Rijksoverheid.nl. Er is gek, manufacturer=SONY, model=ILCE-7RM3, xresolution=640, yresolution=648, resolutionunit=2, software=Adobe Photoshop Lightroom 6.10 (Windows), datetime=2018:10:04 13:19:56], baseline, precision 8, 1250x313, frames 3	7D60546B655998343C86A1E66E922CE8	AACAFB2E49DC8DFDE2CE094E70754B9B7221FE05	CE4CD0B6A8B73273022DC30E4FA7FADEA3A9C9E2333BB51EAAE3457247372EF4
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\jquery-ui[1].js	ASCII text, with very long lines, with no line terminators	C483FA820462EB192F732892B81CB27B	4B121DA6EDC27E4FB952EA8C117311C5E3B671A7	FCB8E8101BA83DBAB538F01E4A86A7E3DDDE03A498E8FE5214AFB9785936B29A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\justitie-en-veiligheid-hero[1].jpg	[TIFF image data, big-endian, direntries=25, height=6336, bps=0, compression=none, PhotometricIntepretation=RGB, description=Verbeelding van de zachte kant van Veiligheid. Politieagent wijst de weg aan passanten. Deze c, manufacturer=SONY, model=ILCE-7RM4, width=9504], baseline, precision 8, 1250x312, frames 3	8BB6FF03A77AE4E0B1B8C1A732D55015	8CC0053F59045DB3D1CB644E58CE4CB249EDDAD8	9CE8F5467A1980C29170685E820EB56C1C181E961F843F05C1375964F59E6623
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\logo-fallback-ro[1].svg	SVG Scalable Vector Graphics image	AD7B7F13A1B30C8B4E7BBE17E4B7C6B5	94FDBD8C2928E7508847B4B2E5A41B8A0D802B27	09BF69D29882694FA99C8730B853ECA8E855BBDE4FE62B2DF167D177FDBD7DF1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\magazine-jenv-5-2019[1].jpg	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop Elements 14.0 (Windows), datetime=2019:03:28 09:31:28], baseline, precision 8, 800x533, frames 3	F52BE53C0139499B98E4786413C6C26D	F8F1038BD8427CFB1FEC9B4933CF1682F7E11DBE	F6756AA631706707EB23C100CEC54FAC2A31A12BFA260AC5A66E1E8D28D5A9E8
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\nl-alert-8-juni-2020[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x300, frames 3	C7F750297F53DEAFBF9BF1A88063BF2E	063B03A10C8B87B032F5D6657FE9F52120775568	0A66153A80CA9D3CB001618FAB6B3DCBDBB4B80EFA7294D97746B8DAE9E37327
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\piwik[1].gif	GIF image data, version 89a, 1 x 1	DF3E567D6F16D040326C7A0EA29A4F41	EA7DF583983133B62712B5E73BFFBCD45CC53736	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\piwik[1].js	ASCII text, with very long lines	2D695BE38B0A0F20485064FEE4A6A42A	5EACD0F917E94C902A1557D7F0BA30B3B162CF0A	DD499FF55F3C2A7BCEF3F0F9A43F93CC4CBC00C74EB7A3684AE10C23748C6D66
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\piwik[2].gif	GIF image data, version 89a, 1 x 1	DF3E567D6F16D040326C7A0EA29A4F41	EA7DF583983133B62712B5E73BFFBCD45CC53736	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\piwik[3].gif	GIF image data, version 89a, 1 x 1	DF3E567D6F16D040326C7A0EA29A4F41	EA7DF583983133B62712B5E73BFFBCD45CC53736	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\responsive[1].css	UTF-8 Unicode text, with very long lines	B8E6120181CE51C76168A9AB8EDBCC5D	936C17A3205EE8E716E8056ED6083B0DC911B3DD	AB9BF9A250E7C34001D8374540698D65830EF013686F2A372120834204A57C13
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\roze-vlak-homepage-1920x330px-tp[1].png	PNG image data, 1250 x 215, 1-bit colormap, non-interlaced	F8DBB2D68641518DC3996E618D77E24E	74519AD8C86A2E1D5FA16B4B5DAB47F0AFAEF341	5323637FCF2CCCE316BDE2693B2670C9C97C626C4DF99D390338EF10631E89DF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\topic-list[1].js	ASCII text, with very long lines, with no line terminators	EDFB27E99A504C23313634109CFB11D3	8970A15766E8024C7B98F3A779B896DFDCA4DC81	5EA7D64E8CB171BB7A1C9B8D3F09C1E63E0E4B8985411A2F8EAB053967115F42
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\winkelen[1].png	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	600D63170E55B075CC13F951EFB783B4	7BFD3DA4F19D6FD8DDA200D294E538A301310E98	71D7504ED749C805B89940680BAC309D135314F99EB4B6AF6CC1A84A20DF251F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\0045-filmend-persoon[1].svg	SVG Scalable Vector Graphics image	ADA6F8259DFBDC4F2C3384CBF5FA9F41	9A02987B5CFAF546B4177760EBE8BC69F5DF2387	0A29197E777D924A283A905AFD791B230677FB373C61048F205BB59B99F8F7C9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\2053-fysiek-archief[1].svg	SVG Scalable Vector Graphics image	BE191DC76C0A41A12DA0D879438589A9	D978E790431C96D097A869049F843010D4B9CC32	794940C33E8EB7F6917EF41F1A659D5CA57BB8738D6D460045C099600E258245
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\4015-inenting[1].svg	SVG Scalable Vector Graphics image	7D54C1B9D88D788B4A45AB48CDF6E9CD	E034DA6D9EB3E37775EC656977CA770711071987	7560D80CBF9B343DA9CFDB139C66A1E89692D8B9AF15F370317006264B4A4F09
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\CnTAjastServiceV2[1].ashx	ASCII text, with no line terminators	0AABCE962BCEC5BB627CC360725F7B92	884FB3BC6C974CBF85C8C134BE2C0C343CCE4580	74F05654867770D1B7C542E5D7DF833A2A430FF89FDDB34DBEAF8AD4C4F5F9E4
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\CnTAjastServiceV2[2].ashx	ASCII text, with no line terminators	753521357B2C5E6CC2358F8A85C56695	75AB39C145127BC1CFF0FB22BAF994AB91B857FA	A0C90E901D1F969C5459CD25FEE13CDF50704EB38640FAEB1E6410184FCC613B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\CnTAjastServiceV2[3].ashx	ASCII text, with no line terminators	3FBE264EBFA6BE214E6BD17535F1596F	7F090D8B71532CCE59D91649EF1E0C22EB990BFD	091C95413058A8FE2E676765EA3C2DDA6193F63B15C21C7B668339E56A4D2EF2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\RO-SansWebText-Bold[1].woff	Web Open Font Format, TrueType, length 69459, version 3.0	18CBF1D7B4B8721E4E0C33736DEFD62C	E77FF7F1EEBB16085DF92AECF4A03F588070B83B	5EADEE8E101C2140E44D6F6EF241D504459022F7504F48CBA4960CB29FAAF169
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\RO-SansWebText-Italic[1].woff	Web Open Font Format, TrueType, length 84048, version 3.0	BABCD7959F5E9EDD7020CB70B1398787	B7B69D2A371F77CB1785F45AD57C4624469670FA	1021BA98155F7A0FBC239EDAC80FBCD2B85FB1FA1B7CB7AD3E949DF15A71F44F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\RO-SansWebText-Regular[1].woff	Web Open Font Format, TrueType, length 76457, version 3.0	146A58DAF1C3F79A11ED75127D8504AB	2907352928CFCEF0220809359084202C364D6473	DC492A95CCBB713B1B05DB6E575C9E7F113D23E471E51B16A865832C2D16AB92
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\avondklok_hero[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x313, frames 3	A92F08233638063F2A2EE1B528478946	B4DB761269232718C930015748F5B041B8F2F8C2	B56FDD871705DB5943D7EE06B23C4E393196901D90B952B406D214C101E4202B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\collapsible-panels[1].js	ASCII text, with very long lines, with no line terminators	44ECE5C9B5274C1E7FF2E3860E5F1867	64D624D819339BF108FDE04578BB20271BB87043	463C73A52654C24219A7D110E8C0A3E8823084E52B9C7B6424D0B74A13917DC3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\formulier-eigen-verklaring-avondklok[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	39A67FA400CF6D70EF17AE454D943186	BC5F2650B8F5BDBCC585CC38C419C23C6F45764E	9FA867F6BE0EEE9BF490F6A36488F66F13708696A08622BBD9E30A52DBD95F3F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\formulier-werkgeversverklaring-avondklok[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	2BD25403DBCFAA4828C13E8F18EA70F4	194147C9A2648DFDC51A13F71DB5CF35F9C70A6E	D03239D6AA1DAB4AB1CB8B6ED2D858F6423F3C5B7BADDD5DEAEA0C97F890F695
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\img-helpers[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	80A90D742AFACB572E64194595B8D254	5888D04E386478F0B32EA3E0749E634F825B1D06	8B94CF4B63020D52A52972A68B8F7236DD3B624F7A68701E2D09C6BF025D5459
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\jenv-hero[1].jpg	[TIFF image data, little-endian, direntries=11, description=Deze ministeriefoto is gemaakt voor de ministerie-verzamelpagina op Rijksoverheid.nl. Er is gek, manufacturer=SONY, model=ILCE-7RM3, xresolution=640, yresolution=648, resolutionunit=2, software=Adobe Photoshop Lightroom 6.10 (Windows), datetime=2018:10:04 13:19:56], baseline, precision 8, 1920x480, frames 3	7A46769DAD7785EE2D19A1566611123E	3216A11324181DCBF9191AF307567519820BAABF	494210F96B3306FD2A6BFEFACC91AA6EA44E738500E4812D39C84CF182E31774
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\mediaplayer[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	5CB5B30CB2325834E1974842A86232C7	83C0FB1A560114E6145230EE2E42D51EF3AB0282	4790FD16F16E4A1907EDE9CA974B893B5BD697006BFFEED7A29F1ECA0A15F4A2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\paging-menu[1].js	ASCII text, with very long lines, with no line terminators	A56DAE07C4D7FEFFCC291EEAD0260548	2BF056F2C550C3CFC5BDFE55363F3F039655A2FE	4319E43CE717A1AD21C9B814A0211DA7F9580FAC830B7B75F7EB05A2F805398B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\piwik[1].gif	GIF image data, version 89a, 1 x 1	DF3E567D6F16D040326C7A0EA29A4F41	EA7DF583983133B62712B5E73BFFBCD45CC53736	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\piwik[2].gif	GIF image data, version 89a, 1 x 1	DF3E567D6F16D040326C7A0EA29A4F41	EA7DF583983133B62712B5E73BFFBCD45CC53736	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\piwik[3].gif	GIF image data, version 89a, 1 x 1	DF3E567D6F16D040326C7A0EA29A4F41	EA7DF583983133B62712B5E73BFFBCD45CC53736	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\telefoonnummer-corona-uitgelicht[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x400, frames 3	518480974995F9C4034F90F11E7D06C5	A88A2BFE34F78D21A3D1E36DD329EA177FFAD4C0	815B7D397808257EA24B94A044DADA238794028C0793DF944BA50349E230FFA0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\thuiswerken_corona_header[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x313, frames 3	54E0851797E06D8DF79AF60237EFD31A	0457074A696063AF3F2EF380AF5E6E4F47C5070B	4D6DB3BC5F976E8B1B7DC18FCEAA58F02616013E4AA9AC17C09C5298EDD29934
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\uitgelicht-covid-19-financiele-regelingen[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x320, frames 3	E0D74EDCBF6A6707EDD6991FCC408EC1	D7F4B406DE5884AE2476D00F0609DBC78E3ADAD8	11C8280C2D61D52036807AEC69E714B5D7D410838D12618332D4FE12FF0E963B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\wandeling-in-bos[1].jpg	[TIFF image data, big-endian, direntries=12, height=1436, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], baseline, precision 8, 800x533, frames 3	30248009AA369AACCD085385DA9934BD	48C024C5833EC70BF039AAA75FA48E21AFB2EABF	5E50665FCECC52D51A34CF607824E53B1608E3D01388453CBDA1E5D9B2616317
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\8012-reisbagage[1].svg	SVG Scalable Vector Graphics image	6FD74E13DD3369F306B5D369594E57BD	B5E797872BBCB082BB50946A10431D3FF9B7CA9D	4F1A94D140192E6083AA2964538F517318CC9B7D7A4EB7D5DAF1C3B0BE029EF7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\CnTAjastServiceV2[1].ashx	ASCII text, with no line terminators	95928059DCBAFAF3055CD02F1D7B0B36	BF32FC60842231B4E63891E43AD772688472BF5D	3E511EEA306BEDC9C400D100EE09B59AA0AE2A462A7120D3C021917365A31825
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\RO-SerifWeb-Italic[1].woff	Web Open Font Format, TrueType, length 110541, version 3.0	778E789CD8180DEBD9B4DD5D8B8AE0E3	B79791FF50B98EF46FA606CA2D26D24FFE894AE5	AB448317578C648868C6394CFFE2760264A193E30147C52BD16434BCC214EE5C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\RO-SerifWeb-Regular[1].woff	Web Open Font Format, TrueType, length 97062, version 3.0	5AB4F20384346FD9FF46B662E4196F86	3D8D7B29AC8A997E5138F17ACD7CC24A8497280B	55D2C25ABDD0F5D8BAE058C9E3CF6CAA090A286CB210F47D0D0D123DC77BD96B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\aandacht-voor-elkaar-uitgelicht-lowres[1].jpg	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2020:10:12 23:34:24], baseline, precision 8, 830x553, frames 3	14FEC5888510B5755EA5E388BAFFFF5A	C87F1B6E758A7B482A6DEED9FE4B304552952523	E2167FDDED80D972022A9A22397E9F648ADCA60541CAA2813DAB99B05D4E5C5F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\abonneren[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	33E1CE9EFA75B7843AE6508D08291E66	171EA61A4ECC7CF4F06E0528269B4B0D2932F385	DCD15892D9FE65F39DA6EC45D2766521C0A223CEB6687016D131F77EDC45A8A9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\ankiebroekersknol_1.jpg_1920[1].jpg	[TIFF image data, big-endian, direntries=5, description=Nederland, Den Haag, 12-06-2019.Ankie Broekers-Knol, Staatssecretaris van Justitie en Veilighei, xresolution=190, yresolution=198, resolutionunit=1], baseline, precision 8, 830x553, frames 3	50B05FC1BF5777E91BE8AAE8E405D924	6355BEC4283D1A7B9DE730C11A6A2047D67AF984	480F110A542FDD496515A1B095D825ABC330B94AF3D2A1D4C28DE3A589178709
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\avondklok[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	ABEA088952259A7155681CB08739A4E5	C542FA7C725A2760D250629C7F1B5E1682CCC276	28631F48FB4AD5F9892AB9A3C695D0EB732F060175948356640DA9FA9B5F4557
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\avondklok_hero[1].jpg	[TIFF image data, big-endian, direntries=10, manufacturer=Canon, model=Canon EOS R5, orientation=upper-left, xresolution=154, yresolution=162, resolutionunit=2, software=Adobe Photoshop 22.1 (Macintosh), datetime=2021:01:13 21:03:30], baseline, precision 8, 830x554, frames 3	1E2C742A6289643D06E88E7D7AB508E1	575E3794F376DDE32E63B0EFD2A2DD5796B51339	FE907BFC5ED096F002908D44FA3ECD25E451AB1FEB02E85EDCAF588C9907DB01
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\brexit-uitgelicht[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 315x210, frames 3	C0DC6D76D9C6ED1B82925BBACFAFD7C9	78CAA2AD947FC7144BEF94B5DB0676887F3F2E40	4749B750B99AE3103283435DFEEDEF56D5F6DCFA57058F669E35698237C6A246
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\coronavirus-supermarkt-vakkenvuller[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x320, frames 3	A10C2179DE17DE5CF6023F7B0ED08A34	93428CC1DB3AB76E0CB7C1BBD70D7BC847E26D4A	FE4D5DD125E8EF304CB59DCC22615C0E5B2545887414CA9DABC02CA51D5B47CF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\documenten[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	CD11928F30FB3583BE7A9488FDF015D3	95E7D85D906E89AA93C6162D40037D9CD0339E37	58EEEADDD6E00224087F11936AE6625D697EE02570B4D1379DFE6E94FDA53263
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\formulier-voor-de-avondklok-downloaden-en-meenemen[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	D8E2FDD4FE9BDB696C592D27FA9727BA	CEE4FD2712246563E60CA7179D94CA9A08C1BDA0	6215CF0F5A33ADDD4FAF2FB7C9219BE9919B782789C0B8F5739568DAF1067EA4
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\huwelijken-uitvaarten-feestdagen[1].png	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	5286215F75A785E7541DEDAB95587C7D	ED71EC24F9E2C78385552D0C135F5A389C7F6CA5	443256FB149B078FE76315020D4C4CEB1A63C9BC510CB6E726A22DC853865508
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\icoon-reageerbuis[1].png	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	1213634A486D16E8C356FAC9CA7561F6	AAD69F1067962A1AE4CF1F604D5B5986E036F49E	B78B84462184D5CA319C008DAC17BF54BCB73F4F15AA7396FA07AB08EF6E12BC
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\mondkapjes[1].png	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	858449A94F216796D108896FDC40F4AC	383910F2BD8F3F990AC73FB5D247BEED1829ED13	656A9EA6299679181C33215F76C75AF3A405C3C161FC2BBB95467C0642A8A229
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\onderwerpen[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	8FDFDAB1C629EA64EAC3590E252BA3DB	1D4F87F8571DD82995F88C9370A4EBE8CFB86AFB	976BFE0C46E166A0636292286EF318CB0B5C6B9FEFF3ED165DE63F4F6FEE3A70
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\piwik[1].gif	GIF image data, version 89a, 1 x 1	DF3E567D6F16D040326C7A0EA29A4F41	EA7DF583983133B62712B5E73BFFBCD45CC53736	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\piwik[2].gif	GIF image data, version 89a, 1 x 1	DF3E567D6F16D040326C7A0EA29A4F41	EA7DF583983133B62712B5E73BFFBCD45CC53736	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\piwik[3].gif	GIF image data, version 89a, 1 x 1	DF3E567D6F16D040326C7A0EA29A4F41	EA7DF583983133B62712B5E73BFFBCD45CC53736	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\rop-survey-bar-and-ergo.min[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	DF7403C355C8458E9464E9A7F876D5AB	A38DC318BBDD0144AE968703C30DEAE29C290A09	B2C9229A212EFC384FB30973542CF340CA08ADEC70F8B5E014BABCAF99B0C548
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\sander-dekker-2020-1[1].jpg	[TIFF image data, big-endian, direntries=17, height=4000, bps=0, PhotometricIntepretation=RGB, description=Nederland, Den Haag, 19-08-2020. Sander Dekker, Minister voor Rechtsbescherming van het ministe, manufacturer=SONY, model=ILCE-9, orientation=upper-left, width=6000], baseline, precision 8, 830x553, frames 3	B8A28085C7728FEDCFCE6E12700747BB	0920F21266FB4F3EA7E133E5BF5D1BFCEEC73EE9	EE81F5F7B6BDCE4A3DF9A30FCE37F7933FF55B839904DA6D5FEAB2985BCE509C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\start-vaccinatie[1].jpg	[TIFF image data, little-endian, direntries=12, description=VEGHEL - Pfizer / BioNTech eerste set vaccinaties tegen COVID-19 in de priklocatie in Veghel. S, manufacturer=NIKON CORPORATION, model=NIKON D6, orientation=upper-left, xresolution=187, yresolution=195, resolutionunit=2, software=NIKON D6 Ver.01.11 , datetime=2021:01:06 08:54:15], baseline, precision 8, 830x553, frames 3	C96BA5E9FFA4DAA9296DC1BAE6F67222	9C27F9C049874B343D9867845207FF6CE73961D2	04AF7C41E46D42EE69A5AB76E22C5FC7EB469E601E432E24181E5576017F1CC8
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\5112-zijaanzicht-auto[1].svg	SVG Scalable Vector Graphics image	F20665D544861C8D91D4D17569DA560D	9AB295C54648849D7E161107AF1374BD47EA434A	C9885F8080334DD0DF04AD0C9DAA3890AF47751F1ACCBE0BD417D5653ED63BC0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\6024-ondernemingen[1].svg	SVG Scalable Vector Graphics image	EA28D2416B8730999265BD4A87E3CD74	068042B5BEC57209832183B811B416BE3DEED067	8AF91FA624AF5EA82EC9E9E0478C7B3FECCD843B2677BFD56DCDE73E381F11EA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\7PS93889.htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	A81BDCEA4E78104A788669273D956A00	7145DCCD10C6EB17BFBC02BE3E51F0F1B2E99820	FE0DDE41F42ACB26FB66A3F8EEA25C5FAA1063FF5053AFA25CE9EC3FF753CF3C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\CnTAjastServiceV2[1].ashx	ASCII text, with no line terminators	C6B4B93738E43CB71C2484E5A42DD26C	C38CCE8C77A6FC31BCC0B01DBC4F475149CF85F3	70DE03293E994E51E8707DCFF1A9295F5CE5A124F9C0DF859C43977CE91E4347
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\accordion[1].js	ASCII text, with very long lines, with no line terminators	4D7F89A1DE3F06769A1F64C4214748FA	17C9341209B9DCEFEB9A55D8D5482F0F9F04313E	BE6AC51394D0CD2B31FAB9676D1402496EF626048D1ADD8C0D8CD0B6F5AA684B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\cnt108108108[1].js	UTF-8 Unicode text, with very long lines	FFB4068AFBF9629230748083C299F031	4E0297D24A8510B355657ADFC01606BFDD30118E	DB5E0EA617C05BC660FD85820083FC07A0B6A4EE5B94226D65F2740640989208
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\contact[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	EF540E59744D7CA3C64F87882DD784F9	CFD2AA785788141C9735B4FB9AD990DB586CB964	44E87472A8CFE964EC3DB2A242E33A8F65F93B22CC39A2CEC817432FA695C235
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\corona-in-eenvoudige-taal-lowres[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x320, frames 3	8D39F80190FBFBABB260D7B14C05C650	BF0CA8D6B8DB3B84FC3468D5E86125200D93AC56	B7DD1B70BE0EA91FF736300CEC6F8F55F80048D7689F4B14B0D32FA9C2EE53CF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\coronavirus-covid-19[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	0B33E5006271318199F7EA4FC57E9312	955787D471D07DAEC0ACAD08A0CC866E9A841055	EB47FD640646EB5986A1D05AECC0D9A6018390AE5C842E98E740CDD19BF504D6
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\cultuur-uitgaan-sport[1].png	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	09FF59129DC72C9B2CEE339B19930025	EEA6C815155E3EED28450C8D9A393FC0265924DD	BB3BD443C1F0DB3DB457A3D2818DFC463E5A384FCDECB54075FAA2E176838048
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\forms[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	FA31C45A4991A91652CC2C7BF84B6B8F	082FED512F6A2B5B5587B4FA02CF622BB3443C70	FDE12A3EF014C58BFCDCBB13A5DAA868257D9EABE2B6933DA6B8C672471C8149
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\jv-dv-20181220-id0i0q33x-ondertiteling[1].srt	UTF-8 Unicode (with BOM) text, with CRLF line terminators	332722E51B84D0272EDC2DD335335BB1	23C8579179A1F95E1EFB76DE6C32EF74A3065FDB	B968F7DADA801B99472FEBDA8A9B4ACF3EB139E9C59235408A6330724226F7E5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\logo-fallback-ro[1].svg	SVG Scalable Vector Graphics image	AD7B7F13A1B30C8B4E7BBE17E4B7C6B5	94FDBD8C2928E7508847B4B2E5A41B8A0D802B27	09BF69D29882694FA99C8730B853ECA8E855BBDE4FE62B2DF167D177FDBD7DF1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\logo-ro[1].svg	SVG Scalable Vector Graphics image	F359BF2CF693B32A4FFB2D40384EC675	F2DF78721517F9797ABA0220298153AA506F513B	2B702C5D3DE1D9B2D646741C458C148D8F75CD47D9C15DD4E9EC6ADDEF07874A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\ministerie-van-justitie-en-veiligheid[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	CE8EEB8662B43920BD05AB327D8CDDCD	19D4E92BE31AF2C940493B1EA1DDE0531625D0F4	127AA617BC8398A83D178E139F9C0FA077ABED207377D3BDD2EC296279FE8D09
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\page-feedback-bar[1].css	ASCII text	D6FF9DA6F04AF41AA60A9DABE0CFA89B	47550216ABA2FB8185BF2197C22F005C07B4961C	13405707E0F3CFA9D8F30A1CBBC1ECC040B0B33387914D0618E550C8AC855B21
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\piwik[2].gif	GIF image data, version 89a, 1 x 1	DF3E567D6F16D040326C7A0EA29A4F41	EA7DF583983133B62712B5E73BFFBCD45CC53736	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\piwik[3].gif	GIF image data, version 89a, 1 x 1	DF3E567D6F16D040326C7A0EA29A4F41	EA7DF583983133B62712B5E73BFFBCD45CC53736	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\ro-icons-2.1[1].woff	Web Open Font Format, TrueType, length 5168, version 1.0	34CA51368BDF14CDC485DE2FA5B56FD0	84B4D157138205EEE33F58C44F035FFA1E5E5D8C	9218D8DA614CA0EB2B009FCD75306EBCDDF22FBB9B300BE908AD6F556D55441B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\roze-vlak-homepage-1920x330px-tp[1].png	PNG image data, 1920 x 330, 1-bit colormap, non-interlaced	F6639404A9CCC555FFE795FFB92A1417	74BD8B5BCB7FF9F5D0103F9D9D570542C5BDBDEC	147E7B3BA7F9F56F443700EE5DD6EC05DBF93ADFED94FFC3D3D4BE281E7ACC35
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\thuiswerken_corona_header[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x480, frames 3	6B50088E75CB94BBEA63DC21F163B4A5	2CC74189EB67FC948E0581D7351564552F8AC57A	27E9BFC3959354C7E24031C22E44AB544F3CDDCFDDF1B1C06A883CFD08592D32
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\touch-icon[1].png	PNG image data, 300 x 300, 8-bit colormap, non-interlaced	027BA518208DDF1EECAE028AA010F18D	DA0DF8D34682EE459EF06DF372FAE792B85870D5	5003E83080240861EE63A1436F8A12417EAAAD416843A87B831F04DBEE8C75BC
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\wij-doen-het-zo-uitgelicht[1].jpg	[TIFF image data, little-endian, direntries=13, height=2825, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=5000], baseline, precision 8, 830x553, frames 3	BB442411060615F45860100F4435F477	28F5FBB2F89B55E9488DDC028703F345263DF631	A48958F0DAFA3312232CDA743A2062C0E56D115E8EF7D15D1D554D16F2C09365
C:\Users\user\AppData\Local\Temp\~DF0B159D7C3C5BC625.TMP	data	019D9A4A58F9ADAE85C4790574EB2BDE	6EF73BDAC51FEE9F1FEA225007C3098B88813244	8CF990187D3022CDA9B44241929927349E9B053174BE6E5F1C3723B738E89976
C:\Users\user\AppData\Local\Temp\~DF4B626F40B47736E5.TMP	data	BEB51DBB4D813B88BBBD56A6A96E7A1A	D9B8F4E43BBC0F30671ED77B55EEBD4378D9D3C8	7CD124618B26E90018C6C1CE88433699374B3870D232E05B803A4DB93BF079A8
C:\Users\user\AppData\Local\Temp\~DF6DEB08E07A068F4A.TMP	data	FCB7F30A096DBFA8643F5A0127EB4C89	3DC9C511DCF22AC449C5128134F08F1D9F16253F	9A964E0E121BF95413AB1C47FB34ABBC058EF146581ABD0E4347D57A31E6355D
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\BS5UD2GE3LTGEL7FLKQG.temp	data	C94EF98B4BFD8BD6E74E102C5EB53C8C	B7CADF8D8853300358C535747418B5A0AA79D51C	E9FF326DFC7DE95808C8488FDED5237DC833B8540F0072D3747F0A5B4031A584

ID:	343644
Product:	CloudBasic
Start time:	09:35:30
Start date:	25.01.2021
Cookbook:	browseurl.jbs
System description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Architecture:	WINDOWS

Analysis Report https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance:

Networking:

System Summary:

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Contacted Domains

Contacted URLs