Play interactive tour

Edit tour

Analysis Report https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok

Overview

General Information

Sample URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok
Analysis ID:	343644
Most interesting Screenshot:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

No high impact signatures.

Classification

Startup

System is w10x64

iexplore.exe (PID: 1000 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)

iexplore.exe (PID: 6016 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:1000 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)

cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Compliance:

Uses new MSVCR Dlls

Show sources

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Uses secure TLS version for HTTPS connections

Show sources

Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.5:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.5:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.94.196.189:443 -> 192.168.2.5:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.94.196.189:443 -> 192.168.2.5:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.5:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.5:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.5:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.5:49749 version: TLS 1.2

Networking:

Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: <a href="https://www.facebook.com/MinisterievanJustitieenVeiligheid/" class="facebook"> equals www.facebook.com (Facebook)
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: <a href="https://www.linkedin.com/company/ministerie-van-justitie-en-veiligheid-/" class="linkedin"> equals www.linkedin.com (Linkedin)
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: <a href="https://www.youtube.com/user/MinisterieJustitie" class="youtube"> equals www.youtube.com (Youtube)
Source: onderwerpen[1].htm.2.dr	String found in binary or memory: <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/> equals www.facebook.com (Facebook)
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/> equals www.facebook.com (Facebook)

Source: unknown

DNS traffic detected: queries for: www.rijksoverheid.nl

Source: piwik[1].js.2.dr	String found in binary or memory: http://bestiejs.github.io/json3
Source: ankiebroekersknol_1.jpg_1920[1].jpg.2.dr, sander-dekker-2020-1[1].jpg.2.dr	String found in binary or memory: http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/
Source: piwik[1].js.2.dr	String found in binary or memory: http://kit.mit-license.org
Source: ankiebroekersknol_1.jpg_1920[1].jpg.2.dr, sander-dekker-2020-1[1].jpg.2.dr	String found in binary or memory: http://ns.useplus.org/ldf/xmp/1.0/
Source: contact[1].htm.2.dr	String found in binary or memory: http://wetten.overheid.nl/BWBR0019219
Source: contact[1].htm.2.dr	String found in binary or memory: https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://crisis.nl/nl-alert
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://feeds.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid/nieuws.rss
Source: documenten[1].htm.2.dr	String found in binary or memory: https://feeds.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten.rss
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://feeds.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/nieuws.rss
Source: piwik[1].js.2.dr	String found in binary or memory: https://github.com/piwik/piwik/blob/master/js/piwik.js
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://ind.nl/Paginas/Coronavirus.aspx
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://magazines.rijksoverheid.nl/jenv/jenvmagazine
Source: rop-survey-bar-and-ergo.min[1].js.2.dr	String found in binary or memory: https://onderzoek.platformrijksoverheid.nl/CnTMVC/pub/108108108pre/cnt108108108pre.js
Source: piwik[1].js.2.dr	String found in binary or memory: https://opensource.org/licenses/BSD-3-Clause
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://twitter.com/ministerieJenV
Source: avondklok[1].htm.2.dr	String found in binary or memory: https://we.tl/t-1RCY6GmWbX
Source: contact[1].htm.2.dr	String found in binary or memory: https://wetten.overheid.nl/BWBR0007376/2020-01-01
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.aandachtvoorelkaar.nl/
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.ecdc.europa.eu/en/coronavirus
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.gobiernodireino.nl/
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.gobiernudireino.nl/
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.government.nl
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.government.nl/topics/c/coronavirus-covid-19
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://www.instagram.com/ministeriejenv/
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.kpnteletolk.nl/
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.kvk.nl/coronaloket/
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://www.linkedin.com/company/ministerie-van-justitie-en-veiligheid-/
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.overheid.nl/contact/e-mailgedragslijn-voor-overheden
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/
Source: abonneren[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/abonneren
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/abonneren/ministerie-van-justitie-en-veiligheideren/2021/01/21/formulie
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/abonneren/ministerie-van-justitie-en-veiligheidverheid/iconen/touch-ico
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/abonneren8Abonneren
Source: 7PS93889.htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/actueel/nieuwsbrieven/regeringsnieuws
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/binaries/content/assets/rijksoverheid/iconen/touch-icon.png
Source: coronavirus-covid-19[1].htm.2.dr, onderwerpen[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/contact
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/contact4Contact
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/contactes/ministerie-van-justitie-en-veiligheidrijksoverheid/iconen/tou
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/contactes/ministerie-van-justitie-en-veiligheidverheid/iconen/touch-ico
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/dInformatie
Source: abonneren[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten
Source: formulier-eigen-verklaring-avondklok[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok
Source: formulier-voor-de-avondklok-downloaden-en-meenemen[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloade
Source: formulier-werkgeversverklaring-avondklok[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondk
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/documenten?trefwoord=coronavirus&startdatum=&einddatum=&onderdeel=Alle
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/minister2
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheideren/2021/01/21/formul
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheidlaring-avondklok
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheidpMinisterie
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/nderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formu
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr, ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-c
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-c-justitie-en-veiligheid
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-cRoot
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr, ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok/formulieren/2021/01/21/formu
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklokfAvondklok
Source: documenten[1].htm.2.dr, ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten
Source: ~DF6DEB08E07A068F4A.TMP.1.dr, formulier-werkgeversverklaring-avondklok[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/form
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=2
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=3
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=4
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=5
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=6
Source: documenten[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?sorteren%2Dop=relevantie
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documentenjOnderwerpen
Source: {D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19NCoronavirus
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/overheidscommunicatie/nederlandse-gebarentaal
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen/privacy-en-persoonsgegevens/burgerservicenummer-bsn
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpen6t
Source: ~DF6DEB08E07A068F4A.TMP.1.dr	String found in binary or memory: https://www.rijksoverheid.nl/onderwerpenoronavirus-covid-19/documenten/formulieren/2021/01/21/formul
Source: contact[1].htm.2.dr	String found in binary or memory: https://www.rijksoverheid.nl/over-rijksoverheid-nl
Source: coronavirus-covid-19[1].htm.2.dr	String found in binary or memory: https://www.who.int/emergencies/diseases/novel-coronavirus-2019
Source: ministerie-van-justitie-en-veiligheid[1].htm.2.dr	String found in binary or memory: https://www.youtube.com/user/MinisterieJustitie

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.5:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.5:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.94.196.189:443 -> 192.168.2.5:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.94.196.189:443 -> 192.168.2.5:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.6:443 -> 192.168.2.5:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.5:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.5:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.22.85.97:443 -> 192.168.2.5:49749 version: TLS 1.2

System Summary:

Source: classification engine

Classification label: clean0.win@3/107@5/4

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D740A6F7-5F33-11EB-90E5-ECF4BB570DC9}.dat

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DF4B626F40B47736E5.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: unknown	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:1000 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:1000 CREDAT:17410 /prefetch:2

Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok
Source: C:\Program Files\internet explorer\iexplore.exe	Automated click: Ok

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading1	OS Credential Dumping	File and Directory Discovery1	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection1	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol1	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol2	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok	0%	Virustotal		Browse
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok	0%	Avira URL Cloud	safe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

Source	Detection	Scanner	Label
https://www.kpnteletolk.nl/	0%	Avira URL Cloud	safe
https://crisis.nl/nl-alert	0%	Avira URL Cloud	safe
https://www.gobiernodireino.nl/	0%	Avira URL Cloud	safe
https://we.tl/t-1RCY6GmWbX	0%	Avira URL Cloud	safe
https://www.gobiernudireino.nl/	0%	Avira URL Cloud	safe
http://ns.useplus.org/ldf/xmp/1.0/	0%	URL Reputation	safe
http://ns.useplus.org/ldf/xmp/1.0/	0%	URL Reputation	safe
http://ns.useplus.org/ldf/xmp/1.0/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	0%	URL Reputation	safe
https://www.aandachtvoorelkaar.nl/	0%	Avira URL Cloud	safe
http://bestiejs.github.io/json3	0%	Avira URL Cloud	safe
https://onderzoek.platformrijksoverheid.nl/CnTMVC/pub/108108108pre/cnt108108108pre.js	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
onderzoek.platformrijksoverheid.nl	78.31.116.148	true	false	unknown
www.rovid.nl	178.22.85.97	true	false	unknown
statistiek.rijksoverheid.nl	13.94.196.189	true	false	high
rijksoverheid.nl	178.22.85.6	true	false	high
www.rijksoverheid.nl	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Reputation
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloaden-en-meenemen	false	high
https://www.rijksoverheid.nl/onderwerpen	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondklok	false	high
https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok#content-wrapper	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok	false	high
https://www.rijksoverheid.nl/contact	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19	false	high
https://www.rijksoverheid.nl/	false	high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok	false	high
https://www.rijksoverheid.nl/abonneren	false	high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://www.rijksoverheid.nl/contact	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok	formulier-eigen-verklaring-avondklok[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheideren/2021/01/21/formul	~DF6DEB08E07A068F4A.TMP.1.dr	false		high
https://twitter.com/ministerieJenV	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheidpMinisterie	~DF6DEB08E07A068F4A.TMP.1.dr	false		high
https://www.government.nl	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen6t	~DF6DEB08E07A068F4A.TMP.1.dr	false		high
https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondk	formulier-werkgeversverklaring-avondklok[1].htm.2.dr	false		high
https://www.youtube.com/user/MinisterieJustitie	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/privacy-en-persoonsgegevens/burgerservicenummer-bsn	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/contactes/ministerie-van-justitie-en-veiligheidverheid/iconen/touch-ico	~DF6DEB08E07A068F4A.TMP.1.dr	false		high
https://www.rijksoverheid.nl/binaries/content/assets/rijksoverheid/iconen/touch-icon.png	~DF6DEB08E07A068F4A.TMP.1.dr	false		high
https://feeds.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid/nieuws.rss	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://www.who.int/emergencies/diseases/novel-coronavirus-2019	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/actueel/nieuwsbrieven/regeringsnieuws	7PS93889.htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/form	~DF6DEB08E07A068F4A.TMP.1.dr, formulier-werkgeversverklaring-avondklok[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/abonneren/ministerie-van-justitie-en-veiligheideren/2021/01/21/formulie	~DF6DEB08E07A068F4A.TMP.1.dr	false		high
https://www.kpnteletolk.nl/	contact[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/onderwerpen/overheidscommunicatie/nederlandse-gebarentaal	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpenoronavirus-covid-19/documenten/formulieren/2021/01/21/formul	~DF6DEB08E07A068F4A.TMP.1.dr	false		high
https://opensource.org/licenses/BSD-3-Clause	piwik[1].js.2.dr	false		high
https://crisis.nl/nl-alert	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/contact4Contact	{D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false		high
https://www.rijksoverheid.nl/abonneren	abonneren[1].htm.2.dr	false		high
https://www.gobiernodireino.nl/	coronavirus-covid-19[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/contactes/ministerie-van-justitie-en-veiligheidrijksoverheid/iconen/tou	~DF6DEB08E07A068F4A.TMP.1.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?sorteren%2Dop=relevantie	documenten[1].htm.2.dr	false		high
https://magazines.rijksoverheid.nl/jenv/jenvmagazine	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://we.tl/t-1RCY6GmWbX	avondklok[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/nderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formu	~DF6DEB08E07A068F4A.TMP.1.dr	false		high
https://www.gobiernudireino.nl/	coronavirus-covid-19[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/abonneren8Abonneren	~DF6DEB08E07A068F4A.TMP.1.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-c	{D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten	documenten[1].htm.2.dr, ~DF6DEB08E07A068F4A.TMP.1.dr	false		high
https://www.rijksoverheid.nl/ministeries	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/dInformatie	{D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false		high
https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheidlaring-avondklok	~DF6DEB08E07A068F4A.TMP.1.dr	false		high
https://www.rijksoverheid.nl/over-rijksoverheid-nl	contact[1].htm.2.dr	false		high
https://ind.nl/Paginas/Coronavirus.aspx	coronavirus-covid-19[1].htm.2.dr	false		high
https://feeds.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/nieuws.rss	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.kvk.nl/coronaloket/	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok/formulieren/2021/01/21/formu	~DF6DEB08E07A068F4A.TMP.1.dr	false		high
http://ns.useplus.org/ldf/xmp/1.0/	ankiebroekersknol_1.jpg_1920[1].jpg.2.dr, sander-dekker-2020-1[1].jpg.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=4	documenten[1].htm.2.dr	false		high
http://kit.mit-license.org	piwik[1].js.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=3	documenten[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documentenjOnderwerpen	{D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=6	documenten[1].htm.2.dr	false		high
https://www.linkedin.com/company/ministerie-van-justitie-en-veiligheid-/	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=5	documenten[1].htm.2.dr	false		high
https://wetten.overheid.nl/BWBR0007376/2020-01-01	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloade	formulier-voor-de-avondklok-downloaden-en-meenemen[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok	{D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false		high
https://www.overheid.nl/contact/e-mailgedragslijn-voor-overheden	contact[1].htm.2.dr	false		high
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	ankiebroekersknol_1.jpg_1920[1].jpg.2.dr, sander-dekker-2020-1[1].jpg.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://www.aandachtvoorelkaar.nl/	coronavirus-covid-19[1].htm.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos	coronavirus-covid-19[1].htm.2.dr, onderwerpen[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-cRoot	{D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false		high
https://www.instagram.com/ministeriejenv/	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/documenten	abonneren[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-c-justitie-en-veiligheid	{D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false		high
https://www.rijksoverheid.nl/documenten?trefwoord=coronavirus&startdatum=&einddatum=&onderdeel=Alle	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=2	documenten[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19NCoronavirus	{D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false		high
https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons	contact[1].htm.2.dr	false		high
https://github.com/piwik/piwik/blob/master/js/piwik.js	piwik[1].js.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklokfAvondklok	{D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false		high
https://www.government.nl/topics/c/coronavirus-covid-19	coronavirus-covid-19[1].htm.2.dr	false		high
https://feeds.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten.rss	documenten[1].htm.2.dr	false		high
http://bestiejs.github.io/json3	piwik[1].js.2.dr	false	Avira URL Cloud: safe	unknown
https://www.rijksoverheid.nl/abonneren/ministerie-van-justitie-en-veiligheidverheid/iconen/touch-ico	~DF6DEB08E07A068F4A.TMP.1.dr	false		high
http://wetten.overheid.nl/BWBR0019219	contact[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/	{D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false		high
https://www.ecdc.europa.eu/en/coronavirus	coronavirus-covid-19[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19	{D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr, ~DF6DEB08E07A068F4A.TMP.1.dr	false		high
https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid	ministerie-van-justitie-en-veiligheid[1].htm.2.dr	false		high
https://www.rijksoverheid.nl/ministeries/minister2	{D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr	false		high
https://www.rijksoverheid.nl/onderwerpen	{D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat.1.dr, ~DF6DEB08E07A068F4A.TMP.1.dr	false		high
https://onderzoek.platformrijksoverheid.nl/CnTMVC/pub/108108108pre/cnt108108108pre.js	rop-survey-bar-and-ergo.min[1].js.2.dr	false	Avira URL Cloud: safe	unknown

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
13.94.196.189	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
78.31.116.148	unknown	Netherlands	12859	NL-BITBITBVNL	false
178.22.85.97	unknown	Netherlands	41887	PROLOCATIONTransitpolicypref100NL	false
178.22.85.6	unknown	Netherlands	41887	PROLOCATIONTransitpolicypref100NL	false

General Information

Joe Sandbox Version:	31.0.0 Red Diamond
Analysis ID:	343644
Start date:	25.01.2021
Start time:	09:35:30
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 6m 19s
Hypervisor based Inspection enabled:	false
Report type:	light
Cookbook file name:	browseurl.jbs
Sample URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	21
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@3/107@5/4
Cookbook Comments:	Adjust boot time Enable AMSI Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok#content-wrapper Browsing link: https://www.rijksoverheid.nl/ Browsing link: https://www.rijksoverheid.nl/onderwerpen Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19 Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondklok Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloaden-en-meenemen Browsing link: https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok Browsing link: https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid Browsing link: https://www.rijksoverheid.nl/contact Browsing link: https://www.rijksoverheid.nl/abonneren
Warnings:	Show All Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, BackgroundTransferHost.exe, ielowutil.exe, RuntimeBroker.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, svchost.exe TCP Packets have been reduced to 100 Created / dropped Files have been reduced to 100 Excluded IPs from analysis (whitelisted): 104.83.120.32, 13.64.90.137, 52.255.188.83, 92.122.144.200, 152.199.19.161, 51.104.139.180, 67.27.159.126, 8.248.141.254, 8.248.117.254, 8.248.113.254, 67.27.159.254, 51.103.5.159, 92.122.213.201, 92.122.213.247, 20.54.26.129 Excluded domains from analysis (whitelisted): arc.msn.com.nsatc.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, wns.notify.windows.com.akadns.net, a1449.dscg2.akamai.net, arc.msn.com, e11290.dspg.akamaiedge.net, iecvlist.microsoft.com, go.microsoft.com, emea1.notify.windows.com.akadns.net, audownload.windowsupdate.nsatc.net, watson.telemetry.microsoft.com, auto.au.download.windowsupdate.com.c.footprint.net, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, skypedataprdcolwus17.cloudapp.net, client.wns.windows.com, fs.microsoft.com, ie9comview.vo.msecnd.net, ris-prod.trafficmanager.net, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, ris.api.iris.microsoft.com, skypedataprdcoleus17.cloudapp.net, go.microsoft.com.edgekey.net, blobcollector.events.data.trafficmanager.net, par02p.wns.notify.trafficmanager.net, cs9.wpc.v0cdn.net Report size getting too big, too many NtDeviceIoControlFile calls found.

Simulations

Behavior and APIs

No simulations

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\DURNCK2N\www.rijksoverheid[1].xml Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	26
Entropy (8bit):	2.469670487371862
Encrypted:	false
SSDEEP:	3:D90aK1r0aKb:JFK1rFKb
MD5:	132294CA22370B52822C17DCB5BE3AF6
SHA1:	DD26B82638AD38AD471F7621A9EB79FED448A71C
SHA-256:	451ABBE0AEFC000F49967DABF8D42344D146429F03C8C8D4AE5E33FF9963CF77
SHA-512:	6D5808CAD199A785C82763C68F0AE1F4938C304B46B70529EA26B3D300EF9430AD496C688D95D01588576B3A577001D62245D98137FD5CD825AD62E17D36F15C
Malicious:	false
Reputation:	low
Preview:	<root></root><root></root>

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D740A6F7-5F33-11EB-90E5-ECF4BB570DC9}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	30296
Entropy (8bit):	1.854515304344642
Encrypted:	false
SSDEEP:	192:r/ZQZa2tF9WtfttkftMFMtitJtwpftYcX:rhAZ3U7Mn0vS7
MD5:	FD3B9C20D0F63652D72F89A2F20DFA90
SHA1:	C93DD21E951BE63901972FA05E776B486206FA1B
SHA-256:	AB4338786E8BAE8EBC3B063444A9E27960D34870FDF957B57EB83D779C11F5C9
SHA-512:	DEEDA4B236301ABFBAC4B93631F93D72D797ADC24C11CFB1A062F35B824CEAF517EBB9B4D345B4227C353F0DF7FE9C7C218017CE4135C10D057B0E901EA34714
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D740A6F9-5F33-11EB-90E5-ECF4BB570DC9}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	187246
Entropy (8bit):	2.6902313621149085
Encrypted:	false
SSDEEP:	384:r3P5ZchQsxDGZE+UR+Dda+HR+Ddk+Z++JG+AJeiJG+AM7+acoq9zigG+9wVn0Gy6:EMl5nbr+CnLeUb
MD5:	7042C81D435EF453F70C61E768BE935F
SHA1:	C6F3F8CD600F46ECB92E3B475A735E0287335036
SHA-256:	A8694A3D4ED84904832DFD24C4EA2238A099393820CD5EC6561A79B53530990E
SHA-512:	AD876581B1729431E4658F9958AA51658EADBBAF2B3EEE66B0C6882100DCDEBA83E188D6890B86913DF4AFCCF158037412DF51007E08BE4CC8BA9989506ECF0F
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D740A6FA-5F33-11EB-90E5-ECF4BB570DC9}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	16984
Entropy (8bit):	1.5656761797885241
Encrypted:	false
SSDEEP:	48:IwOhGcprnGwpabhG4pQZGrapbSErGQpKcAG7HpRpsTGIpG:rOXZxQbz65BSEFAcbTp4A
MD5:	A9E2A48A2A54565F9500BE8E6BDF4449
SHA1:	2FE7363714EA0EC33E1F0B70C53860B01B6A7DFB
SHA-256:	FC1BC5B30BA6D5E415530BE830AC22DF9B2CD9B236DE25C63A8F8E5CB561DF8D
SHA-512:	29D466F0974BA23F4F2CAD83761257FA65DCDD50529B0DF0929EAB84E1D8329A62B3E6772097532FE2A1949A4AC11E54372DD0396B0A567C00BAC1EFDAEC8A43
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\dikxvqf\imagestore.dat Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	6058
Entropy (8bit):	7.764436194181163
Encrypted:	false
SSDEEP:	96:zEcU0A/fyOGMqVJfA0ej4fiN2cXLJeoi8eFBIYZoO1Q3wNKg5i8JN:yGpO0ejsA2c7JeLFB1oO1Ag5i8L
MD5:	1DC980E6E0E9B4E8AEC6BBAF31AC884D
SHA1:	A040E9614BF018809142120CBB12D82C096930C5
SHA-256:	BBD2DF446E9F066EA4A6DF89999023346FB356D206CD9B23F9F7E0A077C86C82
SHA-512:	10DC59BDC411FB9628D0E898354751D2A578EB671DD1052B89AB5448A2EA61C977E176F7A5D2D60AADF9C745B2243F6D8D6E2D0CB6F6DBAF62D0673C704E5310
Malicious:	false
Reputation:	low
Preview:	X.h.t.t.p.s.:././.w.w.w...r.i.j.k.s.o.v.e.r.h.e.i.d...n.l./.b.i.n.a.r.i.e.s./.c.o.n.t.e.n.t./.a.s.s.e.t.s./.r.i.j.k.s.o.v.e.r.h.e.i.d./.i.c.o.n.e.n./.t.o.u.c.h.-.i.c.o.n...p.n.g......PNG........IHDR...,...,.....N.~G....tEXtSoftware.Adobe ImageReadyq.e<....iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c021 79.155772, 2014/01/13-19:44:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:6f6c313d-0fc9-43fa-a7e3-6d6a1fb54f66" xmpMM:DocumentID="xmp.did:281C48E103A411E49AE0B91D93329B9D" xmpMM:InstanceID="xmp.iid:281C48E003A411E49AE0B91D93329B9D" xmp:CreatorTool="Adobe Photoshop CC 2014 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:4f9f6108-2bc1-4621

C:\Users\user\AppData\Local\Microsoft\Windows\History\History.IE5\mms\LR8U2KYG\jv-dv-20181220-id0i0q33x-web-hd[1].dat Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	131072
Entropy (8bit):	0.7537989031558725
Encrypted:	false
SSDEEP:	384:SPsMYYm5yojmqjh3n1Sd0qHMpt9H7G2N6m8xWX:zMYx5yA7hXmoT56m8xWX
MD5:	176F10E73F639D7DA6CCD87AE1847924
SHA1:	766A537DBE67F63317FBC35C42810A8439041081
SHA-256:	BF35FC9C64931E1BC07A497EFB0BD31001CF574E81572BD3CCE4F82980392774
SHA-512:	F9ADBCFFDF5E5171119C436F93EB1D93184C0A3758AF9AC11075C809008EC128768294252EF0882202FB1B593BEB180B5ED75213052BA87FB39EB06AB44BD60A
Malicious:	false
Reputation:	low
Preview:	K(z..B.B.....!..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................@......................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\History\History.IE5\mms\LR8U2KYG\jv-dv-20181220-id0i0q33x-web-hd[2].dat Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ISO Media, MP4 v2 [ISO 14496-14]
Category:	dropped
Size (bytes):	2162688
Entropy (8bit):	7.1795987831489905
Encrypted:	false
SSDEEP:	49152:yEGSu74aazSh17UD1hh0IwdMQnplwKdavml0:y94aaq1AZfMpWKdL
MD5:	75FFAB4D0AA79BDEA44F12B768329B5A
SHA1:	DBA2C74B8AC2295A1E6D05763A5B489E17ADFBE1
SHA-256:	A72EA4A316F16D5856E75FCFC89E1F74B5F2B30636F1509E46D7232C192FA8C4
SHA-512:	DABF7700D5B1E9D0142D5C2020DB715CB21015A6ECA3E815FE027883279281D77E513359EB89631116388AE3C871DB08221D747D3D16CD8F00694FF6CEE8B1BD
Malicious:	false
Reputation:	low
Preview:	....ftypmp42....mp42mp41..:Hmoov...lmvhd.....?.'.?.o.._....................................................@..................................dtrak...\tkhd.....?.'.?.'...........................................................@..............$edts....elst.......................mdia... mdhd.....?.'.?.'..a..70........@hdlr........vide.............Mainconcept Video Media Handler...tminf....vmhd...............3hdlr........alis............Alias Data Handler....$dinf....dref............url ........stbl....stsd............avc1.............................H...H.........AVC Coding............................2avcC.M.)....'M.)..`(......00.]...p^..@...(.. ....stts...........!.......\|stss.......[.......3...[...................K...}...............0...b...y...................:...]...................,...;...m...................5...g...o..............."...T...a.......................M.......................-..._...b...................,...Q.......................2...d...................5...g...t.....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\1182-avondklok-negen-uur[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1693
Entropy (8bit):	7.791516404764009
Encrypted:	false
SSDEEP:	24:meQgetVeG6YQ4sW2kAgKHhRICbESGyId85NI3h++b9glS6xEG382SZpzitXwWhlV:8ge7eWdkD75GbdYuhV9gF8JZcamHkc
MD5:	5B33BD6A342E5B6AED99830B3CE50C5A
SHA1:	B537AB2884C24490EE9DA15E24820C281F87AA93
SHA-256:	D3B25D65C0F111896D03D993D966D64E4A9F1FE658372AFF15665D60128F2635
SHA-512:	9E77103BD42745F073EDF42AD85AE12F73EA0F4D23D839AAC0B95076FC14AB1EEFF4ED4D623BBB8FBBA1DB2A9552F6B54E705DBFC954001D4AF4970DB6E262DF
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/1182-avondklok-negen-uur.png
Preview:	.PNG........IHDR...@...@......iq.....pHYs...........~....OIDATx..[1OcG......A..B.:R.D..B.x.R.....h.6.......l!......\|.TG.-.4H !..b...h\|k....ow.3vB>i.....y.3..s.R.o..i...... .d.!3.....d..!a....{.........U......\|&.P..].....1BH..#..H.A..m....y..i.<l2._...9..v.:.0.^..yX.......".1......j........`.._.Ac.MC.m..4.........g!..K.+.H.....+.p. +..E.M.....L..;...!BH/.4.I..R..i4.J.....=......j]O..%.Q.k0w.y......b.g..J.2:...^........e.ch.......`d4!..-....\;).."..M0.q...-.&..aY..+.a.$.8z..X..w..`...q..3...T6....O^.y93.a&...%d\|.x.f.......T.Q......u...+.O.Ph...jW...D...........Ey....?.-........###-....wOOO........<>>6+. ...v..gwJ_.RJD...,.....877.:>>nD...!.R....]..?.j.S.P..g.....I..}$....i..............X__...H....-......(.$....C.ZZZ.D..f7U_[[......!XZZ...[cuu..X,....(...>!....................o.p.x<.k.^y.h.......Q..O.x.]__......q..2..(.Q... ....r.).h.T.k..3...e.0........ggg/......k.0...:...{..nvvVc...........p........!...dm.:%.0...\|....4.rx.^\\h.kc..........\....~.I

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\4012-verpleegkundige[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	2327
Entropy (8bit):	4.729396180383936
Encrypted:	false
SSDEEP:	48:caAiM36b1AoAezQnjrd8IYJbePeqB4+kedSs2k9zGb/fNKzA:azqRtzQnjrd8/CPtBNG7FKc
MD5:	B42DB3B35A2E426756394E16882C81E1
SHA1:	1D52A4BAA182D38BB3AFF9B1EB8ADC5B7E8BC4B4
SHA-256:	0FC0EACDEAC56B932E5F3611C835F4DA227B9C84811D9F695F75A7F4B64D037B
SHA-512:	42AB5B06A5235AFFC660AD87B92A28669B34D1F2646A09CC95FDB33C812B763A576757B9D50C44DA0FA6A4BB8CC0DB6B19B826D4779CFA63F6EBED7E7DBE584F
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/4012-verpleegkundige.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 17.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" id="Layer_1" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="_x36_4px_Boxes">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Production">..<g>...<path d="M51.2886,45.2578c-2.4563-2.5671-9.2193-4.1663-11.0196-5.6074c-0.0018-0.0156-0.004-0.0333-0.0059-0.049 c-0.0965-0.8401-0.235-1.8577-0.3792-2.8415c2.0215,0.2135,5.0197,0.5701,6.9231,1.2385c0.375,0.1318,0.771-0.1191,0.875-0.5381 c1.0144-4.1027,1.8078-8.0523,1.8078-12.2415c0-7.2238-2.6247-14.9078-6.6863-17.7604l0.1899-2.1381 c0.041-0.4497-0.1152-0.8877-0.43-1.2036C41.3973,2.9526,38.4742,1,32,1c-6.4743,0-9.3973,1.9526-10.5659,3.1187 c-0.3123,0.314-0.4685,0.752-0.428,1.1997l0.1944,2.1863c-4.6627,3.6752-7.6941,9.95-7.6

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\4057-basisonderwijs[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	2957
Entropy (8bit):	4.550303428034783
Encrypted:	false
SSDEEP:	48:caAiMo6b1A4znGEk7SDaBWYELLxq7gXxQszUuEEQBQdK5xcCHnXsl3JN6w+jp8lD:azxZk8QVoxUgxQE1/c5ZHXsRJNp+jpSD
MD5:	9C0161D45B85BA29C996863AF1E2F09A
SHA1:	DA1CDA0A636CA079901FBFA06DB104F9239D50FB
SHA-256:	51A09DE42392BD305FF2526EB6689A30EEC1DA2949BCFF22C690C45D553DD875
SHA-512:	073D4F0FF97C484C160F9AEB83B00B2635C86C68DE3B1E5290203EAD6F336A491D1DAB09B908A275E46F07F8046F2999D2092998BA951D6E2437E6ADBF7DAA17
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/4057-basisonderwijs.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 17.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="Box">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<path d="M21.1421,23.2949c-0.1011-0.314-0.4692-1.0186-1.7212-0.9194c-2.7603,0.2246-4.2036,3.4521-4.0234,5.6665 c0.1812,2.2261,1.582,2.1123,2.0474,2.0752c2.7798-0.2266,3.4614-2.4692,3.4678-2.4917c0.0046-0.0159,0.013-0.0294,0.0181-0.0449 c-0.1111-1.4193,0.0381-2.9049,0.2568-4.1711C21.1729,23.3708,21.1536,23.3353,21.1421,23.2949z"/>...<path d="M60,3H4v40h16c0.0209,0.0562-0.0531,0.2623-0.3703,0.3641l-5.4017,1.075L11,63h7l1.7391-10h24.5217L46,63h7 l-3.228-18.5609l-5.4017-1.075C44.0531,43.2623,43.9791,43.0562,44,43h16V3z M17.688,33.1074 c-0.1597,0.0127-0.3

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\4215-afstand-houden[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	2162
Entropy (8bit):	4.8377742015761145
Encrypted:	false
SSDEEP:	48:cWAiMrePL4tiwo1XLO9brj8MJq7lsXLO9brDZukM5qOQILP8Q2zACVGf:KzqM891XLM9XLMp43gr84Gf
MD5:	18AFC3C5B03B5C25E13DB168E0DA222F
SHA1:	76CABC3FD38AB96D005DD1B0FA110BB7DE0EFE8E
SHA-256:	B59703506EAA2623A4F902A643FD300CC226964BEC7B1F4E097A6DBEF30AF93C
SHA-512:	F6FEECFE827A268EDFCAE48DC9EFC64B97EAFEB542612BFE58007CF81E1937180B4D535EA9C08FFA5C312D02991F2360F7A01D253F29ABD535233FDB2A47242C
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/4215-afstand-houden.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 24.0.3, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" style="enable-background:new 0 0 64 64;" version="1.1" viewBox="0 0 64 64" x="0px" xml:space="preserve" y="0px">.<style type="text/css">...st0{fill:none;}...st1{fill:#FF1D25;}...st2{fill:#1D1D1B;}.</style>.<g id="Box">..<rect class="st0" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<path d="M8.5,16.8c2.2,0,3.5-1.6,3.5-3.8c0-2.6-1.3-4-3.5-4C6.2,9,5,10.6,5,13C5,15.4,6.3,16.8,8.5,16.8z"/>...<path d="M12.5,18.6c-2.4-0.6-5.7-0.6-8,0c-4.6,1.1-4.4,8.8-4.4,15.1c0.2,2.2,1.8,2.8,2.8,2.8c0-0.1,0-1.2,0-2.2c0-0.5,0-3.3,0-3.6 c0-2.7,0.5-5.6,0.8-6.6C3.8,23.8,4,23.9,4,23.9v12V54c0,0,3.3,0,3.6-3.7c0,0,0.5-14,0.5-14.1c0-0.2,0.1-0.4,0.4-0.4 s0.4,0.2,0.4,0.4c0,0.2,0.5,14,0.5,14C9.6,54,13,54,13,54V35.8v-12c0,0,0.2-0.1,0.3,0.2c0.3,0.9,0.8,3.8,0.8,6.5 c0,0.5,0,3.4,0,

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\CnTAjastServiceV2[1].ashx Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	64
Entropy (8bit):	4.795009133144316
Encrypted:	false
SSDEEP:	3:Fpk4GiTTqUvZlYf:FHbqUhlI
MD5:	3BCDA0D7F2F2B1EFAB0633194F4BA8C7
SHA1:	E636378389A1CED5AD96F7D5F551F9191D7F0828
SHA-256:	C48C7C5AF9D720089DC3635383C085937A0F3934F242019870001079F5AC98A7
SHA-512:	A215AAD6DEF69CE538E11C28FCE2756E07EE239862F76B15B6DA675F4C4F7E92C9723906FED5FD89976D08725123D5804DEA1EC538743C5F7290C684C67A2F71
Malicious:	false
Reputation:	low
IE Cache URL:	https://onderzoek.platformrijksoverheid.nl/CnTMVC/CnTAjastServiceV2.ashx?ServiceMethod=WriteRequestData&cusId=108108108&prot=https:&domain=www.rijksoverheid.nl&path=/&srch=&title=Informatie%20van%20de%20Rijksoverheid%20%7C%20Rijksoverheid.nl&doc=https%3A//www.rijksoverheid.nl/&SsId=-&r=-&c=24&res=1280x1024&time=34606864&ac=2&cdv=708&csv=20210122-152419&extrainfo1=_pk_id.4.e7da/b4beb525bffa09d5.1611596186.1.1611596206.1611596186.\|\|00057&callbackAjastFunctionName=OX.AJAST.m_callbackFunctions.callback1
Preview:	OX.AJAST.m_callbackFunctions.callback1('367175610_84.17.52.74');

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\CnTAjastServiceV2[2].ashx Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	64
Entropy (8bit):	4.759623781480403
Encrypted:	false
SSDEEP:	3:Fpk4GiTTqUvdlf:FHbqUf
MD5:	8BE2FF879EEA1F9F5DBF5E892CAE6153
SHA1:	2D4531A35A9317B967C3FA484937A05E54103C41
SHA-256:	ED72EEB30892F5B6C4C907FA38427685FBC2D82F0C96F88E53121AFF880F6656
SHA-512:	153FEF822987EE4594E9608FE78B272B3652A0972255F7ACF6683F8895CA5500E86C57BD3A4E7417E30A0DC739EA27EB5FECFD39CF3AE1025C9A8B97208E7A35
Malicious:	false
Reputation:	low
IE Cache URL:	https://onderzoek.platformrijksoverheid.nl/CnTMVC/CnTAjastServiceV2.ashx?ServiceMethod=WriteRequestData&cusId=108108108&prot=https:&domain=www.rijksoverheid.nl&path=/onderwerpen/coronavirus-covid-19&srch=&title=Coronavirus%20COVID-19%20%7C%20Rijksoverheid.nl&doc=https%3A//www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19&SsId=-&r=-&c=24&res=1280x1024&time=34610165&ac=2&cdv=708&csv=20210122-152419&extrainfo1=_pk_id.4.e7da/b4beb525bffa09d5.1611596186.1.1611596210.1611596186.\|\|00057&callbackAjastFunctionName=OX.AJAST.m_callbackFunctions.callback1
Preview:	OX.AJAST.m_callbackFunctions.callback1('367175664_84.17.52.74');

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\CnTAjastServiceV2[3].ashx Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	64
Entropy (8bit):	4.738608500731241
Encrypted:	false
SSDEEP:	3:Fpk4GiTTqUuUFPf:FHbqUuWn
MD5:	1125D1869D7E74177501A857BD6BDFBB
SHA1:	213AFDB24CCE40E4A618E4E5E50BE271106A670F
SHA-256:	BEAD26E323A49C2A162BA139E1EA5A71E37A4A01BBFBF482E701177993B5F549
SHA-512:	9A0476607C46C8C704B7ACCAB2AC118D8E7CA05BB5F731F8028E1909DB0A847EA54BC9A4C239B6ABC8CBDBA7E38BC045041A8B9C09D2922C19279FAEDD9EDDFF
Malicious:	false
Reputation:	low
IE Cache URL:	https://onderzoek.platformrijksoverheid.nl/CnTMVC/CnTAjastServiceV2.ashx?ServiceMethod=WriteRequestData&cusId=108108108&prot=https:&domain=www.rijksoverheid.nl&path=/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondklok&srch=&title=Formulier%20%27Werkgeversverklaring%20avondklok%27%20%7C%20Formulier%20%7C%20Rijksoverheid.nl&doc=https%3A//www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondklok&SsId=-&r=-&c=24&res=1280x1024&time=34612863&ac=2&cdv=708&csv=20210122-152419&extrainfo1=_pk_id.4.e7da/b4beb525bffa09d5.1611596186.1.1611596212.1611596186.\|\|00057&callbackAjastFunctionName=OX.AJAST.m_callbackFunctions.callback1
Preview:	OX.AJAST.m_callbackFunctions.callback1('367175712_84.17.52.74');

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\CnTAjastServiceV2[4].ashx Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	64
Entropy (8bit):	4.758063383509937
Encrypted:	false
SSDEEP:	3:Fpk4GiTTqUuWJf:FHbqUuY
MD5:	51C54EDC2B8379522881DF6FB99B10BB
SHA1:	BEC65F3AFB9E6DD59EAF4A0CB77B0FDB601B18AE
SHA-256:	A64E05B7DE20435B260D538EF5DAE4636786974227629811DBAFC30ED0757352
SHA-512:	CFD0BABD4D096BBC97566C00D5A320D53BC5FB569245183249E9E6D10F5B22E81A638DBDD33BD28C8BD95842869B3379BB27110831266FC35EB0D9F9EBC7BA07
Malicious:	false
Reputation:	low
IE Cache URL:	https://onderzoek.platformrijksoverheid.nl/CnTMVC/CnTAjastServiceV2.ashx?ServiceMethod=WriteRequestData&cusId=108108108&prot=https:&domain=www.rijksoverheid.nl&path=/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloaden-en-meenemen&srch=&title=Instructie%20voor%20formulieren%20avondklok%3A%20downloaden%20en%20meenemen%20%7C%20Publicatie%20%7C%20Rijksoverheid.nl&doc=https%3A//www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloaden-en-meenemen&SsId=-&r=-&c=24&res=1280x1024&time=34614522&ac=2&cdv=708&csv=20210122-152419&extrainfo1=_pk_id.4.e7da/b4beb525bffa09d5.1611596186.1.1611596214.1611596186.\|\|00057&callbackAjastFunctionName=OX.AJAST.m_callbackFunctions.callback1
Preview:	OX.AJAST.m_callbackFunctions.callback1('367175736_84.17.52.74');

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\cnt108108108pre[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	1588
Entropy (8bit):	5.312711930573112
Encrypted:	false
SSDEEP:	24:qQqBJOYHpT+EeGI/xsgnj+kd6UTmom2fE6o2gsgnGgsrmJMENBAeAv0M9UA8:nqBPJNeGIxljdd6AmR2/glGgYRLfv8
MD5:	4BC3E7D220FC4BF15C6A2DB817C6C80D
SHA1:	CB4562FAB68F6A86C065DE28FCC36BE8F51BC961
SHA-256:	5B339DBF9E3D74B66AFA8580CD11ECB07E5F002DF54D3BA3D4A2C70A7E33BF10
SHA-512:	D300084B3A36CD93303BBAB248A783438497B43F021B9956AEE0C60823425157C411F280F783CE7D20D187E6ADB59D5DE6B87BCB849B07F3189157FAC37B079B
Malicious:	false
Reputation:	low
IE Cache URL:	https://onderzoek.platformrijksoverheid.nl/CnTMVC/pub/108108108pre/cnt108108108pre.js
Preview:	//Rijksoverheid.nl 108108108, fileId: 108108108pre, version: 20210122-152753.(function(){if(!sessionStorage){return}var g=window.location.host.indexOf("a-")===0;var f=[];if(g){}else{}var e=function(l){for(var m=0;m<f.length;m++){if(l.indexOf(f[m])!==-1){return true}}return false};var c=function(){var l=sessionStorage.getItem("ErgoCnTSessionSelection");if(!l){l="undetermined"}if("P"==="O"){console.info("CnT PREselectionscript: fetchCurrentSessionSelectionStatus="+l)}return l};var d=function(m,n){var l;if(m!=="include"&&e(n.pathname)){l=1;if("P"==="O"){console.info('CnT PREselectionscript: you are on a special "inclusionSubPath" hence session will be INcluded')}}else{if(m==="undetermined"){switch(n.host.toLowerCase()){case"www.rijksoverheid.nl":l=10;if("P"==="O"){l=3}break;case"a-www.rijksoverheid.nl":l=1;break;default:l=0;break}}else{l=-9}}if("P"==="O"){console.info("CnT PREselectionscript: getSelectionFactor="+l)}return l};var a=function(o,l){var n;if(o===-9){n=l}else{var m=Math.round(

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\core[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	130174
Entropy (8bit):	5.282961614447641
Encrypted:	false
SSDEEP:	1536:xaMJrMdu2VNp1Xtdi6VHGEdLSHxJ4bx60BWSesUhtXQTXu3P58EAhPB+5/Ns1iIK:T0PpZatQTX+aG/C1iXtiy48DUyMbO
MD5:	B4B3996AF6CBB9A1D3F35B9ACD1D6F28
SHA1:	327B6EE197399176142378C61E375B7F1222693B
SHA-256:	A909BBFB230F9E848C59CCAA8E7E95CC2EE4A4CB73F6AE686633C7358991E665
SHA-512:	66D670D7DA5EFE7EA993C384E91FEB3D0C2A89E12116BCE06A9FE7F36125552A4F4A9EB4CC8392007561EE72884F2799BE72037EB6B6560755CAE0501766F750
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/core.js
Preview:	var requirejs,require,define;!function(global,setTimeout){var req,s,head,baseElement,dataMain,src,interactiveScript,currentlyAddingScript,mainScript,subPath,version="2.3.6",commentRegExp=/\/\[\s\S]?\\/\|([^:"'=]\|^)\/\/.$/gm,cjsRequireRegExp=/[^.]\srequire\s$\s["']([^'"\s]+)["']\s$/g,jsSuffixRegExp=/\.js$/,currDirRegExp=/^\.\//,op=Object.prototype,ostring=op.toString,hasOwn=op.hasOwnProperty,isBrowser=!("undefined"==typeof window\|\|"undefined"==typeof navigator\|\|!window.document),isWebWorker=!isBrowser&&"undefined"!=typeof importScripts,readyRegExp=isBrowser&&"PLAYSTATION 3"===navigator.platform?/^complete$/:/^(complete\|loaded)$/,defContextName="_",isOpera="undefined"!=typeof opera&&"[object Opera]"===opera.toString(),contexts={},cfg={},globalDefQueue=[],useInteractive=!1;function commentReplace(e,t){return t\|\|""}function isFunction(e){return"[object Function]"===ostring.call(e)}function isArray(e){return"[object Array]"===ostring.call(e)}function each(e,t){var n;if(e)for(n=0;n<

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\dit-is-jenv[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=15, height=4425, bps=194, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark IV, orientation=upper-left, width=6638], baseline, precision 8, 830x553, frames 3
Category:	downloaded
Size (bytes):	210367
Entropy (8bit):	7.939563435669795
Encrypted:	false
SSDEEP:	3072:mjGRG9w+aqSPilLkYGDpxwKIffUKTPk4Z2xCQMhcQGXp2tEy79991rJxMuY:SvciNQp2KOcKTPkihc5Xp2V9IB
MD5:	321C04D14C4CB2FFD89436D22BBDD867
SHA1:	0BC818E1CA669CC48A5CD035765358C4BECD4F2B
SHA-256:	CBFD7BF6202AE5DED70BAA5F17F93B0CB4BE2DCBFC350E0A05C32BF11697E9E1
SHA-512:	09C69E694A12BAFD8065DA052E59D2294CEC6F2822C0C3E56F8E5BD1F1CC545EC2C37C3C17ADE705E401ACA00728BBCD95B5F0B008B6D9AD55F73933B4B25DAC
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/ministeries/justitie-en-veiligheid/dit-is-jenv.jpg
Preview:	......JFIF.....,.,....1NPhotoshop 3.0.8BIM.......Q..Z...%G.........P..Valerie Kuypers..7..20180814..<..140204+0100.....0:6:0:006816.8BIM.%...........D3.5b)$.>.8BIM.:.....c..............printOutput........ClrSenum....ClrS....RGBC....Nm TEXT.....s.R.G.B. .I.E.C.6.1.9.6.6.-.2...1......Inteenum....Inte....Clrm....MpBlbool.....printSixteenBitbool.....printerNameTEXT.....C.a.n.o.n. .M.G.7.5.0.0. .s.e.r.i.e.s......printProofSetupObjc.....I.n.s.t.e.l.l.e.n. .p.r.o.e.f......proofSetup........Bltnenum....builtinProof....proofCMYK.8BIM.;.....-..............printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o..........Bl doub@o..........BrdTUntF#Rlt............Bld UntF#Rlt............RsltUntF#Pxl@r..........vectorDatabool.....PgPsenum....PgPs....PgPC....LeftUntF#Rlt............Top UntF#Rlt............Scl UntF#Prc@Y..........cropWhenPrintingbool..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\ferdinand-grapperhaus-lg[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=11, description=Ferdinand Grapperhaus, minister van het ministerie van Justitie en veiligheid, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, xresolution=252, yresolution=260, resolutionunit=2, software=Adobe Photoshop CC (Macintosh), datetime=2018:08:22 18:28:09], baseline, precision 8, 829x553, frames 3
Category:	downloaded
Size (bytes):	68075
Entropy (8bit):	7.597225711901583
Encrypted:	false
SSDEEP:	1536:oxbLsjQQsj0dPJSrzDEskLJx77qA9tBXd4G4RFKeWJIVycK:oxbLGQQG0ZJS/oBJUA9t5dr4LKikcK
MD5:	5C3804BB369134CBD388A7AFB5C2F3B6
SHA1:	6F341CACF4808CEA0804A2AC946C2B8687D195F9
SHA-256:	237608EE290FF6A6538702A3CDC0AD7BBE8F6E4884A2F7FD2EBF3C1DAB49393E
SHA-512:	425DE846754BE56B39823CB9165EC1B75F7022C7802545755FA8A8A62E35F3FD3D7E30D6B9F50E1D4AA94F2F2C0E48699AEDCB5C76CBC69A05F4AD12270812E9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/regering/bewindspersonen/kabinet-rutte-iii/ferdinand-grapperhaus/fullsize/ferdinand-grapperhaus-lg.jpg
Preview:	......JFIF.....,.,......Photoshop 3.0.8BIM..........Z...%G............`...P..Arenda Oomen Fotografie..7..20180822..<..095305+0000.....Ferdinand Grapperhaus.....Rijksoverheid.....Rijksoverheid.nl.....bewindspersoon.....minister....%ministerie van Justitie en Veiligheid.....ministeriepagina.....regering..Z..Den Haag..\..Rijnstraat .._..Zuid-Holland..e..Nederland..x.MFerdinand Grapperhaus, minister van het ministerie van Justitie en veiligheid8BIM.%......V.. ....]8..X.'8BIM.:....................printOutput........PstSbool.....Inteenum....Inte....Clrm....printSixteenBitbool.....printerNameTEXT.....S.a.m.s.u.n.g. .S.C.X.-.3.4.0.0. .S.e.r.i.e.s......printProofSetupObjc.....I.n.s.t.e.l.l.e.n. .p.r.o.e.f......proofSetup........Bltnenum....builtinProof....proofCMYK.8BIM.;.....-..............printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\jenv-hero[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=11, description=Deze ministeriefoto is gemaakt voor de ministerie-verzamelpagina op Rijksoverheid.nl. Er is gek, manufacturer=SONY, model=ILCE-7RM3, xresolution=640, yresolution=648, resolutionunit=2, software=Adobe Photoshop Lightroom 6.10 (Windows), datetime=2018:10:04 13:19:56], baseline, precision 8, 1250x313, frames 3
Category:	downloaded
Size (bytes):	96928
Entropy (8bit):	7.733394949107374
Encrypted:	false
SSDEEP:	1536:CsAQnAoarzgLU02yf0yN8w1RQFXgQafVNThzFa/ZgIgdI4BGcZArOy/:HA0Aoyftzw1RqzWNThzY/ZhgdFGAArOy
MD5:	7D60546B655998343C86A1E66E922CE8
SHA1:	AACAFB2E49DC8DFDE2CE094E70754B9B7221FE05
SHA-256:	CE4CD0B6A8B73273022DC30E4FA7FADEA3A9C9E2333BB51EAAE3457247372EF4
SHA-512:	7C78A22D24CE76EA3DDCF005536C8A0D9DE8F6C18D64739305C1A717A4EB676300BD0CE637E15B834A35D4DBCF754AC2D34AF79D1757CBEFD394B5D1444C4F79
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/large/content/gallery/rijksoverheid/content-afbeeldingen/ministeries/series/hero---nieuw/jenv-hero.jpg
Preview:	......JFIF.............HPhotoshop 3.0.8BIM........................8BIM..........Z...%G...................JenV hero.....Beeldcentrum.....RO.....Rijksoverheid.....beeldverhaal.....beleidsthema.....close-up.....handen.....handenconcept.....mantelfotograaf.....ministerie.....ministerie-onderwerpen.....ministerie-verzamelpagina.....ministeriefoto.....missie.....scherptediepte.....themafotografie.....verzamelpagina..7..20180914..<..143710..>..20180914..?..143710..P. John van Helvert: www.johnvanhel..g..C0502.DP1000..t.SCopyright Rijksoverheid - Deze foto is afgekocht voor gebruik door de Rijksoverheid..x..Deze ministeriefoto is gemaakt voor de ministerie-verzamelpagina op Rijksoverheid.nl. Er is gekozen voor een close-up van handen op de voorgrond. In de afgebeelde handeling wordt een herkenbaar onderwerp van het ministerie vertaald, waarin iedereen zich kan identificeren. De onscherpe achtergrond verduidelijkt het beeldverhaal. Alle 12 ministeries zijn volgens deze beeldtaal, het .handenc

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\jquery-ui[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	71193
Entropy (8bit):	5.267457672392886
Encrypted:	false
SSDEEP:	1536:fprE5RIRf4YAcCbGGY64qWRM+R9QvPS/Bc:yRIbL6y/Bc
MD5:	C483FA820462EB192F732892B81CB27B
SHA1:	4B121DA6EDC27E4FB952EA8C117311C5E3B671A7
SHA-256:	FCB8E8101BA83DBAB538F01E4A86A7E3DDDE03A498E8FE5214AFB9785936B29A
SHA-512:	576370446C4DEDEAED9A1D56061A72401D27CA1F11CB6772CB78E79231EB4A949E9756697930A649E67E2EB1BE60BAE1FD0EF9DD8F8A5ABFC7D0480B0C8CE37A
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/jquery-ui.js
Preview:	!function(e){"function"==typeof define&&define.amd?define(["jquery"],e):e(jQuery)}(function(e){e.ui=e.ui\|\|{};e.ui.version="1.12.1";var t,i=0,s=Array.prototype.slice;e.cleanData=(t=e.cleanData,function(i){var s,n,a;for(a=0;null!=(n=i[a]);a++)try{(s=e._data(n,"events"))&&s.remove&&e(n).triggerHandler("remove")}catch(e){}t(i)}),e.widget=function(t,i,s){var n,a,r,o={},l=t.split(".")[0],u=l+"-"+(t=t.split(".")[1]);return s\|\|(s=i,i=e.Widget),e.isArray(s)&&(s=e.extend.apply(null,[{}].concat(s))),e.expr[":"][u.toLowerCase()]=function(t){return!!e.data(t,u)},e[l]=e[l]\|\|{},n=e[l][t],a=e[l][t]=function(e,t){if(!this._createWidget)return new a(e,t);arguments.length&&this._createWidget(e,t)},e.extend(a,n,{version:s.version,_proto:e.extend({},s),_childConstructors:[]}),(r=new i).options=e.widget.extend({},r.options),e.each(s,function(t,s){e.isFunction(s)?o[t]=function(){function e(){return i.prototype[t].apply(this,arguments)}function n(e){return i.prototype[t].apply(this,e)}return function(){var t,

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\justitie-en-veiligheid-hero[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=25, height=6336, bps=0, compression=none, PhotometricIntepretation=RGB, description=Verbeelding van de zachte kant van Veiligheid. Politieagent wijst de weg aan passanten. Deze c, manufacturer=SONY, model=ILCE-7RM4, width=9504], baseline, precision 8, 1250x312, frames 3
Category:	downloaded
Size (bytes):	43014
Entropy (8bit):	7.926150649627987
Encrypted:	false
SSDEEP:	768:dJ8ywdTUwUeLSHvPdnd14D2wN1OYA9kqD+2RpY1CIPNY/4EE4cDwWSpN:dJ8yAUeLSHzWDKvpY1CkEUsjpN
MD5:	8BB6FF03A77AE4E0B1B8C1A732D55015
SHA1:	8CC0053F59045DB3D1CB644E58CE4CB249EDDAD8
SHA-256:	9CE8F5467A1980C29170685E820EB56C1C181E961F843F05C1375964F59E6623
SHA-512:	9F4CC92144CD66C265496C202901A9E04F8F649E1FB466F4EAA8FCD557A96F2314A99F6EE7838DBB7E03AB315D133C4C7E22A6E0C5C9C371D2875A494F523774
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/large/content/gallery/rijksoverheid/content-afbeeldingen/ministeries/series/hero---nieuw/justitie-en-veiligheid-hero.jpg
Preview:	......JFIF.....,.,.....(Exif..MM.*..............% .........................:...............................B...@.........................................................................(...........1...........2...........;................T....i...........0...........2.........@.....................................2...........4....................Verbeelding van de zachte kant van Veiligheid. Politieagent wijst de weg aan passanten. Deze corporate ministeriefoto is gemaakt voor de ministerie-verzamelpagina op Rijksoverheid.nl. Er is gekozen voor een close-up van handen op de voorgrond. In de afgebeelde handeling wordt een herkenbaar onderwerp van het ministerie vertaald, waarin iedereen zich kan identificeren. De onscherpe achtergrond verduidelijkt het beeldverhaal. Alle 12 ministeries zijn volgens deze beeldtaal, het .handenconcept., gefotografeerd en staan per oktober 2018 op Rijksoverheid.nl/ministeries...SONY..ILCE-7RM4....,.......,....Paint.NET v3.5.10.2020:01:09 19:06:22.JO

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\logo-fallback-ro[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	22192
Entropy (8bit):	3.7890730903705303
Encrypted:	false
SSDEEP:	384:DW309mPNYV8wLCIpc8IVN1wVZ9P3TqA1JYSmfwel4MADZtr:e0bBYCPOKjEZAV9
MD5:	AD7B7F13A1B30C8B4E7BBE17E4B7C6B5
SHA1:	94FDBD8C2928E7508847B4B2E5A41B8A0D802B27
SHA-256:	09BF69D29882694FA99C8730B853ECA8E855BBDE4FE62B2DF167D177FDBD7DF1
SHA-512:	C173B5531D3539D5F0A62BC39CBC8725C2C32F7AE352ED0E6FE103305D8F417502FA8DEC3A5BDEDFDA62E5ED8A0BAE57392636CF59DB54AF6D659BA7304B6A8C
Malicious:	false
Reputation:	low
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 21.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" height="69.96px" id="Laag_1" style="enable-background:new 0 0 120 69.96;" version="1.1" viewBox="0 0 120 69.96" width="120px" x="0px" xml:space="preserve" y="0px">.<style type="text/css">...st0{fill:#154273;}...st1{fill:#FFFFFF;}.</style>.<g>..<rect class="st0" height="60" width="40"/>.</g>.<path class="st1" d="M20.72,41.89h-0.7v-1.93h0.7V41.89z M23.86,33.38h-0.7v-1.93h0.7V33.38z M10.97,30.05c-0.05,0-0.41,0-0.41,0.08 c0,0.07,0.17,0.04,0.41,0.08c0.56,0.1,0.78,0.38,1.17,0.38c0.35,0,0.72-0.24,0.58-0.75c-0.02-0.09-0.07-0.07-0.08-0.01 c-0.05,0.23-0.34,0.36-0.63,0.36C11.63,30.18,11.55,30.05,10.97,30.05z M7.14,31.98c0.06,0.08,0.72,0.94-0.29,1.26 c-0.04,0.01-0.06,0.06,0.01,0.09c0.74,0.31,1.11-0.26,1.11-0.26c0.37,0.86-0.2,1.33-0.2,1.33c0.08,0.15,0.44,0.41,0.98,0.53

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\magazine-jenv-5-2019[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop Elements 14.0 (Windows), datetime=2019:03:28 09:31:28], baseline, precision 8, 800x533, frames 3
Category:	downloaded
Size (bytes):	103720
Entropy (8bit):	7.901801355308374
Encrypted:	false
SSDEEP:	1536:bNeRgveRT3LI1R07egFY9wtTUl7YgGU2CykS8e7LRVBjKGlYRog91BIRxDXm1MG:bgRbRTf7egjTU1xGUfyjdaGlYRF1MpG
MD5:	F52BE53C0139499B98E4786413C6C26D
SHA1:	F8F1038BD8427CFB1FEC9B4933CF1682F7E11DBE
SHA-256:	F6756AA631706707EB23C100CEC54FAC2A31A12BFA260AC5A66E1E8D28D5A9E8
SHA-512:	F9FD7282E19A19CB6A01A450F08815ED0670E96671D3C6517D26CCEEABFFAC516BBD081F91516E8F4D92CE97E93B9C68749CD77F9BEFCCEAFECF7F2BE051FC24
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/ministeries/justitie-en-veiligheid/magazine-jenv-5-2019.jpg
Preview:	......JFIF.....H.H....$.Photoshop 3.0.8BIM.%......................8BIM.:....................printOutput........PstSbool.....Inteenum....Inte....Clrm....printSixteenBitbool.....printerNameTEXT..........printProofSetupObjc.....I.n.s.t.e.l.l.e.n. .p.r.o.e.f......proofSetup........Bltnenum....builtinProof....proofCMYK.8BIM.;.....-..............printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o..........Bl doub@o..........BrdTUntF#Rlt............Bld UntF#Rlt............RsltUntF#Pxl@R..........vectorDatabool.....PgPsenum....PgPs....PgPC....LeftUntF#Rlt............Top UntF#Rlt............Scl UntF#Prc@Y..........cropWhenPrintingbool.....cropRectBottomlong........cropRectLeftlong........cropRectRightlong........cropRectToplong.....8BIM.........H.......H......8BIM.&................?...8BIM...........Z8BIM............8BIM..................8BIM'.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\nl-alert-8-juni-2020[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x300, frames 3
Category:	downloaded
Size (bytes):	13696
Entropy (8bit):	7.954820043051657
Encrypted:	false
SSDEEP:	384:1lK02KPmqQV/Tj/e9A3IWFIt0FwE4sPMcNAIqn:i0Dvm/Tq9APIt0FwEAIq
MD5:	C7F750297F53DEAFBF9BF1A88063BF2E
SHA1:	063B03A10C8B87B032F5D6657FE9F52120775568
SHA-256:	0A66153A80CA9D3CB001618FAB6B3DCBDBB4B80EFA7294D97746B8DAE9E37327
SHA-512:	B0BEA8EBD24B0C5CBC1A31C7F9A5F1DBDA477133C338A1E3122C7F98E64494FD9DB27D5E54ED911C32574B4DBF7EA39293E776E627F523189CC228B9C4C196FA
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/home/2020/nl-alert-8-juni-2020.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......,...."........................................Q........................!1..AQ.."aq........2BRT...#6rs.$&3SUb....45Cc.....%7Et.................................2........................!.1.AQa."2qR........3#B.............?.....Y<....H..T......d..V.'d..v@+$[su"...+'...oJ,... .....c..;..4....H.dqG...N.)Z....#.D..4.t.\|.l..B.$%l... ...R..@..;Y....$[;)d........#...9.$..VH.YD.............7K.eH..E+d..G..HK...2@G...;w.D.,...$..H..TP..B....T...Z...4FH..A.v..v....;..!.$.BG4.,...Y.CD...2.!.L...I.02@G4.jv.+Y.......d..#.........h.h....5$..@$..7A....J'U.y.....##....u.\.wH.....$...ae........-.*a.}.KX..u..W.V....)+..."...Q....i..e; #t".&md.RR.....y.G.I. #.JV(!.....$....OR...)..\..!=..,..Y.vA,...:)..d.].....G$.......@^....d..V.K..H.).E.....v..d.5FA.....VE.8.2@.E.....KM....Y..i...$.#.-.?....qFH:.$..$..J8 ..$...D ..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\piwik[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Coronavirus%20COVID-19%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=532607&h=9&m=36&s=49&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19&_id=b4beb525bffa09d5&_idts=1611596186&_idvc=1&_idn=0&_viewts=1611596186&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22jenv%7Cvws%7Cbuza%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%22%5D%2C%223%22%3A%5B%22type%22%2C%22topic%22%5D%2C%224%22%3A%5B%22uuid%22%2C%226b570308-087a-42ab-8d2b-a14b8912363f%22%5D%7D&gt_ms=4&t_us=35&t_ue=35&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=28&t_as=30&t_ae=32&t_dl=30&t_di=265&t_ls=265&t_le=265&t_dc=278&t_ee=303&pv_id=0iHK6x
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\piwik[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	66210
Entropy (8bit):	5.522089969385018
Encrypted:	false
SSDEEP:	1536:6s2uk/Ovn/tdg5NmaVymLj0JfUEQUc2GonbvKfPbTITrVT:C/G/ZWQJt
MD5:	2D695BE38B0A0F20485064FEE4A6A42A
SHA1:	5EACD0F917E94C902A1557D7F0BA30B3B162CF0A
SHA-256:	DD499FF55F3C2A7BCEF3F0F9A43F93CC4CBC00C74EB7A3684AE10C23748C6D66
SHA-512:	7EFCF3F465722C03445FFF717D3D546E9AE2E8B7D0ABBF3DA0C90FCF8E21985EE288FC6F2AAED7A0003EF9BBCBFBC94C51536E3021FD72288D24F7835B8790D1
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.js
Preview:	/!!. JavaScript tracking client. . @source https://github.com/piwik/piwik/blob/master/js/piwik.js. * @license https://opensource.org/licenses/BSD-3-Clause BSD-3 Clause (also in js/LICENSE.txt). * @license magnet:?xt=urn:btih:c80d50af7d3db9be66a4d0a86db0286e4fd33292&dn=bsd-3-clause.txt BSD-3-Clause. /.if(typeof JSON_PIWIK!=="object"&&typeof window.JSON==="object"&&window.JSON.stringify&&window.JSON.parse){JSON_PIWIK=window.JSON}else{(function(){var a={};./!! JSON v3.3.2 \| http://bestiejs.github.io/json3 \| Copyright 2012-2014, Kit Cambridge \| http://kit.mit-license.org */.(function(){var c=typeof define==="function"&&define.amd;var e={"function":true,object:true};var h=e[typeof a]&&a&&!a.nodeType&&a;var i=e[typeof window]&&window\|\|this,b=h&&e[typeof module]&&module&&!module.nodeType&&typeof global=="object"&&global;if(b&&(b.global===b\|\|b.window===b\|\|b.self===b)){i=b}function j(ab,V){ab\|\|(ab=i.Object());V\|\|(V=i.Object());var K=ab.Number\|\|i.Number,R=ab.String\|\|i.String,x=ab.Object\|

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\piwik[2].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Onderwerpen%20%7C%20Coronavirus%20COVID-19%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=443821&h=9&m=36&s=50&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19%2Fdocumenten&_id=b4beb525bffa09d5&_idts=1611596186&_idvc=1&_idn=0&_viewts=1611596186&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%22%5D%2C%223%22%3A%5B%22type%22%2C%22-%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22-%22%5D%7D&gt_ms=4&t_us=35&t_ue=35&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=27&t_as=29&t_ae=31&t_dl=29&t_di=209&t_ls=209&t_le=209&t_dc=224&t_ee=257&pv_id=AGSdXL
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\piwik[3].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Avondklok%20%7C%20Coronavirus%20COVID-19%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=811070&h=9&m=36&s=55&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19%2Favondklok&_id=b4beb525bffa09d5&_idts=1611596186&_idvc=1&_idn=0&_viewts=1611596186&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22jenv%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%22%5D%2C%223%22%3A%5B%22type%22%2C%22webpageextended%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22dd179a04-39ee-4706-8418-6fc32969309e%22%5D%7D&gt_ms=3&t_us=36&t_ue=37&t_fs=3&t_ds=3&t_cs=3&t_ce=3&t_qs=29&t_as=31&t_ae=32&t_dl=31&t_di=409&t_ls=409&t_le=410&t_dc=424&t_ee=440&pv_id=eh0bUZ
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\responsive[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	288040
Entropy (8bit):	5.167373482119021
Encrypted:	false
SSDEEP:	1536:+gk5LbaAXDpaPEUrCEeWo+ffeXKsGA+rxr+D9awQLwrFqeNyvZ4Q/5fd42tUb+9e:PkYe4/5fgN3Oe
MD5:	B8E6120181CE51C76168A9AB8EDBCC5D
SHA1:	936C17A3205EE8E716E8056ED6083B0DC911B3DD
SHA-256:	AB9BF9A250E7C34001D8374540698D65830EF013686F2A372120834204A57C13
SHA-512:	7DE54779B217BAD7BE44166256CC4C5545F5B552BD8F3B28B0A650C0A4866F00E8EE8CA1EF43E843B279A147805B27E1E8DFCB7F851B2DF8BF4C8790090DAD17
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/responsive.css
Preview:	html{-webkit-text-size-adjust:100%;line-height:1.15}body{margin:0}main{display:block}h1{margin:.67em 0;font-size:2em}hr{overflow:visible;-webkit-box-sizing:content-box;box-sizing:content-box;height:0}pre{font-family:monospace, monospace;font-size:1em}a{background-color:transparent}abbr[title]{text-decoration:underline;-webkit-text-decoration:underline dotted;text-decoration:underline dotted;border-bottom:none}b,strong{font-weight:bolder}code,kbd,samp{font-family:monospace, monospace;font-size:1em}small{font-size:80%}sub,sup{position:relative;vertical-align:baseline;font-size:75%;line-height:0}sub{bottom:-.25em}sup{top:-.5em}img{border-style:none}button,input,optgroup,select,textarea{margin:0;font-family:inherit;font-size:100%;line-height:1.15}button,input{overflow:visible}button,select{text-transform:none}button,[type='button'],[type='reset'],[type='submit']{-webkit-appearance:button}button::-moz-focus-inner,[type='button']::-moz-focus-inner,[type='reset']::-moz-focus-inner,[type='subm

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\roze-vlak-homepage-1920x330px-tp[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 1250 x 215, 1-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	321
Entropy (8bit):	5.289622470502654
Encrypted:	false
SSDEEP:	6:6v/lhPKtUyKmv8BRmhWS2f2zgN4VQIMBeDgK4KEMwoQIMBeDglp:6v/7ytUUml92zS4VQIjDgWEMwoQIjDgL
MD5:	F8DBB2D68641518DC3996E618D77E24E
SHA1:	74519AD8C86A2E1D5FA16B4B5DAB47F0AFAEF341
SHA-256:	5323637FCF2CCCE316BDE2693B2670C9C97C626C4DF99D390338EF10631E89DF
SHA-512:	50289050FB74DA895127CFB12E4537986669F7CC567CFEBE19D2DB2DF34BDD363EF1A9BD95EA742374B494F405171E661CC047737885FC167140F4A82FA7C892
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/large/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/lowres-fotos/roze-vlak-homepage-1920x330px-tp.png
Preview:	.PNG........IHDR...............l.....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....PLTE..]...A=......bKGD...-.....tIME.......o.....8IDATx..........Om.7........................................v..2...%tEXtdate:create.2020-05-14T06:29:26+00:00D......%tEXtdate:modify.2020-05-14T06:29:26+00:005.......IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\topic-list[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	401
Entropy (8bit):	4.765987664274307
Encrypted:	false
SSDEEP:	12:IMI7ee3nlN/H8YVEpASSX4aGhFGDNNh3/NwEHmB:jI6efH8+SSXrGhFGDNNhvNwEGB
MD5:	EDFB27E99A504C23313634109CFB11D3
SHA1:	8970A15766E8024C7B98F3A779B896DFDCA4DC81
SHA-256:	5EA7D64E8CB171BB7A1C9B8D3F09C1E63E0E4B8985411A2F8EAB053967115F42
SHA-512:	ABAAD0A971A087A6D1B98F5606E310AA7A118B776E163976563D07F249890D1068696321E8EABAF805F135FE0159BEA943E8E68AD7E9D4BB49F1FD59D94CF9A7
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/topic-list.js
Preview:	$.fn.collapsibleList=function(){$(this).hasClass("alphabetical")\|\|$(this).find("h3 a").on("click",function(e){if("mobile"===Core.viewport\|\|"phablet"===Core.viewport){e.preventDefault();var a=$(this),l=$(this).parent("h3").next("ul");a.hasClass("panelOpen")?(a.removeClass("panelOpen"),l.removeClass("panelOpen")):(a.addClass("panelOpen"),l.addClass("panelOpen"))}})},$(".topicList").collapsibleList();

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\winkelen[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	892
Entropy (8bit):	7.611518875104057
Encrypted:	false
SSDEEP:	24:/iUpNyj9QzJK8ana1o7Rb3KuJr2AKsbRvhHi6N:/NpNa92K8anGoFbxr2FsbbJ
MD5:	600D63170E55B075CC13F951EFB783B4
SHA1:	7BFD3DA4F19D6FD8DDA200D294E538A301310E98
SHA-256:	71D7504ED749C805B89940680BAC309D135314F99EB4B6AF6CC1A84A20DF251F
SHA-512:	5332A568F14C4EED5B064D627A91BD6F1DCDCCC693D2C369DDC755675B5C7FCC6F342587E69674E649E0B27F193434EE66BE4E19207C582C491FD693A1B96CD0
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/winkelen.png
Preview:	.PNG........IHDR...@...@......iq.....sBIT....\|.d.....pHYs.........B(.x....tEXtSoftware.www.inkscape.org..<.....IDATx..kTA....Q.~.#H4Zja!...ZD,.{..Am...l..D..)...F-Lc.....LT.FcL.f-f.wgg..g..q>8..{f...sf.H$..D..g.Q.n..........gm.8.+@..,\|..>...0...$..Y.:V...~.A..p...l..e\|..@.e...8..?j4..!....j...:v.;..+j.m...4l.s6NR......7.3.9..t2.W..sb3"..v.O....u......F`...........~...Y.(.@.B..A.E..\|0..b.>`m.z.u~.e...O..o....\..3{............GP.I..h-.o,....U..!.1......(....;...?Y;a...#.....v+<..Y..W....o.6e.....Z.k..,....`...1w....U.X.3 ....`..Y..v...J.I.W.U..G}.!...8.<A=..].k4....Y`.q..{.7.f........p.g.:7=$Q....q...xi.....p. S4'?F.&.).+.}.......f.^Gu..."#...{....J.i."5..j.\|o.....Q.$....!g.u....).W.E...$.._"X_6.9W#...%..a..$..L....]..j=Y..#\|9..\A.M.1........l..q.1..;...;.^..0...m...).D....QW...[.n...:.{.....f'jE..8....}.m...P.$..D".?....B.W.J....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\0045-filmend-persoon[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1813
Entropy (8bit):	4.758908553620278
Encrypted:	false
SSDEEP:	48:cWAiMrec2XwDOKq8fOpISN2OoHY/Tbpgo/QU/Lg:yzqT8OKROuSZx7bfPLg
MD5:	ADA6F8259DFBDC4F2C3384CBF5FA9F41
SHA1:	9A02987B5CFAF546B4177760EBE8BC69F5DF2387
SHA-256:	0A29197E777D924A283A905AFD791B230677FB373C61048F205BB59B99F8F7C9
SHA-512:	E73168042CA116A65E90B1723BF3BCBA3325BAEE3E14179849EE1DC6B907D3F6E06EE55E26CE99D41E1989F269AEC17A69EAAE30988F9AE1AAAC30A2C97B05CB
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/0045-filmend-persoon.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 23.1.1, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" style="enable-background:new 0 0 64 64;" version="1.1" viewBox="0 0 64 64" x="0px" xml:space="preserve" y="0px">.<style type="text/css">...st0{fill:none;}.</style>.<g id="Box">..<rect class="st0" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<path d="M31,27v8c0,1.1,0.9,2,2,2h13c1.1,0,2-0.9,2-2v-8c0-1.1-0.9-2-2-2H33C31.9,25,31,25.9,31,27z"/>...<path d="M52.6,44.1c-2-2.2-7.4-4.1-10.5-5.1h-3.8c0.1,0.5,0.1,1,0.1,1.3c0.3,3.5-3.6,7.3-6,9.1c-1.5-1.1-3.7-3-5-5.2 c0.3-0.7,0.5-1.4,0.6-2.2H28c1.1,0,2-0.9,2-2V27c0-2.1-1.3-3.9-3.2-4.6c0.3-0.8,0.4-1.5,0.3-2.3c-0.3-1.4-1.1-1.9-1.6-2.2 c-0.6-0.3-1.1-0.2-1.5-0.2v-1.5c2.1-0.2,6.2-0.8,10.8-3.1l5.2,3.5V23c0,0,0.8,0.1,1-0.8c0-0.2,0.1-0.7,0.3-1.3 c0.2-0.1,0.6-0.3,1-0.1c0.5,0.2,0.8,0.9,0.8,2.2H46c0-0.7,0-2.7-1.2-4c0.3

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\2053-fysiek-archief[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	951
Entropy (8bit):	5.341000860458318
Encrypted:	false
SSDEEP:	24:2dNqAiELZK60yVJdRb60yGTlRI0rcxYC9wTRlQRnuM:cQAiMo6b5AkI0rqY1Twz
MD5:	BE191DC76C0A41A12DA0D879438589A9
SHA1:	D978E790431C96D097A869049F843010D4B9CC32
SHA-256:	794940C33E8EB7F6917EF41F1A659D5CA57BB8738D6D460045C099600E258245
SHA-512:	7003DD4DFCE3709F4D769A236A7E44FF521E6FAD4710A1CF7594CCA55A8CB9E065A5462CB86671265913E012F800729F107058C954F054704320D344BB0C8494
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/2053-fysiek-archief.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 19.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="_x36_4px_Box">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<path d="M7,23v33c0,0.5523,0.4477,1,1,1h48c0.5523,0,1-0.4477,1-1V23c0-0.5523-0.4477-1-1-1H8C7.4477,22,7,22.4477,7,23z M25,30 h14v7H25V30z M42,50.5c0,0.8286-0.6719,1.5-1.5,1.5h-17c-0.8281,0-1.5-0.6714-1.5-1.5V47c0-0.8286,0.6719-1.5,1.5-1.5 S25,46.1714,25,47v2h14v-2c0-0.8286,0.6719-1.5,1.5-1.5S42,46.1714,42,47V50.5z"/>...<path d="M51,16H13c-0.5523,0-1,0.4477-1,1v3h40v-3C52,16.4477,51.5523,16,51,16z"/>...<path d="M46,10H18c-0.5523,0-1,0.4477-1,1v3h30v-3C47,10.4477,46.5523,10,46,10z"/>..</g>.</g>.</svg>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\4015-inenting[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1512
Entropy (8bit):	4.968050802321593
Encrypted:	false
SSDEEP:	24:2dNgAiELZK60yVJhRb60yG2Rb60yJOS6XRkO1YIY+YwyAusOE2faJJ7b7EO+:caAiMo6b1ATAT6BZ1ZYwg3aznEB
MD5:	7D54C1B9D88D788B4A45AB48CDF6E9CD
SHA1:	E034DA6D9EB3E37775EC656977CA770711071987
SHA-256:	7560D80CBF9B343DA9CFDB139C66A1E89692D8B9AF15F370317006264B4A4F09
SHA-512:	F31CB3517035653A917E2C9061EFB57D6440E8D6F25B2C055F25DAD282CD7854033C3DCBDEC69B140298D76F8C97B068AACC1CCCE72BD5073083BF8D44C6C348
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/4015-inenting.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 17.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="_x36_4px_Boxes">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Production">..<rect fill="none" height="64" width="64"/>..<path d="M58.3401,14.824c-1.4142-1.4142-7.7499-7.7499-9.1641-9.1641c-1.4991-1.4991-3.6987,0.4681-2.7267,2.2176 c1.1313,2.0365,1.7395,2.984,1.7395,2.984l-5.1636,5.1636c0,0,0.8781,1.7491,2.3942,4.8136 c0.1477,0.2986-0.0263,0.4092-0.0808,0.4342c0,0-8.1265-8.1253-9.8512-9.85c-1.1591-1.1577-3.4915,0.6255-2.4703,2.4323 c0.9985,1.7666,2.4159,4.1052,2.4159,4.1052L18.3721,35.0213c-0.5584,0.5584-0.939,1.2696-1.0939,2.0439l-1.7905,9.3717L5.2795,57 h3.4393l8.8336-8.4854l9.4-1.7709c0.7783-0.1536,1.4932-0.5352,2.0

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\CnTAjastServiceV2[1].ashx Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	64
Entropy (8bit):	4.814464015923011
Encrypted:	false
SSDEEP:	3:Fpk4GiTTqUqV6+f:FHbqUqVd
MD5:	0AABCE962BCEC5BB627CC360725F7B92
SHA1:	884FB3BC6C974CBF85C8C134BE2C0C343CCE4580
SHA-256:	74F05654867770D1B7C542E5D7DF833A2A430FF89FDDB34DBEAF8AD4C4F5F9E4
SHA-512:	7A454F87DA0A7D3DD13048E0FE7CA012D362658FF77605BEB0368FB728A0143AD78B2C4FCD4F467659EB18E32C109E5B4C6CAF3AE985ED98DED62F4837D42C7A
Malicious:	false
Reputation:	low
IE Cache URL:	https://onderzoek.platformrijksoverheid.nl/CnTMVC/CnTAjastServiceV2.ashx?ServiceMethod=WriteRequestData&cusId=108108108&prot=https:&domain=www.rijksoverheid.nl&path=/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok&srch=&title=Formulier%20%27Eigen%20verklaring%20avondklok%27%20%7C%20Formulier%20%7C%20Rijksoverheid.nl&doc=https%3A//www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok&SsId=-&r=-&c=24&res=1280x1024&time=34586747&ac=2&cdv=708&csv=20210122-152419&extrainfo1=_pk_id.4.e7da/b4beb525bffa09d5.1611596186.1.1611596186.1611596186.\|\|00057&callbackAjastFunctionName=OX.AJAST.m_callbackFunctions.callback1
Preview:	OX.AJAST.m_callbackFunctions.callback1('367175306_84.17.52.74');

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\CnTAjastServiceV2[2].ashx Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	64
Entropy (8bit):	4.759623781480403
Encrypted:	false
SSDEEP:	3:Fpk4GiTTqUv12mPf:FHbqU3n
MD5:	753521357B2C5E6CC2358F8A85C56695
SHA1:	75AB39C145127BC1CFF0FB22BAF994AB91B857FA
SHA-256:	A0C90E901D1F969C5459CD25FEE13CDF50704EB38640FAEB1E6410184FCC613B
SHA-512:	701D748FAC4680EFD4D0FF43BB19D7852A3F0813BDAD4A715B0CF175240DEDFDA8F6A3C550E00A6F78BBBEE46D26CE4E27435B926B9077E0CA6310C1C902B56F
Malicious:	false
Reputation:	low
IE Cache URL:	https://onderzoek.platformrijksoverheid.nl/CnTMVC/CnTAjastServiceV2.ashx?ServiceMethod=WriteRequestData&cusId=108108108&prot=https:&domain=www.rijksoverheid.nl&path=/onderwerpen&srch=&title=Onderwerpen%20%7C%20Rijksoverheid.nl&doc=https%3A//www.rijksoverheid.nl/onderwerpen&SsId=-&r=-&c=24&res=1280x1024&time=34608856&ac=2&cdv=708&csv=20210122-152419&extrainfo1=_pk_id.4.e7da/b4beb525bffa09d5.1611596186.1.1611596208.1611596186.\|\|00057&callbackAjastFunctionName=OX.AJAST.m_callbackFunctions.callback1
Preview:	OX.AJAST.m_callbackFunctions.callback1('367175646_84.17.52.74');

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\CnTAjastServiceV2[3].ashx Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	64
Entropy (8bit):	4.726813383509937
Encrypted:	false
SSDEEP:	3:Fpk4GiTTqUuQFRof:FHbqUu4y
MD5:	3FBE264EBFA6BE214E6BD17535F1596F
SHA1:	7F090D8B71532CCE59D91649EF1E0C22EB990BFD
SHA-256:	091C95413058A8FE2E676765EA3C2DDA6193F63B15C21C7B668339E56A4D2EF2
SHA-512:	B867055F63C738A0DE452D0A1CB1927DC73A9C710A80E2FD2F8259196212E4B950917F9B2BEB05497A137562669865FA1917010BAD6F3140BC15EBE9F47220B9
Malicious:	false
Reputation:	low
IE Cache URL:	https://onderzoek.platformrijksoverheid.nl/CnTMVC/CnTAjastServiceV2.ashx?ServiceMethod=WriteRequestData&cusId=108108108&prot=https:&domain=www.rijksoverheid.nl&path=/onderwerpen/coronavirus-covid-19/avondklok&srch=&title=Avondklok%20%7C%20Coronavirus%20COVID-19%20%7C%20Rijksoverheid.nl&doc=https%3A//www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok&SsId=-&r=-&c=24&res=1280x1024&time=34615836&ac=2&cdv=708&csv=20210122-152419&extrainfo1=_pk_id.4.e7da/b4beb525bffa09d5.1611596186.1.1611596215.1611596186.\|\|00057&callbackAjastFunctionName=OX.AJAST.m_callbackFunctions.callback1
Preview:	OX.AJAST.m_callbackFunctions.callback1('367175755_84.17.52.74');

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\RO-SansWebText-Bold[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 69459, version 3.0
Category:	downloaded
Size (bytes):	69459
Entropy (8bit):	7.99422923390301
Encrypted:	true
SSDEEP:	1536:c7ZxGkqx3inyQgE1GmYcCt8/wttSZgYsQQyqVsEj25JT4:c7ZxGKVN1ZCG+tagYPQnq5JT4
MD5:	18CBF1D7B4B8721E4E0C33736DEFD62C
SHA1:	E77FF7F1EEBB16085DF92AECF4A03F588070B83B
SHA-256:	5EADEE8E101C2140E44D6F6EF241D504459022F7504F48CBA4960CB29FAAF169
SHA-512:	3C628847F51CF86FC9867B61E8158657C5EF610ECAAAED5F03A15CA1E0B6A3229550F55DA510DFB5040BE06C3F5B1852D3EE4EA19C3013C15430B9BB3AFFB0E9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/webfonts/RO-SansWebText-Bold.woff
Preview:	wOFF.......S.......\.......4................GPOS...,...u.....c.sGSUB............Y.Z.LTSH...$.........f.OS/2...$...U...`lwYlVDMX.......r.....6.cmap...........FG...cvt ..#8.........x.%fpgm.. ........a.5..gasp.............t..glyf..'.............hdmx...L......'h._[Yhead.......6...6.%0Ohhea.......!...$.J.ehmtx...\|........A.FFloca..#....B...B%...maxp....... ... ....name...........:..p.post.......o...a.!prep..!....b...s.............G.h_.<..........H@........8.....{............x.c`d``n.....e.....,=.@.d......................Z...............(....x.c`fbd....................5.....,LLlL.@9v&..ps..`P`P.........Q.(<.$...i..R``...n.....x..MHTQ....9..1...J.L...1......RL3...D`. jcn3ZD.... pa.jQ.h."!...e.2.EH.....yc3...q.....9...K......(.K'.5...&...{....(.e.d?I.>..EZ.e..'..R...o.y.#y...b.9....ex......`L.`_.A.3.DW..Qd&..](...."....0...'8v..u\|.&.l..vr...P>....@m..$....uW.9.....U..m.3.....1..%Z....1~w...b.uH...........r...e....a[:.!./...<L6......STe..R....&.s...9.l=..5=..0U.s.9.=

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\RO-SansWebText-Italic[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 84048, version 3.0
Category:	downloaded
Size (bytes):	84048
Entropy (8bit):	7.995478375858005
Encrypted:	true
SSDEEP:	1536:4/93H1VfWO5nYBpdMc0ML4f/A/3KGu5HyjA1N7g0G+CHtrQYL7o0tbx5X3qfKrC6:IX1BNakcluwaGAwSg+GQg7/bjX3qgnLd
MD5:	BABCD7959F5E9EDD7020CB70B1398787
SHA1:	B7B69D2A371F77CB1785F45AD57C4624469670FA
SHA-256:	1021BA98155F7A0FBC239EDAC80FBCD2B85FB1FA1B7CB7AD3E949DF15A71F44F
SHA-512:	C0211A0A6DBF5039E7276CEE0CCD8CBC1CF8AB567D78807146573EABD0109B2D3EFF194EC90A2E85413C71EE9098889F752D10BFFEC122DD37AA7A0472F77A75
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/webfonts/RO-SansWebText-Italic.woff
Preview:	wOFF......HP......h.......E0... ............GPOS..A..........j..GSUB..D.........Y.Z.LTSH...T..........O.OS/2...$...X...`kPV/VDMX.......}.......Qcmap............>...cvt .." ...y.......qfpgm...........a.5..gasp..A..........{..glyf..%........u.u.hdmx.......P..%..m.head.......6...6..0ehhea.......#...$.w..hmtx...\|..........I.loca.."....B...B.5..maxp....... ... ...Xname..5..........PJpost..;....j...a...prep.. ....\...9...1.........$D._.<..........H@........P...J.t............x.c`d``n..........]./.....H.q.................@...............h....x.c`f<.8.......)..O.o.. ...`....fefab.ebf```gb@.7. ..F...L..........Ar./.&.).......5x..KHTQ....w....(..f$......G.5.).,.(!h.!C...\..$....D!....2.I>.Z..jU....n.s....,~\|.....W..0H...7......t9..M^..1...`..N.Y..r).\.......Q...y$}K.9..k...w.@...R....D.x....PM.a....4..=..2..%6....@./..$+W.U.$.-]......Q.~...d.e.y....c.v...0..5.!...0eq.q-m....O.\|.D.<.....yq:...B..W2.Tk.N......3....~......T.#M.#3.\.9_2.C...t.w..U...1....Y.#M.A.X..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\RO-SansWebText-Regular[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 76457, version 3.0
Category:	downloaded
Size (bytes):	76457
Entropy (8bit):	7.994328709295107
Encrypted:	true
SSDEEP:	1536:5B1qSVnSb4z7VbLu2cg6z3PjdemPvA8bDJNXtWU5eFOoozfv:5B5n14PjImPvA8bDTXtWU5Lb
MD5:	146A58DAF1C3F79A11ED75127D8504AB
SHA1:	2907352928CFCEF0220809359084202C364D6473
SHA-256:	DC492A95CCBB713B1B05DB6E575C9E7F113D23E471E51B16A865832C2D16AB92
SHA-512:	C0ED081BEE1D664039C239AC2A323F9B97FF3B7658D1419416B13475852A16A5A6DFDB477DC3A0312D27B6D9743DE90F66B4A9987A8F5A976511BC310C57E743
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/webfonts/RO-SansWebText-Regular.woff
Preview:	wOFF.............28......'....!............GPOS..#D.......$....GSUB..&.........f~g.LTSH...4..........A.OS/2...$...U...`kOVvVDMX.......i.....B.cmap...D........b...cvt ..#....}.....&.(fpgm..!H.......a.5..gasp..#0.........{..glyf..'P.......<. .hdmx...l......'h.<).head.......6...6.00ohhea.......!...$.V.~hmtx...\|........).W1loca..$....B...B.a?lmaxp....... ... ....name............}.epost.......m...a(;&.prep.."@...K...!p.N............._.<..........H@........G..................x.c`d``n.....e.....,..@.d.....................................(....x.c`f..8.......).....B3.1.1..E.Y.Y.....r.L...........Y.#..s3.8Px6H..%.. ......?.}...x..MHTQ.....O..4g.t...I..JKM........".@.].....AA.A.A-.D..Z.Z..]...UYYB..D......QpZ.8....8..w.y....0..d...&.u...;..,...../Sr.......c..7F/.C".(.c?..N7v[At$.Ls.s-d..].c....T&....8..zx...:xM)c&.M..J.3...uj{....l....u1.>.DU6L!...j..w.......w..d\|hW.F...GF../.....>7...Lp].N...F.11..%\.B....~......6...ze.c_.d..3:..._^..f..$M/.......p_V...9....-".....gm...fN\

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\avondklok_hero[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x313, frames 3
Category:	downloaded
Size (bytes):	52294
Entropy (8bit):	7.972731067994761
Encrypted:	false
SSDEEP:	1536:dgM2eUBk3MUyAam9oS8Dzk98FaQIiCUmBNLB:mgqD+MZ2QIa4T
MD5:	A92F08233638063F2A2EE1B528478946
SHA1:	B4DB761269232718C930015748F5B041B8F2F8C2
SHA-256:	B56FDD871705DB5943D7EE06B23C4E393196901D90B952B406D214C101E4202B
SHA-512:	90BDA8BADE6DD39DD80E3499D67A069FB1535109B35C8681BD2445C5860385946443215EF2CED339BFC83F25519E730FE9AD4716EA72EB737D967E430B7E8BB9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/large/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/header/avondklok_hero.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......9....".......................................N.........................!1AQq.."a.2...#34Br...$Rbs..%5C.....Sc..&D..t.6T......................................................!1..A2."BQa..q..#..............?.....Ti....q.k.'B.Th....:+V..V.l.Z\aMT.....k..&)...b..+...k...]......2.S9..N......M.p~\|.Hk...s...\|'.v"...6.<.....~#I.... 5.G..kgA.k......B.k\.q...,n...L.a.....?\oB.....%......v0...Z.P.B.k.z.B...e..F}...3_2.. ...-.6t./.....4....S.....N.9..^.?.pU./.....].n.H&....T.OO....@....i.y...g....!L?4.9"x......1.`S..O.Uj.L}S.L...(..!.!c......C.T.?^..).N.G.?........7.H...~{!..Xe.I....8.>...I..t;..P...E..7.F]C...l}...B..W...H..P.A.h.{.W...].}...P...Y....x.....v=...Q....E\|l."......:.........>#.....7q.-..u.ek.5.1...F..L.g.\F.O...>...?.[...Q'....W...K`............[_....K.....FTx.L....V4.....pq...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\collapsible-panels[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	737
Entropy (8bit):	4.6942994524433965
Encrypted:	false
SSDEEP:	12:2yTmIzXSPIUrnJi4hEHLHTaMeUFIY011ibTY+469uaBuaMCjUMU11c7QTY+43Pus:KAXSPIU4TY+nuuu11ccTY+cPuBbiu1gn
MD5:	44ECE5C9B5274C1E7FF2E3860E5F1867
SHA1:	64D624D819339BF108FDE04578BB20271BB87043
SHA-256:	463C73A52654C24219A7D110E8C0A3E8823084E52B9C7B6424D0B74A13917DC3
SHA-512:	755EC005300B1ED0D7A3E9C2403E20B58621DA67063059502C7124D7B9D48079820F92E631BE1CF4E982A7353924F2C702DDB528890E94FBBA2A787372EABE8D
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/collapsible-panels.js
Preview:	$.widget("panels.createCollapsePanel",{options:{open:!1,speed:400,easing:"easeOutExpo"},_init:function(){var e=$(this.element),n=e.find("button"),t=e.find(".panelContent");this.options.open\|\|e.hasClass("open")?this.expand(e,n,t):this.collapse(e,n,t),this.toggle(e,n,t)},expand:function(e,n,t){n.attr("aria-expanded","true"),t.attr("aria-hidden","false"),t.slideDown(this.options.speed,this.options.easing,function(){e.addClass("open")})},collapse:function(e,n,t){n.attr("aria-expanded","false"),t.attr("aria-hidden","true"),t.slideUp(this.options.speed,this.options.easing,function(){e.removeClass("open")})},toggle:function(e,n,t){var s=this;n.on("click",function(){e.hasClass("open")?s.collapse(e,n,t):(s.expand(e,n,t),t.focus())})}});

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\formulier-eigen-verklaring-avondklok[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	9751
Entropy (8bit):	5.041743461676945
Encrypted:	false
SSDEEP:	96:Q7MP/ekVVknk1k2UYrsTdgAGjGmHUuDKhn43SJe8/y3WHHaz9GHZzRrlKGoCQF:qaVVukO21A2AW1HUPWrstaEHZzRxYJ
MD5:	39A67FA400CF6D70EF17AE454D943186
SHA1:	BC5F2650B8F5BDBCC585CC38C419C23C6F45764E
SHA-256:	9FA867F6BE0EEE9BF490F6A36488F66F13708696A08622BBD9E30A52DBD95F3F
SHA-512:	0EBE80D89B876F29019C70A9FF18DCDA6C8631036EDE6D077AF4D6ECAECDC4E22B4814A30511CE6E52FA5DDF9C0EFBC5A4CB62F1F88C9E2A38F49A9BFFFC24BE
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Formulier 'Eigen verklaring avondklok' \| Formulier \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Formulier 'Eigen verklaring avondklok' - Formulier - Rijksoverheid.nl"/>.<meta property="og:title" content="Formulier 'Eigen verklaring avondklok'"/>.<meta property="og:description" content="Als het noodzakelijk is dat u tijdens de avondklok naar buiten gaat, dan moet u het formulier .Eigen verklaring avondklok. bij zich hebben."/>.<meta property="og:type" content="website"/>.<meta property="og:url" content="https://www.rijksoverheid.nl/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok"/>.<link rel="canonical" href="https://www.rij

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\formulier-werkgeversverklaring-avondklok[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	9949
Entropy (8bit):	5.048415249967825
Encrypted:	false
SSDEEP:	96:Q7MoCek2Vknk1k2UYrsTdgAGj5FmHUuDKhn43yuJeyWcazWHHaz9GHZzRrlKGoCA:qp+2ukO21A2AWCHUPWmj12aEHZzRxYJ
MD5:	2BD25403DBCFAA4828C13E8F18EA70F4
SHA1:	194147C9A2648DFDC51A13F71DB5CF35F9C70A6E
SHA-256:	D03239D6AA1DAB4AB1CB8B6ED2D858F6423F3C5B7BADDD5DEAEA0C97F890F695
SHA-512:	166E850FF98C7C72EDCCDFD4E4A83EDBE50286FBD90EB26FF722C640E5D0235F95FF64169745F89F26FBFB2617A382090D10E63062DDABBD1D04B41C55BA3911
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-werkgeversverklaring-avondklok
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Formulier 'Werkgeversverklaring avondklok' \| Formulier \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Formulier 'Werkgeversverklaring avondklok' - Formulier - Rijksoverheid.nl"/>.<meta property="og:title" content="Formulier 'Werkgeversverklaring avondklok'"/>.<meta property="og:description" content="Als u tijdens de avondklok voor het werk buiten moet zijn, dan heeft u het formulier 'Eigen verklaring avondklok' en een .Werkgeversverklaring avondklok. nodig. De werkgever geeft deze verklaring aan werknemers."/>.<meta property="og:type" content="website"/>.<meta property="og:url" content="https://www.rijksoverheid.nl/documenten/formulieren/

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\img-helpers[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	19474
Entropy (8bit):	5.126004100473408
Encrypted:	false
SSDEEP:	384:6xlRv5qfYWBwK+i+nHnfebLahDmHiklM3V5zkeBgwtPQ4ywvm+mDxgGxgst4vOwP:6xlRhdK+i+n/ebLa8HiklM3V5zkeBTtX
MD5:	80A90D742AFACB572E64194595B8D254
SHA1:	5888D04E386478F0B32EA3E0749E634F825B1D06
SHA-256:	8B94CF4B63020D52A52972A68B8F7236DD3B624F7A68701E2D09C6BF025D5459
SHA-512:	BD6FBBBA121C39E5C2A54547D36F5AFAA8A2F979003A7FB70A22F03027535FA4FFAF8E0E0236643165A070EC47E8CA9ECFA7FECCC264ABCD82B19EEB5443C96B
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/img-helpers.js
Preview:	if($.widget("img.lightbox",{isBuild:!1,currentSlideNr:0,nrSlides:0,transitionTime:400,$slides:[],options:{type:"single"},_create:function(){this.lightboxUniqIdBase="lb_"+Math.random().toString(36).replace(/[^a-z]+/g,"").substr(0,6)+"_",this.$images=$(this.element).find("img"),this.$triggers=this.$images.closest("a"),this.nrSlides=this.$images.length,this._catchClicks()},_catchClicks:function(){var t=this;this.$triggers.on("click",function(e){e.preventDefault(),t.currentSlideNr=t.$triggers.index(this),t.$selectedImg=t.$images.eq(t.currentSlideNr),t.openLightbox()})},_createElements:function(){var t=this;this.$overlay=$("<div/>",{class:"lightboxOverlay","aria-hidden":"true","aria-modal":"true",role:"dialog",tabindex:"0"}).prependTo("body"),this.$modal=$("<div/>",{class:"lightboxModal",tabindex:"-1"}).appendTo(t.$overlay),this.$rail=$("<div/>",{class:"slideRail"}).appendTo(t.$modal),this.$images.each(function(e){t.$slides[e]=$("<div/>",{class:"slide"}).data("hasContent",!1).appendTo(t.$ra

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\jenv-hero[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=11, description=Deze ministeriefoto is gemaakt voor de ministerie-verzamelpagina op Rijksoverheid.nl. Er is gek, manufacturer=SONY, model=ILCE-7RM3, xresolution=640, yresolution=648, resolutionunit=2, software=Adobe Photoshop Lightroom 6.10 (Windows), datetime=2018:10:04 13:19:56], baseline, precision 8, 1920x480, frames 3
Category:	downloaded
Size (bytes):	167772
Entropy (8bit):	7.851213146175088
Encrypted:	false
SSDEEP:	3072:HA0AoyY7LYDEs4iSoVSS8BdTXPfwPU2w+/+vOmq5gOXoF8L0hRRPa5t3/0:ghmYxuoVSSmTXoU2J/+WmoGc0hRRyr3M
MD5:	7A46769DAD7785EE2D19A1566611123E
SHA1:	3216A11324181DCBF9191AF307567519820BAABF
SHA-256:	494210F96B3306FD2A6BFEFACC91AA6EA44E738500E4812D39C84CF182E31774
SHA-512:	4C4B2D2A81B98C2537092B75273A911FA366126571494FF29ECF5EED913C172E05C88E679E25B117ECCC0C0B7EA5455C73CCB265905C23B6C5A5496BE9E5C35E
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/widescreen/content/gallery/rijksoverheid/content-afbeeldingen/ministeries/series/hero---nieuw/jenv-hero.jpg
Preview:	......JFIF.............HPhotoshop 3.0.8BIM........................8BIM..........Z...%G...................JenV hero.....Beeldcentrum.....RO.....Rijksoverheid.....beeldverhaal.....beleidsthema.....close-up.....handen.....handenconcept.....mantelfotograaf.....ministerie.....ministerie-onderwerpen.....ministerie-verzamelpagina.....ministeriefoto.....missie.....scherptediepte.....themafotografie.....verzamelpagina..7..20180914..<..143710..>..20180914..?..143710..P. John van Helvert: www.johnvanhel..g..C0502.DP1000..t.SCopyright Rijksoverheid - Deze foto is afgekocht voor gebruik door de Rijksoverheid..x..Deze ministeriefoto is gemaakt voor de ministerie-verzamelpagina op Rijksoverheid.nl. Er is gekozen voor een close-up van handen op de voorgrond. In de afgebeelde handeling wordt een herkenbaar onderwerp van het ministerie vertaald, waarin iedereen zich kan identificeren. De onscherpe achtergrond verduidelijkt het beeldverhaal. Alle 12 ministeries zijn volgens deze beeldtaal, het .handenc

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\mediaplayer[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	187963
Entropy (8bit):	5.432613376042367
Encrypted:	false
SSDEEP:	3072:GQ2ctb27VH1oqM+8Pe7oXXhORrlZPO60uW/OOG0uCBpHVEsnosnu45D51cjmskqZ:GQ2FPO+nDrFIKD9a+
MD5:	5CB5B30CB2325834E1974842A86232C7
SHA1:	83C0FB1A560114E6145230EE2E42D51EF3AB0282
SHA-256:	4790FD16F16E4A1907EDE9CA974B893B5BD697006BFFEED7A29F1ECA0A15F4A2
SHA-512:	04D13E0D55CB0804AA9D8764B1CB96FAB7A19572988BCA0C8C78EA96BEA4D094CADAADDE6F7A259B4B6E5FD0ACAB69C373D480E5C5E8953F1C9C028293F109E0
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/mediaplayer.js
Preview:	!function(){return function e(t,n,i){function a(o,r){if(!n[o]){if(!t[o]){var l="function"==typeof require&&require;if(!r&&l)return l(o,!0);if(s)return s(o,!0);var d=new Error("Cannot find module '"+o+"'");throw d.code="MODULE_NOT_FOUND",d}var u=n[o]={exports:{}};t[o][0].call(u.exports,function(e){var n=t[o][1][e];return a(n\|\|e)},u,u.exports,e,t,n,i)}return n[o].exports}for(var s="function"==typeof require&&require,o=0;o<i.length;o++)a(i[o]);return a}}()({1:[function(e,t,n){},{}],2:[function(e,t,n){(function(n){var i,a=void 0!==n?n:"undefined"!=typeof window?window:{},s=e(1);"undefined"!=typeof document?i=document:(i=a["__GLOBAL_DOCUMENT_CACHE@4"])\|\|(i=a["__GLOBAL_DOCUMENT_CACHE@4"]=s),t.exports=i}).call(this,"undefined"!=typeof global?global:"undefined"!=typeof self?self:"undefined"!=typeof window?window:{})},{1:1}],3:[function(e,t,n){(function(e){var n;n="undefined"!=typeof window?window:void 0!==e?e:"undefined"!=typeof self?self:{},t.exports=n}).call(this,"undefined"!=typeof global?g

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\paging-menu[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	350
Entropy (8bit):	4.964936724886392
Encrypted:	false
SSDEEP:	6:L2C5hIpAzZtuz7ALxRHKjhlD/rnwt6NeBPqKa951NdVlqKagD7VlqKaupfrGYf:L2C5KuomRQl7rnm6NiPq9951Ndq9uq9A
MD5:	A56DAE07C4D7FEFFCC291EEAD0260548
SHA1:	2BF056F2C550C3CFC5BDFE55363F3F039655A2FE
SHA-256:	4319E43CE717A1AD21C9B814A0211DA7F9580FAC830B7B75F7EB05A2F805398B
SHA-512:	2B08B77449873556C4D8D56F116D68B5BEEC52930096DC588E831FF15A4DDA2C83A3B8FAC9BD0330F993FA36AC91CF6A4A239798C92EFCAC1C0F8AA84C4918BF
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/paging-menu.js
Preview:	$.fn.pagingMenu=function(){var n=window.innerWidth\|\|document.documentElement.clientWidth,e=$(".paging__number:first"),g=$(".paging__number:last");n<375&&(2===$(".paging__number--dot").length?e.next().remove():(g.hasClass("paging__number--dot")&&g.prev().remove(),e.hasClass("paging__number--dot")&&e.next().remove()))},$(".paging-menu").pagingMenu();

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\piwik[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Informatie%20van%20de%20Rijksoverheid%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=863472&h=9&m=36&s=46&url=https%3A%2F%2Fwww.rijksoverheid.nl%2F&_id=b4beb525bffa09d5&_idts=1611596186&_idvc=1&_idn=0&_viewts=1611596186&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22-%22%5D%2C%223%22%3A%5B%22type%22%2C%22homepage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22fb90d6cd-af1f-4e99-810f-58f024dea98c%22%5D%7D&gt_ms=3&t_us=85&t_ue=86&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=77&t_as=79&t_ae=80&t_dl=79&t_di=290&t_ls=290&t_le=290&t_dc=307&t_ee=343&pv_id=p7KF0i
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\piwik[2].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Instructie%20voor%20formulieren%20avondklok%3A%20downloaden%20en%20meenemen%20%7C%20Publicatie%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=714383&h=9&m=36&s=53&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19%2Fdocumenten%2Fformulieren%2F2021%2F01%2F21%2Fformulier-voor-de-avondklok-downloaden-en-meenemen&_id=b4beb525bffa09d5&_idts=1611596186&_idvc=1&_idn=0&_viewts=1611596186&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%22%5D%2C%223%22%3A%5B%22type%22%2C%22leadingpage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22f28d5416-c5cd-4283-b4c5-4d8f286274ae%22%5D%7D&gt_ms=3&t_us=66&t_ue=67&t_fs=33&t_ds=33&t_cs=33&t_ce=33&t_qs=59&t_as=61&t_ae=62&t_dl=61&t_di=233&t_ls=233&t_le=233&t_dc=262&t_ee=319&pv_id=J81BtZ
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\piwik[3].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Abonneren%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=775223&h=9&m=37&s=0&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fabonneren&_id=b4beb525bffa09d5&_idts=1611596186&_idvc=1&_idn=0&_viewts=1611596186&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22-%22%5D%2C%223%22%3A%5B%22type%22%2C%22webpage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22f4f07141-bfea-4154-aa70-7820927185f7%22%5D%7D&gt_ms=2&t_us=37&t_ue=37&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=31&t_as=32&t_ae=33&t_dl=32&t_di=589&t_ls=589&t_le=589&t_dc=609&t_ee=631&pv_id=NFGoQw
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\telefoonnummer-corona-uitgelicht[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x400, frames 3
Category:	downloaded
Size (bytes):	78218
Entropy (8bit):	7.955494297479003
Encrypted:	false
SSDEEP:	1536:Z0lpE5HDTFTLadSCeKCv0MJ+OS7qUiawth15GYpGlQY3eUMMU7iK:mpk/hhTJ+7qnawDG7ezM+
MD5:	518480974995F9C4034F90F11E7D06C5
SHA1:	A88A2BFE34F78D21A3D1E36DD329EA177FFAD4C0
SHA-256:	815B7D397808257EA24B94A044DADA238794028C0793DF944BA50349E230FFA0
SHA-512:	E5E90F0807944125686ABFC0DA6E59C9BEE4BCE2212C28B222D10262F400A0C03D1EA79B8432D36272EF3040AF453BA58746073C5DDD8AE6B57377CF04F82600
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/uitgelicht/telefoonnummer-corona-uitgelicht.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================........X.."........................................P......................!...1..AQ"aq..2...#B..R....3..$br.....4CET....%'DG.7S...................................;.........................!1A."Qa..2q......#...3BR.$45SCr.............?.......k.T.>$......{.....ye.P.t.T!@..,.Gx.Hdc..o.yj..p7(..$...].\|RM....]C.$..%...U2.I:T=$..o4..9....K.[.8+.h."...5..o...bb.../#..T.Z..P...].{(LN."~..OK].4.\|....h.^.-.....O..h.m..J.z.0PJ.../,..`TI..2S7.1....c;l...-.4.....H.E#\....R...HL.D......>U.+.O..W4....d..j....v&........b.AB..p..Tb.Q..P.......H..&`..Mb.RAXO0.....x.......d..).....e..cw..\.U...P.... .G.....y.aF.5.np ..\.....7.J..f...jUF.uG...R...I2.d\.Z.)U}.O..i4.......$....\6.\|,..X'.Ut.n..Z..3[n..HB.7.. jP.>......]!+aK%&.9gH...#.A..<Tm.T.w..)......R.>.#x..\yu5.6.w[<.I.!H..{.\|....(.f.p.]..6....*m..5..e%i.)...l;...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\thuiswerken_corona_header[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x313, frames 3
Category:	downloaded
Size (bytes):	49253
Entropy (8bit):	7.978010624114917
Encrypted:	false
SSDEEP:	768:er3aiUeiPVJ/t+JUEaaXVV1CDBHKblrvGmrdojBQ6C4CdG+Dosv1uM82L+l+YXxg:tH/kJUEaaFVwKdv/d064oPUMR+ln15kN
MD5:	54E0851797E06D8DF79AF60237EFD31A
SHA1:	0457074A696063AF3F2EF380AF5E6E4F47C5070B
SHA-256:	4D6DB3BC5F976E8B1B7DC18FCEAA58F02616013E4AA9AC17C09C5298EDD29934
SHA-512:	4570BE4E21814758B36AE05735C4DB309F1EBB7384D784315C18679522881BAAD3FDB9B3D9834FA9118012801EBD67667A03E9B4F3CFBD68DD3375FC1307E8CF
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/large/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/header/thuiswerken_corona_header.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......9...."........................................R.........................!1.AQ."aq.2...#3BRr...$4bs...%56Cc....&S....Dd..TtE.u.................................-......................!.1.A.Q"2.a.Bq..3.$..............?..d..b.4.. ..l..AvB..'L.H.....K.\|P..W.R....\|f.DZm\|.\|X..m+.SS^....!..)j..0.GR...q.3V.sM2.....h.9.R.s....J.S5.%..........+?yE.J.>A3K..E.}<U`..S..lpcF.#..6[.....<..t._xx..........e.m.8x.........s.EU{...&.t.V).g.2....$.Y6..,u.a1... ....j...-0/..@...d ci.......L...F.V....S...BW........m.tV ..i.. ....O..7Cz..6P30.l...t.M{.$nm...R..,y9U.!.W...m...8....F.q_...r....cVQ.....r~..'....[.U...\|.C.g<..#=/...6.h[.E.......7K..SbX.%.5Os......:b[..v.R4r...3qm.W...K..p..tmk..r...\|.#..(v..ENltv.x,@...;c..A2.I.}.hi...5......WFg`{M.'e..@".a.B.j..jj\Z...I.WE,.:6TE'.#..T...... .<...c.....+.#F

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\uitgelicht-covid-19-financiele-regelingen[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x320, frames 3
Category:	downloaded
Size (bytes):	21995
Entropy (8bit):	7.965777973548672
Encrypted:	false
SSDEEP:	384:KfsrPq0k8ygwb4QtjklddOVydzQh+bEmPUuGsWyXQ3SS9lAhSiJfmlWqkx63YR9G:jP9ygwb4Ljdwydsh+Q3QCo9YlZ13YXy/
MD5:	E0D74EDCBF6A6707EDD6991FCC408EC1
SHA1:	D7F4B406DE5884AE2476D00F0609DBC78E3ADAD8
SHA-256:	11C8280C2D61D52036807AEC69E714B5D7D410838D12618332D4FE12FF0E963B
SHA-512:	89FFC9A6B9BB519EEF7021F3D0E6EEC8FD8A30EC3F5758ED1A48CCC000A473E5841B696917C19B2683EB5EC9E97545634B9ED92D7E5F0D50CB7BE6547FA70932
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/uitgelicht/uitgelicht-covid-19-financiele-regelingen.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......@...."........................................U........................!..1."AQaq..2......#Rbrs..$3Bct...%&46Cd.....5DS......EU.u......................................................!1A..2Q"a..#Bq3R.............?.o..\|...3.ep..F.s...k.%&..S8.."c......+...N..5T....;t.q.Y].1...>nU.0c:.'..J.-m.o..D.]..(......~n;r..W.7...Xa,..K.O.xc...v.u....V.-!..s.i..w....62.....sn.T.....4`sz...W.{..^SY.(...[......\....1...'.WY.?...n..S...C._.q..:.D....3.........q. .o.I.....I;.#............/.7F~R.Y?.Z}.d^.^..[G{&.aS.m..6.J..$........M...E+....oj..A...r....H......r..q....j..........V.]..y..I....L..{.S.uE..9.=Z..q9F..F...N............Z..\...4r....b.SXn......?j......^.f..)...A.w\...c...~J..,u=.)p.....N:$...CE..vtk.....5....H.dn&<8.@8..Ml..^.-...... ...H.D..PC( ...,....$....A....@........p....."!+...#.)d"..#..'0..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\wandeling-in-bos[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=12, height=1436, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], baseline, precision 8, 800x533, frames 3
Category:	downloaded
Size (bytes):	114183
Entropy (8bit):	7.930885088196179
Encrypted:	false
SSDEEP:	1536:SSZGSZ2zuh89BEErwJoDBGUY0K3t0aRT//bR4nxoX5czIgE2X7baHXTd80R6:SsGsQuSzrFGU5eKaRHjWEIXyD6L
MD5:	30248009AA369AACCD085385DA9934BD
SHA1:	48C024C5833EC70BF039AAA75FA48E21AFB2EABF
SHA-256:	5E50665FCECC52D51A34CF607824E53B1608E3D01388453CBDA1E5D9B2616317
SHA-512:	5187FF3B6E3025550BF932114559E535E7E134FAE50F25352C805F926B0D7046CA4510CA1EE4CD44F735C88AB5D8057585AC7973E620905A68A0487E15986422
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/veranderingen-2021/wandeling-in-bos.jpg
Preview:	......JFIF.....`.`......Photoshop 3.0.8BIM..........Z...%G.....O..8BIM.%............!......R8BIM.:....................printOutput........ClrSenum....ClrS....RGBC....Inteenum....Inte....Clrm....MpBlbool.....printSixteenBitbool.....printerNameTEXT.......8BIM.;....................printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o..........Bl doub@o..........BrdTUntF#Rlt............Bld UntF#Rlt............RsltUntF#Pxl@X..........vectorDatabool.....PgPsenum....PgPs....PgPC....LeftUntF#Rlt............Top UntF#Rlt............Scl UntF#Prc@Y......8BIM.........`.......`......8BIM.&................?...8BIM............8BIM............8BIM..................8BIM'.................8BIM.......H./ff...lff........./ff...............2.....Z...........5.....-..........8BIM.......p..........................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\8012-reisbagage[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	961
Entropy (8bit):	5.227523911835233
Encrypted:	false
SSDEEP:	24:2dNcNAiELZK60yVJJRb60yGqHZJZ9oOCvnCReh6ixsQK5T7anG:c4AiMo6b1AnZK90JacqG
MD5:	6FD74E13DD3369F306B5D369594E57BD
SHA1:	B5E797872BBCB082BB50946A10431D3FF9B7CA9D
SHA-256:	4F1A94D140192E6083AA2964538F517318CC9B7D7A4EB7D5DAF1C3B0BE029EF7
SHA-512:	F6B76EBC5877C3FEF431D33EB69D945375A6A6BBCCD7A063D7FDD4FA6E506D26896CC489E4AE97272354BB5E7D84F6B46323FBE045943263EDA84D5B034EA9B4
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/8012-reisbagage.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 18.1.1, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="Box">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Icon">..<path d="M55.3329,22.994C55.1681,20.7866,53.2013,19.0002,51,19c-3.6667,0-7.3333,0-11,0v-4c0-2.2056-1.7939-4-4-4h-8 c-2.2061,0-4,1.7944-4,4v4c-3.6667,0-7.3333,0-11,0c-2.202,0-4.1681,1.7866-4.3329,3.994c-0.625,8.6594-0.625,17.3526,0,26.012 C8.8317,51.2134,10.7983,53.0001,13,53c12.6667,0,25.3333,0,38,0c2.2014-0.0001,4.168-1.7866,4.3329-3.994 C55.9579,40.3466,55.9579,31.6534,55.3329,22.994z M22.0013,34.5024L16,31.5018l3.8897-7.7794L24.0017,23l1.8893,3.723 L22.0013,34.5024z M36,19c-2.6667,0-5.3333,0-8,0v-4h8V19z"/>.</g>.</svg>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\CnTAjastServiceV2[1].ashx Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	64
Entropy (8bit):	4.771418898701707
Encrypted:	false
SSDEEP:	3:Fpk4GiTTqUvT2RLUPf:FHbqUoUn
MD5:	95928059DCBAFAF3055CD02F1D7B0B36
SHA1:	BF32FC60842231B4E63891E43AD772688472BF5D
SHA-256:	3E511EEA306BEDC9C400D100EE09B59AA0AE2A462A7120D3C021917365A31825
SHA-512:	89B90B1D2842AFBE4AD8C23F9804EAC52B4FBFE6DC7A6F548ACE44172F656AB01B7CBD4A5C91627B7A0D124312883A8BA08F82035C77EDA11FF5E23371FDAF23
Malicious:	false
Reputation:	low
IE Cache URL:	https://onderzoek.platformrijksoverheid.nl/CnTMVC/CnTAjastServiceV2.ashx?ServiceMethod=WriteRequestData&cusId=108108108&prot=https:&domain=www.rijksoverheid.nl&path=/onderwerpen/coronavirus-covid-19/documenten&srch=&title=Onderwerpen%20%7C%20Coronavirus%20COVID-19%20%7C%20Rijksoverheid.nl&doc=https%3A//www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten&SsId=-&r=-&c=24&res=1280x1024&time=34611299&ac=2&cdv=708&csv=20210122-152419&extrainfo1=_pk_id.4.e7da/b4beb525bffa09d5.1611596186.1.1611596211.1611596186.\|\|00057&callbackAjastFunctionName=OX.AJAST.m_callbackFunctions.callback1
Preview:	OX.AJAST.m_callbackFunctions.callback1('367175684_84.17.52.74');

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\RO-SerifWeb-Italic[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 110541, version 3.0
Category:	downloaded
Size (bytes):	110541
Entropy (8bit):	7.996245326669617
Encrypted:	true
SSDEEP:	3072:9weTz3H/X6dN9vfAy/x2qN2H2CV7ukdcWb9A1:9/f6NJJ/fN2Ww7ulWpA1
MD5:	778E789CD8180DEBD9B4DD5D8B8AE0E3
SHA1:	B79791FF50B98EF46FA606CA2D26D24FFE894AE5
SHA-256:	AB448317578C648868C6394CFFE2760264A193E30147C52BD16434BCC214EE5C
SHA-512:	681DBF76DBAE8E8CCD67710553A7F1D3C903CA3D95D87C2AB7DA0428A3414B2B4DFD5A59F99F0823C48F7EF62C4BD94B8FC5FABF98FFB694166D78BBFF02F572
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/webfonts/RO-SerifWeb-Italic.woff
Preview:	wOFF...............X...........%...q........GPOS...............3GSUB...0...u....ujv.LTSH...X............OS/2...$...]...`..[.VDMX.......y.......Ecmap...p.........BEcvt .."l.........g..fpgm...........a.5..gasp...x.........z..glyf..'\..pz.....6o.hdmx..........%hr&=Dhead.......6...6..1@hhea.......$...$....hmtx...........t.-.loca..#....V...x...maxp....... ... ...Hname.......p...z...Wpost...H.........V..prep.. x........)X.D..........;._.<..........H@................................K...............i.........................X...............@....x.c`f..8.......)....o.....`.(..e`ecc`.d`a``X.............F...LLO..a8...h.....c..T.........A...x..KHTa.....fFG.u..]8....hF.4..ad!.d..B...7.=..Z(....R....Q..T.0. I..H..%.R._.{g..Qr.?.....s..j.p5D..p\&.)o.n1........4.oc(/.!.....e.g.A.8.g..A..1...k..5..Lr.H.......CU....T?2bI...G.7V/..T..f..#...4.w.c.~.Y..J..n!'.w./.X+{.q...-....zP....^`...(.`..)..S...}. ...lcX...M...E."wIw.$=...qH..}.(6..{.~..tux!....O-..F).../..zP5.#.. .:.5...0..< ..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\RO-SerifWeb-Regular[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 97062, version 3.0
Category:	downloaded
Size (bytes):	97062
Entropy (8bit):	7.99494849002823
Encrypted:	true
SSDEEP:	1536:DRUCAGqFHjh1GLAEVjwMWn0Xj3uSZ6N404unMYrzF7AYqAe67X/g6GpHbjlklMr4:S7ljyBw50z+SAN40TnMyFMYqAe0O7pk/
MD5:	5AB4F20384346FD9FF46B662E4196F86
SHA1:	3D8D7B29AC8A997E5138F17ACD7CC24A8497280B
SHA-256:	55D2C25ABDD0F5D8BAE058C9E3CF6CAA090A286CB210F47D0D0D123DC77BD96B
SHA-512:	306FFF974AF3F0A356BC058343ADDA10B077A28279D457BE2B4798CA475BD2FCF23BBF4AFEE6950340E75B8F8858E17EB1C7F04F2494627CEA9DA230242DF7E7
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/webfonts/RO-SerifWeb-Regular.woff
Preview:	wOFF......{&..............x....&...r........GPOS..o....l...../.[GSUB..w....u....ujv.LTSH...$.........b!OS/2...$...I...`c.x.VDMX.......r.......gcmap.............BEcvt ..,..........'.jfpgm..)........a.;..gasp..o..........z..glyf..1...4...7...5,hdmx...\...t..B..R8.head.......6...6.>1@hhea.......!...$...xhmtx...p.......t.H5.loca..-4...Y...x...maxp....... ... ....name..fx...e....$#..post..i....%......pprep.........................G_.<..........H@...........................x.c`d``..w........1.b.. ......r..............c...............'....x.c`f\|.8.......).....B3...,.`gB.....080(.fbz......oF..... 9.;L5@.......'...x..MH.A....<o...[.....*+.n..Yb...Td&v.:t(. . :H..K..%...M.....t.K..%2...L.4....h....~<.3..<.!...J..^..>...?n%.w;.E...s\|.6.T(.^c..q...c.........;R...x......."......i.j.A.Q..".....[I.^V..g.YxS.^f.+.....W.(\|..~.Y..>7...a...5.G...Y.!.>..{.F..7......cnJ..X...J.g....B~..9..+C..;.Z..y.q.T.?.a.. F.FYR..Wy.IM._jL.g...N.ru....y.9.S.^e.M(5...._...^.X.....@.....(.......5.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\aandacht-voor-elkaar-uitgelicht-lowres[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2020:10:12 23:34:24], baseline, precision 8, 830x553, frames 3
Category:	downloaded
Size (bytes):	53029
Entropy (8bit):	7.3904281627607
Encrypted:	false
SSDEEP:	768:w7cpIHGImYyHbS5H9G5vBLLmBrsw57eNuRcLWBqdIxfU3sSN5Q+D7m:7rLbS5dG5vVLmN757ecR4d/ZNfm
MD5:	14FEC5888510B5755EA5E388BAFFFF5A
SHA1:	C87F1B6E758A7B482A6DEED9FE4B304552952523
SHA-256:	E2167FDDED80D972022A9A22397E9F648ADCA60541CAA2813DAB99B05D4E5C5F
SHA-512:	48E602DD911E4120A24157E49FEA47AB3C8DB3A55790287A88113A63250B0F89E7C652FFFF46C4CFCE107E4C382598A19C332E154AFDB5876F9E13FD121687E7
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/home/2020/aandacht-voor-elkaar-uitgelicht-lowres.jpg
Preview:	......JFIF.....H.H......Photoshop 3.0.8BIM.%......................8BIM.:....................printOutput........PstSbool.....Inteenum....Inte....Clrm....printSixteenBitbool.....printerNameTEXT..........printProofSetupObjc.....P.r.o.o.f. .S.e.t.u.p......proofSetup........Bltnenum....builtinProof....proofCMYK.8BIM.;.....-..............printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....CrnCbool.....CntCbool.....Lblsbool.....Ngtvbool.....EmlDbool.....Intrbool.....BckgObjc..........RGBC........Rd doub@o..........Grn doub@o..........Bl doub@o..........BrdTUntF#Rlt............Bld UntF#Rlt............RsltUntF#Pxl@R..........vectorDatabool.....PgPsenum....PgPs....PgPC....LeftUntF#Rlt............Top UntF#Rlt............Scl UntF#Prc@Y..........cropWhenPrintingbool.....cropRectBottomlong........cropRectLeftlong........cropRectRightlong........cropRectToplong.....8BIM.........H.......H......8BIM.&................?...8BIM...........x8BIM............8BIM..................8BIM'.........

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\abonneren[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	10782
Entropy (8bit):	4.9703975708926285
Encrypted:	false
SSDEEP:	192:q9JG8ukOjA2AWL3HUPEX8G7eYb+qblzMVsqE5ZzRxYJ:T8ukOqWL3HUMZlAeHZzzYJ
MD5:	33E1CE9EFA75B7843AE6508D08291E66
SHA1:	171EA61A4ECC7CF4F06E0528269B4B0D2932F385
SHA-256:	DCD15892D9FE65F39DA6EC45D2766521C0A223CEB6687016D131F77EDC45A8A9
SHA-512:	4DCAF9F5B11317E6CD3889D38EAE0C0220D7B9A93195AAB4B5F9866F8CC5933FB83D4FA57882AD88AB08C17CA88C3761D95E23CEEE6AEF3DED9F2873354B63B6
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/abonneren
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Abonneren \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Abonneren - Rijksoverheid.nl"/>.<meta property="og:title" content="Abonneren"/>.<meta property="og:description" content="U kunt zich abonneren op de e-maildiensten van Rijksoverheid.nl. Abonneren kan op twee manieren: Abonneren op e-mailattenderingen Abonneren op nieuwsbrieven"/>.<meta property="og:type" content="website"/>.<meta property="og:url" content="https://www.rijksoverheid.nl/abonneren"/>.<link rel="canonical" href="https://www.rijksoverheid.nl/abonneren"/>.<meta name="viewport" content="width=device-width, initial-scale=1"/>.<meta name="DCTERMS.language" title="XSD.language" content="nl-NL"/>. <meta name="D

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\ankiebroekersknol_1.jpg_1920[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=5, description=Nederland, Den Haag, 12-06-2019.Ankie Broekers-Knol, Staatssecretaris van Justitie en Veilighei, xresolution=190, yresolution=198, resolutionunit=1], baseline, precision 8, 830x553, frames 3
Category:	downloaded
Size (bytes):	52085
Entropy (8bit):	7.828967349839715
Encrypted:	false
SSDEEP:	1536:DpekeyUQtKVhndcj/xzoP+dM61FXLS+gHdcCjr:hWQtqi/5okMQXLS+gOCX
MD5:	50B05FC1BF5777E91BE8AAE8E405D924
SHA1:	6355BEC4283D1A7B9DE730C11A6A2047D67AF984
SHA-256:	480F110A542FDD496515A1B095D825ABC330B94AF3D2A1D4C28DE3A589178709
SHA-512:	DAA10DB8267DDCDC6B898330E0C6435539F7CBB9C16419DF2A9355402D8C6827EEC34E435443F0987D326DA31A4EB1B6FE474DF0B3604935F9833EFC406B4359
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/regering/bewindspersonen/kabinet-rutte-iii/ankie-broekers-knol/1920-px/ankiebroekersknol_1.jpg_1920.jpg
Preview:	......JFIF.............JPhotoshop 3.0.8BIM.......-.....Ankie Broekers-Knol.....bewindspersoon.....kabinet Rutte 3.....regering.....rijksoverheid.....staatssecretaris..Z..Den Haag..\..Rijnstraat.._..Zuid-Holland..e..Nederland..x.sNederland, Den Haag, 12-06-2019.Ankie Broekers-Knol, Staatssecretaris van Justitie en Veiligheid.Foto: Arenda Oomen............Exif..MM.*.............t...J.........................(..........................Nederland, Den Haag, 12-06-2019.Ankie Broekers-Knol, Staatssecretaris van Justitie en Veiligheid.Foto: Arenda Oomen.....................http://ns.adobe.com/xap/1.0/.<?xpacket begin='.' id='W5M0MpCehiHzreSzNTczkc9d'?>.<x:xmpmeta xmlns:x='adobe:ns:meta/' x:xmptk='Image::ExifTool 10.42'>.<rdf:RDF xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#'>.. <rdf:Description rdf:about=''. xmlns:Iptc4xmpCore='http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/'>. <Iptc4xmpCore:IntellectualGenre>Portretfoto</Iptc4xmpCore:IntellectualGenre>. <Iptc4xmpCore:Location>Rijnst

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\avondklok[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	13738
Entropy (8bit):	4.92964801303821
Encrypted:	false
SSDEEP:	192:+QhJukO2EA2AWiYHUPoKSURfPSHwqJV3qEHZzRxYJ:TJukOcWiYHUlZo3vNZzzYJ
MD5:	ABEA088952259A7155681CB08739A4E5
SHA1:	C542FA7C725A2760D250629C7F1B5E1682CCC276
SHA-256:	28631F48FB4AD5F9892AB9A3C695D0EB732F060175948356640DA9FA9B5F4557
SHA-512:	1E97FCD4AE9A98B6C79D4E027A8A2637CE7446116417E1016E160DF696DF97D01D0BD0591C30CC947E1F627C0ACD70A136E04788C4A141BB274B86516D61AD58
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/avondklok
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta name="description" content="In heel Nederland gaat een avondklok gelden: van 21.00 uur .s avonds tot 4.30 uur .s ochtends blijft u binnen. De avondklok geldt tot 10 februari 2021 04.30 uur."/>.<meta name="DCTERMS.description" content="In heel Nederland gaat een avondklok gelden: van 21.00 uur .s avonds tot 4.30 uur .s ochtends blijft u binnen. De avondklok geldt tot 10 februari 2021 04.30 uur."/>.<meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Avondklok \| Coronavirus COVID-19 \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Avondklok - Coronavirus COVID-19 - Rijksoverheid.nl"/>.<meta property="og:title" content="Avondklok"/>.<meta property="og:description" content="In heel Nederland geldt vanaf zaterdag 23 januari ee

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\avondklok_hero[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=10, manufacturer=Canon, model=Canon EOS R5, orientation=upper-left, xresolution=154, yresolution=162, resolutionunit=2, software=Adobe Photoshop 22.1 (Macintosh), datetime=2021:01:13 21:03:30], baseline, precision 8, 830x554, frames 3
Category:	downloaded
Size (bytes):	98251
Entropy (8bit):	7.745059467279069
Encrypted:	false
SSDEEP:	1536:oul4S0ypW+0P6hnUirAXNE/rzu3jkFSYmMfB3wwjqBYy9+bgYSk5:oul4SVW5CHUNETzwkFSliA9BTEbgtk5
MD5:	1E2C742A6289643D06E88E7D7AB508E1
SHA1:	575E3794F376DDE32E63B0EFD2A2DD5796B51339
SHA-256:	FE907BFC5ED096F002908D44FA3ECD25E451AB1FEB02E85EDCAF588C9907DB01
SHA-512:	E6AD7C9F66E4AFB42DFD943D19E6445729005AE9FBB006C0A4A492E4CCBE554B22653D26121AC754611A63FC4D09B1B3B1BA00F6C1D13620DBA827EBBB2694D5
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/header/avondklok_hero.jpg
Preview:	......JFIF.....,.,....#.Photoshop 3.0.8BIM.......C..Z...%G.........7..20210113..<..172738..Z..Den Bosch..e..Nederland..d..NLD.....19.....avond.....britse.....buiten.....corona.....coronavirus.....covid.....covid19.....covid-19.....donker.....klok.....s.nachts.....variant.....zijn..(.. ..P..Ramon van Flymen..U..Ramon van Flymen..g..427075918..n.$Hollandse Hoogte / Ramon van Flymen ..s..Hollandse Hoogte..x..Nederland, Den Bosch. 13 Januari 2020. Het is erg rustig in de binnenstad van Den Bosch in de avond. Het kabinet denkt na over een eventuele avondklok. Foto: Ramon van Flymen / Hollande-Hoogte / ANP......1:0:0:004690.8BIM.%........m N.[......I 8BIM.:....................printOutput........PstSbool.....Inteenum....Inte....Clrm....printSixteenBitbool.....printerNameTEXT..........printProofSetupObjc.....I.n.s.t.e.l.l.e.n. .p.r.o.e.f......proofSetup........Bltnenum....builtinProof....proofCMYK.8BIM.;.....-..............printOutputOptions........Cptnbool.....Clbrbool.....RgsMbool.....C

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\brexit-uitgelicht[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 315x210, frames 3
Category:	downloaded
Size (bytes):	11210
Entropy (8bit):	7.9194407081712255
Encrypted:	false
SSDEEP:	192:Ur0YTeYMZH5RPj5Twhym2iUFEYQvTILbFCRIRb0L1SGLfsRXhG7xwEIQiTG:STe9ZH5RPj5TsyfLQWRC8ssGMhG/I8
MD5:	C0DC6D76D9C6ED1B82925BBACFAFD7C9
SHA1:	78CAA2AD947FC7144BEF94B5DB0676887F3F2E40
SHA-256:	4749B750B99AE3103283435DFEEDEF56D5F6DCFA57058F669E35698237C6A246
SHA-512:	F737CB3C708A156F012FD8794AB997508CD64B2C7E7980851FD24AD130E13A1BD622F765D5F68C68048FBDAED3B2764CF439650E23219BAD96D94E1A8EB9AC44
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/onderwerpen/b/brexit/brexit-uitgelicht.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================........;..........................................:.......................!1.A.Qaq....".....2B.#.Rb...$.%.................................)......................!1..AQ.."a.q2B...............?...R......,.H..H.@H.H.%Zv:.....I.#A.....Od".I.+E.?......h......@7h... ..@..(..d.T.@v..H....R.\.U ,(..........m..O.7lf.XJ.H!+)...e-..t....Gh.,.ZE...)..v.i.BV4.8@.K=.".[.;W......% a@.....%i.A...@.:..Z.5...E......X)1.....r.&Z..D..L(.i.....P)..).M..H.+.E..K.^...H.....4....@.@...$.hP.d....5H7...F.0...... M..v*!....J...h.......=+8h.....aD.h.... (`......B....C....:...R9.....(D]..CGJ..@...,(.i.B4....4.. ...tB.T...(V.C)2..H.l....../EDk..4N......%c%.c..`........Q...B..KV'. ....JE..8.H.).D.........{....Z.D@.'hBl..@%bLi..N.7.D.j.J.@..I...m:E.....?.i1]t`C...@.L.A..(.V.6<......{..... .o.N.Z..d.......Az.@.H..;xH...Q...H6..!...@....&...Zb!..- .ZG..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\coronavirus-supermarkt-vakkenvuller[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x320, frames 3
Category:	downloaded
Size (bytes):	38358
Entropy (8bit):	7.972462884921573
Encrypted:	false
SSDEEP:	768:IPHTqgdRJm7uImzHpIg+B3ejRzDQO9zymqXD2XqludGEw+VwBn+:IPzodsJITgVzDQGzymqi6wROZ+
MD5:	A10C2179DE17DE5CF6023F7B0ED08A34
SHA1:	93428CC1DB3AB76E0CB7C1BBD70D7BC847E26D4A
SHA-256:	FE4D5DD125E8EF304CB59DCC22615C0E5B2545887414CA9DABC02CA51D5B47CF
SHA-512:	F4C4E9A5671A1A7CF2E625F197EBCDB5020F06DA5AF4973697A2ED114C6E0D000EE98B18495E4E7429DEAAB4C2207E1C20F57E5431167D377C1F4BC68C058C2D
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/uitgelicht/coronavirus-supermarkt-vakkenvuller.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......@...."........................................M.........................!1..AQa."q..2.....#BR..3b...$Sr..Cs.%4Dc....5TUt.......................................................!.1.."AQ.2aq#....3BR..............?...Uj.......4...Z..\..)..z...R.....z..G....pp....S.....PW.$P..B:.Fy.L.C@...b:.G.j.OJ..E...a..=...,.1m.E.\|t.R<.P.B.w.D.A..yof...5.......M0.:..KZ.z..2..../.M...=.........Vm......&..W..\|..7..\|c..^.u=.....QV...,..TR.N...'.{K;%.u+.m0....o....V.8..W=....... . ...EO...........4...x..<q.qYN.6.T..]..Kvy-..!...E.$......j....P4.\-.}..3 ..Nq.F.oG.t{K..I.n.$K..$....sM.....Z.....eF.6..^\|..$.N...p.[tW....#.O.B..Y.y.....8........^..p..$L......d....>B..Z..w.Ao%...A ..:~..Q."..\|.h.{....Y>.<y.....8.K....N\|....G.V......1....9.3..@j..Z_{....:.../y.r3....#8.............ng.$.......,.4.....6.'.P..2.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\documenten[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	54994
Entropy (8bit):	4.60724486549776
Encrypted:	false
SSDEEP:	768:SaWO+ht6UtWwalPSrszPW7mVUnMxXwCiBO7VoRspzYJ:ZXrPSrsy7Yzi2VoOYJ
MD5:	CD11928F30FB3583BE7A9488FDF015D3
SHA1:	95E7D85D906E89AA93C6162D40037D9CD0339E37
SHA-256:	58EEEADDD6E00224087F11936AE6625D697EE02570B4D1379DFE6E94FDA53263
SHA-512:	151CB3E3EF9CE83DF1BB0B61D9F1E49EF5FA7629A0AFF0AB3D651DB394DC60FBA97E0B8174C605BFA681525393DCC1B29CA14C7A33AFAC1E45BAB4421B47A047
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <title>Onderwerpen \| Coronavirus COVID-19 \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Onderwerpen - Coronavirus COVID-19 - Rijksoverheid.nl"/>.<link rel="alternate" href="https://feeds.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten.rss" title="Documenten via RSS" type="application/rss+xml"/>.<link rel="canonical" href="https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten"/>.<link rel="next" href="https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten?pagina=2"/>.<meta name="viewport" content="width=device-width, initial-scale=1"/>.<meta name="DCTERMS.language" title="XSD.language" content="nl-NL"/>. <meta name="DCTERMS.creator" title="RIJKSOVERHEID.Organisatie" content="Ministerie van Algemene Zaken"/>. <meta name="DCTERMS.identifier" title="XSD.anyURI" content="https://www.rij

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\formulier-voor-de-avondklok-downloaden-en-meenemen[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	16782
Entropy (8bit):	4.897056452057007
Encrypted:	false
SSDEEP:	384:cUukOMWeFHUXj3HEjZeETzKjcQuZ0Y9ZzzYJ:ZXWwEj3CxzKjbA02pzYJ
MD5:	D8E2FDD4FE9BDB696C592D27FA9727BA
SHA1:	CEE4FD2712246563E60CA7179D94CA9A08C1BDA0
SHA-256:	6215CF0F5A33ADDD4FAF2FB7C9219BE9919B782789C0B8F5739568DAF1067EA4
SHA-512:	1A021E5D2FB3AB999C334C46D6DAC8C08E35D6DE5B9E81CFAE1EEADA92022953D2F62CB52A7FA7B7E7FB0D98455FCAE2FFA224A947CA478930827D603172BA45
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-voor-de-avondklok-downloaden-en-meenemen
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Instructie voor formulieren avondklok: downloaden en meenemen \| Publicatie \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Instructie voor formulieren avondklok: downloaden en meenemen - Publicatie - Rijksoverheid.nl"/>.<meta property="og:title" content="Instructie voor formulieren avondklok: downloaden en meenemen"/>.<meta property="og:description" content="Als u tijdens de avondklok buiten moet zijn, heeft u hiervoor een ingevuld formulier nodig. Dit moet u bij u hebben en kunnen laten zien aan de politie. Lees hier hoe u het formulier kunt downloaden, invullen en printen."/>.<meta property="og:type" content="website"/>.<meta property="og:url" content="https://www.rijksoverheid.n

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\huwelijken-uitvaarten-feestdagen[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1500
Entropy (8bit):	7.788549845119078
Encrypted:	false
SSDEEP:	24:/iUpOz9ZszIQQJd+jL/SRNfQtWGW9rAmgL47SDrwqbDCjjT6s+6f3RANMQ0+XD0D:/NpXzIsjL/KN46rAXEAbcj+s+658MQJ8
MD5:	5286215F75A785E7541DEDAB95587C7D
SHA1:	ED71EC24F9E2C78385552D0C135F5A389C7F6CA5
SHA-256:	443256FB149B078FE76315020D4C4CEB1A63C9BC510CB6E726A22DC853865508
SHA-512:	96E48437E7A863F1F5970B204571311C372154FA25B2D5035E953198F54C55C3B97B27EDCDDF9AE1B33BF08FA10492821E7D9D2640065CF72E052BF5AD5A2DB3
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/huwelijken-uitvaarten-feestdagen.png
Preview:	.PNG........IHDR...@...@......iq.....sBIT....\|.d.....pHYs.........B(.x....tEXtSoftware.www.inkscape.org..<....YIDATx..Yh^E...Z..k.[.HUPJ.Z.........X....."...uA..'....B.VMQR.$"..J.fmj>..L......;.&_.~...7....g.3...Zha.q...0.......k.."........9p..{).#PSB...(.n`...(...a....8g6~.....A..E.....{....4..T......~... ......../..!..<._...2....j.J.4..a..............+.....3'o..oT.w..?r.N..sPT.yc.....A....?..}k..B'.......v._....2..7..%.,.Rx.........=..1........dt...6...-.o.....eV...."...@.p..@..~d....Gvf..{.;...\......q..L..o..\.J.!.M...r...?..1.....!.g(.g._......0.t...9b...=.?.<U..;......D.>...8yy[`..(....=......Jv.Q`.2tR..#x!<.XY....>...~......~K..i.B.^.....tg"..!i}D.E......;.....Rv.YQ..Zg....(.:p[_.1.(+.l.j...;.o...y.3}.[....b.N..B...,......]..@:f9u.....JS..Q....~..>J?h.....E.4B_._........2.Y.{...q..#?...c.{...#Q.<....)...F... .<....=...i......i.4.\...W......N..k.]d~..&...h.."..,..!T.o.l.....M...j..PfY..NN.X..V..q..p,....p.Ui..m.o..._..F.+X..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\icoon-reageerbuis[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	537
Entropy (8bit):	7.114134753084636
Encrypted:	false
SSDEEP:	12:6v/7O/6Tog8WTnmf0qkfYlKKKKKKKKKKAPE8Bsv2y7wSTSLK:D/6Bbmf0VfYgPE8GRL/
MD5:	1213634A486D16E8C356FAC9CA7561F6
SHA1:	AAD69F1067962A1AE4CF1F604D5B5986E036F49E
SHA-256:	B78B84462184D5CA319C008DAC17BF54BCB73F4F15AA7396FA07AB08EF6E12BC
SHA-512:	80EBC0CC903A01FB25234755A67AAE806E11F4C17D6D454579A74B40C2CBD6C69148723B6D88436ACDA6151F0C505F14D9F769E47B46CC5264296EAAFC71CED2
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/icoon-reageerbuis.png
Preview:	.PNG........IHDR...@...@......iq.....pHYs.................tEXtSoftware.Adobe ImageReadyq.e<....IDATx...m.0.............t.F..`...........L.S/.D..`;..Y:YX.s.\|...v!..r......&.&r.5......t.I.N....h2..nh..,....R....9*.....?`..\|..$.s..4do..]..F.....pW[..~.9.}.P...1.X..V.....imJ...-J.....e}J........P..pR&.5W..3F.......................................@Y.z..t.L..Y..}...........y.........7.N....H..w..0.^x@....rE+......0.....e(.yD...D..k[..&.....I=.(.;.6....X.`{,._..v:v..@.U.^0l+c.`..'%..kb\..."+^..b>..4........N.J.-..j....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\mondkapjes[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	1192
Entropy (8bit):	7.762744338222622
Encrypted:	false
SSDEEP:	24:yxlDSHJjt7ilo4ztgRifZSATQzQlADjaz12hhm8TWtq0a033S5dJ:yxZSHJh7dgO2AATmaohsBtLa03Cl
MD5:	858449A94F216796D108896FDC40F4AC
SHA1:	383910F2BD8F3F990AC73FB5D247BEED1829ED13
SHA-256:	656A9EA6299679181C33215F76C75AF3A405C3C161FC2BBB95467C0642A8A229
SHA-512:	8CEA854DB3F8C20D1602D0E49D45E9E70231BD56E828C8C91A4D84491F29DA95AA2069CB9B0C2A437639263A340EC21B47FCFEAFE8586ECB42AB930409B6B564
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/mondkapjes.png
Preview:	.PNG........IHDR...@...@......iq.....pHYs...........~....ZIDATx..[.u.@..x..v...d.......o@. ....& ..N@2.......8.>[....{M.;Y...>_XD.%.K....f..#\|^.k.&.sy.3.......e.?..\Djo..=.O:(......k.o.~S...ADU..."..k...@.....Edg(..],...s..}... "..,g....D.$.=...9`..#Q.......Q.r.fp....h.O..e/d..cj..D...\|........#..]e.d...-.5tDW..]B.Py...x.... n+$6K: .L{...(..'.,...z..~W..CG......Z.?"?.Im.~.m...6.........k...E..S....$p.Q<c....d......5\|.Y...7..TE.G...w+...<.>.F...`..n...0..G........._[.....yi....U.d.Ez..3.Q..U".m....("6{.....!.Dt.........y).R~.(.X.1....r..xK<..2.j..D.H..3<.8D...f.67\.....q.w!J..).z!=C..I....(P..:rC.\|s........S..}.y.#D.......g.1A.-..b.o...../W...0k. P.O/-`m.....% b...}....U...x5.c4y....}...N.$...8S../.......#B%@.uT!V.n/....T.....Dh. Aq.?.....iN....w;e......"~),V[.35..q.)..)...l.L.....m5.`.6Y..)N...2...x..4.;....x..zH.M..l.<..zc.....[........Cf.5(Va...R.n....~...V=x4...'.....r.....~"...,.O3}l. U...B...m...6.+....{..6.{..h..T.>..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\onderwerpen[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	60224
Entropy (8bit):	4.204862447073666
Encrypted:	false
SSDEEP:	768:4AWUYF6Ac5OOTW7kDhJYEzI0/RIST8pzYJ:VJ2MTDhJYqiYJ
MD5:	8FDFDAB1C629EA64EAC3590E252BA3DB
SHA1:	1D4F87F8571DD82995F88C9370A4EBE8CFB86AFB
SHA-256:	976BFE0C46E166A0636292286EF318CB0B5C6B9FEFF3ED165DE63F4F6FEE3A70
SHA-512:	1B0321B6C8847E17AB11AA88DCD3613EFF97FC7B7B6FD4CD28CA8ED11DAF1A2484726360E6F6F4DC8105A41E6A91AD34A38BD813309ECD1ACE88A3A5D75D1809
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen
Preview:	<!doctype html>..<html class="no-js fullWidth" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Onderwerpen \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Onderwerpen - Rijksoverheid.nl"/>.<link rel="canonical" href="https://www.rijksoverheid.nl/onderwerpen"/>.<meta name="viewport" content="width=device-width, initial-scale=1"/>.<meta name="DCTERMS.language" title="XSD.language" content="nl-NL"/>. <meta name="DCTERMS.creator" title="RIJKSOVERHEID.Organisatie" content="Ministerie van Algemene Zaken"/>. <meta name="DCTERMS.identifier" title="XSD.anyURI" content="https://www.rijksoverheid.nl/onderwerpen"/>.. <meta name="DCTERMS.available" title="DCTERMS.Period" content="start=2017-06-30;"/>. <meta name="DCTERMS.modified" title="XSD.dateTime" content="20

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\piwik[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Formulier%20'Eigen%20verklaring%20avondklok'%20%7C%20Formulier%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=657720&h=9&m=36&s=26&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19%2Fdocumenten%2Fformulieren%2F2021%2F01%2F21%2Fformulier-eigen-verklaring-avondklok&_id=b4beb525bffa09d5&_idts=1611596186&_idvc=1&_idn=0&_viewts=1611596186&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22jenv%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%7C%22%5D%2C%223%22%3A%5B%22type%22%2C%22leadingpage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%224f86e7d6-df76-46a0-831e-3c0b24432efc%22%5D%7D&gt_ms=24&t_fs=0&t_ds=0&t_cs=0&t_ce=0&t_qs=0&t_as=0&t_ae=24&t_dl=0&t_di=307&t_ls=307&t_le=308&t_dc=389&t_ee=427&pv_id=dO692X
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\piwik[2].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Onderwerpen%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=670844&h=9&m=36&s=48&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen&_id=b4beb525bffa09d5&_idts=1611596186&_idvc=1&_idn=0&_viewts=1611596186&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22-%22%5D%2C%223%22%3A%5B%22type%22%2C%22placeholder%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22912d5da2-9b1b-41bd-99da-7ed38787b691%22%5D%7D&gt_ms=5&t_us=38&t_ue=38&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=27&t_as=30&t_ae=32&t_dl=30&t_di=604&t_ls=604&t_le=604&t_dc=615&t_ee=799&pv_id=PcuYlW
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\piwik[3].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Contact%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=889457&h=9&m=36&s=59&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fcontact&_id=b4beb525bffa09d5&_idts=1611596186&_idvc=1&_idn=0&_viewts=1611596186&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22az%22%5D%2C%222%22%3A%5B%22subject%22%2C%22-%22%5D%2C%223%22%3A%5B%22type%22%2C%22webpage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%224285508d-8cdf-4b73-ba3a-55f8657f109c%22%5D%7D&gt_ms=3&t_us=50&t_ue=50&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=36&t_as=38&t_ae=39&t_dl=38&t_di=547&t_ls=547&t_le=547&t_dc=559&t_ee=578&pv_id=h1vsl1
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\rop-survey-bar-and-ergo.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	6598
Entropy (8bit):	5.152596769487846
Encrypted:	false
SSDEEP:	192:9RWdlO52vbCvQNdYLdJTQ9il9fhBXIx98el4s:9RWdlO52vbCvQNduMgqP8el4s
MD5:	DF7403C355C8458E9464E9A7F876D5AB
SHA1:	A38DC318BBDD0144AE968703C30DEAE29C290A09
SHA-256:	B2C9229A212EFC384FB30973542CF340CA08ADEC70F8B5E014BABCAF99B0C548
SHA-512:	167A2FD43912FBB3F11B456932FA95385F9F9E201FFBBB2E056BAAD8A19D6A8339A4BEB2CD61D9933DFD36790C8E01BF06F5A936705D80669218C9523B51F691
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/assets/rijksoverheid/behaviour/rop-survey-bar-and-ergo.min.js
Preview:	var pageFeedback={initiated:!1,showOnPageTypes:["webpageextended","webpage","faq","governmentalproduct"],hideOnPartOfUrl:[{urlPart:"actueel",location:"last"},{urlPart:"actueel/nieuws",location:"last"},{urlPart:"actueel/nieuwsbrieven",location:"all"},{urlPart:"actueel/agenda",location:"all"},{urlPart:"ministeries",location:"first"},{urlPart:"regering",location:"first"},{urlPart:"documenten",location:"all"},{urlPart:"consignatiekas",location:"all"},{urlPart:"wetten-en-regelingen",location:"last"},{urlPart:"coronavirus-covid-19/ondernemers-en-bedrijven",location:"last"},{urlPart:"coronavirus-covid-19/zorg",location:"last"},{urlPart:"coronavirus-covid-19/ouders-scholieren-en-studenten-kinderopvang-en-onderwijs",location:"last"},{urlPart:"coronavirus-covid-19/verkeer-vervoer-en-reizen",location:"last"},{urlPart:"coronavirus-covid-19/werknemers",location:"last"},{urlPart:"coronavirus-covid-19/openbaar-en-dagelijks-leven",location:"last"},{urlPart:"coronavirus-covid-19/coronavirus-beeld-en-vi

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\sander-dekker-2020-1[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, big-endian, direntries=17, height=4000, bps=0, PhotometricIntepretation=RGB, description=Nederland, Den Haag, 19-08-2020. Sander Dekker, Minister voor Rechtsbescherming van het ministe, manufacturer=SONY, model=ILCE-9, orientation=upper-left, width=6000], baseline, precision 8, 830x553, frames 3
Category:	downloaded
Size (bytes):	65383
Entropy (8bit):	7.521693564786096
Encrypted:	false
SSDEEP:	1536:iY74dgbymi6gihBu59TV4yO1mXLv+irVe6NRHzQg38A:i4cogcEVQsLvjXkg38A
MD5:	B8A28085C7728FEDCFCE6E12700747BB
SHA1:	0920F21266FB4F3EA7E133E5BF5D1BFCEEC73EE9
SHA-256:	EE81F5F7B6BDCE4A3DF9A30FCE37F7933FF55B839904DA6D5FEAB2985BCE509C
SHA-512:	C5EB9539FC1130FB28B38333DF36F06759AE0B184B1F32CCF201FEF4C1B0288B36A299F4F52ED0D7830E7802A390D51E9BD9B0B1D579DA1E99B454280B9E7B14
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/regering/bewindspersonen/kabinet-rutte-iii/sander-dekker/fullsize/sander-dekker-2020-1.jpg
Preview:	......JFIF.....,.,.....<Photoshop 3.0.8BIM.........,.......,......8BIM..................8BIM..................8BIM.......H./ff...lff........./ff...............2.....Z...........5.....-..........8BIM.......p................................................................................................................8BIM.......~..Z...%G...................Beeldcentrum Rijksoverheid.....Beeldcentrum Rijksoverhied...."De minister voor Rechtsbescherming.....JenV....%Ministerie van Justitie en Veiligheid.....Rijksoverheid.nl.....Sander Dekker.....bewindspersoon.....kabinet Rutte-3.....minister.....ministeriepagina.....portret.....portretfoto.....regering.....rijksoverheid.....vierkant..7..20140123..P..Arenda Oomen Fotografie..U..Fotograaf..t..Arenda Oomen .06.5383.3039..x.~Nederland, Den Haag, 19-08-2020. Sander Dekker, Minister voor Rechtsbescherming van het ministerie van Justitie en Veiligheid......Sander Dekker..Z..Den Haag.._..Zuid-Holland..e..Nederland8BIM................8BIM........

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\start-vaccinatie[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=12, description=VEGHEL - Pfizer / BioNTech eerste set vaccinaties tegen COVID-19 in de priklocatie in Veghel. S, manufacturer=NIKON CORPORATION, model=NIKON D6, orientation=upper-left, xresolution=187, yresolution=195, resolutionunit=2, software=NIKON D6 Ver.01.11 , datetime=2021:01:06 08:54:15], baseline, precision 8, 830x553, frames 3
Category:	downloaded
Size (bytes):	113955
Entropy (8bit):	7.863601961966462
Encrypted:	false
SSDEEP:	3072:urFzMwTd8XmLLws0gedOi66AXrjk39J5gQb8:MMU82v0dUXXk39q
MD5:	C96BA5E9FFA4DAA9296DC1BAE6F67222
SHA1:	9C27F9C049874B343D9867845207FF6CE73961D2
SHA-256:	04AF7C41E46D42EE69A5AB76E22C5FC7EB469E601E432E24181E5576017F1CC8
SHA-512:	54905A322C816CB8AA23DE0657E5D5FDEE375A4DA018355E20FABD3F5CC620066CFF7594614B130610FF8CE5FD7C88EDCEA480D669359AA7DF8DF31384AC55B4
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/banner-afbeeldingen/home/2020/start-vaccinatie.jpg
Preview:	......JFIF.....,.,....'.Photoshop 3.0.8BIM..........Z...%G............corona.....coronacrisis.....coronamaatregelen.....coronavirus.....covid19.....crisis.....gevaccineerd.....ggd.....personeel.....prik.....prikken.....priklocatie.....prikstraat.....Vaccin.....vaccinatie.....vaccinatieprik.....vaccinatiestraat.....vaccineren.....verpleegkundige.....virus.....ziekenhuis.....zorg.....zorgpersoneel..(.. ..7..20210106..<..084346..g..426847120..n. Hollandse Hoogte / Robin Utrecht..s..Hollandse Hoogte..t..ROBIN UTRECHT..x..VEGHEL - Pfizer / BioNTech eerste set vaccinaties tegen COVID-19 in de priklocatie in Veghel. Sanna Elkadiri verpleeghuismedewerker die eerste vaccin krijgt een spuit met het vaccin vaccinatieplicht coronavaccin Sanna Elkadiri, medewerkster van verpleeghuis Het Wereldhuis, krijgt het eerste vaccin in Veghel Aanbieders van acute zorg, zoals ambulancepersoneel en IC-medewerkers, worden in verschillende ziekenhuizen geprikkeld tegen het coronavirus8BIM.........,.......,....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\5112-zijaanzicht-auto[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	1568
Entropy (8bit):	4.952377203193806
Encrypted:	false
SSDEEP:	24:2dNqAiELZK60yVJJRb60yGW3PF48EZ+UPKcTlMCCXH4lFCVXFxjbstSr9dQtqBgC:cQAiMo6b1Ag8EwUPKnHtxjbsSdfGdk
MD5:	F20665D544861C8D91D4D17569DA560D
SHA1:	9AB295C54648849D7E161107AF1374BD47EA434A
SHA-256:	C9885F8080334DD0DF04AD0C9DAA3890AF47751F1ACCBE0BD417D5653ED63BC0
SHA-512:	F3B067C3E3D9A60D348AD011E840C97BB1B093699ADBAF1369E3A821A71301903A679E29FF0F7A380F79E81A43CA1D805FB3C12788BD09ED42D0C5789BB209BF
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/5112-zijaanzicht-auto.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 19.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="Box">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<circle cx="50" cy="39" r="5"/>...<circle cx="15" cy="39" r="5"/>...<path d="M62.4583,31.9736c-2.8083-4.4124-17.3787-7.4388-17.3787-7.4388s-6.4366-6.101-9.7731-6.8373 c-3.3352-0.7375-13.1176-1.1043-17.5385,0c-4.4197,1.1044-10.0776,5.9188-10.0776,5.9188 c-2.7605,0.8514-4.8602,1.3595-5.6644,3.241c-1.1632,2.7253-1.1632,8.0613-0.4642,9.9019C2.2849,38.662,4.122,40,5.9843,40 c0.0247,0,0.7651,0,2.0447,0C7.9824,39.6725,7.95,39.3405,7.95,39c0-3.8949,3.1552-7.05,7.05-7.05s7.05,3.1551,7.05,7.05 c0,0.3405-0.0323,0.6725-0.0789,1c6.619,0,14.3077,0,21.0579,0c-0.046

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\6024-ondernemingen[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	948
Entropy (8bit):	5.332535587731528
Encrypted:	false
SSDEEP:	24:2dNgAiELZK60yVJJRb60yGRNtE+5zWzL3eTMLSL3q744esoOKg:caAiMo6b1AM1WzreTMLQuReTOKg
MD5:	EA28D2416B8730999265BD4A87E3CD74
SHA1:	068042B5BEC57209832183B811B416BE3DEED067
SHA-256:	8AF91FA624AF5EA82EC9E9E0478C7B3FECCD843B2677BFD56DCDE73E381F11EA
SHA-512:	0E7AADB371F94EEAED8B8F3112C19484CB8B74346D571105255125BFE2990E630887AADE6B39850354273B4EB1EA09A62EF256489332AA1DFFDA9C109C09FA66
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/6024-ondernemingen.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 17.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" baseProfile="tiny" height="64px" version="1.2" viewBox="0 0 64 64" width="64px" x="0px" xml:space="preserve" y="0px">.<g id="Box">..<rect fill="none" height="64" width="64"/>.</g>.<g id="Icon">..<g>...<path d="M40,3.5C40,3.2238,39.7761,3,39.5,3h-25C14.2239,3,14,3.2238,14,3.5V31H7.5C7.2239,31,7,31.2238,7,31.5V61h20V19 c0-0.5523,0.4477-1,1-1h12V3.5z"/>...<path d="M56.5,20h-27c-0.2761,0-0.5,0.2238-0.5,0.5V61h12v-6h4v6h12V20.5C57,20.2238,56.7761,20,56.5,20z M38,51h-4v-4h4V51z M38,44h-4v-4h4V44z M38,37h-4v-4h4V37z M38,30h-4v-4h4V30z M45,51h-4v-4h4V51z M45,44h-4v-4h4V44z M45,37h-4v-4h4V37z M45,30h-4 v-4h4V30z M52,51h-4v-4h4V51z M52,44h-4v-4h4V44z M52,37h-4v-4h4V37z M52,30h-4v-4h4V30z"/>..</g>.</g>.</svg>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\7PS93889.htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	21723
Entropy (8bit):	4.708696998003483
Encrypted:	false
SSDEEP:	384:4aG1ukO3W5HUPzP3a8EVLCmYWzKh8dZzzYJ:4a4IWxWP3a8EVLCmYsxpzYJ
MD5:	A81BDCEA4E78104A788669273D956A00
SHA1:	7145DCCD10C6EB17BFBC02BE3E51F0F1B2E99820
SHA-256:	FE0DDE41F42ACB26FB66A3F8EEA25C5FAA1063FF5053AFA25CE9EC3FF753CF3C
SHA-512:	79BA1A6769490E8391955A19C79252C3E56267A9C8E093AF05A5B68ABA18547987A5991DD7D06CEF35360E1452C907D7D3C14E8EB0EE0259848E9D8556174CF9
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/
Preview:	<!doctype html>..<html class="no-js fullWidth hasMainNav" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta name="description" content="Rijksoverheid.nl is de website van het Rijk met uitleg en nieuws over wet- en regelgeving van alle ministeries."/>.<meta name="DCTERMS.description" content="Rijksoverheid.nl is de website van het Rijk met uitleg en nieuws over wet- en regelgeving van alle ministeries."/>.<meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Informatie van de Rijksoverheid \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Informatie van de Rijksoverheid - Rijksoverheid.nl"/>.<link rel="canonical" href="https://www.rijksoverheid.nl/"/>.<meta name="viewport" content="width=device-width, initial-scale=1"/>.<meta name="DCTERMS.language" title="XSD.language" content="nl-NL"/>. <meta name="DCTERMS.crea

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\CnTAjastServiceV2[1].ashx Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	64
Entropy (8bit):	4.814464015923011
Encrypted:	false
SSDEEP:	3:Fpk4GiTTqUh8f:FHbqU6
MD5:	C6B4B93738E43CB71C2484E5A42DD26C
SHA1:	C38CCE8C77A6FC31BCC0B01DBC4F475149CF85F3
SHA-256:	70DE03293E994E51E8707DCFF1A9295F5CE5A124F9C0DF859C43977CE91E4347
SHA-512:	534E5CA7FEFD1DCD567C60CC44498699B1F1AFAC43372456E93BDD582C8D6465FB35576C979B26AF51ACE8E8134BDEC7DCBC1563495919D574269B42431973EE
Malicious:	false
Reputation:	low
IE Cache URL:	https://onderzoek.platformrijksoverheid.nl/CnTMVC/CnTAjastServiceV2.ashx?ServiceMethod=WriteRequestData&cusId=108108108&prot=https:&domain=www.rijksoverheid.nl&path=/abonneren&srch=&title=Abonneren%20%7C%20Rijksoverheid.nl&doc=https%3A//www.rijksoverheid.nl/abonneren&SsId=-&r=-&c=24&res=1280x1024&time=34622011&ac=2&cdv=708&csv=20210122-152419&extrainfo1=_pk_id.4.e7da/b4beb525bffa09d5.1611596186.1.1611596221.1611596186.\|\|00057&callbackAjastFunctionName=OX.AJAST.m_callbackFunctions.callback1
Preview:	OX.AJAST.m_callbackFunctions.callback1('367175869_84.17.52.74');

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\accordion[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	1607
Entropy (8bit):	4.665070414272165
Encrypted:	false
SSDEEP:	48:039aQxVaQeZaQZ/4laQxoaQe9maQZiaQqaQCaQeaaQAaQqaQCaQeaaQxc8:03DJevZ/4rUe9sZIQoegOQoegxc8
MD5:	4D7F89A1DE3F06769A1F64C4214748FA
SHA1:	17C9341209B9DCEFEB9A55D8D5482F0F9F04313E
SHA-256:	BE6AC51394D0CD2B31FAB9676D1402496EF626048D1ADD8C0D8CD0B6F5AA684B
SHA-512:	016A2BFC9C82255F8C4E482E75B259471A5165B82EC65CA2159AE964BCC75B08667B7A78617E58B692E6ECEB9330C5DB62A9E48B7584F9AC19207E0E529C62C2
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/accordion.js
Preview:	$.fn.accordion=function(){$(".accordion__button").click(function(){if(this.classList.contains("active"))return this.classList.remove("active"),this.setAttribute("aria-expanded","false"),this.removeAttribute("aria-disabled"),this.parentElement.nextElementSibling.setAttribute("aria-hidden","true"),this.parentElement.nextElementSibling.style.maxHeight=null,void this.parentElement.nextElementSibling.classList.remove("active");$(".accordion__button").each(function(t,e){e.classList.remove("active"),e.setAttribute("aria-expanded","false"),e.removeAttribute("aria-disabled"),e.parentElement.nextElementSibling.setAttribute("aria-hidden","true"),e.parentElement.nextElementSibling.style.maxHeight=null,e.parentElement.nextElementSibling.classList.remove("active")}),this.classList.add("active"),this.setAttribute("aria-expanded","true"),this.setAttribute("aria-disabled","true"),this.parentElement.nextElementSibling.setAttribute("aria-hidden","false"),this.parentElement.nextElementSibling.classList.ad

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\cnt108108108[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	45998
Entropy (8bit):	5.478124678540851
Encrypted:	false
SSDEEP:	384:EYyBx4A5e/wBw9/vYL7sw2d3XYZMOAC22aT8s5LDw6+p5w7T6rrj8Q09PU/mrc+u:rACxHqMS22Q5b+pK6rr5CP73XHDNfEUm
MD5:	FFB4068AFBF9629230748083C299F031
SHA1:	4E0297D24A8510B355657ADFC01606BFDD30118E
SHA-256:	DB5E0EA617C05BC660FD85820083FC07A0B6A4EE5B94226D65F2740640989208
SHA-512:	9EF1A440D2D7C080101FA5D39F8713C3BCE72221CF65AC556010BFA0E2D3BB96E2BD3E7A38351EE88E2566A8B5F5784129D2B792499BDB8DA7B3237CA2E58DE0
Malicious:	false
Reputation:	low
IE Cache URL:	https://onderzoek.platformrijksoverheid.nl/CnTMVC/pub/108108108/cnt108108108.js?cb=20210_25_9
Preview:	//Rijksoverheid.nl 108108108, fileId: 108108108, version: 20210122-152419.(function(e,m){var l="00057";e.CUSTOMERID="108108108";e.cntCustomVersie="20210122-152419";e.SYSTEMDISABLED=false;e.EXCLUSIONSEQUENCENUMBER=77;e.ERGOSERVER="//onderzoek.platformrijksoverheid.nl/CnTMVC/";e.ERGOSERVER_DOMAIN=e.ERGOSERVER.replace("//","").split(/[/?#]/)[0];e.SURVEY_EMBED_MODE="inlinehtml";e.UseSurveyBodyLock=true;e.THIRDPARTYANALYTICS="piwik";e.SURVEY_STYLESHEET_URLS=null;var j=["onderwerpen/coronavirus",];var i=false;e.ONDOCUMENTREADY=function(){e.DetectIsOnPageEvaluationUrl();if(i){ergoCnTapp.DebugWrite("Removing: native RO feedbackBar","info");$("div.feedbackBar").remove()}$("div.skiplinks a").click(function(n){ergoCnTapp.UploadEvent(3,"skiplinksbutton")})};e.DetectIsOnPageEvaluationUrl=function(){var n=(location.pathname+location.search).toLowerCase();for(var o=0;o<j.length;o++){if(n.indexOf(j[o])!==-1){i=true;return}}i=false};var g=function(o,p){var n;switch(o){case"Rol":n=[{displayText:"Ge.nte

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\contact[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	18982
Entropy (8bit):	4.951131037586637
Encrypted:	false
SSDEEP:	384:VVHjaukOqWEHUw4EoEbeEthqKYEZ8RhfbaH40kH40mvH40mX5XNZzzYJ:VVHuvWijrLhq88Rhf2Y0kY0KY0mXrpz4
MD5:	EF540E59744D7CA3C64F87882DD784F9
SHA1:	CFD2AA785788141C9735B4FB9AD990DB586CB964
SHA-256:	44E87472A8CFE964EC3DB2A242E33A8F65F93B22CC39A2CEC817432FA695C235
SHA-512:	2D916BB8E739D25E2A69ACB2E1B5C3000DEBFA93D91F7A86B110F428ECC0504C47566590CF82F92D739EE21B4BC4F20741129F278F3CB5A1F9B61DC5D1C17FDB
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/contact
Preview:	<!doctype html>..<html class="no-js" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta name="description" content="Voor vragen over de website Rijksoverheid.nl kunt u contact opnemen met het loket Informatie Rijksoverheid."/>.<meta name="DCTERMS.description" content="Voor vragen over de website Rijksoverheid.nl kunt u contact opnemen met het loket Informatie Rijksoverheid."/>.<meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Contact \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Contact - Rijksoverheid.nl"/>.<meta property="og:title" content="Contact"/>.<meta property="og:description" content="Heeft u vragen over het coronavirus en de maatregelen? U kunt dan terecht bij het publieksinformatienummer 0800 - 1351 (tussen 08:00 en 20:00 uur). Voor het maken van een afspraak voor een coronatest kunt u bellen met 0

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\corona-in-eenvoudige-taal-lowres[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x320, frames 3
Category:	downloaded
Size (bytes):	17279
Entropy (8bit):	7.971048985955808
Encrypted:	false
SSDEEP:	384:wRl+IORVbbubC9vGektZD4NL/CJvgqsAm1cmBxKBPM8xUvDs:wbORh9atVSC7m11l4
MD5:	8D39F80190FBFBABB260D7B14C05C650
SHA1:	BF0CA8D6B8DB3B84FC3468D5E86125200D93AC56
SHA-256:	B7DD1B70BE0EA91FF736300CEC6F8F55F80048D7689F4B14B0D32FA9C2EE53CF
SHA-512:	DE4D395353C327D09844E919533D4A7CA45A6569354F1F1CECE94FBE4D9B2E62FA143F3F2B19EFDD905D361A97B4FC647A011A8D7CB6CB182B6642279C1C6290
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/medium/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/uitgelicht/corona-in-eenvoudige-taal-lowres.jpg
Preview:	......JFIF.............C...........................$ &%# #"(-90(6+"#2D26;=@@@&0FKE>J9?@=...C...........=)#)==================================================......@...."........................................V.........................!1AQ.."aq..2R..3B......#br.....$5ES.....4TUds...%&6CDct..................................'.......................!1A.Q.2"a..qB.............?....x,.g<.(.)...#....U.Ni.n.>.Xb..`..J...U.v^B.`..U$g.....3....uj..g.E..8.TIg.`<.....Qx....."..)7i..hT.S....JAu....EH..'.....U..W..8...ZPT.d.#b...L....7..B.......w.Q.H$.rF.wS...U~.>.N...K...n.........9..B.u...4@.f..v@.w"i.#Xc..n..;...A.(>)Q"}9.Ct.S.V...e..<8#Cj.'X.me.B..7.`&.Vo...KAZh...;...+U...].T..../.g....U.(.:.f.mwN.....pj.....f"p6I.KsO&.;...W..m..Q...@+..m...........A.R....)..?...wO~. ,..aY.S..}^.k.....`..l...K_M.f.....,:.O..fm...........UD.w.S.`..r...(...L#.j)H.e..N.=.p@p.)j...'_x..4..Y^j..E..\..0.\|.g-......{.3..7.ra.l.jG.X.n.M.rq..k.vW1..l..e;\9......HM.u.F.wsN......z\.b3v..".>

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\coronavirus-covid-19[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	28535
Entropy (8bit):	4.597790746638992
Encrypted:	false
SSDEEP:	384:QXfKukOspeW2sHUYCDlxIZGfv0Lh5mE674jgo9ZzzYJ:QXSiWHWDTIZGfvgbmE6UjHpzYJ
MD5:	0B33E5006271318199F7EA4FC57E9312
SHA1:	955787D471D07DAEC0ACAD08A0CC866E9A841055
SHA-256:	EB47FD640646EB5986A1D05AECC0D9A6018390AE5C842E98E740CDD19BF504D6
SHA-512:	5D195E7959DD2192DF286373E75EF0B20EEC42697F42D03BFCAB8B45E1CBBB92B52485073311D7CC89CF567594E3C73044FD34B009973B890F8ADDBEA1C3AE39
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19
Preview:	<!doctype html>..<html class="no-js fullWidth" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta name="description" content="Actuele informatie over het coronavirus COVID-19. Zoals de maatregelen tegen verspreiding van het virus."/>.<meta name="DCTERMS.description" content="Actuele informatie over het coronavirus COVID-19. Zoals de maatregelen tegen verspreiding van het virus."/>.<meta property="og:image" content="https://www.rijksoverheid.nl/binaries/small/content/gallery/rijksoverheid/channel-afbeeldingen/logos/facebook.png"/>.<title>Coronavirus COVID-19 \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Coronavirus COVID-19 - Rijksoverheid.nl"/>.<meta property="og:title" content="Coronavirus COVID-19"/>.<meta property="og:type" content="website"/>.<meta property="og:url" content="https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19"/>.<link rel="alternate" href="https://feeds.rijksoverheid.nl/onderwerpen/coro

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\cultuur-uitgaan-sport[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	958
Entropy (8bit):	7.665208359525332
Encrypted:	false
SSDEEP:	12:6v/7/6iSPSHYPdvZfxjS3qGPV0uCuglDfaFB+PykJw6WspGDGkpTiehBv6TH98z3:K6iPHYlPsBP/6le5kJgsQSG2eniTHQ7
MD5:	09FF59129DC72C9B2CEE339B19930025
SHA1:	EEA6C815155E3EED28450C8D9A393FC0265924DD
SHA-256:	BB3BD443C1F0DB3DB457A3D2818DFC463E5A384FCDECB54075FAA2E176838048
SHA-512:	0DA4F6ED705584BBE182E3A4A8EBD67EA9B02199C82A2846E629AC20EBB0DE7C57191C9134B1B43273B32C825B28D9386CD6AFAD82AD9E3985F4BE8008E64E5B
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/iconen/cultuur-uitgaan-sport.png
Preview:	.PNG........IHDR...@...@......iq.....pHYs...........~....pIDATx..[.q.0..r}.7h6.;A5.FP_.R...2.6.6.......<.z.W.!%Z?`X.w8.4!.....a$".ez.1wD.!b..$l.-.X.(...........S..<%.mN...a(..N.m.S.( ..98...5...c......+......<aDl.q......%.r.Q=...h..9J`..;.q)M.M.....F..p.r..........q........,.........j!SC..........k.v..L.....HV.~5%(.@?b.'..\.[7...$..Ld....O.h......i.-..r......i.?J#..F.v.}`_.JD..v.jP.+A...7r5...N.NqL..0....Y..Z..>.N.+.\|....#......Y)?\+...6...........Ok...H;#.@.S..E,..=.....{.......-`.}6.c}6%m..)K".%m.\..,.!b....\.-r.J..p..C..O.lJ9-........G.....nF....w............#}7.....a....qv.j....\|.1d..W.......e....}G..;......Rd....\........&cxL....m....,.......#;..X".....-..$.=%;....]....<. .:hM..>oa..s.....M:..er.D.v.i.}).jD...ON57...-J>bb.......C.p.y.M...%.R.."e.^..}!.h.;.I9.)K>.".....@.(..$.-.I..S.I....B."#......$7o..l-o/..A?+R.1..z~.......e...sE.....4.w.P..}._...........d""....(J.a.....u....]...EG.....IEND.B`.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\forms[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	20086
Entropy (8bit):	5.0630445414797896
Encrypted:	false
SSDEEP:	384:aRGD5BGn11y6hqZDCgtXZLqTUouR+KL/hWXVZiXGutbHpbWotuMvgEh0qtSY71OK:8GD5BGn11y6+7XZ2QX+KNWFZi2utbHpn
MD5:	FA31C45A4991A91652CC2C7BF84B6B8F
SHA1:	082FED512F6A2B5B5587B4FA02CF622BB3443C70
SHA-256:	FDE12A3EF014C58BFCDCBB13A5DAA868257D9EABE2B6933DA6B8C672471C8149
SHA-512:	5D3CA8723A6658C84A04DBD433E85AD4BCCA490B668164FF76B23A9F978D6CC4EA0D0A281A904F9D7302169717A099FBCC92C247E11C203D774848BFB89BB715
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/behaviour/shared-ro/forms.js
Preview:	function handleFileUploadChange(t,e){t?($(".fileupload--"+e+" .button-remove-before-submit").css("display","block"),$(".fileupload--"+e+" input[type='hidden']").css("display","block"),$(".upload--"+e).css("display","none"),$(".fileuploadInput--"+e).css("display","none")):($(".fileupload--"+e+" .button-remove-before-submit").css("display","none"),$(".fileupload--"+e+" input[type='hidden']").css("display","none"),$(".upload--"+e).css("display","block"),$(".fileuploadInput--"+e).css("display","block"))}function customSelect(t){t.wrap('<div class="proSelect"></div>')}$.fn.autoGrow=function(t){var e=jQuery.extend({extraLine:!0},t),i=function(t,i){var n=t.val().replace(/&/g,"&").replace(/"/g,""").replace(/'/g,"'").replace(/</g,"<").replace(/>/g,">").replace(/ /g," ").replace(/\n/g,"<br />")+(e.extraLine?".<br/>.":"");i.html(n),t.height()<i.height()&&t.height(i.height())};return this.each(function(){var t=$(this),e=function(t){var e=t.attr("name");return $("<div/>",{cl

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\jv-dv-20181220-id0i0q33x-ondertiteling[1].srt Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode (with BOM) text, with CRLF line terminators
Category:	downloaded
Size (bytes):	3379
Entropy (8bit):	4.847424360375029
Encrypted:	false
SSDEEP:	96:X9xhiHxGa9sgAQhL3eXoiXX32Wkc/KZryAVPoUpUc9bgC0e:X9xwRVsgAkL322YSZGibgpe
MD5:	332722E51B84D0272EDC2DD335335BB1
SHA1:	23C8579179A1F95E1EFB76DE6C32EF74A3065FDB
SHA-256:	B968F7DADA801B99472FEBDA8A9B4ACF3EB139E9C59235408A6330724226F7E5
SHA-512:	30774553777E5A3B32008FA861A1C75853D0454375F1ED1BDA1D352B64828611F84B605992B503DF5C7FAA6D853803204E87B2F6A4D5C05FE4B755DB6A4C457A
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rovid.nl/jv/dv/2018/jv-dv-20181220-id0i0q33x-ondertiteling.srt
Preview:	.1..00:00:03,440 --> 00:00:06,440..Ga je mee, Jack?..Kom!....2..00:00:08,840 --> 00:00:12,560..Ik haal even een dossier op bij de planning.....3..00:00:13,160 --> 00:00:14,640..Aan het verbouwen.......4..00:00:17,320 --> 00:00:18,760..We gaan nu naar binnen.....5..00:00:18,760 --> 00:00:20,640..Daar worden de voetgangers gecontrolleerd.....6..00:00:20,840 --> 00:00:23,560..We komen steeds meer drugsafval tegen.....7..00:00:23,560 --> 00:00:26,960..Alleen ik al honderden keren per jaar hennepafval.....8..00:00:26,960 --> 00:00:31,400..Arbeidsmigranten tot prostitutie.......9..00:00:32,280 --> 00:00:37,200..Zodra hier een melding binnenkomt via 112 ..willen we als eerste weten waar iemand is.....10..00:00:37,200 --> 00:00:39,440..We willen weten wat er aan de hand is.....11..00:00:39,440 --> 00:00:43,000..Zodra we dat weten gaat er al een alarmering uit.....12..00:00:43,000 --> 00:00:46,200..Je leest iemands verhaal, je kijkt of de identiteit vaststaat.....13..00:00:46,200 --> 00:00:49

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\logo-fallback-ro[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	22192
Entropy (8bit):	3.7890730903705303
Encrypted:	false
SSDEEP:	384:DW309mPNYV8wLCIpc8IVN1wVZ9P3TqA1JYSmfwel4MADZtr:e0bBYCPOKjEZAV9
MD5:	AD7B7F13A1B30C8B4E7BBE17E4B7C6B5
SHA1:	94FDBD8C2928E7508847B4B2E5A41B8A0D802B27
SHA-256:	09BF69D29882694FA99C8730B853ECA8E855BBDE4FE62B2DF167D177FDBD7DF1
SHA-512:	C173B5531D3539D5F0A62BC39CBC8725C2C32F7AE352ED0E6FE103305D8F417502FA8DEC3A5BDEDFDA62E5ED8A0BAE57392636CF59DB54AF6D659BA7304B6A8C
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/channel-afbeeldingen/logos/logo-fallback-ro.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 21.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" height="69.96px" id="Laag_1" style="enable-background:new 0 0 120 69.96;" version="1.1" viewBox="0 0 120 69.96" width="120px" x="0px" xml:space="preserve" y="0px">.<style type="text/css">...st0{fill:#154273;}...st1{fill:#FFFFFF;}.</style>.<g>..<rect class="st0" height="60" width="40"/>.</g>.<path class="st1" d="M20.72,41.89h-0.7v-1.93h0.7V41.89z M23.86,33.38h-0.7v-1.93h0.7V33.38z M10.97,30.05c-0.05,0-0.41,0-0.41,0.08 c0,0.07,0.17,0.04,0.41,0.08c0.56,0.1,0.78,0.38,1.17,0.38c0.35,0,0.72-0.24,0.58-0.75c-0.02-0.09-0.07-0.07-0.08-0.01 c-0.05,0.23-0.34,0.36-0.63,0.36C11.63,30.18,11.55,30.05,10.97,30.05z M7.14,31.98c0.06,0.08,0.72,0.94-0.29,1.26 c-0.04,0.01-0.06,0.06,0.01,0.09c0.74,0.31,1.11-0.26,1.11-0.26c0.37,0.86-0.2,1.33-0.2,1.33c0.08,0.15,0.44,0.41,0.98,0.53

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\logo-ro[1].svg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	22480
Entropy (8bit):	3.855461555192788
Encrypted:	false
SSDEEP:	384:PxlBio7+YA5LFu/Y/IIf/gQBj/QPoJq6e8GQzPdgbXXhrLvS38Z7j:Z77RAeIHiT1L489
MD5:	F359BF2CF693B32A4FFB2D40384EC675
SHA1:	F2DF78721517F9797ABA0220298153AA506F513B
SHA-256:	2B702C5D3DE1D9B2D646741C458C148D8F75CD47D9C15DD4E9EC6ADDEF07874A
SHA-512:	E007E16328BF8EA63B99164CBD7BDD0C3D3825A77D904547C6C037FBF3080331098B81E502B710AF4547FCDCF9803AF972457FB9DE376DC4773CD6FBE08A0A99
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/gallery/rijksoverheid/channel-afbeeldingen/logos/logo-ro.svg
Preview:	<?xml version="1.0" encoding="utf-8" standalone="no"?> Generator: Adobe Illustrator 21.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" height="125px" id="Laag_1" style="enable-background:new 0 0 314 125;" version="1.1" viewBox="0 0 314 125" width="314px" x="0px" xml:space="preserve" y="0px">.<style type="text/css">...st0{fill:none;}...st1{fill:#154273;}...st2{fill:#FFFFFF;}.</style>.<g id="Laag_1_1_">..<g>...<rect class="st0" height="125" width="314"/>...<rect class="st1" height="100" width="50"/>..</g>..<path class="st2" d="M25.9,77.36h-0.87v-2.41h0.87V77.36z M29.83,66.72h-0.87v-2.41h0.87V66.72z M13.71,62.56 c-0.07,0-0.52,0-0.52,0.09c0,0.09,0.21,0.05,0.52,0.1c0.7,0.12,0.97,0.47,1.46,0.47c0.44,0,0.9-0.3,0.72-0.94 c-0.03-0.11-0.09-0.08-0.11-0.01c-0.07,0.29-0.42,0.45-0.79,0.45C14.53,62.72,14.44,62.56,13.71,62.56z M8.92,64.97 c0.08,0.11,0.9,1.17-0.36,1.58c-0.06,0.02-0.07,0.07,0.01,0.11c0.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\ministerie-van-justitie-en-veiligheid[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	27104
Entropy (8bit):	4.821648877205483
Encrypted:	false
SSDEEP:	384:x5L5hjhS9ukOtW+HU9d3GIdzMEbfC3Secy8DIq8mGREEdgx9ZzzYJ:x5L5j2oWMSd3bZjaSWL/mGREEopzYJ
MD5:	CE8EEB8662B43920BD05AB327D8CDDCD
SHA1:	19D4E92BE31AF2C940493B1EA1DDE0531625D0F4
SHA-256:	127AA617BC8398A83D178E139F9C0FA077ABED207377D3BDD2EC296279FE8D09
SHA-512:	B9F755B3CCF1FCE42B34637E25935D91D4DB91F094FC37CBD47B368BADE931324F632109604234445E26302ED55E8DE833C67F79AB52298F6C6D4D97478B6754
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/ministeries/ministerie-van-justitie-en-veiligheid
Preview:	<!doctype html>..<html class="no-js fullWidth" xml:lang="nl-NL" lang="nl-NL">. Version: 2020.16.4 -->.<head>. <meta charset="UTF-8"/>. <meta name="description" content="Informatie over het ministerie van JenV, zoals adresgegevens, beleidsterreinen en informatie voor de pers."/>.<meta name="DCTERMS.description" content="Informatie over het ministerie van JenV, zoals adresgegevens, beleidsterreinen en informatie voor de pers."/>.<meta property="og:image" content="www.rovid.nl/jv/dv/2018/jv-dv-20181220-id0i0q33x-still-middel.jpg"/>.<title>Ministerie van Justitie en Veiligheid \| Rijksoverheid.nl</title>.<meta name="DCTERMS.title" content="Ministerie van Justitie en Veiligheid - Rijksoverheid.nl"/>.<meta property="og:title" content="Ministerie van Justitie en Veiligheid"/>.<meta property="og:description" content="Het ministerie van Justitie en.Veiligheid zorgt voor de rechtsstaat in Nederland, zodat mensen in vrijheid kunnen samenleven, ongeacht hun levensstijl of opvattingen. Ju

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\page-feedback-bar[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	2405
Entropy (8bit):	4.6732100482972445
Encrypted:	false
SSDEEP:	48:CtMcX80McX8t8IyI9i4kRpk27oym3jXT5IXNV6TTNkTThTTPy:CtLXxLXVIxzk37o/zXNIXqXKXhy
MD5:	D6FF9DA6F04AF41AA60A9DABE0CFA89B
SHA1:	47550216ABA2FB8185BF2197C22F005C07B4961C
SHA-256:	13405707E0F3CFA9D8F30A1CBBC1ECC040B0B33387914D0618E550C8AC855B21
SHA-512:	49BA5F28519DFF14356826F16F3F5F3ECCD14AD02511F50F6005A26BA96CA2F65FAF279D4112B4BB5D556F20CC47A46DF1CF5690E20DF303A631CA520FCF41DB
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/content/assets/rijksoverheid/presentation/css/page-feedback-bar.css
Preview:	.feedbackBar {. display: block !important;. background: #f3f3f3;. padding: 10px 0 0 0;. margin: 30px 0 0 0; }. .feedbackBar .wrapper {. margin-right: auto;. margin-left: auto;. padding-left: 15px;. padding-right: 15px;. max-width: 1200px;. position: relative; }. .feedbackBar .wrapper:before, .feedbackBar .wrapper:after {. content: " ";. display: table; }. .feedbackBar .wrapper:after {. clear: both; }. .feedbackBar .wrapper:before, .feedbackBar .wrapper:after {. content: " ";. display: table; }. .feedbackBar .wrapper:after {. clear: both; }. .feedbackBar .formContainer {. width: 100%;. padding: 0 15px 0 15px; }. @media (min-width: 992px) {. .feedbackBar .formContainer {. margin-left: 16.666667%;. width: 66.66667%; }. .fullWidth .feedbackBar .formContainer {. margin-left: 0%;. width: 100%; } }. .feedbackBar fieldset {. margin: 10px 0 20px 0; }. .feedbackBar legend {

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\piwik[2].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Formulier%20'Werkgeversverklaring%20avondklok'%20%7C%20Formulier%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=685353&h=9&m=36&s=52&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fonderwerpen%2Fcoronavirus-covid-19%2Fdocumenten%2Fformulieren%2F2021%2F01%2F21%2Fformulier-werkgeversverklaring-avondklok&_id=b4beb525bffa09d5&_idts=1611596186&_idvc=1&_idn=0&_viewts=1611596186&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22jenv%22%5D%2C%222%22%3A%5B%22subject%22%2C%22coronavirus%20covid-19%7C%22%5D%2C%223%22%3A%5B%22type%22%2C%22leadingpage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22e9134736-1ad0-4f21-af21-2ec5462efa72%22%5D%7D&gt_ms=7&t_us=48&t_ue=48&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=32&t_as=33&t_ae=39&t_dl=33&t_di=247&t_ls=247&t_le=247&t_dc=283&t_ee=304&pv_id=KKKVL3
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\piwik[3].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://statistiek.rijksoverheid.nl/piwik/piwik.php?action_name=Ministerie%20van%20Justitie%20en%20Veiligheid%20%7C%20Rijksoverheid.nl&idsite=4&rec=1&r=907812&h=9&m=36&s=56&url=https%3A%2F%2Fwww.rijksoverheid.nl%2Fministeries%2Fministerie-van-justitie-en-veiligheid&_id=b4beb525bffa09d5&_idts=1611596186&_idvc=1&_idn=0&_viewts=1611596186&send_image=1&pdf=0&qt=0&realp=0&wma=0&dir=0&fla=1&java=1&gears=0&ag=0&cookie=1&res=1280x1024&cvar=%7B%221%22%3A%5B%22publisher%22%2C%22-%22%5D%2C%222%22%3A%5B%22subject%22%2C%22-%22%5D%2C%223%22%3A%5B%22type%22%2C%22unithomepage%22%5D%2C%224%22%3A%5B%22uuid%22%2C%22df52230b-304e-4a67-8703-ae85e137e3fc%22%5D%7D&gt_ms=3&t_us=33&t_ue=34&t_fs=1&t_ds=1&t_cs=1&t_ce=1&t_qs=28&t_as=30&t_ae=31&t_dl=30&t_di=523&t_ls=523&t_le=523&t_dc=551&t_ee=587&pv_id=iOW5LE
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\ro-icons-2.1[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 5168, version 1.0
Category:	downloaded
Size (bytes):	5168
Entropy (8bit):	7.891397020043798
Encrypted:	false
SSDEEP:	96:DYPa98RfYDiswwUf72y7N3jXY+YTFpGK8KIN9u3P4vH9gb0FBWGrPJn:DYPImQzwFz2y7VjXpunGIwcv4WG9n
MD5:	34CA51368BDF14CDC485DE2FA5B56FD0
SHA1:	84B4D157138205EEE33F58C44F035FFA1E5E5D8C
SHA-256:	9218D8DA614CA0EB2B009FCD75306EBCDDF22FBB9B300BE908AD6F556D55441B
SHA-512:	C68D8022965E3FD7523E05622CF30096032D6F72F77C2FF20DA1CFB303F991CE5B150C3A12D0F70B6EE7FD0238E261E72F9A13574679E8C442CE0A12EDE7ECB0
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/webfiles/1611525896273/presentation/shared-ro/icons/ro-icons-2.1.woff
Preview:	wOFF.......0.......8........................GSUB.......;...T .%zOS/2...D...B...V@O.cmap...........F....glyf...\|...J........head.......3...6.E .hhea...........$....hmtx.......K....~...loca...h...H...HW.]6maxp........... .5..name.......2...F..Z.post.......)......q'x.c`d``.b0`.c`rq..a..I,.c.b`a...<2.1'3=.......i. f....&;.H.x.c`d..8.....y?.....................+.HsMapx..J..%.....d..#H.......x...In.@.E.[6&..}... K.2.8k.M8...t(Q.+..z@7\|...7...8M.y.A{^...e.N......W.c.xV.{'.).\.DE?..R3b.)3.,X.b.-;..8r..+7.....Z...w..o.&.+..M.&...i.i.6.(.,.C...M.........uya..4.[....6.z[C.....P.`.w4.;......zWC...^c..l..b..j..f..n.w7._..T.x..Xkp..u.s....}a..x.K... .. ^.. AQdDQ.....e.jY...k[...8.k'r..q.&.Q..ib7.j2n.Lg....q<.3M..u.t.t..D..D.{...r....{..{.9.;...lmmy.G.G..d.&H..W.@.B@.+.4....[...u...{....Rj!..84...H.I.)8Ei..}h.!.\....{.>$.......B2.='..M...Y..1.ai..f..1a..3f..4e.\|.7...1..J;.Y.....o.C......sm:Ov...b..p.U.j..m..6d..z.a.....=...nQ.$........+..#....o.{.>...7Sg.M.....E..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\roze-vlak-homepage-1920x330px-tp[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 1920 x 330, 1-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	365
Entropy (8bit):	4.816587757735429
Encrypted:	false
SSDEEP:	6:6v/lhPilsVrWUyKmv8BRmhnTmFQEXlgzgN4VQIMBeDgK4KEMwoQIMBeDglp:6v/7azUUm4qFQXzS4VQIjDgWEMwoQIj8
MD5:	F6639404A9CCC555FFE795FFB92A1417
SHA1:	74BD8B5BCB7FF9F5D0103F9D9D570542C5BDBDEC
SHA-256:	147E7B3BA7F9F56F443700EE5DD6EC05DBF93ADFED94FFC3D3D4BE281E7ACC35
SHA-512:	52F8C7909C6B392D50928A6F0BB9EE30198248E8E69AD7C2ADAB1956E6BC9DB8844ECFBD40540DAC25B058C225AB2C874E59035A9EA519AF7D4CE7F4982A2CF4
Malicious:	false
Reputation:	low
IE Cache URL:	https://www.rijksoverheid.nl/binaries/widescreen/content/gallery/rijksoverheid/content-afbeeldingen/onderwerpen/coronavirus/lowres-fotos/roze-vlak-homepage-1920x330px-tp.png
Preview:	.PNG........IHDR.......J........m....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....PLTE..]...A=......bKGD...-.....tIME.......o.....dIDATx...1......Om._..............................................................................^.6....f.....%tEXtdate:create.2020-05-14T06:29:26+00:00D......%tEXtdate:modify.2020-05-14T06:29:26+00:005.......IEND.B`.

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 25, 2021 09:36:25.623159885 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.623398066 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.644444942 CET	443	49712	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.644491911 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.644597054 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.644634962 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.652750015 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.655401945 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.673835039 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.674082994 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.674129009 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.674165010 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.674166918 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.674185038 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.674202919 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.674262047 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.674639940 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.674681902 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.674706936 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.674734116 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.676246881 CET	443	49712	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.676429033 CET	443	49712	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.676474094 CET	443	49712	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.676512003 CET	443	49712	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.676525116 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.676539898 CET	443	49712	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.676559925 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.676567078 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.676579952 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.677447081 CET	443	49712	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.677485943 CET	443	49712	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.677527905 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.677563906 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.744667053 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.744801044 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.750761986 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.765892029 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.765933990 CET	443	49712	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.766017914 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.766048908 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.772411108 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.772458076 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.772491932 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.772569895 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.772608042 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.840456009 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.841291904 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.843266964 CET	49713	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.843849897 CET	49714	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.861656904 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.861720085 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.861757994 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.861795902 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.861834049 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.861877918 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.861905098 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.861932993 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.861938000 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.861980915 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.861984968 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.862024069 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.862035990 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.862066984 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.862080097 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.862092018 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.862118959 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.862133026 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.862158060 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.862171888 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.862206936 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.862371922 CET	443	49712	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.862416029 CET	443	49712	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.862438917 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.862457037 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.862462997 CET	443	49712	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.862504959 CET	443	49712	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.862510920 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.862543106 CET	443	49712	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.862555027 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.862581015 CET	443	49712	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.862595081 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.862613916 CET	443	49712	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.862627983 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.862660885 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.864264965 CET	443	49713	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.864564896 CET	443	49714	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.864608049 CET	49713	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.864649057 CET	49714	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.867439032 CET	49714	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.867688894 CET	49713	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.874103069 CET	49712	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.883069992 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.883115053 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.883153915 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.883181095 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.883193970 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.883205891 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.883214951 CET	49711	443	192.168.2.5	178.22.85.6
Jan 25, 2021 09:36:25.883240938 CET	443	49711	178.22.85.6	192.168.2.5
Jan 25, 2021 09:36:25.883245945 CET	49711	443	192.168.2.5	178.22.85.6

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 25, 2021 09:36:24.304306984 CET	62176	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:24.335855961 CET	53	62176	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:25.580667973 CET	59596	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:25.612029076 CET	53	59596	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:26.503658056 CET	65296	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:26.538049936 CET	53	65296	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:26.588207006 CET	63183	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:26.619790077 CET	53	63183	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:34.460540056 CET	60151	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:34.483645916 CET	53	60151	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:35.479310989 CET	56969	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:35.502265930 CET	53	56969	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:36.376717091 CET	55161	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:36.402462959 CET	53	55161	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:37.038706064 CET	54757	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:37.061764956 CET	53	54757	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:40.600282907 CET	49992	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:40.634633064 CET	53	49992	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:42.350517988 CET	60075	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:42.385983944 CET	53	60075	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:43.100543976 CET	55016	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:43.131867886 CET	53	55016	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:50.224035025 CET	64345	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:50.247236013 CET	53	64345	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:51.082761049 CET	57128	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:51.105787992 CET	53	57128	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:54.749789953 CET	54791	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:54.773356915 CET	53	54791	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:55.065413952 CET	50463	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:55.100191116 CET	53	50463	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:55.756867886 CET	54791	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:55.788336992 CET	53	54791	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:56.071626902 CET	50463	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:56.097522020 CET	53	50463	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:56.810441017 CET	54791	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:56.833447933 CET	53	54791	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:57.062832117 CET	50463	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:57.088742018 CET	53	50463	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:57.460647106 CET	50394	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:57.505224943 CET	53	50394	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:58.802938938 CET	54791	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:58.826159000 CET	53	54791	8.8.8.8	192.168.2.5
Jan 25, 2021 09:36:59.065071106 CET	50463	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:36:59.090989113 CET	53	50463	8.8.8.8	192.168.2.5
Jan 25, 2021 09:37:02.814012051 CET	54791	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:37:02.837131977 CET	53	54791	8.8.8.8	192.168.2.5
Jan 25, 2021 09:37:03.079750061 CET	50463	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:37:03.105505943 CET	53	50463	8.8.8.8	192.168.2.5
Jan 25, 2021 09:37:07.193031073 CET	58530	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:37:07.218924046 CET	53	58530	8.8.8.8	192.168.2.5
Jan 25, 2021 09:37:08.988245010 CET	53813	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:37:09.014317989 CET	53	53813	8.8.8.8	192.168.2.5
Jan 25, 2021 09:37:09.571382046 CET	63732	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:37:09.594427109 CET	53	63732	8.8.8.8	192.168.2.5
Jan 25, 2021 09:37:13.133886099 CET	57344	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:37:13.159735918 CET	53	57344	8.8.8.8	192.168.2.5
Jan 25, 2021 09:37:33.767690897 CET	54450	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:37:33.799308062 CET	53	54450	8.8.8.8	192.168.2.5
Jan 25, 2021 09:37:41.087517977 CET	59261	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:37:41.124938965 CET	53	59261	8.8.8.8	192.168.2.5
Jan 25, 2021 09:38:21.202558994 CET	57151	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:38:21.225503922 CET	53	57151	8.8.8.8	192.168.2.5
Jan 25, 2021 09:38:21.568662882 CET	59413	53	192.168.2.5	8.8.8.8
Jan 25, 2021 09:38:21.602312088 CET	53	59413	8.8.8.8	192.168.2.5

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Jan 25, 2021 09:36:25.580667973 CET	192.168.2.5	8.8.8.8	0x7971	Standard query (0)	www.rijksoverheid.nl	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:26.503658056 CET	192.168.2.5	8.8.8.8	0x6cdd	Standard query (0)	statistiek.rijksoverheid.nl	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:26.588207006 CET	192.168.2.5	8.8.8.8	0x57c4	Standard query (0)	onderzoek.platformrijksoverheid.nl	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:43.100543976 CET	192.168.2.5	8.8.8.8	0x261d	Standard query (0)	www.rijksoverheid.nl	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:57.460647106 CET	192.168.2.5	8.8.8.8	0xdfc4	Standard query (0)	www.rovid.nl	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Jan 25, 2021 09:36:25.612029076 CET	8.8.8.8	192.168.2.5	0x7971	No error (0)	www.rijksoverheid.nl	rijksoverheid.nl		CNAME (Canonical name)	IN (0x0001)
Jan 25, 2021 09:36:25.612029076 CET	8.8.8.8	192.168.2.5	0x7971	No error (0)	rijksoverheid.nl		178.22.85.6	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:25.612029076 CET	8.8.8.8	192.168.2.5	0x7971	No error (0)	rijksoverheid.nl		178.22.85.3	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:25.612029076 CET	8.8.8.8	192.168.2.5	0x7971	No error (0)	rijksoverheid.nl		178.22.85.5	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:25.612029076 CET	8.8.8.8	192.168.2.5	0x7971	No error (0)	rijksoverheid.nl		178.22.85.4	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:26.538049936 CET	8.8.8.8	192.168.2.5	0x6cdd	No error (0)	statistiek.rijksoverheid.nl		13.94.196.189	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:26.619790077 CET	8.8.8.8	192.168.2.5	0x57c4	No error (0)	onderzoek.platformrijksoverheid.nl		78.31.116.148	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:43.131867886 CET	8.8.8.8	192.168.2.5	0x261d	No error (0)	www.rijksoverheid.nl	rijksoverheid.nl		CNAME (Canonical name)	IN (0x0001)
Jan 25, 2021 09:36:43.131867886 CET	8.8.8.8	192.168.2.5	0x261d	No error (0)	rijksoverheid.nl		178.22.85.6	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:43.131867886 CET	8.8.8.8	192.168.2.5	0x261d	No error (0)	rijksoverheid.nl		178.22.85.5	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:43.131867886 CET	8.8.8.8	192.168.2.5	0x261d	No error (0)	rijksoverheid.nl		178.22.85.4	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:43.131867886 CET	8.8.8.8	192.168.2.5	0x261d	No error (0)	rijksoverheid.nl		178.22.85.3	A (IP address)	IN (0x0001)
Jan 25, 2021 09:36:57.505224943 CET	8.8.8.8	192.168.2.5	0xdfc4	No error (0)	www.rovid.nl		178.22.85.97	A (IP address)	IN (0x0001)

HTTPS Packets

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
Jan 25, 2021 09:36:25.674681902 CET	178.22.85.6	443	192.168.2.5	49711	CN=rijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 17:24:25 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:34:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:25.677485943 CET	178.22.85.6	443	192.168.2.5	49712	CN=rijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 17:24:25 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:34:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:26.620913029 CET	13.94.196.189	443	192.168.2.5	49715	CN=statistiek.rijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Tue Aug 25 14:49:57 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Wed Aug 25 14:59:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:26.621763945 CET	13.94.196.189	443	192.168.2.5	49716	CN=statistiek.rijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Tue Aug 25 14:49:57 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Wed Aug 25 14:59:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:43.180253983 CET	178.22.85.6	443	192.168.2.5	49727	CN=rijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 17:24:25 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:34:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:57.561830044 CET	178.22.85.97	443	192.168.2.5	49744	CN=mediatheekrijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 16:56:42 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:06:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:57.562803984 CET	178.22.85.97	443	192.168.2.5	49745	CN=mediatheekrijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 16:56:42 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:06:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022
Jan 25, 2021 09:36:59.423568964 CET	178.22.85.97	443	192.168.2.5	49749	CN=mediatheekrijksoverheid.nl, O=Rijksoverheid, L='s-Gravenhage, ST=Zuid-Holland, C=NL CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Sat Aug 22 16:56:42 CEST 2020 Wed Jul 29 20:30:06 CEST 2020 Wed Jul 29 19:26:24 CEST 2020	Sun Aug 22 17:06:00 CEST 2021 Mon Dec 05 01:00:00 CET 2022 Tue Dec 06 01:00:00 CET 2022	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=QuoVadis PKIoverheid Server CA 2020, O=QuoVadis Trustlink B.V., C=NL	CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	Wed Jul 29 20:30:06 CEST 2020	Mon Dec 05 01:00:00 CET 2022
					CN=Staat der Nederlanden Domein Server CA 2020, O=Staat der Nederlanden, C=NL	CN=Staat der Nederlanden EV Root CA, O=Staat der Nederlanden, C=NL	Wed Jul 29 19:26:24 CEST 2020	Tue Dec 06 01:00:00 CET 2022

Code Manipulations

Statistics

Behavior

Click to jump to process

System Behavior

Analysis Process: iexplore.exe PID: 1000 Parent PID: 792

General

Start time:	09:36:23
Start date:	25/01/2021
Path:	C:\Program Files\internet explorer\iexplore.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Imagebase:	0x7ff73b0f0000
File size:	823560 bytes
MD5 hash:	6465CB92B25A7BC1DF8E01D8AC5E7596
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Analysis Process: iexplore.exe PID: 6016 Parent PID: 1000

General

Start time:	09:36:23
Start date:	25/01/2021
Path:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:1000 CREDAT:17410 /prefetch:2
Imagebase:	0x30000
File size:	822536 bytes
MD5 hash:	071277CC2E3DF41EEEA8013E2AB58D5A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Disassembly

Reset < >

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report https://www.rijksoverheid.nl/onderwerpen/coronavirus-covid-19/documenten/formulieren/2021/01/21/formulier-eigen-verklaring-avondklok

Overview

General Information

Detection

Signatures

Classification

Startup

Malware Configuration

Yara Overview

Sigma Overview

Signature Overview

Compliance:

Networking:

System Summary:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTPS Packets

Code Manipulations

Statistics

Behavior

System Behavior

Analysis Process: iexplore.exe PID: 1000 Parent PID: 792

General

Analysis Process: iexplore.exe PID: 6016 Parent PID: 1000

General

Disassembly