Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Analysis Report https://communilives.com/FIRSTAMCD.html

Overview

General Information

Sample URL:https://communilives.com/FIRSTAMCD.html
Analysis ID:364059
Infos:

Most interesting Screenshot:

Detection

HTMLPhisher
Score:60
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Yara detected HtmlPhish_10
Phishing site detected (based on logo template match)
HTML body contains low number of good links
HTML title does not match URL
Suspicious form URL found

Classification

Startup

  • System is w10x64
  • chrome.exe (PID: 5708 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://communilives.com/FIRSTAMCD.html' MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 5668 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1504,2311055343111642691,697578694121501320,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1860 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

barindex
Antivirus detection for URL or domainShow sources
Source: https://officegrocery.com/FIRSTAM/wamp.php?warp=020202SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

barindex
Yara detected HtmlPhish_10Show sources
Source: Yara matchFile source: 56203.pages.csv, type: HTML
Phishing site detected (based on logo template match)Show sources
Source: https://officegrocery.com/FIRSTAM/wamp.php?warp=020202Matcher: Template: apple matched
Source: https://officegrocery.com/FIRSTAM/wamp.php?warp=020202HTTP Parser: Number of links: 0
Source: https://officegrocery.com/FIRSTAM/wamp.php?warp=020202HTTP Parser: Number of links: 0
Source: https://officegrocery.com/FIRSTAM/wamp.php?warp=020202HTTP Parser: Title: Oauth does not match URL
Source: https://officegrocery.com/FIRSTAM/wamp.php?warp=020202HTTP Parser: Title: Oauth does not match URL
Source: https://officegrocery.com/FIRSTAM/wamp.php?warp=020202HTTP Parser: Form action: vast.php
Source: https://officegrocery.com/FIRSTAM/wamp.php?warp=020202HTTP Parser: Form action: vast.php
Source: https://officegrocery.com/FIRSTAM/wamp.php?warp=020202HTTP Parser: No <meta name="author".. found
Source: https://officegrocery.com/FIRSTAM/wamp.php?warp=020202HTTP Parser: No <meta name="author".. found
Source: https://officegrocery.com/FIRSTAM/wamp.php?warp=020202HTTP Parser: No <meta name="copyright".. found
Source: https://officegrocery.com/FIRSTAM/wamp.php?warp=020202HTTP Parser: No <meta name="copyright".. found

Compliance:

barindex
Creates a directory in C:\Program FilesShow sources
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdicJump to behavior
Source: unknownDNS traffic detected: queries for: communilives.com
Source: 77EC63BDA74BD0D0E0426DC8F8008506.1.drString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: c2be18d3-d43e-43b2-82da-aff9b7f88b77.tmp.1.dr, d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.dr, manifest.json0.0.drString found in binary or memory: https://accounts.google.com
Source: c2be18d3-d43e-43b2-82da-aff9b7f88b77.tmp.1.dr, d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.dr, manifest.json0.0.drString found in binary or memory: https://apis.google.com
Source: c2be18d3-d43e-43b2-82da-aff9b7f88b77.tmp.1.dr, d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.drString found in binary or memory: https://clients2.google.com
Source: manifest.json1.0.drString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: c2be18d3-d43e-43b2-82da-aff9b7f88b77.tmp.1.dr, d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.drString found in binary or memory: https://clients2.googleusercontent.com
Source: Current Session.0.dr, History.0.drString found in binary or memory: https://communilives.com/FIRSTAMCD.html
Source: History Provider Cache.0.drString found in binary or memory: https://communilives.com/FIRSTAMCD.html2
Source: History.0.drString found in binary or memory: https://communilives.com/FIRSTAMCD.htmlProofpoint
Source: d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.drString found in binary or memory: https://content-autofill.googleapis.com
Source: manifest.json0.0.drString found in binary or memory: https://content.googleapis.com
Source: c2be18d3-d43e-43b2-82da-aff9b7f88b77.tmp.1.dr, d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.dr, f2f4f56a-deef-4b08-ab5a-c8cb3fc3c0d9.tmp.1.dr, 679d853a-4124-4c82-af2c-39ca53cd62f6.tmp.1.drString found in binary or memory: https://dns.google
Source: manifest.json0.0.drString found in binary or memory: https://feedback.googleusercontent.com
Source: c2be18d3-d43e-43b2-82da-aff9b7f88b77.tmp.1.drString found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.googleapis.com;
Source: c2be18d3-d43e-43b2-82da-aff9b7f88b77.tmp.1.dr, d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.drString found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.gstatic.com;
Source: manifest.json0.0.drString found in binary or memory: https://hangouts.google.com/
Source: d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.drString found in binary or memory: https://officegrocery.com
Source: Network Action Predictor.0.drString found in binary or memory: https://officegrocery.com/
Source: Current Session.0.drString found in binary or memory: https://officegrocery.com/FIRSTAM/wamp.php?warp=020202
Source: History.0.drString found in binary or memory: https://officegrocery.com/FIRSTAM/wamp.php?warp=020202Oauth
Source: History.0.drString found in binary or memory: https://officegrocery.com/FIRSTAM/wamp.php?warp=020202Oauth/
Source: c2be18d3-d43e-43b2-82da-aff9b7f88b77.tmp.1.dr, d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.drString found in binary or memory: https://ogs.google.com
Source: manifest.json1.0.drString found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: c2be18d3-d43e-43b2-82da-aff9b7f88b77.tmp.1.dr, d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.drString found in binary or memory: https://play.google.com
Source: d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.drString found in binary or memory: https://r5---sn-4g5ednsl.gvt1.com
Source: d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.drString found in binary or memory: https://redirector.gvt1.com
Source: manifest.json1.0.drString found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: c2be18d3-d43e-43b2-82da-aff9b7f88b77.tmp.1.dr, d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.drString found in binary or memory: https://ssl.gstatic.com
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: c2be18d3-d43e-43b2-82da-aff9b7f88b77.tmp.1.dr, d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.dr, manifest.json0.0.drString found in binary or memory: https://www.google.com
Source: manifest.json1.0.drString found in binary or memory: https://www.google.com/
Source: manifest.json0.0.drString found in binary or memory: https://www.google.com;
Source: c2be18d3-d43e-43b2-82da-aff9b7f88b77.tmp.1.dr, d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.drString found in binary or memory: https://www.googleapis.com
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: c2be18d3-d43e-43b2-82da-aff9b7f88b77.tmp.1.dr, d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.drString found in binary or memory: https://www.gstatic.com
Source: manifest.json0.0.drString found in binary or memory: https://www.gstatic.com;
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: classification engineClassification label: mal60.phis.win@36/220@3/6
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-6042F592-164C.pmaJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Temp\3f8d7d84-43e3-46d0-8321-c61bddbc26fa.tmpJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://communilives.com/FIRSTAMCD.html'
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1504,2311055343111642691,697578694121501320,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1860 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1504,2311055343111642691,697578694121501320,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1860 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdicJump to behavior

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management InstrumentationPath InterceptionProcess Injection1Masquerading3OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network MediumEncrypted Channel2Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsProcess Injection1LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothNon-Application Layer Protocol1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or Information1Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationApplication Layer Protocol2Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://communilives.com/FIRSTAMCD.html1%VirustotalBrowse
https://communilives.com/FIRSTAMCD.html0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
officegrocery.com0%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
https://officegrocery.com/FIRSTAM/wamp.php?warp=020202100%SlashNextFake Login Page type: Phishing & Social Engineering
https://communilives.com/FIRSTAMCD.htmlProofpoint0%Avira URL Cloudsafe
https://dns.google0%URL Reputationsafe
https://dns.google0%URL Reputationsafe
https://dns.google0%URL Reputationsafe
https://dns.google0%URL Reputationsafe
https://officegrocery.com/0%VirustotalBrowse
https://officegrocery.com/0%Avira URL Cloudsafe
https://officegrocery.com/FIRSTAM/wamp.php?warp=020202Oauth0%Avira URL Cloudsafe
https://officegrocery.com0%Avira URL Cloudsafe
https://communilives.com/FIRSTAMCD.html20%Avira URL Cloudsafe
https://officegrocery.com/FIRSTAM/wamp.php?warp=020202Oauth/0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
communilives.com
162.241.127.183
truefalse
    		unknown
    officegrocery.com
    		173.209.56.178
    		truefalseunknown
    googlehosted.l.googleusercontent.com
    		172.217.23.33
    		truefalse
      		high
      clients2.googleusercontent.com
      		unknown
      		unknownfalse
        		high

        Contacted URLs

        NameMaliciousAntivirus DetectionReputation
        https://officegrocery.com/FIRSTAM/wamp.php?warp=020202true
        • SlashNext: Fake Login Page type: Phishing & Social Engineering
        		unknown
        https://communilives.com/FIRSTAMCD.htmltrue
          		unknown

          URLs from Memory and Binaries

          NameSourceMaliciousAntivirus DetectionReputation
          https://communilives.com/FIRSTAMCD.htmlProofpointHistory.0.drfalse
          • Avira URL Cloud: safe
          		unknown
          https://dns.googlec2be18d3-d43e-43b2-82da-aff9b7f88b77.tmp.1.dr, d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.dr, f2f4f56a-deef-4b08-ab5a-c8cb3fc3c0d9.tmp.1.dr, 679d853a-4124-4c82-af2c-39ca53cd62f6.tmp.1.drfalse
          • URL Reputation: safe
          • URL Reputation: safe
          • URL Reputation: safe
          • URL Reputation: safe
          		unknown
          https://officegrocery.com/Network Action Predictor.0.drfalse
          • 0%, Virustotal, Browse
          • Avira URL Cloud: safe
          		unknown
          https://officegrocery.com/FIRSTAM/wamp.php?warp=020202Current Session.0.drtrue
          • SlashNext: Fake Login Page type: Phishing & Social Engineering
          		unknown
          https://communilives.com/FIRSTAMCD.htmlCurrent Session.0.dr, History.0.drfalse
            		unknown
            https://officegrocery.com/FIRSTAM/wamp.php?warp=020202OauthHistory.0.drtrue
            • Avira URL Cloud: safe
            		unknown
            https://clients2.googleusercontent.comc2be18d3-d43e-43b2-82da-aff9b7f88b77.tmp.1.dr, d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.drfalse
              		high
              https://officegrocery.comd30ed860-f804-430a-8faf-6a3a3a0b3916.tmp.1.drfalse
              • Avira URL Cloud: safe
              		unknown
              https://feedback.googleusercontent.commanifest.json0.0.drfalse
                		high
                https://communilives.com/FIRSTAMCD.html2History Provider Cache.0.drfalse
                • Avira URL Cloud: safe
                		unknown
                https://officegrocery.com/FIRSTAM/wamp.php?warp=020202Oauth/History.0.drtrue
                • Avira URL Cloud: safe
                		unknown

                Contacted IPs

                • No. of IPs < 25%
                • 25% < No. of IPs < 50%
                • 50% < No. of IPs < 75%
                • 75% < No. of IPs

                Public

                IPDomainCountryFlagASNASN NameMalicious
                162.241.127.183
                		communilives.comUnited States
                		46606UNIFIEDLAYER-AS-1USfalse
                239.255.255.250
                		unknownReserved
                		unknownunknownfalse
                172.217.23.33
                		googlehosted.l.googleusercontent.comUnited States
                		15169GOOGLEUSfalse
                173.209.56.178
                		officegrocery.comCanada
                		36666GTCOMMCAfalse

                Private

                IP
                192.168.2.1
                127.0.0.1

                General Information

                Joe Sandbox Version:31.0.0 Emerald
                Analysis ID:364059
                Start date:05.03.2021
                Start time:19:22:12
                Joe Sandbox Product:CloudBasic
                Overall analysis duration:0h 4m 47s
                Hypervisor based Inspection enabled:false
                Report type:light
                Cookbook file name:browseurl.jbs
                Sample URL:https://communilives.com/FIRSTAMCD.html
                Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                Number of analysed new started processes analysed:18
                Number of new started drivers analysed:0
                Number of existing processes analysed:0
                Number of existing drivers analysed:0
                Number of injected processes analysed:0
                Technologies:
                • HCA enabled
                • EGA enabled
                • AMSI enabled
                Analysis Mode:default
                Analysis stop reason:Timeout
                Detection:MAL
                Classification:mal60.phis.win@36/220@3/6
                Cookbook Comments:
                • Adjust boot time
                • Enable AMSI
                • Browse: https://officegrocery.com/FIRSTAM/wamp.php?warp=020202
                Warnings:
                Show All
                • Exclude process from analysis (whitelisted): taskhostw.exe, BackgroundTransferHost.exe, backgroundTaskHost.exe, SgrmBroker.exe, svchost.exe
                • TCP Packets have been reduced to 100
                • Created / dropped Files have been reduced to 100
                • Excluded IPs from analysis (whitelisted): 104.43.193.48, 52.255.188.83, 13.64.90.137, 104.42.151.234, 172.217.22.237, 172.217.22.206, 216.58.207.163, 172.217.20.238, 173.194.188.74, 2.20.142.210, 2.20.142.209, 74.125.173.39, 173.194.187.230, 172.217.23.42, 172.217.23.74, 172.217.22.202, 216.58.207.138, 20.82.209.183, 184.30.24.56, 172.217.20.227, 173.194.182.198, 173.194.188.6, 20.54.26.129, 51.11.168.160, 92.122.213.247, 92.122.213.194
                • Excluded domains from analysis (whitelisted): au.download.windowsupdate.com.edgesuite.net, r1---sn-4g5ednly.gvt1.com, arc.msn.com.nsatc.net, r1.sn-4g5e6nss.gvt1.com, r1---sn-4g5edns7.gvt1.com, clientservices.googleapis.com, r5.sn-4g5ednsl.gvt1.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, arc.msn.com, r1---sn-4g5e6nlk.gvt1.com, clients2.google.com, redirector.gvt1.com, audownload.windowsupdate.nsatc.net, update.googleapis.com, watson.telemetry.microsoft.com, www.gstatic.com, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, skypedataprdcolwus17.cloudapp.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, r1---sn-4g5e6nss.gvt1.com, r5---sn-4g5ednsl.gvt1.com, r1.sn-4g5edns7.gvt1.com, ris-prod.trafficmanager.net, ctldl.windowsupdate.com, e1723.g.akamaiedge.net, a767.dscg3.akamai.net, www.googleapis.com, r1.sn-4g5e6nlk.gvt1.com, skypedataprdcolcus15.cloudapp.net, ris.api.iris.microsoft.com, skypedataprdcoleus17.cloudapp.net, blobcollector.events.data.trafficmanager.net, clients.l.google.com, r1.sn-4g5ednly.gvt1.com, skypedataprdcolwus16.cloudapp.net
                • Report size getting too big, too many NtCreateFile calls found.
                • Report size getting too big, too many NtOpenFile calls found.
                • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
                • Report size getting too big, too many NtWriteVirtualMemory calls found.

                Simulations

                Behavior and APIs

                TimeTypeDescription
                19:23:03API Interceptor1x Sleep call for process: chrome.exe modified

                Joe Sandbox View / Context

                IPs

                No context

                Domains

                No context

                ASN

                No context

                JA3 Fingerprints

                No context

                Dropped Files

                No context

                Created / dropped Files

                C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):451603
                Entropy (8bit):5.009711072558331
                Encrypted:false
                SSDEEP:12288:ZHfRTyGZ6lup8Cfrvq4JBPKh+FBlESBw4p6:NfOCzvRKhGvwJ
                MD5:A78AD14E77147E7DE3647E61964C0335
                SHA1:CECC3DD41F4CEA0192B24300C71E1911BD4FCE45
                SHA-256:0D6803758FF8F87081FAFD62E90F0950DFB2DD7991E9607FE76A8F92D0E893FA
                SHA-512:DDE24D5AD50D68FC91E9E325D31E66EF8F624B6BB3A07D14FFED1104D3AB5F4EF1D7969A5CDE0DFBB19CB31C506F7DE97AF67C2F244F7E7E8E10648EA8321101
                Malicious:false
                Reputation:low
                Preview: BDic.... ....6...."..Z..4g....6.2...{/...3...5....AF 1363.AF nm.AF pt.AF n1.AF p.AF tc.AF SM.AF M.AF S.AF MS.AF MNR.AF GDS.AF MNT.AF MH.AF MR.AF SZMR.AF MJ.AF MT.AF MY.AF MRZ.AF MN.AF MG.AF RM.AF N.AF MV.AF XM.AF DSM.AF SD.AF G.AF R.AF MNX.AF MRS.AF MD.AF MNRB.AF B.AF ZSMR.AF PM.AF SMNGJ.AF SMN.AF ZMR.AF SMGB.AF MZR.AF GM.AF SMR.AF SMDG.AF RMZ.AF ZM.AF MDG.AF MDT.AF SMNXT.AF SDY.AF LSDG.AF LGDS.AF GLDS.AF UY.AF U.AF DSGNX.AF GNDSX.AF DSG.AF Y.AF GS.AF IEMS.AF YP.AF ZGDRS.AF XGNVDS.AF UT.AF GNDS.AF GVDS.AF MYPS.AF XGNDS.AF TPRY.AF MDSG.AF ZGSDR.AF DYSG.AF PMYTNS.AF AGDS.AF DRZGS.AF PY.AF GSPMDY.AF EGVDS.AF SL.AF GNXDS.AF DSBG.AF IM.AF I.AF MDGS.AF SMY.AF DSGN.AF DSLG.AF GMDS.AF MDSBG.AF SGD.AF IY.AF P.AF DSMG.AF BLZGDRS.AF TR.AF AGSD.AF ZGBDRSL.AF PTRY.AF ASDGV.AF ASM.AF ICANGSD.AF ICAM.AF IKY.AF AMS.AF PMYTRS.AF BZGVDRS.AF SDRBZG.AF GVMDS.AF PSM.AF DGLS.AF GNVXDS.AF AGDSL.AF DGS.AF XDSGNV.AF BZGDRS.AF AM.AF AS.AF A.AF LDSG.AF AGVDS.AF SDG.AF LDSMG.AF EDSMG.AF EY.AF DRSMZG.AF PRYT.AF LZ
                C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Microsoft Cabinet archive data, 58596 bytes, 1 file
                Category:dropped
                Size (bytes):58596
                Entropy (8bit):7.995478615012125
                Encrypted:true
                SSDEEP:1536:J7r25qSSheImS2zyCvg3nB/QPsBbgwYkGrLMQ:F2qSSwIm1m/QEBbgb1oQ
                MD5:61A03D15CF62612F50B74867090DBE79
                SHA1:15228F34067B4B107E917BEBAF17CC7C3C1280A8
                SHA-256:F9E23DC21553DAA34C6EB778CD262831E466CE794F4BEA48150E8D70D3E6AF6D
                SHA-512:5FECE89CCBBF994E4F1E3EF89A502F25A72F359D445C034682758D26F01D9F3AA20A43010B9A87F2687DA7BA201476922AA46D4906D442D56EB59B2B881259D3
                Malicious:false
                Reputation:low
                Preview: MSCF............,...................I........T........bR. .authroot.stl...s~.4..CK..8T....c_.d....A.K......&.-.J...."Y...$E.KB..D...D.....3.n..u.............|..=H4..c&.......f.,..=..-....p2.:..`HX......b.......Di.a......M.....4.....i..}..:~N.<..>.*.V..CX......B......,.q.M.....HB..E~Q...)..Gax../..}7..f......O0...x..k..ha...y.K.0.h..(....{2Y.].g...yw..|0.+?.`-../.xvy..e......w.+^...w|.Q.k.9&.Q.EzS.f......>?w.G.......v.F......A......-P.$.Y...u....Z..g..>.0&.y.(..<.].`>... ..R.q...g.Y..s.y.B..B....Z.4.<?.R....1.8.<.=.8..[a.s.......add..).NtX....r....R.&W4.5]....k.._iK..xzW.w.M.>,5.}..}.tLX5Ls3_..).!..X.~...%.B.....YS9m.,.....BV`.Cee.....?......:.x-.q9j...Yps..W...1.A<.X.O....7.ei..a\.~=X....HN.#....h,....y...\.br.8.y"k).....~B..v....GR.g|.z..+.D8.m..F .h...*.........ItNs.\....s..,.f`D...]..k...:9..lk.<D....u...........[...*.wY.O....P?.U.l....Fc.ObLq......Fvk..G9.8..!..\T:K`.......'.3......;.u..h...uD..^.bS...r........j..j .=...s .FxV....g.c.s..9.
                C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):326
                Entropy (8bit):3.1050175707984433
                Encrypted:false
                SSDEEP:6:kKjPkwTJ6YN+SkQlPlEGYRMY9z+4KlDA3RUe0ht:AwTJ6HkPlE99SNxAhUe0ht
                MD5:4435A4045CDA990A2BF9200311BA70AA
                SHA1:3390D55BE4D1AD64B3382AB2B7986C483851B6EA
                SHA-256:E577A6575ED756D5F11AE198518F26DDC38028EA20A9216E1C3BF114CF9CAFEC
                SHA-512:93C106CB9CFFCD0850193D8E6BF16F8D36D883BCF5F384918EBF484DF33892577CF206866A94369C6595EA2876BEFEE9F5F2DF43C8BC5D50F4DCA16E587581C2
                Malicious:false
                Reputation:low
                Preview: p...... ..........s.8...(....................................................... ...................$...............h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".0.d.8.f.4.f.3.f.6.f.d.7.1.:.0."...
                C:\Users\user\AppData\Local\Google\Chrome\User Data\2771d987-3e2b-49b1-9382-ede308c7b541.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):164994
                Entropy (8bit):6.081415215175379
                Encrypted:false
                SSDEEP:3072:sr+we9QSr571ljD6v2CcDPvZaerIi8FcbXafIB0u1GOJmA3iuR5:cfAQwh1xFTJ4PaqfIlUOoSiuR5
                MD5:6078139B9259C745DB4041B377E5F2CA
                SHA1:BD870533D60876C97CAC85ABCD91C13136725C9C
                SHA-256:97975F762CD11F34C47B60115F2462E50F3A6A36FB0A573ABE7830664DABF633
                SHA-512:592B9B683796D3B18E83E165F4FF52A04CD76E61BD2B141B13221BE3EC1D0B0AC4B83D93A1A66FF2CB7E19075851A002B8A64CD78AF91A63C755932EAB97A52A
                Malicious:false
                Reputation:low
                Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.615000981260321e+12,"network":1.614968582e+12,"ticks":95286313.0,"uncertainty":4791476.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016607996"},"plugins":{"metadata":{"adobe-flash-player":{"displ
                C:\Users\user\AppData\Local\Google\Chrome\User Data\37bd9027-a796-427e-9309-9662bd698238.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):156506
                Entropy (8bit):6.05101753871169
                Encrypted:false
                SSDEEP:3072:bwe9QSr571ljD6v2CcDPvZaerIi8FcbXafIB0u1GOJmA3iuR5:MAQwh1xFTJ4PaqfIlUOoSiuR5
                MD5:8AF5A67FF56DF567BCFE302993AD2CFE
                SHA1:B8B0F69662FAB0402E6FF4284A52AFF0C23CE04A
                SHA-256:2B2F5A58DEB99BAAC45D6949EEFCDCD5D7E9B0BF836AC04300CAF962ACD34970
                SHA-512:7C130CEF46A0FF77C1A6FDDA148A7BF54485ED0457A84DF74BCEA682332588BFB326AE2CE194A3D05B2A35B0EE75712925520F8F7BE3023960647BD78674FDFD
                Malicious:false
                Reputation:low
                Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.615000981260321e+12,"network":1.614968582e+12,"ticks":95286313.0,"uncertainty":4791476.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016247721"},"plugins":{"metadata":{"adobe-flash-player":{"displ
                C:\Users\user\AppData\Local\Google\Chrome\User Data\60cbc03c-4a52-45eb-850a-024945dd1951.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):164994
                Entropy (8bit):6.081416013991336
                Encrypted:false
                SSDEEP:3072:skUwe9QSr571ljD6v2CcDPvZaerIi8FcbXafIB0u1GOJmA3iuR5:jtAQwh1xFTJ4PaqfIlUOoSiuR5
                MD5:CC38CA07321AB7E4986BCD4624CEF8AB
                SHA1:E4A97084615F2D3C28FC81E319593181F287384C
                SHA-256:BFDB77062CA240397F4B16365A2B13F9CA35DBD77CDEC840C6B18632C81B7D1C
                SHA-512:0BD423A6241BCBD9A35818A6AF02310C20475EE63346A59EF78F7C9F3F517490F23B5F1F3A1E0E85DBB054D49DBE903BE5255C4054351C32418DEED9B48CA285
                Malicious:false
                Reputation:low
                Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.615000981260321e+12,"network":1.614968582e+12,"ticks":95286313.0,"uncertainty":4791476.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016607996"},"plugins":{"metadata":{"adobe-flash-player":{"displ
                C:\Users\user\AppData\Local\Google\Chrome\User Data\625f7309-1688-4de0-80cd-69f69d0790ca.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:modified
                Size (bytes):95428
                Entropy (8bit):3.7365802603094695
                Encrypted:false
                SSDEEP:384:l/OlZnoGfQzLVU6poN5rCv9X3mpTyHjSGadrYLxxxmzfj+r8RmcIaoHZJx2Ov3JT:9m2hNuns+EenJLjIvDi3KZfdF5
                MD5:3D502865DC03A1737F25CB6C4E5D110D
                SHA1:06A9761BAA6E18E54F159A6178A5237EFCE35E4B
                SHA-256:1C0D2B6C6D5361DE96E7E3696E6D26AD2478D3A1B70FE8AEAEE0CB6D38C89119
                SHA-512:BE2ED7E5BB9EDC6F64CD24ACB926655BC60F3817EF85549169DD4427239510ED74E4137F5D700186960B82CDC303EED3EAE2E1D8623FC3C424471D9F76F31A4A
                Malicious:false
                Reputation:low
                Preview: .t..............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n...s38.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
                C:\Users\user\AppData\Local\Google\Chrome\User Data\63103cdf-ec74-4bbf-9ec9-29f49ca9b7f4.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):92724
                Entropy (8bit):3.736352495920218
                Encrypted:false
                SSDEEP:384:7/OlZnoGrzMpoN5rCv9X3mpTyHjSGadrYLxxxmzfj+r8Rmc/oHZJx2Ov3JNU1Bo9:m2hNunG+EenJLjIvDi3KZfdFx
                MD5:BA933B42DA3BC8D7E168ADC5A7997621
                SHA1:A170B7B112856577A13DF7A13EEDBD36EAF2C61B
                SHA-256:7736F0E9FCC5C3B0122A620C00DF85B373083D35940053B82F83E15CE4EEF367
                SHA-512:93B631A825F45E7B1CBEBFEAF2D0699B578CE36A7254AEA9F5087EFBB77F01B7FABABC993E46A561A3E2859B5BA00C046FCFAD936C0DCAEE6DA9F920E3588DB7
                Malicious:false
                Reputation:low
                Preview: 0j..............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n...s38.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):120
                Entropy (8bit):3.254162526001658
                Encrypted:false
                SSDEEP:3:FkXft0xE1G1mstft0xE1G1mstft0xE1n:+ftIE1G1mkftIE1G1mkftIE1n
                MD5:E9224A19341F2979669144B01332DF59
                SHA1:F7F760C7104457DF463306A7F7BAE0142EFCEB5B
                SHA-256:47DD519C226D23F203ACAE0EC44DF9BB6208828E24F726E1602EA52F63C3E2BE
                SHA-512:4184302DEB5009D767FECFC150F580DD57D5CF9CF3BFEB7E52C9F3340E5E6499251B9F0DFF37F0454411FED9046880E0A9204312D021294256372C916B8155AC
                Malicious:false
                Reputation:low
                Preview: sdPC....................s}.....M..2.!..%sdPC....................s}.....M..2.!..%sdPC....................s}.....M..2.!..%
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5cf14e95-ca6e-47e2-86a4-cb5d9046933a.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):5704
                Entropy (8bit):5.197774773350081
                Encrypted:false
                SSDEEP:96:ni9ytq4UHcVaok0JCKL8hZwkWh1gMbOTQVuwn:ni54Icv4KmwkWhu2
                MD5:A153EDCC147584C39D17C59E1E90773F
                SHA1:E2FCFE8DDCDAA63E0EB3CAD25225D0BB4A53B38D
                SHA-256:CF113D875B5C71C1DB8D00F19466069B405342E4E8DFA7B0198FB3788DC49241
                SHA-512:49805F35235971AA5D113F8783AC627E2FEF75B1E123AF8D1A342B0B630C19D8D7CF9C3754FCE5ABCEDDA5C898213430825806324FE6D4ADD951A63530BA0B49
                Malicious:false
                Reputation:low
                Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13259474578468056","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6cbd6e40-ca0f-4f1a-94a5-90dbcaa5122b.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:very short file (no magic)
                Category:dropped
                Size (bytes):1
                Entropy (8bit):0.0
                Encrypted:false
                SSDEEP:3:L:L
                MD5:5058F1AF8388633F609CADB75A75DC9D
                SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                Malicious:false
                Reputation:low
                Preview: .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):334
                Entropy (8bit):5.2397657727363365
                Encrypted:false
                SSDEEP:6:mf9BmL+q2PWXp+N23iKKdK9RXXTZIFUtp69DyT1ZmwP69DyFLVkwOWXp+N23iKKU:K98yva5Kk7XT2FUtp69Dy5/P69DyFR53
                MD5:DC83FCE69E97DA42D56F98A68A1FEB84
                SHA1:48021EA0F501EF65C3BAACC46E2BCBAE89887AAE
                SHA-256:F653488331984DE45D095F31950C792A8DD67DC92F82BC4A9CC2CD44A5A272A4
                SHA-512:8DCE4647274E0717B3CF8B62E5C9B43C22D6AAE018F1B24DA00D509116F5E2427A36548B2025848C0AFF1481BD8A29A9F56BBF4CF5B0825ADCAFD1AC881BDF59
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:23:05.814 1ac8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2021/03/05-19:23:05.816 1ac8 Recovering log #3.2021/03/05-19:23:05.816 1ac8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):318
                Entropy (8bit):5.183908672101759
                Encrypted:false
                SSDEEP:6:mf9W2SL+q2PWXp+N23iKKdKyDZIFUtp69FyHz1ZmwP69pFLVkwOWXp+N23iKKdKy:K9yyva5Kk02FUtp69MHZ/P69pFR5f5K1
                MD5:A30D8C4120A71B8FD607DA5C66D4972A
                SHA1:927E1EC48D31EE5DA188E5D4747AC67EFD418EBF
                SHA-256:DC5E423E642FD64595530FA1CCA93E97615E8A56F074032E26B9A1F2A1BEA0CB
                SHA-512:E7645D1D096FBBEBE69B643CF2719FCFF59217DDEB97104DBC073A865D6860E6D2738E3125472D5FB8A74A23886652E0AF0CFAB3B96FC8570F3D14377570D2AB
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:23:05.809 1ac8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2021/03/05-19:23:05.810 1ac8 Recovering log #3.2021/03/05-19:23:05.811 1ac8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:SQLite 3.x database, last written using SQLite version 3032001
                Category:dropped
                Size (bytes):8192
                Entropy (8bit):1.3480277290359024
                Encrypted:false
                SSDEEP:24:TLyqJLbXaFpEO5bNmISHn06UwIpgAZOZD/i:TekLLOpEO5J/Kn7ULpNOZi
                MD5:89E5A8A162FCE992BEFA4C8711F8C714
                SHA1:A4C1FF46DFAF9EC369563D0A919EA7E9B7B36012
                SHA-256:2402535A1E05BEE5C9C8349AA89661AE3D2A4716A3B6E01C76B2A7F8B0AFE3D3
                SHA-512:C175B13882553933BDF526244CA4263F759D5303BDF9879F6A63A5301475416F07DD494A2C9DCC9F0B7BC4C9726F505F33E53604D13F77801543A9F75971AEC5
                Malicious:false
                Reputation:low
                Preview: SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):8732
                Entropy (8bit):1.3106970887346463
                Encrypted:false
                SSDEEP:24:06cLgAZOZD/pqLbJLbXaFpEO5bNmISHn06Uwmgz9:p8NOZpq5LLOpEO5J/Kn7UBgz9
                MD5:134694601A427DFADF1B2746AEC9264B
                SHA1:44473143ECF8997C30DCE700BBEA4A50D84036EB
                SHA-256:F8E76EBCADDF8CC68450F8A8569100804F8AA55B94C54747058F5DFA48CECFB8
                SHA-512:8D758FC6240FF832ED987A29B5652ADB1B5D28CCD5369456209753158FBB37D350CBD91E9B764D4E763A892A390B033A36AF7A1388799116F69AB9A9B215D18E
                Malicious:false
                Reputation:low
                Preview: ...............G........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):1827
                Entropy (8bit):3.3685697262321552
                Encrypted:false
                SSDEEP:24:34SAYHlrlA5lWJms6QJmmZl1tZmfu6HV99Abh/sVG8wLRUseh/sV2klL:34Sxi1s670MfusV9NVG8wLiaV2sL
                MD5:5B75237D32AD401197848C9C81828B95
                SHA1:F4581B15543FC69D6B16E9927561A3A0FC3C1A80
                SHA-256:4BB12F8EFBCCA9C108EDE69E8F057239D61039862D0EAF732B1495CDD8FF97BE
                SHA-512:4C4E44A3DF21EA032612F8F79BEFCFDA8323D2A6D55062DB3175E55173C827372D9D74038B7606DD505C8811E0F5CAA87A91D26CCF89613E28E254EEF3D4A25F
                Malicious:false
                Reputation:low
                Preview: SNSS....................................................!.............................................1..,.......$...b2335e72_2346_4339_8a22_163f82f7b0e2......................%+..................................................................................5..0.......&...{524A03AB-861D-4591-9B4E-BDD69F9D425A}........................................Q..L...........'...https://communilives.com/FIRSTAMCD.html.....................................................h.......`.......................................................2......3..............................................V...'...h.t.t.p.s.:././.c.o.m.m.u.n.i.l.i.v.e.s...c.o.m./.F.I.R.S.T.A.M.C.D...h.t.m.l...................................8.......0.......8....................................................................... .......................................................'...https://communilives.com/FIRSTAMCD.html.......y.l./..................................................................................................
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):8
                Entropy (8bit):1.8112781244591325
                Encrypted:false
                SSDEEP:3:3Dtn:3h
                MD5:0686D6159557E1162D04C44240103333
                SHA1:053E9DB58E20A67D1E158E407094359BF61D0639
                SHA-256:3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
                SHA-512:884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
                Malicious:false
                Reputation:low
                Preview: SNSS....
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):183
                Entropy (8bit):4.267376444120917
                Encrypted:false
                SSDEEP:3:FQxlXayz/t2Hmwg0EOZL7Ao4uhFkEuRLKyC5Ei5+GgGg:qT5z/t2qoEwhXeLKBt
                MD5:7FA0F874EABF1EED31988230680AD210
                SHA1:E71B360F1E8D5C278A051AD03DFB9027ACCF38C3
                SHA-256:09E15F8939364145E710C314EBD93FD19BF60C2B6B20BF8023315D617B6B141B
                SHA-512:AF4C2E595AA0B1FD96474A0E73530B38BE5F2906B10BE1DEFC0A9221129A3E5BB8D0816777550863AD426C5C836ECA1F0C384986C2A1108E2E4CA20EF10A7824
                Malicious:false
                Reputation:low
                Preview: .f.5................i.Wd...............Sgdaefkejpgkiemlaofpalmlakkmbjdnl.declarative_rules.declarativeContent.onPageChanged.[]..F..................F..................F................
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):320
                Entropy (8bit):5.284327590875712
                Encrypted:false
                SSDEEP:6:mjVN4q2PWXp+N23iKKdK8aPrqIFUtpgIvJZmwP8zDkwOWXp+N23iKKdK8amLJ:cVN4va5KkL3FUtpZvJ/P0D5f5KkQJ
                MD5:89DFB6EE85BE4FA79C40F7B6F805A448
                SHA1:73C3EC16F31301281C55F2C639A761AD4A25694F
                SHA-256:77DB6A6CB5454CCCEB528D1E578A8EE437226B12B9AAEDFA6CD47B7149842452
                SHA-512:675BC827C9A7CF982D7740321755B4D0D6CFE816FFC4C4A2463A71468230B0C142A817B9621F31FE529A99CF73E4A0B19C8948F016CAF7C205E1CEB222A0258D
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:22:58.472 1660 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/03/05-19:22:58.473 1660 Recovering log #3.2021/03/05-19:22:58.474 1660 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):627
                Entropy (8bit):1.8784775129881184
                Encrypted:false
                SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW:
                MD5:9D7435EA49A80FDD66E4915F513017F9
                SHA1:469F6C6E4B19B85CC1BE497812B2F20864F4FF2C
                SHA-256:409D4C47E940688527D730B996E8991E010988C7671565467ED69D640D0947F3
                SHA-512:0561CD632D4219AEF4686DE40EC092921384CA89755D354801E0EAEC8645A8630A180807AF518AC8FCF01F71EB3D10FAA9CE1E62C7A7226A274975BDCB7EEB4C
                Malicious:false
                Reputation:low
                Preview: .f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):320
                Entropy (8bit):5.167305060299926
                Encrypted:false
                SSDEEP:6:mf9VPL+q2PWXp+N23iKKdK8NIFUtp69VgKWZmwP69VvzlLVkwOWXp+N23iKKdK8n:K9VD+va5KkpFUtp69VgKW/P69VvRV5fa
                MD5:5C2AFF41ADA4BD6BFCD8CB8AED1E39C9
                SHA1:5BA0E23B76308B3901CB4A03A4FBB0C6F5CE6122
                SHA-256:99711AD94B47D07E63F31D8BD68DC1CFD0A5C8EC3A1BC7BF74F1BACCF81A111A
                SHA-512:851C18C322939753543966EA2D8845F7F402A873F8F1E7C4DE82F30AF7C61630C0957A8FFFDADA1A79476422A113CCD0AF05846A82A00A8717DE988D0B2661D7
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:23:00.537 103c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/03/05-19:23:00.538 103c Recovering log #3.2021/03/05-19:23:00.539 103c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):11217
                Entropy (8bit):6.069602775336632
                Encrypted:false
                SSDEEP:192:GbylJnlTwGB7V9Hne4qasKxXItmLG48gcLg/PkI:Gb+nldByaFx4toj8VEPT
                MD5:90F880064A42B29CCFF51FE5425BF1A3
                SHA1:6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF
                SHA-256:965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
                SHA-512:D9CBFCD865356F19A57954F8FD952CAF3D31B354112766C41892D1EF40BD2533682D4EC3F4DA0E59A5397364F67A484B45091BA94E6C69ED18AB681403DFD3F3
                Malicious:false
                Reputation:low
                Preview: {"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAFMms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):11217
                Entropy (8bit):6.069602775336632
                Encrypted:false
                SSDEEP:192:GbylJnlTwGB7V9Hne4qasKxXItmLG48gcLg/PkI:Gb+nldByaFx4toj8VEPT
                MD5:90F880064A42B29CCFF51FE5425BF1A3
                SHA1:6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF
                SHA-256:965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
                SHA-512:D9CBFCD865356F19A57954F8FD952CAF3D31B354112766C41892D1EF40BD2533682D4EC3F4DA0E59A5397364F67A484B45091BA94E6C69ED18AB681403DFD3F3
                Malicious:false
                Reputation:low
                Preview: {"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAFMms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):23474
                Entropy (8bit):6.059847580419268
                Encrypted:false
                SSDEEP:384:7dNc1NC6IcafusK4H1IIGRlhKlkIALQWdynQh2RX4K6M1tVztzr7XSNyzH:7dOscSRKc1nGRSkIhEw6M1tf7SNyb
                MD5:6AE2135EA4583C2F06CDEBEA4AE70FA4
                SHA1:DCEB26C7F02D53B5F214305F4C75B4A33A79CDC2
                SHA-256:03AA1944CB3C4F39E20B6361571BC45DFBEBD3FFDA3D8F148CC6ECB29958F903
                SHA-512:B5945E67D9F73DD1982D687E5C6D9B5D6B3886C8050363A259755C76AC0F93651F3425FA7C21AA6A13977AC1C8C9322F998F131648CB8909096058D4F0D23312
                Malicious:false
                Reputation:low
                Preview: {"file_hashes":[{"block_hashes":["DOZdV3jFvk12AM2JNDYKo3KZrIVRprmJ+sVGWkqqE4Q=","rVElW3Hu3T52SzDDUqGT5YiJTBGUv2h3pNuBKFlhZ1U=","X/3fg4KZxgQ1jBr5QGq0F5JnflgE27UErd88mrxTcxs=","VibLbpy0ig+5INMOU71fTYN76iaka2XVpmm1qAKYsX8=","EChCwCbQHbHQ7oDdGT2qNyiRJ0yck2YC2emNGq4whtE="],"block_size":4096,"path":"_locales/iw/messages.json"},{"block_hashes":["xklkoZ7iSU1+7cd6DAtEmUC5lPFd+EgcbnzxkOiFwlk=","3KbsvoxKY/3AwqgF2aAdVQRpMhsNVRkQ3rx2A6Z2Z+Y=","o9+tsohquaCMj+70zeinRG/hBhA2uLoDl/WoC1uokME=","xV/K8xucyWJELVT8Cqn+ugFjobBVmg8pnmACF+2PP4Y=","p/mvJm2wuCl32Rx3it654MljKAsMe3S9IDEabc1A8mE=","j8mPrTb5oOsBTj2Fer78JE6xG6+kR64Cvu2SW8d3j/k=","nqSRpGQ3USU2bZJsZ+AzBmFOyann8omwJrhEWFZDTXc=","eTcQyJUuNuF9yCga/fXGyFCj/pysSceanhBzksdx23s=","Wj7faqnspelXKMvnduxHn1XUBG8TEOqyns7/oUihekM=","VtBwXoadI3EP336rAiL33Gz19KGqtN+RYdKnMKAXoLw=","iDgLXQqXJp8nCZxgLuC9LXM45DGfufvGnXvmHsn18wc=","g+RfdDfrWTUK0Pkcsbot7NJ4SC9wVRV/dVVMuHAtEj8=","2oC4HcCuXu3VjFf6wnKlznt9uqQNaebcuWpm/mWj69U=","aMUIpuFqPMiieSaWhIktCK62v2P3OZQAWupWsYzCnvk=","L
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):19
                Entropy (8bit):1.8784775129881184
                Encrypted:false
                SSDEEP:3:FQxlX:qT
                MD5:0407B455F23E3655661BA46A574CFCA4
                SHA1:855CB7CC8EAC30458B4207614D046CB09EE3A591
                SHA-256:AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
                SHA-512:3020F7C87DC5201589FA43E03B1591ED8BEB64523B37EB3736557F3AB7D654980FB42284115A69D91DE44204CEFAB751B60466C0EF677608467DE43D41BFB939
                Malicious:false
                Reputation:low
                Preview: .f.5...............
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):372
                Entropy (8bit):5.265530129386368
                Encrypted:false
                SSDEEP:6:mf9WKL+q2PWXp+N23iKKdK25+Xqx8chI+IFUtp69WtEE1ZmwP69WtESLVkwOWXpi:K9fyva5KkTXfchI3FUtp69H6/P69HSR6
                MD5:B491D4393316170CAB88B840B658B5AE
                SHA1:20AC889E93C99B9FAB7C330E9732D23A8E0DE098
                SHA-256:86F312E9BD6C6319AF52DEF3D5738875326B15DA8869A4990DFBA644CF945BDC
                SHA-512:1271B21DFFC14F8B2DC6E6CAEE3F6A26D56ADC7844B27337E9ABBC9BD6F3E32E2379CF6419A853E5CF1AF8D96A5827EC0905369A0C0878BDA11D0BC7921753F9
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:23:05.626 1ac8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2021/03/05-19:23:05.629 1ac8 Recovering log #3.2021/03/05-19:23:05.629 1ac8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):358
                Entropy (8bit):5.213995212715525
                Encrypted:false
                SSDEEP:6:mf9WfL+q2PWXp+N23iKKdK25+XuoIFUtp69WXEE1ZmwP69WXESLVkwOWXp+N23iM:K9Kyva5KkTXYFUtp698/P69sR5f5KkTZ
                MD5:A3261482B388DDF68282764C61057F56
                SHA1:51C3E7C5F0819C27497248A6107C91713381434E
                SHA-256:E4D856024EDF2C19326A3F37939C82B246427FCF5FB74D342DC4043A68BBA3FF
                SHA-512:1484D41EAC07899656339EA37532C721B1B4A35D44CE1CAC931CC8DEFE5C7A6B96A6D706460A5511F56F45D2ADB32052ACB3A28B1881F4A6C65E5A91B2F997F7
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:23:05.621 1ac8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2021/03/05-19:23:05.623 1ac8 Recovering log #3.2021/03/05-19:23:05.623 1ac8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):330
                Entropy (8bit):5.239158250221982
                Encrypted:false
                SSDEEP:6:mf9UHL+q2PWXp+N23iKKdKWT5g1IdqIFUtp69ME1ZmwP69MSLVkwOWXp+N23iKKg:K9UHyva5Kkg5gSRFUtp69M6/P69MSR5b
                MD5:818239290071EA2611B967761F6D5BD4
                SHA1:ABE8B3BCDDC3D4754331DC349B336C9F1EC338D0
                SHA-256:C1483A6489A5C365D384896648F1A92E2D0B4F62B6498F6C7E86C43A05EB639C
                SHA-512:3587B86CAF2CA15A1BBA5750A336C3C3B8519EB626DCEE8D86B117008DD4370B71C6CCAFE135FB6943FCEF42F1F37125747A8454F1E4DD3AAD917FC62BFC8AC1
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:23:05.609 1ac8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2021/03/05-19:23:05.611 1ac8 Recovering log #3.2021/03/05-19:23:05.611 1ac8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:SQLite 3.x database, last written using SQLite version 3032001
                Category:dropped
                Size (bytes):32768
                Entropy (8bit):0.17767285084967396
                Encrypted:false
                SSDEEP:12:TL+A/bPOEfJGILYVyxZ6fYg0tN9jEQbBRsMajUFK9GILYVygG:TLxbb/sVz0tNGMAMLo9/sVTG
                MD5:1611CA10B4DF52C9E94E55041D93008A
                SHA1:5FD581DD329D44C10A31E89312F785C42BA46238
                SHA-256:38FAD1BB6EA0C641BF46222256CCDAA0C6D2DD8ECC36F819CE42545D53F422FF
                SHA-512:22FE58A4689B1254DDBC9ECFB638D350DB6EE06F02361F1B916CF7CF2862ACD9AE34ED7102A5070B4E93FB34069C5AB308EB53D399F87F5794D97AE707D619C1
                Malicious:false
                Reputation:low
                Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):566
                Entropy (8bit):5.3052521984519565
                Encrypted:false
                SSDEEP:12:q3CE1vkFxpogF1CjRtuj+qIiyvcUBk778B/xgskJbERgVN8hV:q3J8H/CjlqIiyvvY78BJgskGCVNCV
                MD5:A3EA914CF36161C01BE0FD5A4661A4FB
                SHA1:28339509EA31D7ED19E425DAA438669C359C481C
                SHA-256:3FD7B6CAAC314CF53BE04F17F1ECB8DE93BB4533427DBC79E49D97A2E16F9DDF
                SHA-512:CB178AC818BF8120B350619F29DDEC712ACA0DA1A4A8B6352375FD51409D952A9B0131EF3178A219BC1483CFA2DFB9A3E3B2BF534AAE7E2B8FADCB5EE8F06C05
                Malicious:false
                Reputation:low
                Preview: ............"E....com..communilives..encryption..firstamcd..html..https..proofpoint*a......com......communilives......encryption......firstamcd......html......https......proofpoint..2.........a........c...........d........e.........f.........h.........i...........l.........m...........n..........o...........p..........r..........s..........t............u........v........y...:A.................................................................Bd...`...... .......*'https://communilives.com/FIRSTAMCD.html2.Proofpoint Encryption:...............J.............#....
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):42076
                Entropy (8bit):0.1167180692545508
                Encrypted:false
                SSDEEP:6:8vE4/qfBWg9bNFlWCj/lTS5Kl3lS04/fMt76Y4QZVRtRex99pG/AqR4EZY4QZv8P:WwoqLBj/pS5+3lS04nMWQA9LcBQZ8fOa
                MD5:914A6887239C4749F133D648D37F2379
                SHA1:003746E9B8F196572FEBDCC1DEBF9C3E63D6AB6C
                SHA-256:4FDABFF2C87CB6444EDCBE8F897B9A7D9C122CBFD07BD7212E11FFB3ADA49847
                SHA-512:F33BB078CEBA042A1A1F7DEFF69F9590DE7E93464DC1536F7C801B7D70A2F347695D5F003008387DAD23B2C69D36386A0A93E5E45642D19758A26F780CECD952
                Malicious:false
                Reputation:low
                Preview: ..............zb........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):2955
                Entropy (8bit):5.481092011879403
                Encrypted:false
                SSDEEP:48:uZuNG51uRga7rgMC8dbZwUEbQSefgGWNrS0U9RdiN9q:ula7EMBdbZwUEbQ5fgGKrS0k
                MD5:F9C85854C0823AC58B1991955A5C755C
                SHA1:05ECCAC80F3862A76715A3571530799C4A50DE39
                SHA-256:C870050D20FE09E8DCE4574C1AD790452C0D9EE17013F0EE40ABC86D1543318A
                SHA-512:607CFB355776BE69A27EA3FCD708390D21F8B60A071CCBCD71ADD7C591E52AA8745DB43BC57DFE9E53FD720CD9E344D8ED6FEEC58316C0F59CFE7E05CC5E777C
                Malicious:false
                Reputation:low
                Preview: ^E<=...*............8META:chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm.............Y_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.HangoutSinkDiscoveryService;.{"cache":{"sinks":{},"g":{},"h":null},"manualHangouts":{}}.a_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.IdGenerator.cast.RequestIdGenerator..427794000.H_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.LogManager...["[2021-03-05 19:23:07.06][INFO][mr.Init] MR instance ID: 8af206ff-5755-4c45-992d-c3ebfd6d62f2\n","[2021-03-05 19:23:07.06][INFO][mr.Init] Native Cast MRP is disabled.\n","[2021-03-05 19:23:07.06][INFO][mr.Init] Native Mirroring Service is enabled.\n","[2021-03-05 19:23:07.06][INFO][mr.PersistentDataManager] removeTemporary_: 163 chars used\n","[2021-03-05 19:23:07.06][INFO][mr.PersistentDataManager] initialize: 163 chars used, 67 other chars\n","[2021-03-05 19:23:07.07][INFO][mr.CastProvider] Query enabled: true\n","[2021-03-05 19:23:07.07][INFO][mr.CloudProvider]
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):332
                Entropy (8bit):5.244987736029351
                Encrypted:false
                SSDEEP:6:mLjlyq2PWXp+N23iKKdK8a2jMGIFUtpGz1ZmwPbRkwOWXp+N23iKKdK8a2jMmLJ:EjIva5Kk8EFUtpGz1/PN5f5Kk8bJ
                MD5:D8EFE650B42BCAEF789899E8CB5C90E3
                SHA1:25B5646CE9D195A0DB664EA7CE2DAD3804E7AA1B
                SHA-256:71B048FBC6BB466C25C0420D1654EB3564F00A14459EB9D3C4F3C627B5A03370
                SHA-512:78A2CB6FD16940A05EC0D58C635FCAE80C8B2F1CFD11A23DA0AB1E8E0CC8F2FF652B3E11F65980FF60B25725A9F883891C788FB4353EA40547F2C8F509471F85
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:22:58.335 1794 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/03/05-19:22:58.337 1794 Recovering log #3.2021/03/05-19:22:58.338 1794 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:SQLite 3.x database, last written using SQLite version 3032001
                Category:dropped
                Size (bytes):24576
                Entropy (8bit):1.119297999620749
                Encrypted:false
                SSDEEP:48:Trw/qALihje9kqL42WOT/Yjtbw/qALihje9kqL42WOT/Ztb:vOqAuhjspnWOgOqAuhjspnWOttb
                MD5:758C59E9DA349C9C3444047DFAD50834
                SHA1:6FEBBDDAE1DA6D032DF2E8FB16D27F50C5863030
                SHA-256:FC9A10996B38BAEFAD6A8A5BF477A3568794CAFCEF85A72E474D430E815D0CCA
                SHA-512:190941CA107467AF2EA51F58F960FC8C7EFCB097FDF5ADE9781D3FDF0BFC6F3052F53F7556FE168508D4A5FEEAC4A9C4C37D8B85BA56AF5462ED08B5E26A4A47
                Malicious:false
                Reputation:low
                Preview: SQLite format 3......@ ..........................................................................C.......,......\.t.+.>...,............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):25672
                Entropy (8bit):1.019534016415279
                Encrypted:false
                SSDEEP:48:pgq7w/qALihje9kqL42WOT/RNRqrw/qALihje9kqL42WOT/MY8:pgUOqAuhjspnWOV7kOqAuhjspnWOwb
                MD5:ED254515F3434797995A04AD81AE36E7
                SHA1:8A040E1C754627FC8BAFC3567CA5A31FF9E108FB
                SHA-256:1AEE0E3345996C0410B73F314690290F06A7838AE4A06F85BEB3205958EC6C10
                SHA-512:05EAF6EEF7EA0C99765C33903A7FB936594E523DEF1B19541F178E13BFC453823BF5FD8E7933B028A8A666B58F3486B7E8FF2A338A146A1DFCE92BD2CBFA0091
                Malicious:false
                Reputation:low
                Preview: ............V..j........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):334
                Entropy (8bit):5.207837106481032
                Encrypted:false
                SSDEEP:6:mAlL+q2PWXp+N23iKKdKgXz4rRIFUtpyFKWZmwPyTLVkwOWXp+N23iKKdKgXz4qG:J+va5KkgXiuFUtpyFKW/PyHV5f5KkgXS
                MD5:B3C58D27ECFFD64BE460A8BC9EC9E9B4
                SHA1:BAFA132054AC71A278E7A75214AE8C419B540F5A
                SHA-256:117CCC02E402B7C34DBD529338E6DF41E6454745D0EC7F69743E4D6520160D75
                SHA-512:F2A26082FDD925E29740C0F1E3E80E59C0CC15267DD80DD1FB79833833B1639B12D18867D40A16089C002A312864F055FC2063037218116785BBECE21DCF1DAD
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:22:58.499 103c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/03/05-19:22:58.500 103c Recovering log #3.2021/03/05-19:22:58.500 103c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):114
                Entropy (8bit):1.9837406708828553
                Encrypted:false
                SSDEEP:3:5ljljljljljl:5ljljljljljl
                MD5:1B4FA89099996CE3C9E5A0A9768230E8
                SHA1:9026E1E0906E3B3FE0E414EE814CC5A042807A04
                SHA-256:537818AAFD0902A8B2D58B483674391E33E762B5E1E8CD226D873098CCE9C8F9
                SHA-512:4279C9380ACC5AB329EC6BCDA10CCF0A7437CEF63845B63E741CE517042CFE83340D2D362DD6B9E039BF55E61F484CCF72B8FD8477D1D0292E0B879CB949461B
                Malicious:false
                Reputation:low
                Preview: ..&f.................&f.................&f.................&f.................&f.................&f...............
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):320
                Entropy (8bit):5.21469509019053
                Encrypted:false
                SSDEEP:6:mLIv4q2PWXp+N23iKKdKrQMxIFUtpOzJZmwPOzDkwOWXp+N23iKKdKrQMFLJ:34va5KkCFUtpWJ/PWD5f5KktJ
                MD5:C1B64F412EC26F628F99B4244DCD7098
                SHA1:A2B11B02FAF47F4ED2091043537DACA06063E215
                SHA-256:4D78DB2D85C9ECB7952857091A472DB7B53C41ACFCDC136E6BFE9F9AC89BBEF1
                SHA-512:631A683A50B083DA5D7198AF4C74A739684E097D785A9B84933AEEEB8068C60DC7419F093E89603F042EA61602E4C1FE4F18EF13F3E77A42C8E57A8B2EBE72B2
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:22:58.413 1660 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/03/05-19:22:58.414 1660 Recovering log #3.2021/03/05-19:22:58.414 1660 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):348
                Entropy (8bit):5.200706164272033
                Encrypted:false
                SSDEEP:6:m68Vq2PWXp+N23iKKdK7Uh2ghZIFUtpQrgZmwPQrIkwOWXp+N23iKKdK7Uh2gnLJ:j8Vva5KkIhHh2FUtpQrg/PQrI5f5KkIT
                MD5:17097D0B4D420FBDA0E682DB1807DFAE
                SHA1:D02C1A7DE5B75C6232552D1ADC072764595E1984
                SHA-256:57F3820798C1DC656E9791BD41791E86EFF6AC77AA1268B1F7F38C24207037A0
                SHA-512:3121E64F21DB3EDD0FFE075478C7F95A1087FB003ADA1F54A7BB1F5E7E6F58A899D6697DC0BC2B27FFA992EC0269EB9B8F0C789C4E4401DC270970827FEE60E9
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:22:58.249 1614 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/03/05-19:22:58.250 1614 Recovering log #3.2021/03/05-19:22:58.250 1614 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):296
                Entropy (8bit):0.19535324365485862
                Encrypted:false
                SSDEEP:3:8E:8
                MD5:C4DF0FB10C4332150B2C336396CE1B66
                SHA1:780A76E101DE3DE2E68D23E64AB1A44D47A73207
                SHA-256:18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
                SHA-512:51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
                Malicious:false
                Reputation:low
                Preview: .'..(...................................................................................................................................................................................................................................................................................................
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):430
                Entropy (8bit):5.300016582356521
                Encrypted:false
                SSDEEP:6:m6Tz4q2PWXp+N23iKKdKusNpV/2jMGIFUtpCJZmwPRNDkwOWXp+N23iKKdKusNp+:VTz4va5KkFFUtpCJ/PRND5f5KkOJ
                MD5:FEBC14F13A924F1DA0A2C4CCC0901461
                SHA1:B1CFC6F215AF4B99DEDB240D36439F4A890B5D88
                SHA-256:CAD6C15B3CCBA937FE004405C57E14D9250AC2078F78E48B4B6AC7E3055C2DB7
                SHA-512:60C31B7DA9306477DEE0A2D8AFF9AFAA838CF8A2FEB797208581D8EBC30D06C0DF554F9CA8F95E95AD01EFF2A865710A9AF2A4A803B92945F5BC9F2F3F99764F
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:22:58.442 1660 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/03/05-19:22:58.443 1660 Recovering log #3.2021/03/05-19:22:58.444 1660 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):432
                Entropy (8bit):5.348391028601878
                Encrypted:false
                SSDEEP:6:mRyq2PWXp+N23iKKdKusNpqz4rRIFUtppz1ZmwPSRkwOWXp+N23iKKdKusNpqz4n:xva5KkmiuFUtppz1/PG5f5Kkm2J
                MD5:29C087A08AC18AB9DF730E13D9E10CDA
                SHA1:0010D25C75D0798F7AF55328A6A677CE3AA08340
                SHA-256:DA2793047C47171F925F62336027560E409D75484797EE57293772A353C8B717
                SHA-512:BDC119385AC26FC409BB8CD35A7918E44633F8A6F969531ED7E9A57968B5AD80349E3B6FF9F6182686D3C8D0DC326B0CBA99A8F0A101C800FB7B444E8AC0BCFC
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:22:58.494 1794 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/03/05-19:22:58.495 1794 Recovering log #3.2021/03/05-19:22:58.496 1794 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):19
                Entropy (8bit):1.9837406708828553
                Encrypted:false
                SSDEEP:3:5l:5l
                MD5:E556F26DF3E95C19DBAECA8F5DF0C341
                SHA1:247A89F0557FC3666B5173833DB198B188F3AA2E
                SHA-256:B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
                SHA-512:055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
                Malicious:false
                Reputation:low
                Preview: ..&f...............
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):418
                Entropy (8bit):5.276752033878849
                Encrypted:false
                SSDEEP:6:mfm4q2PWXp+N23iKKdKusNpZQMxIFUtp6UJZmwP6UDkwOWXp+N23iKKdKusNpZQq:Km4va5KkMFUtp6UJ/P6UD5f5KkTJ
                MD5:247322190BBA2A6A85E487699FB4E6AC
                SHA1:D85809E3757840EA98B3C6E2EAB2D84D32D9FC92
                SHA-256:F8885681D169FDF713E4056D4A97B90C8F9930FBE2FC12197C3AA186D899861E
                SHA-512:716FE53AEE7DC28C1E4CE72E9E984676516E7722EBE0347039022130971A97BC390DB13FDF154C9BF8023F0428FCDE0A82521BE2E2EDDAF393944FD9FA78E247
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:23:14.623 1660 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/MANIFEST-000001.2021/03/05-19:23:14.625 1660 Recovering log #3.2021/03/05-19:23:14.625 1660 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\f2f4f56a-deef-4b08-ab5a-c8cb3fc3c0d9.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):420
                Entropy (8bit):4.985305467053914
                Encrypted:false
                SSDEEP:6:YHpoNXR8+eq7JdV5qQlsDHF4xj70PpqQEsDHF4R8HLJ2AVQBR70S7PMVKJw1K3Ky:YHO8sdBsB6MAsBdLJlyH7E4f3K33y
                MD5:C401B619D9D8E0ADABC25A47EE49CFBA
                SHA1:C9D3B816DD3FBCD98E9C0A32CEC7B501EFC0BBDA
                SHA-256:8F5D75F5EF9876E8D30CE477509F735B50C4D87DBEDB433BE8EDBE6D4B3CB82F
                SHA-512:BC12F16CB95CB0AD708C6BBD005EF863A8552613E612F1084086E0F8262752E1B5144D044F0D141CE8462CC33343C36B517A5CC778751680485D8F88FB51B862
                Malicious:false
                Reputation:low
                Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248543490879170","port":443,"protocol_str":"quic"},{"advertised_versions":[73],"expiration":"13248543490879171","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\679d853a-4124-4c82-af2c-39ca53cd62f6.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):420
                Entropy (8bit):4.954960881489904
                Encrypted:false
                SSDEEP:12:YHO8sdvBVSsB6M/BVSsBdLJlyH7E4f3K33y:YXsdvjX6gjXdL3yH7n/iy
                MD5:F4FEFEEEC722772F9DC0FCE1B52D79B5
                SHA1:00EECFA3B37113D30E7D43BE4383C540F3D93D4D
                SHA-256:D33E13C12004A700F246D8C73709114A881609D658E045D54DE36874728D07F0
                SHA-512:41E61EC89366800FD5F4DD704E53B47DE29411B9088B46349A0A350758D08569C14DCC70CF8D6A6FE6D049CB6D32F2B091153E8148A1B5857BD7AF13492071BE
                Malicious:false
                Reputation:low
                Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248543498399332","port":443,"protocol_str":"quic"},{"advertised_versions":[73],"expiration":"13248543498399332","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):592
                Entropy (8bit):0.19535324365485862
                Encrypted:false
                SSDEEP:3:8E8E:8N
                MD5:B505641E5E90B7CF4BC869DD1B4BE451
                SHA1:0EC7B13DC043E054AB48B8F45FE49EF1209C01AA
                SHA-256:2755F85F14CF33404CEEBF053D0CB79DC3B98D643A51075737E6A5BE154FE1D9
                SHA-512:610AF095630C93B0586F4D9CA84FA75454C472C557D4FDBC0D5C1851F9AABF8653079A7ADE4659ABADDEDC2E02E58AD13C7244CD004B0AA5A462307F293F83A3
                Malicious:false
                Reputation:low
                Preview: .'..(....................................................................................................................................................................................................................................................................................................'..(...................................................................................................................................................................................................................................................................................................
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):430
                Entropy (8bit):5.192356153826389
                Encrypted:false
                SSDEEP:12:K9xS+va5KkkGHArBFUtp69n/P69aNV5f5KkkGHAryJ:K99a5KkkGgPgo9K9Mf5KkkGga
                MD5:92A19A3841575A7A8CC75DEE3F084A75
                SHA1:7BBD15EEC31D7F4B492454DC6D24BD22186AB774
                SHA-256:DEF222A8DF5B5012B763F979E13DBC095414A6EB8CCA90EC8E8EA8D7C67F2E76
                SHA-512:33042A76874615FFB3D68940DCAD2C784CDAC6A3594C3B91CA62A97BBAC79EE7797BC3C9A2378802C648728544715D39CBB288346F73A19EC1065D33FDF5F8B7
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:23:06.016 162c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/MANIFEST-000001.2021/03/05-19:23:06.017 162c Recovering log #3.2021/03/05-19:23:06.018 162c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):432
                Entropy (8bit):5.203703234847125
                Encrypted:false
                SSDEEP:12:K9K+va5KkkGHArqiuFUtp69WKW/P69VV5f5KkkGHArq2J:K9ra5KkkGgCgo9Wo9Nf5KkkGg7
                MD5:4A0C9A034FCE8DC90C059AF69D58ED07
                SHA1:80B2B2C0384DBE87043AD01A0010068F362EF351
                SHA-256:97FE7231679A2DB1A9EF86FEE206AF0E9D81863C19B7A272450AE0E46C52718A
                SHA-512:349CCB02708E94B378AE1E405B4AE4874E5FEBE57D4AA51BE1DEB078A93E379C6955E57C744CCA1DB31BCB968F9F7CE49240857C4834AC3807A6DD5CED65C200
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:23:05.995 103c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/MANIFEST-000001.2021/03/05-19:23:05.997 103c Recovering log #3.2021/03/05-19:23:05.998 103c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):38
                Entropy (8bit):1.9837406708828553
                Encrypted:false
                SSDEEP:3:5ljl:5ljl
                MD5:E9C694B34731BF91073CF432768A9C44
                SHA1:861F5A99AD9EF017106CA6826EFE42413CDA1A0E
                SHA-256:01C766E2C0228436212045FA98D970A0AD1F1F73ABAA6A26E97C6639A4950D85
                SHA-512:2A359571C4326559459C881CBA4FF4FA9F312F6A7C2955B120B907430B700EA6FD42A48FBB3CC9F0CA2950D114DF036D1BB3B0618D137A36EBAAA17092FE5F01
                Malicious:false
                Reputation:low
                Preview: ..&f.................&f...............
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):418
                Entropy (8bit):5.184731573054575
                Encrypted:false
                SSDEEP:12:Kw4va5KkkGHArAFUtp6TJ/P6TD5f5KkkGHArfJ:KHa5KkkGgkgoIZf5KkkGgV
                MD5:BCF362808E25B4B8ADC1E84C7A0318D3
                SHA1:33FE357B0E93E6988A86C811D355BFC85BDF8CDD
                SHA-256:A4DEE093DCBD08453046863178CF68F612855FD9010842957E25F9FE646DF8A4
                SHA-512:9525E57EBA24398896601A95F830694BF111F9D996FAFD805F1CAB44FD0D878F9320997495B13F0BFAEA80CE57DE68A0A51CA41360C3A7E4898B2E175BDF34BD
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:23:21.214 1660 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/MANIFEST-000001.2021/03/05-19:23:21.215 1660 Recovering log #3.2021/03/05-19:23:21.215 1660 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):38
                Entropy (8bit):1.9837406708828553
                Encrypted:false
                SSDEEP:3:sgGg:st
                MD5:45A8ECA4E5C4A6B1395080C1B728B6C9
                SHA1:8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E
                SHA-256:DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
                SHA-512:8EE91A3A1E77459273553F6A776C423A8EE95DB9DCFA897771814B7AD13FD84F06BB2B859F22B6DDA384B39EAA91F1819F170BABED6DA16BDBCF5BCB06CF2124
                Malicious:false
                Reputation:low
                Preview: ..F..................F................
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):321
                Entropy (8bit):5.2469785916163705
                Encrypted:false
                SSDEEP:6:mSN+q2PWXp+N23iKKdKpIFUtpyJZmwPTVkwOWXp+N23iKKdKa/WLJ:vIva5KkmFUtpM/P55f5KkaUJ
                MD5:E578D6CF33C3DC38B9728F6B4E9631F6
                SHA1:1B76D622E93D8E89BCBBD8DA277530860354D544
                SHA-256:6A82C5A70FD700CF5414EACF6350C34D56369105C7DB77384B63BEB57948203C
                SHA-512:50ADD155C1599AE40D7371F64DDEAFE9B74DD5E7275249E663E13D4E7BC13BAC9F16C4141AC41EC2702BE01E44378F406E31CCF76504187C5933E26360EBBF04
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:22:58.270 c18 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/03/05-19:22:58.271 c18 Recovering log #3.2021/03/05-19:22:58.272 c18 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):402
                Entropy (8bit):5.310282623574286
                Encrypted:false
                SSDEEP:12:K9R4va5KkkOrsFUtp694J/P69GKzD5f5KkkOrzJ:K9Ya5Kk+go959GOf5Kkn
                MD5:635E0826485B323CA438DDBE60CFF0C7
                SHA1:AB0F60462A3B7ED93B668FE76BC65AADA28F8EE9
                SHA-256:731D2560D4EC0C5A2278B9256913F8E304DE8CB989D4DE616EEE8282338A085F
                SHA-512:7367016655E2C0458661D1C0391C3ACBF81BAE03A7B5DD04BCAE7DF923894E1FB00A4C32D49EAC45EF2FB5B711F3FB7A6A11690C04EF7BB5B699426B20BD7C17
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:23:07.101 1660 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/MANIFEST-000001.2021/03/05-19:23:07.102 1660 Recovering log #3.2021/03/05-19:23:07.103 1660 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):24
                Entropy (8bit):3.855388542207535
                Encrypted:false
                SSDEEP:3:Ohue/lz7hn:OXlzl
                MD5:54AD7D7A43DA39B10002F65907B9FC5B
                SHA1:2435A1FAB5D71A40F1801D953D7C46C177270A86
                SHA-256:06E44B9F1ABB78EFF505220DE4CB40C2C867CC0B342FE4D08B934FE27C025793
                SHA-512:9DC70A4C18B8755227AA0A93FA2CE7368F72EAE19BE504BAD2325D61A44FF3228DDA6E44214E22C4948FF2E73F1086A8CF78A7A6FAAE1603123B3DF503855FED
                Malicious:false
                Reputation:low
                Preview: .....z...7..........O.D
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\Chrome Web Store Payments.ico.md5
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):16
                Entropy (8bit):4.0
                Encrypted:false
                SSDEEP:3:SeFcn:Sec
                MD5:61B979ECA159ECAC9C7F8F1D6FD43E9D
                SHA1:0373696351FC2172E811DA8393DEC84036FA34A0
                SHA-256:AB05E0A6FF7E8FFF89F924B279D93AFC72ACCE817C4D250C60BB8059CC534303
                SHA-512:C95825DA33CBDDFA627D9FF9A5B8371BC5F4E643A09573B6E1E839A83B619F53D878C344030B9701DCBC24D4CECCC016CF4D298D10EE8C37D1B5FEC1A51682B6
                Malicious:false
                Reputation:low
                Preview: F......r...(R..
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\ec9143c0-5b5c-46a6-a98c-a74e943f18fb.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
                Category:dropped
                Size (bytes):175509
                Entropy (8bit):5.489440694064333
                Encrypted:false
                SSDEEP:1536:rKbsLAR2A4VBQV1111111111111Nr366R6faFR+up0y0y2im1OsFcgYzQNL9X:rKbsLAR2fe/FZntrslfX
                MD5:33EABC19FDF40F3D36B6870EF5861957
                SHA1:CF3EF59C3940B58C314E9F6A1616751553F2D9A2
                SHA-256:647D07F37554672865902B2CEE80864B5A5283C372C7263BB1497D5582054E57
                SHA-512:47CFEDB1FDBC9BC09905C70F69A5114C64A8FC791BCA480D24972275276F00CEB230C579B4217337F9C69ECB2AB3221A3B549F06E8074D76BCE2F31773FB69F5
                Malicious:false
                Reputation:low
                Preview: ............ .H............. ............... .p............. .h...n......... ............... ......... .... .....n...((.... .h.......00.... ..%..~H..@@.... .(B..&n..``.... .....N......... .(....D........ .w`...M..(............. ..............................+.O-8&]P>/^Q?-^&:?I.1;<....qye.f.%.......X...E.....I...k}....{.m.t.CP..........E...\...............=H..,A..,J..;P......................................................................................nnp}nnp}........~~~........!...!---2---2... ........................................(............. ................................!...7.#.:3,";3,!<.&'/............NPLYt.F.K.%.....L..C.....1...`...KOPVutz}..A.BxX.......P...Q.....1...x...tqpyxuux...0D..DP..........G...........uojuppnw....t|..9F..-=..+:..5:..rr......llkrkkmw................................ggitllkv................................hhgssss~............YY\eYY[e............nnnzXXXa.............................RRR\..........................................................
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a6352fa5-0191-44e8-8a8f-e646a01d2321.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):24072
                Entropy (8bit):5.533426018426513
                Encrypted:false
                SSDEEP:384:jBfthLlZoXx1kXqKf/pUZNCgVLH2HfDRrURHGhHGFnTFQfYvJ4W:BLl8x1kXqKf/pUZNCgVLH2HfNrUFGVGR
                MD5:4A8A708BDC53B360FCAC49BBFE715731
                SHA1:056422996653C706AFDE927DAF98083B2D1ABD74
                SHA-256:DBCA6FE4265D1E964645550DD2D9193ABA53C34994AB40A8C4328EDD0E18286B
                SHA-512:C5245776885247A4340DC1D58F15C9702B1D399C55E3E61AC3C7945D2150312145DE7DCDDC10D33C159804C5CC5DC8740638A4795F03E416342272A44C7CB5EC
                Malicious:false
                Reputation:low
                Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13259474578266874","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a92bcca0-644e-4769-a54e-b593b3aa4363.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):24074
                Entropy (8bit):5.5335529386395095
                Encrypted:false
                SSDEEP:384:jBftoLlZoXx1kXqKf/pUZNCgVLH2HfDRrURHGhHGGnTrfYEJ4X:ILl8x1kXqKf/pUZNCgVLH2HfNrUFGVGl
                MD5:00DB4D4BAE777971CB40637029D0F0AF
                SHA1:C9A34E62E561E6D998988D768FAB02A8AF48B420
                SHA-256:1E120F6F08603D4BECE42DF2EA563F04FD1162E8C9128AC1A9BCBD5A5D967936
                SHA-512:F44F047A051DC77FCBB6366FBF9EBF246A0D993BB0E141FC8D1D9FB38D213ACE0DF6B92B3EC23F7730FC06A0C1187EE9F9BEE0DD1C78009C4978667B9D5CF0DA
                Malicious:false
                Reputation:low
                Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13259474578266874","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c2be18d3-d43e-43b2-82da-aff9b7f88b77.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):4219
                Entropy (8bit):4.871684703914691
                Encrypted:false
                SSDEEP:48:YXsJjMH+5s7YMHBKsvxMHVzspxMHbsIHt/soBDysKqnsllzMHpDCLsWJMHLsNuMg:RG+ZGJG+GTTD7IGpD+G7Gp2GnG4GVhH
                MD5:EDC4A4E22003A711AEF67FAED28DB603
                SHA1:977E551B9ED5F60D018C030B0B4AA2E33B954556
                SHA-256:DD2C9F43F622F801FCC213CDE8E3E90EF1D0D26665AE675449A94CEC7EB1D453
                SHA-512:84D3930579FD73C7D86144D5CDC636436955BA79759273C740D2D72BC4847F2F7F165BBCA3EB2E4DFB01777D6A5F141623278C1BF74615C5A491092CE3FD1602
                Malicious:false
                Reputation:low
                Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248543677350473","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543677350474","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31344},"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248543501474403","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543501474403","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31656},"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248543501454993","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543501454994","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":39369},"server":"https://www.googleapis.com","supports_spdy":true},
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c3ea88f1-4311-4f24-ad81-844f02b93f83.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):5665
                Entropy (8bit):5.195764375419904
                Encrypted:false
                SSDEEP:96:ni9Poq4UHcVaok0JCKL8hZwkWh1gVbOTQVuwn:niJ4Icv4KmwkWhud
                MD5:4456F6AF0F5BF91E31F20EA346008466
                SHA1:58B09D5DA9CC85F752857A7838542693C178FD35
                SHA-256:12A14140CC78D6F6970BC05EB37D5A84894178B55853F9B21F150D50D0C46BA1
                SHA-512:5FAFF3E46C07B5F618D3596099A8A24DB4A980AD3FB1E8D9458A9B7EDC0B0B337A971CA69025F73E64B378144A9860DAFAB4B2FAC04D68559A1FC6038F15E416
                Malicious:false
                Reputation:low
                Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13259474578468056","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cb135af4-fb04-4895-a780-005ba23d5463.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):22613
                Entropy (8bit):5.535795433866108
                Encrypted:false
                SSDEEP:384:jBftoLlZoXx1kXqKf/pUZNCgVLH2HfDRrUHHGinTrfYGJ4N5:ILl8x1kXqKf/pUZNCgVLH2HfNrUnGinI
                MD5:AA7874F8CB789FA5DC1ACFAAEF65EE8D
                SHA1:ADC5306FDD0A1C2145F9EE0EF4218AD3414E3C7D
                SHA-256:C575A818F2315E67B6AAD096F5C4D553143544B408B5909B4F19AA23777B171E
                SHA-512:222206AA4E1D11E9034CB34329F70F0E14551570F4121969885BA52FE4508A0954F7516F5C85DBCDDBE7EE9CFA9B97C4C88496D25B4F29E74C310CD5A5CEADFE
                Malicious:false
                Reputation:low
                Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13259474578266874","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d30ed860-f804-430a-8faf-6a3a3a0b3916.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines, with no line terminators
                Category:modified
                Size (bytes):2629
                Entropy (8bit):4.902861292767299
                Encrypted:false
                SSDEEP:48:YALtSdNTntwCXGDHz5shQNRLshQjTshQKhQKRDFshQWzyKshQT3zsh+kzshubsh8:wNTnOCXGDHz5NhjLdKT6fTh2DpG2hH
                MD5:93EFCC587B224E8FF7E57D7020694319
                SHA1:D0847906F57065AD5A2901FA3874E8E2F1EE02BD
                SHA-256:305BDA748E45C8AE208CCB72C1D46BB68AE4E75471121C0058F65DEC48D0FA5E
                SHA-512:6AC702766C966E69464E79CEC0A414BC4DC26AE5C5F5970242312754CC84380414FBC54E56C6A2DE6E5496F5D3F246B2770F854AB9C84D1527274D1EBBB52446
                Malicious:false
                Reputation:low
                Preview: {"net":{"http_server_properties":{"broken_alternative_services":[{"broken_count":4,"broken_until":"1615001325","host":"officegrocery.com","isolation":[],"port":443,"protocol_str":"quic"}],"servers":[{"isolation":[],"server":"https://www.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://www.google.com","supports_spdy":true},{"isolation":[],"server":"https://ssl.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://fonts.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"isolation":[],"server":"https://play.google.com","supports_spdy":true},{"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"isolation":[],"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13262066583017265","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://accounts.google.com","supports_spdy":true},{"alternative_service":[{"
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):16
                Entropy (8bit):3.2743974703476995
                Encrypted:false
                SSDEEP:3:1sjgWIV//Rv:1qIFJ
                MD5:6752A1D65B201C13B62EA44016EB221F
                SHA1:58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B
                SHA-256:0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
                SHA-512:9CFD838D3FB570B44FC3461623AB2296123404C6C8F576B0DE0AABD9A6020840D4C9125EB679ED384170DBCAAC2FA30DC7FA9EE5B77D6DF7C344A0AA030E0389
                Malicious:false
                Reputation:low
                Preview: MANIFEST-000004.
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):136
                Entropy (8bit):4.46372831922852
                Encrypted:false
                SSDEEP:3:tUK9/W9Ql/0dTyZmwv37/W9QNXFE8v7V8s7/W9QNXFE8v7WGv:mf9S1ZmwP694VE8v7Vv694VE8v7tv
                MD5:444BD70390F007DFA9C6A20C25604E2D
                SHA1:B95E9617B602FC982574110FD178EF9596A05E27
                SHA-256:7771507857CD2A3A7FF4FAA430B03E6097865F6AA1D4B7A3FDA263A2E65D6E7B
                SHA-512:F2B3DCE8996082AB433E1616CD11B5A4DFA2339716DAE8B46BCAFC4241F1C231FE9C98D2DE59BC346FC7E1B07D2D9D70A38F0256D14933B234FF929F40D581AF
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:23:05.365 ae4 Recovering log #3.2021/03/05-19:23:05.422 ae4 Delete type=0 #3.2021/03/05-19:23:05.422 ae4 Delete type=3 #2.
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MPEG-4 LOAS
                Category:dropped
                Size (bytes):50
                Entropy (8bit):5.028758439731456
                Encrypted:false
                SSDEEP:3:Ukk/vxQRDKIVmt+8jzn:oO7t8n
                MD5:031D6D1E28FE41A9BDCBD8A21DA92DF1
                SHA1:38CEE81CB035A60A23D6E045E5D72116F2A58683
                SHA-256:B51BC53F3C43A5B800A723623C4E56A836367D6E2787C57D71184DF5D24151DA
                SHA-512:E994CD3A8EE3E3CF6304C33DF5B7D6CC8207E0C08D568925AFA9D46D42F6F1A5BDD7261F0FD1FCDF4DF1A173EF4E159EE1DE8125E54EFEE488A1220CE85AF904
                Malicious:false
                Reputation:low
                Preview: V........leveldb.BytewiseComparator...#...........
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\dd011586-4561-4f47-9535-d0dd007ca32c.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):5678
                Entropy (8bit):5.196748458246852
                Encrypted:false
                SSDEEP:96:ni9yGq4UHcVaok0JCKL8hZwkWh1gVbOTQVuwn:niI4Icv4KmwkWhud
                MD5:B500233C45BE68FC3D5C24475E5D171B
                SHA1:F346E59C77A5CBB1D404CFE3CD4AE18CD365FEE9
                SHA-256:9E0B20209AEFF21B3C73A5E3731CF4375BC28D76D990783EEDE51EF7984C87F0
                SHA-512:AB3296BEFEADF49C66753C1741FEF24E7700F16B72877929B5B1C5FBA35F192389479D9853E156C61BFE411C488898070C2858CF5254EA81E01BFC700ACC4C4C
                Malicious:false
                Reputation:low
                Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13259474578468056","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e19f8851-7e4f-4e5f-9c8f-9afd04208d79.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):22614
                Entropy (8bit):5.535744616363435
                Encrypted:false
                SSDEEP:384:jBftoLlZoXx1kXqKf/pUZNCgVLH2HfDRrUHHG3nTrfYWoJ4g:ILl8x1kXqKf/pUZNCgVLH2HfNrUnG3ne
                MD5:F8D1D0425B73F983D823AA5260A8ABF3
                SHA1:C5A701C79611A38CDF802320D7BD0EA148A36515
                SHA-256:974E94683A904A51B7EFB057D8C9736B958A00D47FBD67AE31A3604784DEA988
                SHA-512:4A3E69357D5116176BA8CBA4183279B88218E5B675B5CB6CFD55C433EF9C825E1FB59937B0E73DBCFC9B0945740CBB94921F9AD9558ED6EF2AA3CA5C47B2FE8D
                Malicious:false
                Reputation:low
                Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13259474578266874","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e7660960-e13b-4adc-93e3-4a76f68be881.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):1039
                Entropy (8bit):5.563470973045379
                Encrypted:false
                SSDEEP:24:YI6H0UhVsTG1KUerkq/HeUeXby2qUeXv9b7wUmRUenHQ:YI6UUhVseKUewqPeUer2UefhwUGUenw
                MD5:86D7A0AF9E24E1A8C2F4C43B9E99158E
                SHA1:480D9A5584A1BFA4865B40F7FE2A6BD708DED2C0
                SHA-256:26BFD654E04AA6EB196EFEF00B6F817E2541F190328F910B37D50D6CA97E7D37
                SHA-512:2508B1CED0D90D3DF42B7B1F40A01A2BD0505B65218BF196F1538415CF3045D21CE1D4C002350FBD127361DC084A9B2072BC4A343C6366DDFA4F341AB583F5DF
                Malicious:false
                Reputation:low
                Preview: {"expect_ct":[],"sts":[{"expiry":1633014077.350499,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601478077.350503},{"expiry":1633014077.22511,"host":"nAuqgR4iEWti7SOdT3UHPl6rmZU/DeaIm38P2O2OkgA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478077.225114},{"expiry":1633014092.4175,"host":"0J7rAWV0ouCFYJ9XrkDiKnAO1SshXJmLJE1SS3V8kDM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478092.417504},{"expiry":1633014091.91938,"host":"5EdUoB7YUY9zZV+2DkgVXgho8WUvp+D+6KpeUOhNQIM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478091.919383},{"expiry":1646536983.017358,"host":"8/RrMmQlCD2Gsp14wUCE1P8r7B2C5+yE0+g79IPyRsc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1615000983.017361},{"expiry":1633014077.462534,"host":"+ccWXqaoHJ9hfuXbleKV6FQUrBlyXAJ31BdqjNQJpHs=","mode":"force-https","sts_include_subdomains":false,"sts_obs
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text
                Category:dropped
                Size (bytes):338
                Entropy (8bit):5.190537007238419
                Encrypted:false
                SSDEEP:6:mf9TCVzlL+q2PWXp+N23iKKdKfrzAdIFUtp69TQKWZmwP69TRLVkwOWXp+N23iKA:K9uVR+va5Kk9FUtp698KW/P69dV5f5KF
                MD5:C0FFE29122C5F05A64C4ADA02D761978
                SHA1:E530848A920F9EFC35A496A6361EF8690EAF30C6
                SHA-256:F5E5FE974FE2714EC253F0639A8DAF5DC7756B882C53A61C5E771983EFE5077F
                SHA-512:00811E4DF061C0E64CC242D16EB65AEB0BFB9C03DF3ECDE698519F276461889AB7C2B98CB65C4775025CA2FEB3D6F31A0E5630A06C3ED34211EAB13D12456115
                Malicious:false
                Reputation:low
                Preview: 2021/03/05-19:23:06.169 103c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2021/03/05-19:23:06.170 103c Recovering log #3.2021/03/05-19:23:06.171 103c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/000003.log .
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:data
                Category:dropped
                Size (bytes):106
                Entropy (8bit):3.138546519832722
                Encrypted:false
                SSDEEP:3:tbloIlrJ5ldQxl7aXVdJiG6R0RlAl:tbdlrnQxZaHIGi0R6l
                MD5:DE9EF0C5BCC012A3A1131988DEE272D8
                SHA1:FA9CCBDC969AC9E1474FCE773234B28D50951CD8
                SHA-256:3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
                SHA-512:CEA946EBEADFE6BE65E33EDFF6C68953A84EC2E2410884E12F406CAC1E6C8A0793180433A7EF7CE097B24EA78A1FDBB4E3B3D9CDF1A827AB6FF5605DA3691724
                Malicious:false
                Reputation:low
                Preview: C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.
                C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with no line terminators
                Category:dropped
                Size (bytes):13
                Entropy (8bit):2.8150724101159437
                Encrypted:false
                SSDEEP:3:Yx7:4
                MD5:C422F72BA41F662A919ED0B70E5C3289
                SHA1:AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632
                SHA-256:02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
                SHA-512:86010ED2B2EEBDCC5A8A076B37703669C294C6D1BFAAEA963E26A9C94B81B4C53EC765D9425E5B616159C43923F800A891F9B903659575DF02F8845521F8DC46
                Malicious:false
                Reputation:low
                Preview: 85.0.4183.121
                C:\Users\user\AppData\Local\Google\Chrome\User Data\c479edee-8bb8-4f3d-b6de-2546a4094add.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:SysEx File -
                Category:dropped
                Size (bytes):94708
                Entropy (8bit):3.7369661814667814
                Encrypted:false
                SSDEEP:384:1/OlZnoGfQzLVU6poN5rCv9X3mpTyHjSGadrYLxxxmzfj+r8Rmc/oHZJx2Ov3JNa:tm2hNunG+EenJLjIvDi3KZfdFq
                MD5:74A8011414843B4D5598DDBC923CF849
                SHA1:C48C2AB0BCDE21CB868FA1479BF2C61F92326209
                SHA-256:B5F1AD9B288179002461BCE57D2254857AF9E24BC42F2DA76F9AF9181D8E04D8
                SHA-512:38D09AB189B6B987FD262155D05B466BE7083E9DB77B0BA0CC99C4DC8E875F120DBBAFEA3E6A6873B8C4F04E39ACBFA65B482FFFCED9A9CA9F7F6F8187211535
                Malicious:false
                Reputation:low
                Preview: .q..............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n...s38.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
                C:\Users\user\AppData\Local\Google\Chrome\User Data\cf1294f7-3ed4-4661-b867-67b4ce0cfb3b.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):164994
                Entropy (8bit):6.081415605895802
                Encrypted:false
                SSDEEP:3072:sG0we9QSr571ljD6v2CcDPvZaerIi8FcbXafIB0u1GOJmA3iuR5:pNAQwh1xFTJ4PaqfIlUOoSiuR5
                MD5:2B032301B74FD2EE624404722B121ED5
                SHA1:8D412BDE48DC838B94B4572509A5C31F8E8B5A1C
                SHA-256:25A1DA45DCB0582731F970056D15393554096F693979B8079D6615F1FC730EF7
                SHA-512:34EDFCDA47EEDB1E5059CF95BE524ADDE0C76697D7487229FFC882E35C9E4961E82E6E8543F8220CEB1DE62AA9C935AC9FDBD223012D753FEB6DDC551B656F28
                Malicious:false
                Reputation:low
                Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.615000981260321e+12,"network":1.614968582e+12,"ticks":95286313.0,"uncertainty":4791476.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016607996"},"plugins":{"metadata":{"adobe-flash-player":{"displ
                C:\Users\user\AppData\Local\Google\Chrome\User Data\e44489a9-003d-4c29-ab31-7b42bbb0d19e.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines, with no line terminators
                Category:dropped
                Size (bytes):164994
                Entropy (8bit):6.081415625795777
                Encrypted:false
                SSDEEP:3072:YkUwe9QSr571ljD6v2CcDPvZaerIi8FcbXafIB0u1GOJmA3iuR5:3tAQwh1xFTJ4PaqfIlUOoSiuR5
                MD5:03011EFC53F101C1F8CC88A41DB88ACF
                SHA1:27112391FA42F981DFBB55D0287FD335A9AD71D9
                SHA-256:9D4E24276BC0214FD108D6B79D581F79F56D29D6F4A04115E9A9C9A5E3B1771B
                SHA-512:7DAD8035D04D78F6B5F7F3A5F49DA619529976143135FB6691BBD1BAEB38316D6029D4B1C9246DDCF93D4C026FD6754F6E1AC610DCBE5C10F9A87610FCAB5230
                Malicious:false
                Reputation:low
                Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.615000981260321e+12,"network":1.614968582e+12,"ticks":95286313.0,"uncertainty":4791476.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016247721"},"plugins":{"metadata":{"adobe-flash-player":{"displ
                C:\Users\user\AppData\Local\Temp\19be890e-a970-4e44-87a1-ca7065aac923.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Google Chrome extension, version 3
                Category:dropped
                Size (bytes):248531
                Entropy (8bit):7.963657412635355
                Encrypted:false
                SSDEEP:3072:r+nmRykNgoldZ8GjJCiUXZSk+QSVh85PxEalRVHmcld9R6yYfEp4ABUGDcaKklrv:k3oF4Z4h45P99Fld9RBQYBVcaxlnfL
                MD5:541F52E24FE1EF9F8E12377A6CCAE0C0
                SHA1:189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
                SHA-256:81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
                SHA-512:D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
                Malicious:false
                Reputation:low
                Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f|.~.c.4.E.......0..0...*.H............0.......).'..b.*$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$|..|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...|!..A..L.+.=...kP.!.1..
                C:\Users\user\AppData\Local\Temp\392bbcb6-f62d-4bbf-bfb5-f31c55de8c67.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Google Chrome extension, version 3
                Category:dropped
                Size (bytes):768843
                Entropy (8bit):7.992932603402907
                Encrypted:true
                SSDEEP:12288:cK2ED9wjXNC1Gse83ru82/u0eKhgxuPFrDXgtbPz54Pm1D0fBmfH1sBrJ9mTiDga:cK2ED9I48seur0/uZKCuPNbgtbz6m1ob
                MD5:A11D5CAF6BF849AEB84B0C95B1C3B7CF
                SHA1:27F410CCBD75852C01C7464A1FD7EF8C29BE3916
                SHA-256:D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
                SHA-512:086C124DE3A01BE467647F3BCB4EA05105F690AB45417A0E3D38935ABA9E2381DF59AF98D0FFF7823CEFD5390B48807352E135AC70977AED7B413A8CC48FB590
                Malicious:false
                Reputation:low
                Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........6W..>Nuw9..R{c...Nq.H.K..A!....`v.k+..?.5.>v.....;.._~....tp....x.q.V...7.m.O.~.{!.o/q.'..BK..4./?'.....L..fH&.._<..&.p.k^..\s...:1y..F.N.+...X.PO@Mo....X.G1:..Y.@;..j..........=ae...0.......DU....n...n.;.Ipr..Q....:... <.....a.Y....{ei........0..0...*.H............0.......Mbh=.[O}.+..U.KHF(n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$......l-m.............m....ni...`..W.....R.p.b.+...+.\k.R$e~.J\.&c%.d...M..j..V.%...+1F....D....X\.1ct.<........E.B.+.i@...8..^...&YR...I.o...,.....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. D.'.N@.(..GK....m...A.0.."
                C:\Users\user\AppData\Local\Temp\3f8d7d84-43e3-46d0-8321-c61bddbc26fa.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Google Chrome extension, version 3
                Category:dropped
                Size (bytes):248531
                Entropy (8bit):7.963657412635355
                Encrypted:false
                SSDEEP:3072:r+nmRykNgoldZ8GjJCiUXZSk+QSVh85PxEalRVHmcld9R6yYfEp4ABUGDcaKklrv:k3oF4Z4h45P99Fld9RBQYBVcaxlnfL
                MD5:541F52E24FE1EF9F8E12377A6CCAE0C0
                SHA1:189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
                SHA-256:81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
                SHA-512:D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
                Malicious:false
                Reputation:low
                Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f|.~.c.4.E.......0..0...*.H............0.......).'..b.*$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$|..|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...|!..A..L.+.=...kP.!.1..
                C:\Users\user\AppData\Local\Temp\86c18dbd-67b6-4ad6-a3d6-86c9a6b8ecdd.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:very short file (no magic)
                Category:dropped
                Size (bytes):1
                Entropy (8bit):0.0
                Encrypted:false
                SSDEEP:3:L:L
                MD5:5058F1AF8388633F609CADB75A75DC9D
                SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                Malicious:false
                Reputation:low
                Preview: .
                C:\Users\user\AppData\Local\Temp\934a633f-32d7-4f12-bb9c-290e3139c4aa.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:very short file (no magic)
                Category:dropped
                Size (bytes):1
                Entropy (8bit):0.0
                Encrypted:false
                SSDEEP:3:L:L
                MD5:5058F1AF8388633F609CADB75A75DC9D
                SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                Malicious:false
                Reputation:low
                Preview: .
                C:\Users\user\AppData\Local\Temp\cfeab7fb-8761-41cd-b792-2f95c7aeb3aa.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:very short file (no magic)
                Category:dropped
                Size (bytes):1
                Entropy (8bit):0.0
                Encrypted:false
                SSDEEP:3:L:L
                MD5:5058F1AF8388633F609CADB75A75DC9D
                SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                Malicious:false
                Reputation:low
                Preview: .
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\392bbcb6-f62d-4bbf-bfb5-f31c55de8c67.tmp
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:Google Chrome extension, version 3
                Category:dropped
                Size (bytes):768843
                Entropy (8bit):7.992932603402907
                Encrypted:true
                SSDEEP:12288:cK2ED9wjXNC1Gse83ru82/u0eKhgxuPFrDXgtbPz54Pm1D0fBmfH1sBrJ9mTiDga:cK2ED9I48seur0/uZKCuPNbgtbz6m1ob
                MD5:A11D5CAF6BF849AEB84B0C95B1C3B7CF
                SHA1:27F410CCBD75852C01C7464A1FD7EF8C29BE3916
                SHA-256:D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
                SHA-512:086C124DE3A01BE467647F3BCB4EA05105F690AB45417A0E3D38935ABA9E2381DF59AF98D0FFF7823CEFD5390B48807352E135AC70977AED7B413A8CC48FB590
                Malicious:false
                Reputation:low
                Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........6W..>Nuw9..R{c...Nq.H.K..A!....`v.k+..?.5.>v.....;.._~....tp....x.q.V...7.m.O.~.{!.o/q.'..BK..4./?'.....L..fH&.._<..&.p.k^..\s...:1y..F.N.+...X.PO@Mo....X.G1:..Y.@;..j..........=ae...0.......DU....n...n.;.Ipr..Q....:... <.....a.Y....{ei........0..0...*.H............0.......Mbh=.[O}.+..U.KHF(n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$......l-m.............m....ni...`..W.....R.p.b.+...+.\k.R$e~.J\.&c%.d...M..j..V.%...+1F....D....X\.1ct.<........E.B.+.i@...8..^...&YR...I.o...,.....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. D.'.N@.(..GK....m...A.0.."
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\am\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):17307
                Entropy (8bit):5.461848619761356
                Encrypted:false
                SSDEEP:384:arfbEVrFvMP4rMhuDopC3vUuFBYZV6uml:aHEVrFvMP4KuFvr6D6uml
                MD5:26330929DF0ED4E86F06C00C03F07CE3
                SHA1:478F3B7E7A7E007BEE182B89C2EF6FFE6045E92C
                SHA-256:621B5139ED199022BB6529AF18ED4DC312AE9F3E90ECAF3B2C9E1D12114F5B22
                SHA-512:0BE6183A1BF12575C0F99960705D4249E79CDB8528C55FF132BE99A111F09494231AD6A36CD61B090A3B34C6971D68A29373BA346888E852C52E05DC14380682
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "...... ... ..... .. ...... .... ... .... ......?".. },.. "128276876460319075": {.. "message": "..... ...".. },.. "1428448869078126731": {.. "message": ".... ......".. },.. "1522140683318860351": {.. "message": "..... ....... .... ..... .....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": "... ...".. },.. "1802762746589457177": {.. "message": "...".. },.. "1850397500312020388": {.. "message": ".$START_LINK$Google Home .......$END_LINK$ ... ...... Chromecast ..... .....? $START_SPAN$*$END_SPAN$",.. "placeholde
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\ar\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):16809
                Entropy (8bit):5.458147730761559
                Encrypted:false
                SSDEEP:192:0IprKC78JmUjk8RkeryFOYPATxLZ8fsbE3/IFV6c8TEKdl:Jrp8JjA8RkerK0lc3wFV6uml
                MD5:44325A88063573A4C77F6EF943B0FC3E
                SHA1:78908D766F3E7A0E4545E7BD823C8ED47C7164EB
                SHA-256:67A439A08804EF4BEF261BDBADD8F0FEFD51729167D01EDCA99DD4AF57D6108B
                SHA-512:889C02BC986794C58C76022E78F57F867DD1D5217687F12D679A33A2DB9E5A18F3A37CF94D8FE4585E747C78E4662EAB93361FF7D945990774C7CFCACCFB79D1
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": ".. .. ........ ....... .... .... ... .......".. },.. "128276876460319075": {.. "message": "...... .......".. },.. "1428448869078126731": {.. "message": "..... .......".. },.. "1522140683318860351": {.. "message": "..... ........ .... ........ ... .....".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": "..... .....".. },.. "1850397500312020388": {.. "message": "... ....... .. .... Chromecast .. $START_LINK$..... Google Home$END_LINK$. $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {..
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\bg\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):18086
                Entropy (8bit):5.408731329060678
                Encrypted:false
                SSDEEP:192:4jjpr342SIwPIasR9VhMkACVmrv8evj+3eXivOMbb2vVzCkwRV6V6c8TEKdl:4ZrYo+rxT+qOV6V6uml
                MD5:6911CE87E8C47223F33BEF9488272E40
                SHA1:980398F076BB7D451B18D7FDE2DE09041B1F55AD
                SHA-256:273DEF0F67F0FA080802B85EF6F334DE50A19408F46BDF41F0F099B1F5501EEA
                SHA-512:CDB69405BB553E46DCF02F71B1A394307D0051E7FA662DFFEBA7888F30DD933F13C7FD6E32F1D7AEAEE8746316873B6E1D92029724ABDC75E49DCC092172EA22
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": ".......".. },.. "1213957982723875920": {.. "message": "... .. ........ ......... ...... ...-..... ....... ..?".. },.. "128276876460319075": {.. "message": "......... .. ..........".. },.. "1428448869078126731": {.. "message": "........ .. .........".. },.. "1522140683318860351": {.. "message": "........... .. .. ........ ...., ........ .......".. },.. "1550904064710828958": {.. "message": "......".. },.. "1636686747687494376": {.. "message": ".......".. },.. "1802762746589457177": {.. "message": ".... .. .....".. },.. "1850397500312020388": {.. "message": "....... .. ............ .. Chromecast . $START_LINK$............ Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "p
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\bn\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):19695
                Entropy (8bit):5.315564774032776
                Encrypted:false
                SSDEEP:384:PrUCrcTIOeswIW/Vre/sZn8TFfzheV6uml:lPswIWtoK8xfG6uml
                MD5:F9DDF525C07251282A3BFFCEE9A09ABB
                SHA1:A343A078E804AF400A8F3E1891E3390DA754A5CD
                SHA-256:C69C6C90F7EB8F10685CD815AF1F6F1B87CF30C4E8D95DF1D577DE1105AAD227
                SHA-512:EBD339C37162984672513019D470B92DF8B743DD69D4430361EF12D42FD1C208DBDE818A7BFE20BE8A7D63CD6E02B3F4344DEA1C4AEDB8719D789981A49DA44C
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": ".... ...".. },.. "1213957982723875920": {.. "message": "..... ....... ..... ........... ...... ....... ...... ...?".. },.. "128276876460319075": {.. "message": "...... ........".. },.. "1428448869078126731": {.. "message": "...... ......... ...".. },.. "1522140683318860351": {.. "message": "..... .... ...... ....... ... ... .... ...... .....".. },.. "1550904064710828958": {.. "message": ".........".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": ".....".. },.. "1850397500312020388": {.. "message": "$START_LINK$ Google
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\ca\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):15518
                Entropy (8bit):5.242542310885
                Encrypted:false
                SSDEEP:384:drGUBKxMF2ayv8FrIccUVFmwf+7d9VKS3V6uml:dCUBKxMFBy0FE3UzmQ+zkSl6uml
                MD5:A90CF7930E7C3BEC61EE252DEFAD574A
                SHA1:F630CA01114A7BDD39607CB84B8280CCE218A5C6
                SHA-256:A533740E17559E2ADF40B4555C60F21EEC84E92C09CDBC19EED033A0B4DD2474
                SHA-512:598F991B344FA6724617D6CE57BB0D6D64EF86B4F5317BF6AD5EDF43E6B0A385094E7885F7A8FA2B107405B31C3D9F76E92315BC1D9BB52ACD4ECAD342917DE1
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": "Es congela".. },.. "1213957982723875920": {.. "message": "Quina de les opcions.seg.ents descriu millor la vostra xarxa?".. },.. "128276876460319075": {.. "message": "Detecci. de dispositius".. },.. "1428448869078126731": {.. "message": "Flu.desa del v.deo".. },.. "1522140683318860351": {.. "message": "S'ha produ.t un error en la connexi.. Torneu-ho a provar.".. },.. "1550904064710828958": {.. "message": "Correcta".. },.. "1636686747687494376": {.. "message": "Perfecta".. },.. "1802762746589457177": {.. "message": "Volum".. },.. "1850397500312020388": {.. "message": "Pots veure el Chromecast a l'$START_LINK$aplicaci. Google.Home$END_LINK$?$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\cs\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):15552
                Entropy (8bit):5.406413558584244
                Encrypted:false
                SSDEEP:192:eVdprJrG5efiTk93ebrxZR1fdc8VDCwT9fTV6c8TEKdl:2rMqiQerxQ88W7V6uml
                MD5:17E753EE877FDED25886D5F7925CA652
                SHA1:8E4EC969777CC0CEB7C12D0C1B9D87EBBB9C4678
                SHA-256:C562FCCFCE374D446BFAC30AC9B18FF17E7A3EF101C919FF857104917F300382
                SHA-512:33D61F6327FC81D7A45AA2CC97922DC527F5F43E54AA1A1638DA6EE407024A2F10CFD82CC5C3C581C2E7B216276987CB26C3FA95198572E139ACF29CC5B7ADCB
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": "Video zamrz.".. },.. "1213957982723875920": {.. "message": "Kter. popis nejl.pe vystihuje va.i s..?".. },.. "128276876460319075": {.. "message": "Zji..ov.n. za..zen.".. },.. "1428448869078126731": {.. "message": "Plynulost videa".. },.. "1522140683318860351": {.. "message": "P.ipojen. se nezda.ilo. Zkuste to pros.m znovu.".. },.. "1550904064710828958": {.. "message": "Plynul.".. },.. "1636686747687494376": {.. "message": "Perfektn.".. },.. "1802762746589457177": {.. "message": "Hlasitost".. },.. "1850397500312020388": {.. "message": "Vid.te sv.j Chromecast v.$START_LINK$aplikaci Google Home $END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\da\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):15340
                Entropy (8bit):5.2479291792849105
                Encrypted:false
                SSDEEP:192:+Upr8XnI1MY2kPuir8j7Rd3kbTWc4QtV6c8TEKdl:FrJ1H9br8h6eZCV6uml
                MD5:F08A313C78454109B629B37521959B33
                SHA1:3D585D52EC8B4399F66D4BE88CED10F4A034FCCC
                SHA-256:23BF7E5EDF70291CA6D8F4A64788C5B86379EECB628E3DFA7DD83344612F7564
                SHA-512:9F2868AEBBF7F6167A7EA120FE65E752F9A65D1DC51072AA2413B2FDE374DA2D169D455A4788E341717F694179E6F1FA80413C080D9CD8CB397C3E84668CBFEC
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": "Fryser".. },.. "1213957982723875920": {.. "message": "Hvilket af f.lgende udsagn beskriver bedst dit netv.rk?".. },.. "128276876460319075": {.. "message": "Enhedsregistrering".. },.. "1428448869078126731": {.. "message": "Videostabilitet".. },.. "1522140683318860351": {.. "message": "Forbindelsen blev afbrudt. Pr.v igen.".. },.. "1550904064710828958": {.. "message": "Problemfri".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Lydstyrke".. },.. "1850397500312020388": {.. "message": "Kan du se din Chromecast i $START_LINK$ Google Home-appen$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "STAR
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\de\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):15555
                Entropy (8bit):5.258022363187752
                Encrypted:false
                SSDEEP:192:AJprM71A4qyJSwlk5KR5rtXsmvL0xhVw921YV6c8TEKdl:2re3jJS5A5rt8msA2KV6uml
                MD5:980FB419ED6ED94AD75686AFFB4E4C2E
                SHA1:871BFBCA6BCBA9197811883A93C50C0716562D57
                SHA-256:585C7814AFD2453232BC940252D4AE821D6E6CBCFD74A793F78E5DB8BA5342F1
                SHA-512:1681FA9C3BA882250A5005FB807D759EB8A634F1AA011725B1C865C0028BE7AB7BC16DC821A7F5BBFBA84C91E7D663ADE715284798E7E84E8FFF2D254488882D
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": "H.ngenbleiben".. },.. "1213957982723875920": {.. "message": "Welche dieser Aussagen beschreibt dein Netzwerk am besten?".. },.. "128276876460319075": {.. "message": "Ger.teerkennung".. },.. "1428448869078126731": {.. "message": "Videowiedergabequalit.t".. },.. "1522140683318860351": {.. "message": "Fehler beim Herstellen der Verbindung. Bitte versuche es noch einmal.".. },.. "1550904064710828958": {.. "message": "St.rungsfrei".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Lautst.rke".. },.. "1850397500312020388": {.. "message": "Siehst du deinen Chromecast in der $START_LINK$Google Home App$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\el\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):17941
                Entropy (8bit):5.465343004010711
                Encrypted:false
                SSDEEP:384:S0rDuhLh41cZrP3TzDBknbpgo6djIV6uml:S0fuBh46ZD3TzDinbpgoUK6uml
                MD5:40EB778339005A24FF9DA775D56E02B7
                SHA1:B00561CC7020F7FE717B5F692884253C689A7C61
                SHA-256:F56BF7C171AA20038EE30B754478B69A98F3014C89362779B0A8788C7B9BEEE1
                SHA-512:8BED281A33EC1E4E88A9F9D62BB13FE0266C0FAF8856D1DC2A843D26DD3CE5E7D1400FD3325ABD783B0364EC4FB1188AD941D56AEB9073BC365BE0D12DE6C013
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": ".......".. },.. "1213957982723875920": {.. "message": ".... ... .. ........ .......... ........ .. ...... ...;".. },.. "128276876460319075": {.. "message": ".......... ........".. },.. "1428448869078126731": {.. "message": "......... ......".. },.. "1522140683318860351": {.. "message": "........ ......... ......... .....".. },.. "1550904064710828958": {.. "message": ".....".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": "...... ....".. },.. "1850397500312020388": {.. "message": "........ .. ..... .. Chromecast .... $START_LINK$........ Google Home$END_LINK$; $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\en\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):14897
                Entropy (8bit):5.197356586852831
                Encrypted:false
                SSDEEP:96:2MKUOp5N7GTNMRuv6M0bIt3FXGkW6/5NkkQ9NJKJhnH3t9F410sUA+ISN6cGDSyR:VKzprogudTGkWqrKcJhdIR+V6c8TEKdl
                MD5:8351AF4EA9BDD9C09019BC85D25B0016
                SHA1:F6EC1FFD291C8632758E01C9EE837B1AD18D4DCF
                SHA-256:F41C82D8A4F0E9B645656D630C882BE94A0FB7F8CEC0FE864B57298F0312B212
                SHA-512:75672B57F21F38F97341AD76A199AD764E9FBAB2384D701BF6EB06CEFDE6C4F20F047F9051A4E30D99621E5C1FBBDB9E38E8D2B47470806704B38DA130A146CF
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": "Freezes".. },.. "1213957982723875920": {.. "message": "Which of the following best describes your network?".. },.. "128276876460319075": {.. "message": "Device Discovery".. },.. "1428448869078126731": {.. "message": "Video Smoothness".. },.. "1522140683318860351": {.. "message": "Connection failed. Please try again.".. },.. "1550904064710828958": {.. "message": "Smooth".. },.. "1636686747687494376": {.. "message": "Perfect".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Are you able to see your Chromecast in the $START_LINK$ Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "START
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\es\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):15560
                Entropy (8bit):5.236752363299121
                Encrypted:false
                SSDEEP:192:NAgprfy1pTCukFr+1DIyDRoanvV6c8TEKdl:KMrq6FrmvV6uml
                MD5:8A70C18BB1090AA4D500DE9E8E4A00EF
                SHA1:8AFC097FA956C1317DB0835348B2DA19F0789669
                SHA-256:FF173D1CEF665B1234E02F11070ABD2B65230318150734579A03C7F31B4AE3F4
                SHA-512:140BAF40A4ABE9B8AF0855B0EBB7DFDF17869EDFC4EE1037C5EA7FDD8EDEBD4850E055B6A4D7B8782657618BCE1517813779BA01BA993CC838BB43E0BE71EEEE
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": "Congelaci.n de im.genes".. },.. "1213957982723875920": {.. "message": ".Cu.l de las siguientes respuestas describe mejor tu red?".. },.. "128276876460319075": {.. "message": "Detecci.n de dispositivo".. },.. "1428448869078126731": {.. "message": "Fluidez del v.deo".. },.. "1522140683318860351": {.. "message": "Error en la conexi.n. Vuelve a intentarlo.".. },.. "1550904064710828958": {.. "message": "V.deo fluido".. },.. "1636686747687494376": {.. "message": "Perfecta".. },.. "1802762746589457177": {.. "message": "Volumen".. },.. "1850397500312020388": {.. "message": ".Puedes ver tu Chromecast en la $START_LINK$aplicaci.n Google.Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\et\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):15139
                Entropy (8bit):5.228213017029721
                Encrypted:false
                SSDEEP:96:Z48bxhWYp5Ny5M63niwAKD4rrJSJ2RkPXh9P5NFP2+NBMU01jewUEVez3QOiSevy:ikxprot3lYkf/rHBc0KsUV6c8TEKdl
                MD5:A62F12BCBA6D2C579212CA2FF90F8266
                SHA1:F7E964A2D9BBDA364252BCE5CFBA3FD34FDD825E
                SHA-256:3EB3EB0B3B4A8E5A477D1B3C3A3891CCC7DC6B8879ECE243A7BD7C478068273D
                SHA-512:E300201245C00ADEC8F39D586875F8FA4607AB203572BF3CE353C1CA7CDCA05B8786810CA0CEE27E4EA54A5EFD53690F1EA7AA4148CFF472A66BB11202723566
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": "Hangub".. },.. "1213957982723875920": {.. "message": "Milline j.rgmistest v.idetest kirjeldab k.ige paremini teie v.rku?".. },.. "128276876460319075": {.. "message": "Seadme tuvastamine".. },.. "1428448869078126731": {.. "message": "Video sujuvus".. },.. "1522140683318860351": {.. "message": ".hendamine eba.nnestus. Proovige uuesti.".. },.. "1550904064710828958": {.. "message": ".htlane".. },.. "1636686747687494376": {.. "message": "T.iuslik".. },.. "1802762746589457177": {.. "message": "Helitugevus".. },.. "1850397500312020388": {.. "message": "Kas n.ete oma Chromecasti $START_LINK$rakenduses Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\fa\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):17004
                Entropy (8bit):5.485874780010479
                Encrypted:false
                SSDEEP:192:rngaIprIX/t9wkjTJrs3hqaXxRQdiIMDnD+LhfHdoltV6c8TEKdl:4rin5rU1X7Qd0M9CtV6uml
                MD5:852BD3CFF960F1BC3A2AAB3CB3874EF9
                SHA1:C9F6F3C776542889FE3B67971D65ACFE048A3A0A
                SHA-256:D87597B6C10364501B98AA42524843F109009CCEF022D8E0170440D7F144F4C6
                SHA-512:2A7AE4D70E33E53EE31831CE2E61DD8DF103C4170EC483BDA14B8788E5DD536EEE84DBA340CACBDF16889C7E6465B48D82C4714E746E8A7B372D12CBDF371C95
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": ".... ... .......".. },.. "1213957982723875920": {.. "message": ".... .. .. ..... ... .... ... .. .. ...... ... ..... .......".. },.. "128276876460319075": {.. "message": "..... ......".. },.. "1428448869078126731": {.. "message": "..... .....".. },.. "1522140683318860351": {.. "message": "..... ...... .... ..... ...... ...... .....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": "..... ...".. },.. "1850397500312020388": {.. "message": ".... ......... Chromecast ... .. .. $START_LINK$ ...... Google Home$END_LINK$ ....... $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {..
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\fi\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):15268
                Entropy (8bit):5.268402902466895
                Encrypted:false
                SSDEEP:192:efMprYXiYUNpj5Coik1tXxrUhvUzSPWV6c8TEKdl:eIrjbjosdrU5WV6uml
                MD5:3902581B6170D0CEA9B1ECF6CC82D669
                SHA1:C8208AC2B1DD6D4F8BDAAE01C8BD71FFFA5A732B
                SHA-256:D2A8180225A83A423BB6E17343DFA8F636D517154944002ED9240411B8C0C5E1
                SHA-512:612FDD8A3C5051F0A4F1E11E50B5D124B337C77D62D987D35C2AF9E08AFC6AFCEBAEE8D40FDFBCD1E1889F39758B96FAECBF6C6D1CF146C741A5261952050221
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": "Pys.htyy".. },.. "1213957982723875920": {.. "message": "Mik. seuraavista kuvaa parhaiten verkkoasi?".. },.. "128276876460319075": {.. "message": "Laitteiden tunnistaminen".. },.. "1428448869078126731": {.. "message": "Videon tasaisuus".. },.. "1522140683318860351": {.. "message": "Yhteys ep.onnistui. Yrit. uudelleen.".. },.. "1550904064710828958": {.. "message": "Tasainen".. },.. "1636686747687494376": {.. "message": "T.ydellinen".. },.. "1802762746589457177": {.. "message": "..nenvoimakkuus".. },.. "1850397500312020388": {.. "message": "N.etk. Chromecastisi $START_LINK$Google Home .sovelluksessa$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\fil\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):15570
                Entropy (8bit):5.1924418176212646
                Encrypted:false
                SSDEEP:192:+esprzAsQp68wIJYkMyr2k0jR1/7Rr1uV6c8TEKdl:Gr78JDMyrR0tJuV6uml
                MD5:59483AD798347B291363327D446FA107
                SHA1:C069F29BB68FA7BA2631B0BF5BBF313346AC6736
                SHA-256:DD47530EAE96346CD4DC3267A0BB1091BB17B704803A93CDA2E3E81551B94F12
                SHA-512:091595CA135E965ED3DE376873541117F0E7A8EBDEB4714833EFDD6C820234373891BE5DEC437BA85CCB79CCCA053D407E6ADA17EBDAE7D313324A48775C0010
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": "Hindi gumagalaw".. },.. "1213957982723875920": {.. "message": "Alin sa sumusunod ang pinakamahusay na naglalarawan sa iyong network?".. },.. "128276876460319075": {.. "message": "Pagtuklas ng Device".. },.. "1428448869078126731": {.. "message": "Pagka-smooth ng Video".. },.. "1522140683318860351": {.. "message": "Hindi nakakonekta. Pakisubukang muli.".. },.. "1550904064710828958": {.. "message": "Smooth".. },.. "1636686747687494376": {.. "message": "Perpekto".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Nakikita mo ba ang iyong Chromecast sa $START_LINK$ Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\fr\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):15826
                Entropy (8bit):5.277877116547859
                Encrypted:false
                SSDEEP:192:nLZprAZg3EkV3sjrICe8L/1Va7lt1rlxLAkoYHHavV6c8TEKdl:vrW+2jrI7TdLAk3MV6uml
                MD5:9B416146FE4F1403C2AACAC4DCF1A5C3
                SHA1:616F055C9FAD4CE972DF82EC8A9B2F4EDA3E7FAD
                SHA-256:7C7F5758F54008190ACCDDBD1761CBD980FB5FE0847E992874498228D2571DBC
                SHA-512:6E8E70380A8C6E2C0587ADFF6AE36963EC76694904841CE1DFE4EEE215B917AD3E8AF727555627FBDF6B8BA6A4A0674D2B90AC4E9331B6628A32F4C4348FB51B
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": "Se fige".. },.. "1213957982723875920": {.. "message": "Parmi les propositions suivantes, laquelle d.crit le mieux votre r.seau.?".. },.. "128276876460319075": {.. "message": "D.tection d'appareils".. },.. "1428448869078126731": {.. "message": "Fluidit. de la vid.o".. },.. "1522140683318860351": {.. "message": ".chec de la connexion. Veuillez r.essayer.".. },.. "1550904064710828958": {.. "message": "Fluide".. },.. "1636686747687494376": {.. "message": "Parfaite".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Votre Chromecast est-il visible dans l'$START_LINK$application Google.Home$END_LINK$.? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\gu\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):19255
                Entropy (8bit):5.32628732852814
                Encrypted:false
                SSDEEP:384:Hq2Mr+qPlJKYMdzKgXr3dGsGF+yAK37Wf7Cy/V6uml:KxzTVgX7ykj6uml
                MD5:68B03519786F71A426BAC24DECA2DD52
                SHA1:B8E6608932EC5CEC4BC3C5475BFC3E312D2E2E7D
                SHA-256:C77A4D27E9E6CA25B9290056D93A656E3EBE975957E4C2EE9F0FB11B133D5CD4
                SHA-512:5FFE06A10774877AF25E05BA07F3032CC52F874896D67E320F4EF9D524A22E40B462CC6206700E9557EB354FA2730172DC6912EBCA49C671FB0EF155B17F9EFF
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "........... .... ..... .......... ....... ..... ... ..?".. },.. "128276876460319075": {.. "message": "..... ...".. },.. "1428448869078126731": {.. "message": "........ ......".. },.. "1522140683318860351": {.. "message": "....... ...... ..... .... ..... ..... ...... ....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": ".......".. },.. "1850397500312020388": {.. "message": "... ... $START_LINK$ Google Home ..$END_LINK$... Chromecast..
                C:\Users\user\AppData\Local\Temp\scoped_dir5708_1669897127\CRX_INSTALL\_locales\hi\messages.json
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
                Category:dropped
                Size (bytes):19381
                Entropy (8bit):5.328912995891658
                Encrypted:false
                SSDEEP:384:zrGrSmhKy7KyY+bNEDqlQdrMEPxtShJV6uml:zBqG6QdwEPrW6uml
                MD5:20C86E04B1833EA7F21C07361061420A
                SHA1:617C0D70E162CF380005E9780B61F650B7A39F9B
                SHA-256:C2C27CA242DBDE600BA3AA7782156BC2B190A64D8A1B51EDC8007BDECA139553
                SHA-512:9FB91AA8E0226519E298B1136E8A1A3C1879DB7F0E6052AF1BFD55921CD698346278D04602510680A9695A76DD5C96D9665380580044C50D81392BB2CB3E8E95
                Malicious:false
                Reputation:low
                Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "..... ... .. ... .... ....... .. .... ..... ..... .... ..?".. },.. "128276876460319075": {.. "message": "...... ...".. },.. "1428448869078126731": {.. "message": "...... .........".. },.. "1522140683318860351": {.. "message": "....... ..... ..... .... ...... .....".. },.. "1550904064710828958": {.. "message": ".......".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": ".....".. },.. "1850397500312020388": {.. "message": ".... .. $START_LINK$ Google Home .........$END_LINK$ ... .... Ch

                Static File Info

                No static file info

                Network Behavior

                Network Port Distribution

                TCP Packets

                TimestampSource PortDest PortSource IPDest IP
                Mar 5, 2021 19:23:02.635104895 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:02.639460087 CET49716443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:02.790719986 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:02.790859938 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:02.791059971 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:02.795639992 CET44349716162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:02.795795918 CET49716443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:02.795928001 CET49716443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:02.946541071 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:02.947577000 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:02.947616100 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:02.947654009 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:02.947679996 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:02.947721004 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:02.947777987 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:02.949446917 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:02.949496984 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:02.949570894 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:02.951781034 CET44349716162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:02.952157021 CET44349716162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:02.952208996 CET44349716162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:02.952250957 CET44349716162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:02.952276945 CET44349716162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:02.952347994 CET49716443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:02.952409983 CET49716443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:02.953594923 CET44349716162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:02.953632116 CET44349716162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:02.953773022 CET49716443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:03.593092918 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:03.593664885 CET49716443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:03.593935013 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:03.749193907 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.749233007 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.749330997 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:03.750724077 CET44349716162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.750757933 CET44349716162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.750825882 CET49716443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:03.752278090 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.752320051 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.752357006 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.752397060 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.752401114 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:03.752434969 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.752460957 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:03.752471924 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.752511024 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.752533913 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:03.752548933 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.752602100 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:03.905720949 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.905746937 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.905759096 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.905770063 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.905968904 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:03.908021927 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.908041954 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.908052921 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.908063889 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.908076048 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.908091068 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.908102036 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.908118010 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.908129930 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:03.908133030 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.908148050 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.908169031 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:03.908210039 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:03.908229113 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.908265114 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.908283949 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.908301115 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.908315897 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.908319950 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:03.908333063 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:03.908365011 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:03.908389091 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:04.061700106 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:04.061748981 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:04.061784983 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:04.061831951 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:04.061861038 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:04.061917067 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:04.063668013 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:04.063709974 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:04.063746929 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:04.063788891 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:04.063811064 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:04.063849926 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:04.063874960 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:04.063896894 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:04.063937902 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:04.063972950 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:04.063997030 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:04.064042091 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:04.064057112 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:04.064081907 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:04.064130068 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:04.064145088 CET49715443192.168.2.3162.241.127.183
                Mar 5, 2021 19:23:04.064172029 CET44349715162.241.127.183192.168.2.3
                Mar 5, 2021 19:23:04.064208984 CET44349715162.241.127.183192.168.2.3

                UDP Packets

                TimestampSource PortDest PortSource IPDest IP
                Mar 5, 2021 19:22:51.589045048 CET5754453192.168.2.38.8.8.8
                Mar 5, 2021 19:22:51.635541916 CET53575448.8.8.8192.168.2.3
                Mar 5, 2021 19:22:52.536277056 CET5598453192.168.2.38.8.8.8
                Mar 5, 2021 19:22:52.583312988 CET53559848.8.8.8192.168.2.3
                Mar 5, 2021 19:22:53.306471109 CET6418553192.168.2.38.8.8.8
                Mar 5, 2021 19:22:53.352060080 CET53641858.8.8.8192.168.2.3
                Mar 5, 2021 19:22:54.454967022 CET6511053192.168.2.38.8.8.8
                Mar 5, 2021 19:22:54.503768921 CET53651108.8.8.8192.168.2.3
                Mar 5, 2021 19:22:57.361843109 CET5836153192.168.2.38.8.8.8
                Mar 5, 2021 19:22:57.407846928 CET53583618.8.8.8192.168.2.3
                Mar 5, 2021 19:22:58.808355093 CET6349253192.168.2.38.8.8.8
                Mar 5, 2021 19:22:58.854429960 CET53634928.8.8.8192.168.2.3
                Mar 5, 2021 19:23:00.221043110 CET5319553192.168.2.38.8.8.8
                Mar 5, 2021 19:23:00.268507004 CET53531958.8.8.8192.168.2.3
                Mar 5, 2021 19:23:01.352174997 CET5014153192.168.2.38.8.8.8
                Mar 5, 2021 19:23:01.409444094 CET53501418.8.8.8192.168.2.3
                Mar 5, 2021 19:23:02.341289043 CET5934953192.168.2.38.8.8.8
                Mar 5, 2021 19:23:02.392302990 CET53593498.8.8.8192.168.2.3
                Mar 5, 2021 19:23:02.568908930 CET5708453192.168.2.38.8.8.8
                Mar 5, 2021 19:23:02.568948984 CET5882353192.168.2.38.8.8.8
                Mar 5, 2021 19:23:02.571352005 CET5756853192.168.2.38.8.8.8
                Mar 5, 2021 19:23:02.574736118 CET5054053192.168.2.38.8.8.8
                Mar 5, 2021 19:23:02.578521967 CET5436653192.168.2.38.8.8.8
                Mar 5, 2021 19:23:02.622680902 CET53505408.8.8.8192.168.2.3
                Mar 5, 2021 19:23:02.623941898 CET53588238.8.8.8192.168.2.3
                Mar 5, 2021 19:23:02.626245975 CET53575688.8.8.8192.168.2.3
                Mar 5, 2021 19:23:02.628169060 CET53543668.8.8.8192.168.2.3
                Mar 5, 2021 19:23:02.631700039 CET53570848.8.8.8192.168.2.3
                Mar 5, 2021 19:23:03.022838116 CET5303453192.168.2.38.8.8.8
                Mar 5, 2021 19:23:03.085417986 CET53530348.8.8.8192.168.2.3
                Mar 5, 2021 19:23:03.118436098 CET5776253192.168.2.38.8.8.8
                Mar 5, 2021 19:23:03.166269064 CET53577628.8.8.8192.168.2.3
                Mar 5, 2021 19:23:03.192332029 CET5543553192.168.2.38.8.8.8
                Mar 5, 2021 19:23:03.248311043 CET53554358.8.8.8192.168.2.3
                Mar 5, 2021 19:23:05.052994967 CET5071353192.168.2.38.8.8.8
                Mar 5, 2021 19:23:05.101641893 CET53507138.8.8.8192.168.2.3
                Mar 5, 2021 19:23:05.459300995 CET6063353192.168.2.38.8.8.8
                Mar 5, 2021 19:23:05.514504910 CET53606338.8.8.8192.168.2.3
                Mar 5, 2021 19:23:06.286889076 CET6129253192.168.2.38.8.8.8
                Mar 5, 2021 19:23:06.341609955 CET53612928.8.8.8192.168.2.3
                Mar 5, 2021 19:23:06.849808931 CET6361953192.168.2.38.8.8.8
                Mar 5, 2021 19:23:06.904011011 CET53636198.8.8.8192.168.2.3
                Mar 5, 2021 19:23:08.901312113 CET6493853192.168.2.38.8.8.8
                Mar 5, 2021 19:23:08.947449923 CET53649388.8.8.8192.168.2.3
                Mar 5, 2021 19:23:10.171746016 CET6194653192.168.2.38.8.8.8
                Mar 5, 2021 19:23:10.247159958 CET53619468.8.8.8192.168.2.3
                Mar 5, 2021 19:23:11.032978058 CET56132443192.168.2.3173.209.56.178
                Mar 5, 2021 19:23:11.283533096 CET56132443192.168.2.3173.209.56.178
                Mar 5, 2021 19:23:11.551064014 CET5633853192.168.2.38.8.8.8
                Mar 5, 2021 19:23:11.584578037 CET56132443192.168.2.3173.209.56.178
                Mar 5, 2021 19:23:11.597258091 CET53563388.8.8.8192.168.2.3
                Mar 5, 2021 19:23:12.186177969 CET56132443192.168.2.3173.209.56.178
                Mar 5, 2021 19:23:13.405443907 CET56132443192.168.2.3173.209.56.178
                Mar 5, 2021 19:23:15.070935011 CET56132443192.168.2.3173.209.56.178
                Mar 5, 2021 19:23:15.616658926 CET5942053192.168.2.38.8.8.8
                Mar 5, 2021 19:23:15.665705919 CET53594208.8.8.8192.168.2.3
                Mar 5, 2021 19:23:18.257031918 CET5878453192.168.2.38.8.8.8
                Mar 5, 2021 19:23:18.304215908 CET53587848.8.8.8192.168.2.3
                Mar 5, 2021 19:23:20.505314112 CET6397853192.168.2.38.8.8.8
                Mar 5, 2021 19:23:20.554368019 CET53639788.8.8.8192.168.2.3
                Mar 5, 2021 19:23:21.774836063 CET6293853192.168.2.38.8.8.8
                Mar 5, 2021 19:23:21.829262972 CET53629388.8.8.8192.168.2.3
                Mar 5, 2021 19:23:23.509248018 CET5570853192.168.2.38.8.8.8
                Mar 5, 2021 19:23:23.559258938 CET53557088.8.8.8192.168.2.3
                Mar 5, 2021 19:23:24.728218079 CET5680353192.168.2.38.8.8.8
                Mar 5, 2021 19:23:24.777116060 CET53568038.8.8.8192.168.2.3
                Mar 5, 2021 19:23:28.112308979 CET5714553192.168.2.38.8.8.8
                Mar 5, 2021 19:23:28.158353090 CET53571458.8.8.8192.168.2.3
                Mar 5, 2021 19:23:29.281148911 CET5535953192.168.2.38.8.8.8
                Mar 5, 2021 19:23:29.342812061 CET53553598.8.8.8192.168.2.3
                Mar 5, 2021 19:23:46.600045919 CET5830653192.168.2.38.8.8.8
                Mar 5, 2021 19:23:46.659228086 CET53583068.8.8.8192.168.2.3
                Mar 5, 2021 19:23:58.715398073 CET6412453192.168.2.38.8.8.8
                Mar 5, 2021 19:23:58.761807919 CET53641248.8.8.8192.168.2.3
                Mar 5, 2021 19:23:59.148679018 CET6315053192.168.2.38.8.8.8
                Mar 5, 2021 19:23:59.205969095 CET53631508.8.8.8192.168.2.3
                Mar 5, 2021 19:23:59.354377985 CET5327953192.168.2.38.8.8.8
                Mar 5, 2021 19:23:59.414958000 CET5688153192.168.2.38.8.8.8
                Mar 5, 2021 19:23:59.416862965 CET53532798.8.8.8192.168.2.3
                Mar 5, 2021 19:23:59.472008944 CET53568818.8.8.8192.168.2.3
                Mar 5, 2021 19:23:59.563024044 CET5364253192.168.2.38.8.8.8
                Mar 5, 2021 19:23:59.609137058 CET53536428.8.8.8192.168.2.3
                Mar 5, 2021 19:24:02.879775047 CET5566753192.168.2.38.8.8.8
                Mar 5, 2021 19:24:02.945501089 CET53556678.8.8.8192.168.2.3
                Mar 5, 2021 19:24:03.560595989 CET5483353192.168.2.38.8.8.8
                Mar 5, 2021 19:24:03.622948885 CET53548338.8.8.8192.168.2.3
                Mar 5, 2021 19:24:09.092809916 CET6247653192.168.2.38.8.8.8
                Mar 5, 2021 19:24:09.138874054 CET53624768.8.8.8192.168.2.3
                Mar 5, 2021 19:24:14.288427114 CET4970553192.168.2.38.8.8.8
                Mar 5, 2021 19:24:14.344667912 CET53497058.8.8.8192.168.2.3

                DNS Queries

                TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                Mar 5, 2021 19:23:02.574736118 CET192.168.2.38.8.8.80x7fdcStandard query (0)communilives.comA (IP address)IN (0x0001)
                Mar 5, 2021 19:23:05.459300995 CET192.168.2.38.8.8.80x94bfStandard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)
                Mar 5, 2021 19:23:10.171746016 CET192.168.2.38.8.8.80xe416Standard query (0)officegrocery.comA (IP address)IN (0x0001)

                DNS Answers

                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                Mar 5, 2021 19:23:02.622680902 CET8.8.8.8192.168.2.30x7fdcNo error (0)communilives.com162.241.127.183A (IP address)IN (0x0001)
                Mar 5, 2021 19:23:05.514504910 CET8.8.8.8192.168.2.30x94bfNo error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)
                Mar 5, 2021 19:23:05.514504910 CET8.8.8.8192.168.2.30x94bfNo error (0)googlehosted.l.googleusercontent.com172.217.23.33A (IP address)IN (0x0001)
                Mar 5, 2021 19:23:10.247159958 CET8.8.8.8192.168.2.30xe416No error (0)officegrocery.com173.209.56.178A (IP address)IN (0x0001)

                Code Manipulations

                Statistics

                Behavior

                Click to jump to process

                System Behavior

                Analysis Process: chrome.exe PID: 5708 Parent PID: 968

                General

                Start time:19:22:57
                Start date:05/03/2021
                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                Wow64 process (32bit):false
                Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://communilives.com/FIRSTAMCD.html'
                Imagebase:0x7ff77b960000
                File size:2150896 bytes
                MD5 hash:C139654B5C1438A95B321BB01AD63EF6
                Has elevated privileges:true
                Has administrator privileges:true
                Programmed in:C, C++ or other language
                Reputation:low

                Analysis Process: chrome.exe PID: 5668 Parent PID: 5708

                General

                Start time:19:22:58
                Start date:05/03/2021
                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                Wow64 process (32bit):false
                Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1504,2311055343111642691,697578694121501320,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1860 /prefetch:8
                Imagebase:0x7ff77b960000
                File size:2150896 bytes
                MD5 hash:C139654B5C1438A95B321BB01AD63EF6
                Has elevated privileges:true
                Has administrator privileges:true
                Programmed in:C, C++ or other language
                Reputation:low

                Disassembly

                Reset < >