Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Analysis Report https://same-bronzed-pet.glitch.me/

Overview

General Information

Sample URL:https://same-bronzed-pet.glitch.me/
Analysis ID:404041
Infos:

Most interesting Screenshot:

Detection

HTMLPhisher
Score:76
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Phishing site detected (based on favicon image match)
Yara detected HtmlPhish10
Yara detected HtmlPhish7
Phishing site detected (based on logo template match)
HTML body contains low number of good links
HTML title does not match URL
Unusual large HTML page

Classification

Startup

  • System is w10x64
  • chrome.exe (PID: 1224 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://same-bronzed-pet.glitch.me/' MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 3568 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1540,3329959692431217940,6560056732251076571,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1788 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

barindex
Antivirus / Scanner detection for submitted sampleShow sources
Source: https://same-bronzed-pet.glitch.me/Avira URL Cloud: detection malicious, Label: phishing
Source: https://same-bronzed-pet.glitch.me/SlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social usering
Source: https://same-bronzed-pet.glitch.me/UrlScan: detection malicious, Label: phishing brand: onedrive genericPerma Link

Phishing:

barindex
Phishing site detected (based on favicon image match)Show sources
Source: https://same-bronzed-pet.glitch.me/Matcher: Template: office matched with high similarity
Yara detected HtmlPhish10Show sources
Source: Yara matchFile source: 21097.pages.csv, type: HTML
Yara detected HtmlPhish7Show sources
Source: Yara matchFile source: 21097.pages.csv, type: HTML
Phishing site detected (based on logo template match)Show sources
Source: https://same-bronzed-pet.glitch.me/Matcher: Template: onedrive matched
Source: https://same-bronzed-pet.glitch.me/HTTP Parser: Number of links: 0
Source: https://same-bronzed-pet.glitch.me/HTTP Parser: Number of links: 0
Source: https://same-bronzed-pet.glitch.me/HTTP Parser: Title: Onedrive does not match URL
Source: https://same-bronzed-pet.glitch.me/HTTP Parser: Title: Onedrive does not match URL
Source: https://same-bronzed-pet.glitch.me/HTTP Parser: Total size: 1388222
Source: https://same-bronzed-pet.glitch.me/HTTP Parser: No <meta name="author".. found
Source: https://same-bronzed-pet.glitch.me/HTTP Parser: No <meta name="author".. found
Source: https://same-bronzed-pet.glitch.me/HTTP Parser: No <meta name="copyright".. found
Source: https://same-bronzed-pet.glitch.me/HTTP Parser: No <meta name="copyright".. found
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdicJump to behavior
Source: unknownHTTPS traffic detected: 34.230.134.23:443 -> 192.168.2.6:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.230.134.23:443 -> 192.168.2.6:49721 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.129
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.179.193
Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.179.193
Source: unknownTCP traffic detected without corresponding DNS query: 2.17.179.193
Source: unknownTCP traffic detected without corresponding DNS query: 2.20.142.210
Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
Source: unknownTCP traffic detected without corresponding DNS query: 2.20.142.210
Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
Source: unknownTCP traffic detected without corresponding DNS query: 23.57.81.29
Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownDNS traffic detected: queries for: same-bronzed-pet.glitch.me
Source: 77EC63BDA74BD0D0E0426DC8F8008506.2.drString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: Reporting and NEL.2.drString found in binary or memory: https://a.nel.cloudflare.com/report?s=FEe4wkjhctjQtf1d0Bo4I2PZt10PJBS1lU4z2Cuwc5809h0CL7YcFK0a7SwA44
Source: Reporting and NEL.2.drString found in binary or memory: https://a.nel.cloudflare.com/report?s=dxKWaRMO%2BaG45BYd0D9V7BhrIQPcWO7X%2BxF3qKOzpdjnerbBC2mfpF%2Bd
Source: e19d0b4b-2f54-440b-9a02-77232fdf266c.tmp.2.dr, manifest.json0.0.drString found in binary or memory: https://accounts.google.com
Source: 8acc96846ffa4fcc_0.0.drString found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Source: 296ad933470349d8_0.0.drString found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Source: e19d0b4b-2f54-440b-9a02-77232fdf266c.tmp.2.dr, manifest.json0.0.drString found in binary or memory: https://apis.google.com
Source: Favicons.0.drString found in binary or memory: https://blobs.officehome.msocdn.com/images/content/images/favicon-8f211ea639.ico
Source: 7ecb9bcc99553958_0.0.drString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Source: e19d0b4b-2f54-440b-9a02-77232fdf266c.tmp.2.drString found in binary or memory: https://clients2.google.com
Source: manifest.json1.0.drString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: e19d0b4b-2f54-440b-9a02-77232fdf266c.tmp.2.drString found in binary or memory: https://clients2.googleusercontent.com
Source: 7c0369b5fe632e74_0.0.drString found in binary or memory: https://code.jquery.com/jquery-3.1.1.min.js
Source: 1d9edbd335fcdf44_0.0.drString found in binary or memory: https://code.jquery.com/jquery-3.2.1.slim.min.js
Source: manifest.json0.0.drString found in binary or memory: https://content.googleapis.com
Source: 8083f027-475a-4ebd-a106-2bbd41dd91e4.tmp.2.dr, e19d0b4b-2f54-440b-9a02-77232fdf266c.tmp.2.dr, 58bd681f-569c-4170-93bb-f1ca17d2e3f2.tmp.2.drString found in binary or memory: https://dns.google
Source: manifest.json0.0.drString found in binary or memory: https://feedback.googleusercontent.com
Source: e19d0b4b-2f54-440b-9a02-77232fdf266c.tmp.2.drString found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.googleapis.com;
Source: e19d0b4b-2f54-440b-9a02-77232fdf266c.tmp.2.drString found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.gstatic.com;
Source: manifest.json0.0.drString found in binary or memory: https://hangouts.google.com/
Source: 5d3d5aa734530811_0.0.drString found in binary or memory: https://kit.fontawesome.com/585b051251.js
Source: ae3448a94b9ae755_0.0.drString found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Source: e19d0b4b-2f54-440b-9a02-77232fdf266c.tmp.2.drString found in binary or memory: https://ogs.google.com
Source: manifest.json1.0.drString found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: Current Session.0.dr, Favicons.0.drString found in binary or memory: https://same-bronzed-pet.glitch.me/
Source: History Provider Cache.0.drString found in binary or memory: https://same-bronzed-pet.glitch.me/2
Source: 5d3d5aa734530811_0.0.drString found in binary or memory: https://same-bronzed-pet.glitch.me/NO
Source: ae3448a94b9ae755_0.0.drString found in binary or memory: https://same-bronzed-pet.glitch.me/O
Source: History.0.drString found in binary or memory: https://same-bronzed-pet.glitch.me/Onedrive
Source: History.0.drString found in binary or memory: https://same-bronzed-pet.glitch.me/Onedrive/
Source: 1d9edbd335fcdf44_0.0.drString found in binary or memory: https://same-bronzed-pet.glitch.me/f
Source: manifest.json1.0.drString found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: e19d0b4b-2f54-440b-9a02-77232fdf266c.tmp.2.drString found in binary or memory: https://ssl.gstatic.com
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: e19d0b4b-2f54-440b-9a02-77232fdf266c.tmp.2.dr, manifest.json0.0.drString found in binary or memory: https://www.google.com
Source: manifest.json1.0.drString found in binary or memory: https://www.google.com/
Source: manifest.json0.0.drString found in binary or memory: https://www.google.com;
Source: e19d0b4b-2f54-440b-9a02-77232fdf266c.tmp.2.drString found in binary or memory: https://www.googleapis.com
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: e19d0b4b-2f54-440b-9a02-77232fdf266c.tmp.2.drString found in binary or memory: https://www.gstatic.com
Source: manifest.json0.0.drString found in binary or memory: https://www.gstatic.com;
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49687
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49685
Source: unknownNetwork traffic detected: HTTP traffic on port 49694 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49682
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49685 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49687 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 49682 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownHTTPS traffic detected: 34.230.134.23:443 -> 192.168.2.6:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.230.134.23:443 -> 192.168.2.6:49721 version: TLS 1.2
Source: classification engineClassification label: mal76.phis.win@33/225@9/8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-6091DE15-4C8.pmaJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Temp\05256d68-a332-4717-98c7-8207df99d4f0.tmpJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://same-bronzed-pet.glitch.me/'
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1540,3329959692431217940,6560056732251076571,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1788 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1540,3329959692431217940,6560056732251076571,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1788 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdicJump to behavior

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management InstrumentationPath InterceptionProcess Injection1Masquerading3OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network MediumEncrypted Channel2Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsProcess Injection1LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothNon-Application Layer Protocol1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationApplication Layer Protocol2Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://same-bronzed-pet.glitch.me/100%Avira URL Cloudphishing
https://same-bronzed-pet.glitch.me/100%SlashNextFake Login Page type: Phishing & Social usering
https://same-bronzed-pet.glitch.me/100%UrlScanphishing brand: onedrive genericBrowse

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://dns.google0%URL Reputationsafe
https://dns.google0%URL Reputationsafe
https://dns.google0%URL Reputationsafe
https://blobs.officehome.msocdn.com/images/content/images/favicon-8f211ea639.ico0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
cdnjs.cloudflare.com
104.16.18.94
truefalse
    		high
    maxcdn.bootstrapcdn.com
    		104.18.11.207
    		truefalse
      		high
      same-bronzed-pet.glitch.me
      		34.230.134.23
      		truefalse
        		high
        googlehosted.l.googleusercontent.com
        		216.58.212.129
        		truefalse
          		high
          blobs.officehome.msocdn.com
          		unknown
          		unknownfalse
            		unknown
            clients2.googleusercontent.com
            		unknown
            		unknownfalse
              		high
              ka-f.fontawesome.com
              		unknown
              		unknownfalse
                		high
                code.jquery.com
                		unknown
                		unknownfalse
                  		high
                  kit.fontawesome.com
                  		unknown
                  		unknownfalse
                    		high

                    Contacted URLs

                    NameMaliciousAntivirus DetectionReputation
                    https://same-bronzed-pet.glitch.me/false
                      		high

                      URLs from Memory and Binaries

                      NameSourceMaliciousAntivirus DetectionReputation
                      https://dns.google8083f027-475a-4ebd-a106-2bbd41dd91e4.tmp.2.dr, e19d0b4b-2f54-440b-9a02-77232fdf266c.tmp.2.dr, 58bd681f-569c-4170-93bb-f1ca17d2e3f2.tmp.2.drfalse
                      • URL Reputation: safe
                      • URL Reputation: safe
                      • URL Reputation: safe
                      		unknown
                      https://same-bronzed-pet.glitch.me/Onedrive/History.0.drfalse
                        		high
                        https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js7ecb9bcc99553958_0.0.drfalse
                          		high
                          https://code.jquery.com/jquery-3.2.1.slim.min.js1d9edbd335fcdf44_0.0.drfalse
                            		high
                            https://blobs.officehome.msocdn.com/images/content/images/favicon-8f211ea639.icoFavicons.0.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://same-bronzed-pet.glitch.me/f1d9edbd335fcdf44_0.0.drfalse
                              		high
                              https://code.jquery.com/jquery-3.1.1.min.js7c0369b5fe632e74_0.0.drfalse
                                		high
                                https://same-bronzed-pet.glitch.me/Current Session.0.dr, Favicons.0.drfalse
                                  		high
                                  https://same-bronzed-pet.glitch.me/Oae3448a94b9ae755_0.0.drfalse
                                    		high
                                    https://clients2.googleusercontent.come19d0b4b-2f54-440b-9a02-77232fdf266c.tmp.2.drfalse
                                      		high
                                      https://kit.fontawesome.com/585b051251.js5d3d5aa734530811_0.0.drfalse
                                        		high
                                        https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.jsae3448a94b9ae755_0.0.drfalse
                                          		high
                                          https://a.nel.cloudflare.com/report?s=FEe4wkjhctjQtf1d0Bo4I2PZt10PJBS1lU4z2Cuwc5809h0CL7YcFK0a7SwA44Reporting and NEL.2.drfalse
                                            		high
                                            https://same-bronzed-pet.glitch.me/NO5d3d5aa734530811_0.0.drfalse
                                              		high
                                              https://feedback.googleusercontent.commanifest.json0.0.drfalse
                                                		high
                                                https://same-bronzed-pet.glitch.me/OnedriveHistory.0.drfalse
                                                  		high
                                                  https://a.nel.cloudflare.com/report?s=dxKWaRMO%2BaG45BYd0D9V7BhrIQPcWO7X%2BxF3qKOzpdjnerbBC2mfpF%2BdReporting and NEL.2.drfalse
                                                    		high
                                                    https://same-bronzed-pet.glitch.me/2History Provider Cache.0.drfalse
                                                      		high

                                                      Contacted IPs

                                                      • No. of IPs < 25%
                                                      • 25% < No. of IPs < 50%
                                                      • 50% < No. of IPs < 75%
                                                      • 75% < No. of IPs

                                                      Public

                                                      IPDomainCountryFlagASNASN NameMalicious
                                                      216.58.212.129
                                                      		googlehosted.l.googleusercontent.comUnited States
                                                      		15169GOOGLEUSfalse
                                                      104.18.11.207
                                                      		maxcdn.bootstrapcdn.comUnited States
                                                      		13335CLOUDFLARENETUSfalse
                                                      239.255.255.250
                                                      		unknownReserved
                                                      		unknownunknownfalse
                                                      34.230.134.23
                                                      		same-bronzed-pet.glitch.meUnited States
                                                      		14618AMAZON-AESUSfalse
                                                      104.16.18.94
                                                      		cdnjs.cloudflare.comUnited States
                                                      		13335CLOUDFLARENETUSfalse

                                                      Private

                                                      IP
                                                      192.168.2.1
                                                      192.168.2.6
                                                      127.0.0.1

                                                      General Information

                                                      Joe Sandbox Version:32.0.0 Black Diamond
                                                      Analysis ID:404041
                                                      Start date:04.05.2021
                                                      Start time:16:51:00
                                                      Joe Sandbox Product:CloudBasic
                                                      Overall analysis duration:0h 3m 49s
                                                      Hypervisor based Inspection enabled:false
                                                      Report type:light
                                                      Cookbook file name:browseurl.jbs
                                                      Sample URL:https://same-bronzed-pet.glitch.me/
                                                      Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                      Number of analysed new started processes analysed:13
                                                      Number of new started drivers analysed:0
                                                      Number of existing processes analysed:0
                                                      Number of existing drivers analysed:0
                                                      Number of injected processes analysed:0
                                                      Technologies:
                                                      • HCA enabled
                                                      • EGA enabled
                                                      • AMSI enabled
                                                      Analysis Mode:default
                                                      Analysis stop reason:Timeout
                                                      Detection:MAL
                                                      Classification:mal76.phis.win@33/225@9/8
                                                      Cookbook Comments:
                                                      • Adjust boot time
                                                      • Enable AMSI
                                                      Warnings:
                                                      Show All
                                                      • Exclude process from analysis (whitelisted): MpCmdRun.exe, BackgroundTransferHost.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
                                                      • TCP Packets have been reduced to 100
                                                      • Created / dropped Files have been reduced to 100
                                                      • Excluded IPs from analysis (whitelisted): 92.122.145.220, 52.255.188.83, 168.61.161.212, 13.107.4.50, 142.250.184.195, 216.58.212.173, 142.250.185.206, 142.250.185.78, 95.168.222.146, 95.168.222.141, 69.16.175.10, 69.16.175.42, 172.217.16.138, 104.18.22.52, 104.18.23.52, 142.250.184.234, 142.250.186.131, 172.64.101.17, 172.64.100.17, 142.250.185.202, 23.57.82.77, 172.217.18.106, 172.217.23.106, 216.58.212.138, 142.250.185.74, 142.250.185.106, 142.250.185.138, 142.250.185.170, 142.250.185.234, 142.250.181.234, 216.58.212.170, 142.250.74.202, 142.250.186.42, 142.250.186.74, 20.82.210.154, 92.122.213.194, 92.122.213.247, 52.155.217.156
                                                      • Excluded domains from analysis (whitelisted): gstaticadssl.l.google.com, cds.s5x3j6q5.hwcdn.net, arc.msn.com.nsatc.net, ka-f.fontawesome.com.cdn.cloudflare.net, clientservices.googleapis.com, b1ns.c-0001.c-msedge.net, clients2.google.com, e12520.g.akamaiedge.net, audownload.windowsupdate.nsatc.net, watson.telemetry.microsoft.com, elasticShed.au.au-msedge.net, au-bg-shim.trafficmanager.net, fonts.googleapis.com, content-autofill.googleapis.com, ajax.googleapis.com, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, skypedataprdcolcus17.cloudapp.net, www.googleapis.com, au.au-msedge.net, store-images.s-microsoft.com, r2.sn-n02xgoxufvg3-2gbs.gvt1.com, blobcollector.events.data.trafficmanager.net, clients.l.google.com, 2-01-3cf7-0009.cdx.cedexis.net, r2---sn-n02xgoxufvg3-2gbs.gvt1.com, store-images.s-microsoft.com-c.edgekey.net, Edge-Prod-FRA.env.au.au-msedge.net, wu-fg-shim.trafficmanager.net, a1449.dscg2.akamai.net, arc.msn.com, consumerrp-displaycatalog-aks2eap-europe.md.mp.microsoft.com.akadns.net, db5eap.displaycatalog.md.mp.microsoft.com.akadns.net, e12564.dspb.akamaiedge.net, redirector.gvt1.com, arc.trafficmanager.net, displaycatalog.mp.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, b1ns.au-msedge.net, kit.fontawesome.com.cdn.cloudflare.net, displaycatalog-europeeap.md.mp.microsoft.com.akadns.net, accounts.google.com, fonts.gstatic.com, c-0001.c-msedge.net, ctldl.windowsupdate.com, download.windowsupdate.com, afdap.au.au-msedge.net, skypedataprdcoleus17.cloudapp.net, r7.sn-n02xgoxufvg3-2gbs.gvt1.com, r7---sn-n02xgoxufvg3-2gbs.gvt1.com, au.c-0001.c-msedge.net, wildcard.officehome.msocdn.com.edgekey.net, displaycatalog-rp.md.mp.microsoft.com.akadns.net
                                                      • Report size getting too big, too many NtCreateFile calls found.
                                                      • Report size getting too big, too many NtOpenFile calls found.
                                                      • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
                                                      • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                                      • VT rate limit hit for: https://same-bronzed-pet.glitch.me/

                                                      Simulations

                                                      Behavior and APIs

                                                      TimeTypeDescription
                                                      16:51:57API Interceptor2x Sleep call for process: chrome.exe modified

                                                      Joe Sandbox View / Context

                                                      IPs

                                                      No context

                                                      Domains

                                                      No context

                                                      ASN

                                                      No context

                                                      JA3 Fingerprints

                                                      No context

                                                      Dropped Files

                                                      No context

                                                      Created / dropped Files

                                                      C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):451603
                                                      Entropy (8bit):5.009711072558331
                                                      Encrypted:false
                                                      SSDEEP:12288:ZHfRTyGZ6lup8Cfrvq4JBPKh+FBlESBw4p6:NfOCzvRKhGvwJ
                                                      MD5:A78AD14E77147E7DE3647E61964C0335
                                                      SHA1:CECC3DD41F4CEA0192B24300C71E1911BD4FCE45
                                                      SHA-256:0D6803758FF8F87081FAFD62E90F0950DFB2DD7991E9607FE76A8F92D0E893FA
                                                      SHA-512:DDE24D5AD50D68FC91E9E325D31E66EF8F624B6BB3A07D14FFED1104D3AB5F4EF1D7969A5CDE0DFBB19CB31C506F7DE97AF67C2F244F7E7E8E10648EA8321101
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: BDic.... ....6...."..Z..4g....6.2...{/...3...5....AF 1363.AF nm.AF pt.AF n1.AF p.AF tc.AF SM.AF M.AF S.AF MS.AF MNR.AF GDS.AF MNT.AF MH.AF MR.AF SZMR.AF MJ.AF MT.AF MY.AF MRZ.AF MN.AF MG.AF RM.AF N.AF MV.AF XM.AF DSM.AF SD.AF G.AF R.AF MNX.AF MRS.AF MD.AF MNRB.AF B.AF ZSMR.AF PM.AF SMNGJ.AF SMN.AF ZMR.AF SMGB.AF MZR.AF GM.AF SMR.AF SMDG.AF RMZ.AF ZM.AF MDG.AF MDT.AF SMNXT.AF SDY.AF LSDG.AF LGDS.AF GLDS.AF UY.AF U.AF DSGNX.AF GNDSX.AF DSG.AF Y.AF GS.AF IEMS.AF YP.AF ZGDRS.AF XGNVDS.AF UT.AF GNDS.AF GVDS.AF MYPS.AF XGNDS.AF TPRY.AF MDSG.AF ZGSDR.AF DYSG.AF PMYTNS.AF AGDS.AF DRZGS.AF PY.AF GSPMDY.AF EGVDS.AF SL.AF GNXDS.AF DSBG.AF IM.AF I.AF MDGS.AF SMY.AF DSGN.AF DSLG.AF GMDS.AF MDSBG.AF SGD.AF IY.AF P.AF DSMG.AF BLZGDRS.AF TR.AF AGSD.AF ZGBDRSL.AF PTRY.AF ASDGV.AF ASM.AF ICANGSD.AF ICAM.AF IKY.AF AMS.AF PMYTRS.AF BZGVDRS.AF SDRBZG.AF GVMDS.AF PSM.AF DGLS.AF GNVXDS.AF AGDSL.AF DGS.AF XDSGNV.AF BZGDRS.AF AM.AF AS.AF A.AF LDSG.AF AGVDS.AF SDG.AF LDSMG.AF EDSMG.AF EY.AF DRSMZG.AF PRYT.AF LZ
                                                      C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:Microsoft Cabinet archive data, 58596 bytes, 1 file
                                                      Category:dropped
                                                      Size (bytes):117192
                                                      Entropy (8bit):7.995478615012125
                                                      Encrypted:true
                                                      SSDEEP:3072:F2qSSwIm1m/QEBbgb1om2qSSwIm1m/QEBbgb1oQ:FJdwIm1m/QEOb1omJdwIm1m/QEOb1oQ
                                                      MD5:2FEBC5EB397A71B7A4862D0DCC21CA5E
                                                      SHA1:5568FBD6D7DB899850D3AAFF95FEC08952361678
                                                      SHA-256:2E9BE05B763D01CB0CD6FDE8BC64432A012AD3ECD9A6F3099DDE740A2D148A13
                                                      SHA-512:B7D42B634F3B0CDC81CB94F281C8BB743BB98421AE54E21005637F762292D865EB1D71D43C4FF96AEE824527E9F7FB94FE5F5A4D35A22363A2A86AF8ABE0C414
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: MSCF............,...................I........T........bR. .authroot.stl...s~.4..CK..8T....c_.d....A.K......&.-.J...."Y...$E.KB..D...D.....3.n..u.............|..=H4..c&.......f.,..=..-....p2.:..`HX......b.......Di.a......M.....4.....i..}..:~N.<..>.*.V..CX......B......,.q.M.....HB..E~Q...)..Gax../..}7..f......O0...x..k..ha...y.K.0.h..(....{2Y.].g...yw..|0.+?.`-../.xvy..e......w.+^...w|.Q.k.9&.Q.EzS.f......>?w.G.......v.F......A......-P.$.Y...u....Z..g..>.0&.y.(..<.].`>... ..R.q...g.Y..s.y.B..B....Z.4.<?.R....1.8.<.=.8..[a.s.......add..).NtX....r....R.&W4.5]....k.._iK..xzW.w.M.>,5.}..}.tLX5Ls3_..).!..X.~...%.B.....YS9m.,.....BV`.Cee.....?......:.x-.q9j...Yps..W...1.A<.X.O....7.ei..a\.~=X....HN.#....h,....y...\.br.8.y"k).....~B..v....GR.g|.z..+.D8.m..F .h...*.........ItNs.\....s..,.f`D...]..k...:9..lk.<D....u...........[...*.wY.O....P?.U.l....Fc.ObLq......Fvk..G9.8..!..\T:K`.......'.3......;.u..h...uD..^.bS...r........j..j .=...s .FxV....g.c.s..9.
                                                      C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):652
                                                      Entropy (8bit):3.123280162340147
                                                      Encrypted:false
                                                      SSDEEP:12:AHwTJrkPlE99SNxAhUe0hKwTJrkPlE99SNxAhUe0ht:AQ5kPcUQUPhN5kPcUQUPht
                                                      MD5:DC69E7F67F26A77B191050F75BFAC676
                                                      SHA1:C6A5211F95E514E322A8F89A07B815D41A402EFA
                                                      SHA-256:36471D7E8741F90C82671B28138D513EDEEDC5B97BE5F8CC5A723E77BD27ED7B
                                                      SHA-512:D259252D40F3ECE042C593F9902F224F1EE3BBE109B54DA9872F9EAA609CFDF03C1B811D59D0CF6A0F1748493B4312B0A41A80D225D75273A7153F32026F2D44
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: p...... ........:r.w@A..(....................................................... ...................$...............h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".0.d.8.f.4.f.3.f.6.f.d.7.1.:.0."...p...... ........9...@A..(....................................................... ...................$...............h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".0.d.8.f.4.f.3.f.6.f.d.7.1.:.0."...
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\1c96bed6-4d5f-47fe-9bd8-64e0b7408bd4.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:SysEx File -
                                                      Category:modified
                                                      Size (bytes):94708
                                                      Entropy (8bit):3.7487588386331416
                                                      Encrypted:false
                                                      SSDEEP:384:Fbgf/FCsZGdRVOUD+NrrwvHN3Afl8H18GcLr2hbHxwRx1ArqnmiliNzTTsO5RLNs:FWalFCZMs8ebXZJHQ3v+FKn9D5Q
                                                      MD5:D35B7297B2E1E18742110A804D87C45F
                                                      SHA1:F4CC848FEA6B21BCC828A6FF7B7D987320F5803B
                                                      SHA-256:4E261385FE21FD5CD1AFCECE4A7E5DD6D754661A1308AFF968F5D6EDD2B3B468
                                                      SHA-512:6F1E61FE46E5F14E9016F66A67630E694C246CB1D5C6697923EA7BA3474BF6F8CAD0DB33D80582E2C8EB21BA910D340F0B8442A1F6067617DE510D68410CFA53
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: .q..............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....98.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\2f0b7262-b356-437b-94da-0fa3e5731af1.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):371463
                                                      Entropy (8bit):6.049859352441224
                                                      Encrypted:false
                                                      SSDEEP:6144:nuhZZ4/fHwcG0OP1eVxR+v+F7EFpfY4XB3iE7ZPXYGzLxinr:Qvg/xGNPUZ+w7wJHyEtAWm
                                                      MD5:25EC2501BEFE0DDD90704D15E95AFFF3
                                                      SHA1:B928603CC08D531C8331C0D4E5F31D262D5969F7
                                                      SHA-256:5C3C0E0CBD12B228048C1A43BAC054088FF611503C63DB2C293CFB01C85FC15D
                                                      SHA-512:5FE8FE742F82C0F1999039CB88D9E0078A7DFC57E37F9815C42A48393A9D3D914977E2A4E5FC76646A5C0D83AB528B9DBC889165A985BDCCF7230E0E1E05FE07
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620172313309775e+12,"network":1.620139915e+12,"ticks":155307687.0,"uncertainty":4904651.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACMBYze0bKMTIhZGR/AW4M5AAAAAAIAAAAAABBmAAAAAQAAIAAAACoSPhbyumSaNjLuAHEna2OUDn+rpXOk+H/ONjHe5ZwbAAAAAA6AAAAAAgAAIAAAADezR1ii2QiPYGPz0Jd0ZQiE5jKOKMttbbwwADHJYDpEMAAAACuIP4EJtfud3aEFZzvijkFSTP1RNwcy8fFg19xXfiV1Q9wriZb5iS+jYbOXKVX44kAAAAByJv8rXU2wt9ZoSemiGl7Rv1MeHwgrJRvbYcUfMpjLAz2bh77nWHOppVpZzR2K2uw89vs6aWrPXuiWeIEQQvEM"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245952488427687"},"plugins":{"metadata":{"adobe-flash-player":{"disp
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\7f0df072-e4b7-47d2-ba52-608f062eba29.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):371463
                                                      Entropy (8bit):6.049859118320202
                                                      Encrypted:false
                                                      SSDEEP:6144:8uhZZ4/fHwcG0OP1eVxR+v+F7EFpfY4XB3iE7ZPXYGzLxinr:Zvg/xGNPUZ+w7wJHyEtAWm
                                                      MD5:429DF461CCBA6D19AAC37E59ED85288D
                                                      SHA1:F910CCC6BB6B8DE0D8AE337B943718E9776BF704
                                                      SHA-256:5AA2BED3F988234A8CB5A360FA90BCDE0520B1E1A7C354AAFE42E1E42AF702C0
                                                      SHA-512:4708667B4D2F3B9043FB38CCDC9350479AAF192F3722CF08B363E46FC834E2AE59A79B3C5112CA4C5169CDAD3F172E784925EFB29C39008E310661DB33662C77
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620172313309775e+12,"network":1.620139915e+12,"ticks":155307687.0,"uncertainty":4904651.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACMBYze0bKMTIhZGR/AW4M5AAAAAAIAAAAAABBmAAAAAQAAIAAAACoSPhbyumSaNjLuAHEna2OUDn+rpXOk+H/ONjHe5ZwbAAAAAA6AAAAAAgAAIAAAADezR1ii2QiPYGPz0Jd0ZQiE5jKOKMttbbwwADHJYDpEMAAAACuIP4EJtfud3aEFZzvijkFSTP1RNwcy8fFg19xXfiV1Q9wriZb5iS+jYbOXKVX44kAAAAByJv8rXU2wt9ZoSemiGl7Rv1MeHwgrJRvbYcUfMpjLAz2bh77nWHOppVpZzR2K2uw89vs6aWrPXuiWeIEQQvEM"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245952488007586"},"plugins":{"metadata":{"adobe-flash-player":{"disp
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\8d08087c-7de7-4a7d-a5c1-2c4be8239234.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):371463
                                                      Entropy (8bit):6.04985939082919
                                                      Encrypted:false
                                                      SSDEEP:6144:CuhZZ4/fHwcG0OP1eVxR+v+F7EFpfY4XB3iE7ZPXYGzLxinr:zvg/xGNPUZ+w7wJHyEtAWm
                                                      MD5:070E7D267EC5201BAE3C0270D8EE51AB
                                                      SHA1:6E2A2329EA5A320063EA00CF886CFB3A0E751E77
                                                      SHA-256:A0721ADE7E0D97CFA9E95949FC0D01980C9D03CFA5597AA4A1E36C3659FFCB54
                                                      SHA-512:BE9B441A46FD956F1A98A82ACD69CFEF05CD963E4165C4029EB2DBB46E4AA4AA60FF01A26FDF52277DD300C0D66941E18E4D12838E4A25811E8660ECA55FEC83
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620172313309775e+12,"network":1.620139915e+12,"ticks":155307687.0,"uncertainty":4904651.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACMBYze0bKMTIhZGR/AW4M5AAAAAAIAAAAAABBmAAAAAQAAIAAAACoSPhbyumSaNjLuAHEna2OUDn+rpXOk+H/ONjHe5ZwbAAAAAA6AAAAAAgAAIAAAADezR1ii2QiPYGPz0Jd0ZQiE5jKOKMttbbwwADHJYDpEMAAAACuIP4EJtfud3aEFZzvijkFSTP1RNwcy8fFg19xXfiV1Q9wriZb5iS+jYbOXKVX44kAAAAByJv8rXU2wt9ZoSemiGl7Rv1MeHwgrJRvbYcUfMpjLAz2bh77nWHOppVpZzR2K2uw89vs6aWrPXuiWeIEQQvEM"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245952488007586"},"plugins":{"metadata":{"adobe-flash-player":{"disp
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):120
                                                      Entropy (8bit):3.3041625260016576
                                                      Encrypted:false
                                                      SSDEEP:3:FkXEwozZHGftEwozZHGftEwozZHn:+EwozZHGVEwozZHGVEwozZHn
                                                      MD5:4829695F153A750ADF50C6E979E8E8F3
                                                      SHA1:2F697EF207460D03671E4B59670BC73328D60D6E
                                                      SHA-256:1AACF1304FD42C84FF41DDD2F2252E5C0EDE7362352661B7957648F2EA4C2683
                                                      SHA-512:6D16A6EF4BB20B25B1B14757C475E9F8C3A40D6181F718D563A628BA41DA9426E1B586C472D4F8729FD65FCA014151B7D46FBFAAE171BFF9A6D937DB7A7A2CC2
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: sdPC.......................y3..M.Y.NbD.sdPC.......................y3..M.Y.NbD.sdPC.......................y3..M.Y.NbD.
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0ba16ac5-38a4-4383-9df5-1f7ac1ee91ef.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):5101
                                                      Entropy (8bit):4.974664815438822
                                                      Encrypted:false
                                                      SSDEEP:96:nxfVdjGqmfpaAVOrxk0JCKL8JLko1fezbOTQVuwn:nVV7mfp9EN4KqkoBeH
                                                      MD5:36C4B47088E495B6AB73A1B5C57226BF
                                                      SHA1:698A42E5CC52A8FE3D063C6F3FCB56E8C8D59819
                                                      SHA-256:7F2AC299DA112F9CD08A8BFF00A936D092929E8E435F4C17E4936501FB047656
                                                      SHA-512:1D4D29FC42E2193B442ECD092602E3E3988D0CA76B45813436288FC8B026ED67EDB7085BD13F4F05EF4496A2EBC9F69A0DE58E64E41A96F86CA2FB557B67122E
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13264645910345689","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245952891998324","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","1501624"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1faf809b-1c43-464d-a7c1-5dd1cd626eb1.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:very short file (no magic)
                                                      Category:dropped
                                                      Size (bytes):1
                                                      Entropy (8bit):0.0
                                                      Encrypted:false
                                                      SSDEEP:3:L:L
                                                      MD5:5058F1AF8388633F609CADB75A75DC9D
                                                      SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                      SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                      SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\336b81ef-fafd-4620-86f6-c544bfdd7fd5.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):1376
                                                      Entropy (8bit):5.558547833548159
                                                      Encrypted:false
                                                      SSDEEP:24:YCnWswUc6H0UhcXTGVIU3TAG1KUTwaUeHT17wU/T6YxYUF3RUeHQ:YKVwUc6UUhcXyeU3zKUkaUeHRwU/2sY9
                                                      MD5:947D3F18FA84F48BC8B07BDDD57D150A
                                                      SHA1:8E44B6472E1F6A5F6D7982338CC94DFCD7D4F0EE
                                                      SHA-256:639425E824CF5D16782C6BE9AFA67B541FDE74EC9BE12D9C7A1B9A3DBEB5E3CA
                                                      SHA-512:38E22631E23D4C0841A696FD3CC2411C980D956CA1726AEEB1D6A70A649CB84ECE222B8A88FBDD69D2768B2E0825750F39CCD5C0945FA01E25C1FB722439E8F6
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"expect_ct":[],"sts":[{"expiry":1635952316.94936,"host":"E10e7Gwg5+phsYD4E8qNYFsQySXnIHPAfo4zloUPESc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1620172316.949364},{"expiry":1633015352.675531,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601479352.675536},{"expiry":1651708317.013616,"host":"PmHKo9+NfFu9AjQSxw3MoTtfuXIu9G3fM8KGQt4xie4=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1620172317.01362},{"expiry":1651708316.993136,"host":"nAuqgR4iEWti7SOdT3UHPl6rmZU/DeaIm38P2O2OkgA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1620172316.993139},{"expiry":1633015352.455722,"host":"5EdUoB7YUY9zZV+2DkgVXgho8WUvp+D+6KpeUOhNQIM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601479352.455726},{"expiry":1651708315.129229,"host":"8/RrMmQlCD2Gsp14wUCE1P8r7B2C5+yE0+g79IPyRsc=","mode":"force-https","sts_include_subdomains":false,"sts_o
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4c5b1d5d-73cd-4b3a-b021-08d178a922c5.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):22595
                                                      Entropy (8bit):5.536048844061978
                                                      Encrypted:false
                                                      SSDEEP:384:1DctNLl6yXj1kXqKf/pUZNCgVLH2HfDnrU1HGinT8W4i47:aLl/j1kXqKf/pUZNCgVLH2Hf7rUJGinm
                                                      MD5:7A9F3192DA86774798DB159A80F654FC
                                                      SHA1:B6763B752D46519303921AD1B4FEF7CDFEEC5A7B
                                                      SHA-256:BD01AB9E46F300BBC0599ED53A3A85C73AF42C2E46B0DAFA94747216BCED4531
                                                      SHA-512:7DD5A7B1F362BD7DAD698E5206B15AFEAFC741D2649C02BBA3E1B386F798712790DE2E74EA0924EF0479C798E1E192E53E3D092EE7BCF7D648F315BB800CAE13
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13264645909991983","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):340
                                                      Entropy (8bit):5.221604405024375
                                                      Encrypted:false
                                                      SSDEEP:6:msTHaMq2PN723iKKdK9RXXTZIFUtpdTUXZmwPdT1kwON723iKKdK9RXX5LJ:tjvVa5Kk7XT2FUtpdoX/Pdx5Oa5Kk7XH
                                                      MD5:5461197CECF15B0381379D646543558A
                                                      SHA1:9953A00D09454557565193985B5341D01420643B
                                                      SHA-256:5E2B9AEA93CF297167AF7A40F5206009226515002F410D7ADCD8CBDACBA51A91
                                                      SHA-512:1650539BC331A51DA7BC4F6A8C48356475EFDBDE2470B2E0096881F22F89C07F78BD932CE05A774BEFFF0EC04D9EF017AC1751F0EF3C00C84849806A44411575
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:52:08.466 1384 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2021/05/04-16:52:08.468 1384 Recovering log #3.2021/05/04-16:52:08.469 1384 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):324
                                                      Entropy (8bit):5.1969860830810655
                                                      Encrypted:false
                                                      SSDEEP:6:msT30Sq2PN723iKKdKyDZIFUtpdT4FZZmwPdT3PJkwON723iKKdKyJLJ:trZvVa5Kk02FUtpd0FZ/PdLPJ5Oa5Kky
                                                      MD5:08114DF06CF2461D303DF3BC79E3C192
                                                      SHA1:7A2DA809D5A5D280DD0402274C78AAC31E579FFF
                                                      SHA-256:B2E68D1EAA715D1F3C0BFF265EAF2C918292291C218804132695AB5EF899CB93
                                                      SHA-512:D9678578EA6B2B8606BA989D48C93821DB64247DB2FDC862C50A248A0BD5E1BDB7FD91928145BCCEBAF3E3B65EE50A5629775B05E097FE9794608F7BC810CEEB
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:52:08.419 1384 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2021/05/04-16:52:08.420 1384 Recovering log #3.2021/05/04-16:52:08.421 1384 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1d9edbd335fcdf44_0
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):221
                                                      Entropy (8bit):5.527538405298733
                                                      Encrypted:false
                                                      SSDEEP:6:mahlIEYerCUKa48OwCv6WVqHKnt4DZK6t:nvOUKanO/bVqHKntaT
                                                      MD5:07A023D957F5AFD1A0747C3DBEC94B88
                                                      SHA1:167341773DBBB144BE7785005C2F5AB7D00E5E73
                                                      SHA-256:605F6360F8C6CB0892C28AD16EC4EE1EF18FF741ADE45D02B4379835D94C19C1
                                                      SHA-512:4FCF34A6E6D38DE9993DCE6FC79F8C44247B0EFC37DCC75B42456A154C7E42C879101A4754ECFA9D9D203458210929EC6E46859B85475F5D139928789DCABE74
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 0\r..m......Y...0.QP...._keyhttps://code.jquery.com/jquery-3.2.1.slim.min.js .https://same-bronzed-pet.glitch.me/f... /..............p.......i5..(.&....0..M......:..o#.../.A..Eo........z..........A..Eo..................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\296ad933470349d8_0
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):237
                                                      Entropy (8bit):5.589952080930462
                                                      Encrypted:false
                                                      SSDEEP:3:m+lxPJa8RzYRhmHT8NWQABKidFvDS8aU78QAoEeK1lHCBXn5Mj3g+o59mDKz4mCm:mKYSHT8NWQA8ya48Oi6RnKa9pV/ZK6t
                                                      MD5:FE6560226C962A657E3072BC6ECA685A
                                                      SHA1:440C9E67C615ACECA535E5BE2E50CD9D2165751C
                                                      SHA-256:5C03BD4F6CFE765A39CE259B1B3F737DC9E9DF6C939EAC05CB5CD1133BA9CDEE
                                                      SHA-512:4968A4EDAF5820137E7E5971308BD7BD00E947101D9D78AE61E7683DB9AC53AAF44F1F73313FAEBC3A62768E625EEB3AEAC2D9E25C9C3622288899D3EBE404B9
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 0\r..m......i..........._keyhttps://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js .https://same-bronzed-pet.glitch.me/.... /..............q......we...+G..H..N...(.5....v=.K&!.A..Eo..................A..Eo..................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5d3d5aa734530811_0
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):214
                                                      Entropy (8bit):5.480444412296105
                                                      Encrypted:false
                                                      SSDEEP:6:mFlXYlNYpSVkLa48OHHVtU0jSq6TthK6t:WnpSVianOVWaSF7
                                                      MD5:B8AA1073A5A6D36408F0C922CA7421E5
                                                      SHA1:2E2260B8545084CCAD24938A04A5E787B121A941
                                                      SHA-256:4D9235DC604D4F3918A72D641B9FB8B75654B8C3B178EF6E29B5D2C72EEF811F
                                                      SHA-512:C40041F82DC1443D4B17BBA5759E61E479BD2F93906AA0C375736266FF5869DB90578C158C22A69D99EBBEE4FF322613E8BA8FBA79FD42964F1B9306C5646EBF
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 0\r..m......R...fLG....._keyhttps://kit.fontawesome.com/585b051251.js .https://same-bronzed-pet.glitch.me/NO.. /..............o.......j.......5.=@....aR.k.F.P:....o.A..Eo......q............A..Eo..................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7c0369b5fe632e74_0
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):216
                                                      Entropy (8bit):5.515143071898049
                                                      Encrypted:false
                                                      SSDEEP:3:m+lUG6w8RzYP2FycyG8ZFvDS8aU78QAorN1lHC1n/XXU+Z+PElbetiRmp5ll/llB:mq6pYeMpa48Op62pt3BK6t
                                                      MD5:0B846B3745A21831F488E3C5E91F3031
                                                      SHA1:F8F4384568C34DE4F666D36CA6DC1C4456075E30
                                                      SHA-256:37C9E6C31A0A130C930DE3C6E2F088A60565C1C2B4CDF2833B76163728CE6C8E
                                                      SHA-512:DBA1F9C080432FBE6B2B677380F5120E98409F5BB18A5FCB77C84DE363294152A269286BCEC12987A0684F3F4D6EDFF8A5F8E5D0CDED6E541CEECBF136D6563D
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 0\r..m......T....._\...._keyhttps://code.jquery.com/jquery-3.1.1.min.js .https://same-bronzed-pet.glitch.me/.... /..............o......D.o...H.[...@|..a.....G.)...)..f.A..Eo......A ...........A..Eo..................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7ecb9bcc99553958_0
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):246
                                                      Entropy (8bit):5.548370908329468
                                                      Encrypted:false
                                                      SSDEEP:6:mMH/XYET08NaYWbVOqZSa48ORN6XN/8+sSXA1ohK6t:Hbg8NaY8ZSanORo0+p
                                                      MD5:67429C1C5D12E71EDEEDF2B6DAA8CA91
                                                      SHA1:B057A287D36BEF3455DDCFC2333A8CF0FBFCF349
                                                      SHA-256:A1D21D9729C7DDF66C02E253BC343294E4E423F0C0B6AC5A4097603E51626311
                                                      SHA-512:98E975ACDFD67618239C2FDF256F692BB184F2A221DDDB2FD139CD2D1478058690D643AEDA4344EF05A11F59F0A44FEE05A28FCB5A750E4533B9093675005A37
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 0\r..m......r.....kJ...._keyhttps://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js .https://same-bronzed-pet.glitch.me/.x.. /..............p........k..X.C.vt..K.^|....S-X.#.....A..Eo.......ZcY.........A..Eo..................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8acc96846ffa4fcc_0
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):237
                                                      Entropy (8bit):5.584168074530003
                                                      Encrypted:false
                                                      SSDEEP:6:mwYSHT8NWQAlKPUQyxa48OCv6AhUSTPlZK6t:Hz8NWQCUUfanOo1
                                                      MD5:8897569277B3950979470CF87B0AF66F
                                                      SHA1:2AA9C7E74B593688AFF5CB447B46C244E4523501
                                                      SHA-256:169B6D5D1C9C43A01C9A4803E0043D46D157C819CF9C802088D0F11A032D4539
                                                      SHA-512:100F9DE619149891181B738AB16696E399D2BC8B44EAD0CE6D4A1CB7B647132BE0EAFCE9136064BCFE4367FC8645CD91E64A06C3570C86B4219CC94EB4F318D6
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 0\r..m......i..........._keyhttps://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js .https://same-bronzed-pet.glitch.me/.... /.............Tm......I...k.z..{.!......-C..........A..Eo......M.;.........A..Eo..................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ae3448a94b9ae755_0
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):240
                                                      Entropy (8bit):5.437617169834846
                                                      Encrypted:false
                                                      SSDEEP:6:mMPY68E9xEEUgLErSa48Oh6fRvjWeA/K6t:3YglanOevjWeq
                                                      MD5:83D1BE47E0750F8CBA11F92429B394EB
                                                      SHA1:953298D69F0D90A87B271D8014BF63416C32848A
                                                      SHA-256:5B22CF711883E958A1D2174FD54F1F52B2EF5FE18B17052BAA9DD9E006ADE1E0
                                                      SHA-512:674390A5C28065782FC59C0B1A30C2A8079C5634A6B17BD0D904BC687F26783B51B9B2858FC9B77BA96E49D6FB8633347A04C83AEBFC8422B9BA3F7E664CFB57
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 0\r..m......l...#......._keyhttps://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js .https://same-bronzed-pet.glitch.me/O... /..............p......6.Q.y8.I%.M...I..Cd....0i.o.vi..A..Eo...................A..Eo..................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):264
                                                      Entropy (8bit):4.621683064973298
                                                      Encrypted:false
                                                      SSDEEP:6:AvpP+DZ8Z4W+k5QZlDykIjlczkm/6//+n:AvpPe8+GQbD3ymva+
                                                      MD5:D2645234D31A4CAD6567B6E7CA26DE63
                                                      SHA1:4FBFEAC373FC6AF698C2AC65A95E76963C7D882D
                                                      SHA-256:BB4A30EC93233AC8378A8CB590499ABD50E49404CF70AE7BBFC91ED020A22AB1
                                                      SHA-512:7E1F7F27BA9CC7771D57C99B6217336634274CECC32F287D1166CB1740351FEC26ECD7A540D1751963E944ACFDBDF50055D3716AAF1D1C920416C217993D6D78
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: .....K..oy retne.........................I.G3.j).... /.........U.K.H4.@A.. /.........X9U...~@A.. /.........D..5...@A.. /...........S4.Z=]@A.. /.........t.c..i.|@A.. /..........O.o...@A.. /............/...3.^j.../..........^}.Np...^j.../............. /.
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:SQLite 3.x database, last written using SQLite version 3032001
                                                      Category:dropped
                                                      Size (bytes):12288
                                                      Entropy (8bit):0.6863571317626186
                                                      Encrypted:false
                                                      SSDEEP:12:TLyen4ufFdbXGwcFOaOndOtJRbGMNmt2SH/+eVpUHFxOUwae6:TLyqJLbXaFpEO5bNmISHn06Uwd
                                                      MD5:1C0EAEEE6463CAE33B7A7CD9D9DF4DA5
                                                      SHA1:FBC6A28A1501E40154FDC0A9D0C2F34A5F88AA65
                                                      SHA-256:ED8AE7C5E6885874A39F4E86258F552670352A18D29BE1FF4D372A2F4CD06C8A
                                                      SHA-512:355D19828609971998B09B36E7C7D304B7FB88C7A726670BEBF5CF2E2710F8E71B0F9DEF6FE9712B484C1EB122AEEEFDECF31D13E02C4539C399DFB86EC7619F
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):12836
                                                      Entropy (8bit):0.9655324450819962
                                                      Encrypted:false
                                                      SSDEEP:24:F6pIvJn2QOYiUG3PaVjqLbJLbXaFpEO5bNmISHn06Uw48:cpIvZXC/a5q5LLOpEO5J/Kn7Ur8
                                                      MD5:C51488F36EC1E8BABC212A5BB2AD0F18
                                                      SHA1:BFBCBD03FD17A374DA8003F2A5A2F3C0B8B171B0
                                                      SHA-256:5157BF355192A9BF337D477B42E900D0AA154967DFE722E865C2757A3316C0F4
                                                      SHA-512:66CB91BDE8FB80D3F379208395A7DC1B83BBFFDE597920A1089E1B7009D044440B65CBDA4BA755E68E637AB75AAE2732288E014618EBEBBAF04D239FCAD69ED3
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: ........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):1910
                                                      Entropy (8bit):3.080605343919809
                                                      Encrypted:false
                                                      SSDEEP:48:34BaDLxo6TwqgOtLVgEBgO8gOILVgEx3SXgO2:34HFy
                                                      MD5:BB813459C14971B41E656320A7813F36
                                                      SHA1:E3BDAD7CDD5A93A62535871577D34805D98A8FB6
                                                      SHA-256:9231A8237DA7CF81234E7FB606DD54AC00E6C3F3F05F739620111E7A4196C920
                                                      SHA-512:6C16C508B39CFF6F49A9CE621019C1AAC6EEAA255D57A24632B1DA4B72C1E1F10A559883BCB6BD7C09D5CDD44A02B76456E3EA6CDC024E03BCE0C350D60CB74B
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: SNSS....................................................!.............................................1..,.......$...1281ed78_bfae_40d2_b627_ebb560336a69.......................L..................................................................................5..0.......&...{68ADBCFB-ED3C-4AA1-B80C-ADD502B6FA85}........................................A..<...........#...https://same-bronzed-pet.glitch.me/.....................................................h.......`.........................................................V......V............................................N...#...h.t.t.p.s.:././.s.a.m.e.-.b.r.o.n.z.e.d.-.p.e.t...g.l.i.t.c.h...m.e./...................................8.......0.......8....................................................................... .......................................................#...https://same-bronzed-pet.glitch.me/......r.. /............................................................#...https://same-bronzed-pet.glitch.me/.....O.n.e.d.r.
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):8
                                                      Entropy (8bit):1.8112781244591325
                                                      Encrypted:false
                                                      SSDEEP:3:3Dtn:3h
                                                      MD5:0686D6159557E1162D04C44240103333
                                                      SHA1:053E9DB58E20A67D1E158E407094359BF61D0639
                                                      SHA-256:3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
                                                      SHA-512:884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: SNSS....
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):183
                                                      Entropy (8bit):4.267376444120917
                                                      Encrypted:false
                                                      SSDEEP:3:FQxlXayz/t2Hmwg0EOZL7Ao4uhFkEuRLKyC5Ei5+GgGg:qT5z/t2qoEwhXeLKBt
                                                      MD5:7FA0F874EABF1EED31988230680AD210
                                                      SHA1:E71B360F1E8D5C278A051AD03DFB9027ACCF38C3
                                                      SHA-256:09E15F8939364145E710C314EBD93FD19BF60C2B6B20BF8023315D617B6B141B
                                                      SHA-512:AF4C2E595AA0B1FD96474A0E73530B38BE5F2906B10BE1DEFC0A9221129A3E5BB8D0816777550863AD426C5C836ECA1F0C384986C2A1108E2E4CA20EF10A7824
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: .f.5................i.Wd...............Sgdaefkejpgkiemlaofpalmlakkmbjdnl.declarative_rules.declarativeContent.onPageChanged.[]..F..................F..................F................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):326
                                                      Entropy (8bit):5.176171052491966
                                                      Encrypted:false
                                                      SSDEEP:6:msTwAQ+q2PN723iKKdK8aPrqIFUtpdTw5c5ZmwPdTwM0dFNVkwON723iKKdK8amd:t9VvVa5KkL3FUtpdL5/Pdx0dF5Oa5Kkc
                                                      MD5:81EEF44A38C87497DE944825956C6D55
                                                      SHA1:D347D693FA1248C450678F639AD1EA2234485CDF
                                                      SHA-256:0CBBFDAF04E7B2A290CC1AA6BF2CF6346C222746CDE30511493CB9F5FB72A177
                                                      SHA-512:4CEA01DDD31764E7B5F00534BF1ACE5DBA8E5810D4BC4D9CA40E99E41205AE07CBE96504461511B5AF5D46DAD070064ABED50864C43E7E0D4C60B7BCDBC1616C
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:51:50.355 1598 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/05/04-16:51:50.358 1598 Recovering log #3.2021/05/04-16:51:50.359 1598 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):627
                                                      Entropy (8bit):1.8784775129881184
                                                      Encrypted:false
                                                      SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW:
                                                      MD5:9D7435EA49A80FDD66E4915F513017F9
                                                      SHA1:469F6C6E4B19B85CC1BE497812B2F20864F4FF2C
                                                      SHA-256:409D4C47E940688527D730B996E8991E010988C7671565467ED69D640D0947F3
                                                      SHA-512:0561CD632D4219AEF4686DE40EC092921384CA89755D354801E0EAEC8645A8630A180807AF518AC8FCF01F71EB3D10FAA9CE1E62C7A7226A274975BDCB7EEB4C
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: .f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):326
                                                      Entropy (8bit):5.1269707322392755
                                                      Encrypted:false
                                                      SSDEEP:6:msTWGyq2PN723iKKdK8NIFUtpdTWM31ZmwPdTWMhRkwON723iKKdK8+eLJ:tqbvVa5KkpFUtpdqM31/PdqMX5Oa5Kk2
                                                      MD5:FA79323139108BDD818D1E3A3C3FD45E
                                                      SHA1:78C787F1CC6BDD6DEFFBCCDADE1EF3D8083317D8
                                                      SHA-256:F91CB5F2EAB90B3DED7E01ECFE6644AABD01C06F2192D59382D8FF82A99A8EC7
                                                      SHA-512:C2E267DB926D35C660A25AB4F2DEB76FC849C2D939F95569227A589A8530CAE586E07B4B348E78C95076A4135618C8109A33F50857EABCC1A29B5E9A73AC30C4
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:51:52.640 13a0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/05/04-16:51:52.642 13a0 Recovering log #3.2021/05/04-16:51:52.642 13a0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):11217
                                                      Entropy (8bit):6.069602775336632
                                                      Encrypted:false
                                                      SSDEEP:192:GbylJnlTwGB7V9Hne4qasKxXItmLG48gcLg/PkI:Gb+nldByaFx4toj8VEPT
                                                      MD5:90F880064A42B29CCFF51FE5425BF1A3
                                                      SHA1:6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF
                                                      SHA-256:965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
                                                      SHA-512:D9CBFCD865356F19A57954F8FD952CAF3D31B354112766C41892D1EF40BD2533682D4EC3F4DA0E59A5397364F67A484B45091BA94E6C69ED18AB681403DFD3F3
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAFMms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):11217
                                                      Entropy (8bit):6.069602775336632
                                                      Encrypted:false
                                                      SSDEEP:192:GbylJnlTwGB7V9Hne4qasKxXItmLG48gcLg/PkI:Gb+nldByaFx4toj8VEPT
                                                      MD5:90F880064A42B29CCFF51FE5425BF1A3
                                                      SHA1:6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF
                                                      SHA-256:965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
                                                      SHA-512:D9CBFCD865356F19A57954F8FD952CAF3D31B354112766C41892D1EF40BD2533682D4EC3F4DA0E59A5397364F67A484B45091BA94E6C69ED18AB681403DFD3F3
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAFMms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):23474
                                                      Entropy (8bit):6.059847580419268
                                                      Encrypted:false
                                                      SSDEEP:384:7dNc1NC6IcafusK4H1IIGRlhKlkIALQWdynQh2RX4K6M1tVztzr7XSNyzH:7dOscSRKc1nGRSkIhEw6M1tf7SNyb
                                                      MD5:6AE2135EA4583C2F06CDEBEA4AE70FA4
                                                      SHA1:DCEB26C7F02D53B5F214305F4C75B4A33A79CDC2
                                                      SHA-256:03AA1944CB3C4F39E20B6361571BC45DFBEBD3FFDA3D8F148CC6ECB29958F903
                                                      SHA-512:B5945E67D9F73DD1982D687E5C6D9B5D6B3886C8050363A259755C76AC0F93651F3425FA7C21AA6A13977AC1C8C9322F998F131648CB8909096058D4F0D23312
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"file_hashes":[{"block_hashes":["DOZdV3jFvk12AM2JNDYKo3KZrIVRprmJ+sVGWkqqE4Q=","rVElW3Hu3T52SzDDUqGT5YiJTBGUv2h3pNuBKFlhZ1U=","X/3fg4KZxgQ1jBr5QGq0F5JnflgE27UErd88mrxTcxs=","VibLbpy0ig+5INMOU71fTYN76iaka2XVpmm1qAKYsX8=","EChCwCbQHbHQ7oDdGT2qNyiRJ0yck2YC2emNGq4whtE="],"block_size":4096,"path":"_locales/iw/messages.json"},{"block_hashes":["xklkoZ7iSU1+7cd6DAtEmUC5lPFd+EgcbnzxkOiFwlk=","3KbsvoxKY/3AwqgF2aAdVQRpMhsNVRkQ3rx2A6Z2Z+Y=","o9+tsohquaCMj+70zeinRG/hBhA2uLoDl/WoC1uokME=","xV/K8xucyWJELVT8Cqn+ugFjobBVmg8pnmACF+2PP4Y=","p/mvJm2wuCl32Rx3it654MljKAsMe3S9IDEabc1A8mE=","j8mPrTb5oOsBTj2Fer78JE6xG6+kR64Cvu2SW8d3j/k=","nqSRpGQ3USU2bZJsZ+AzBmFOyann8omwJrhEWFZDTXc=","eTcQyJUuNuF9yCga/fXGyFCj/pysSceanhBzksdx23s=","Wj7faqnspelXKMvnduxHn1XUBG8TEOqyns7/oUihekM=","VtBwXoadI3EP336rAiL33Gz19KGqtN+RYdKnMKAXoLw=","iDgLXQqXJp8nCZxgLuC9LXM45DGfufvGnXvmHsn18wc=","g+RfdDfrWTUK0Pkcsbot7NJ4SC9wVRV/dVVMuHAtEj8=","2oC4HcCuXu3VjFf6wnKlznt9uqQNaebcuWpm/mWj69U=","aMUIpuFqPMiieSaWhIktCK62v2P3OZQAWupWsYzCnvk=","L
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:SQLite 3.x database, last written using SQLite version 3032001
                                                      Category:dropped
                                                      Size (bytes):16384
                                                      Entropy (8bit):1.924431053659249
                                                      Encrypted:false
                                                      SSDEEP:48:yBmw6fUzMOx27C4XPSR3DjmXy2rr1CnMhjOO0cXAOfmb:yBChCoCjmXrr1zD0Oc
                                                      MD5:AA703DE194C6F967553C20AA4168FC9A
                                                      SHA1:B2D8CF16B38147178499C274B3987D203E47463E
                                                      SHA-256:8A216DDE8437CB4695146BDCAB3EEBE490AAFE20F6738391E40D22F6F78A874F
                                                      SHA-512:E734823F68C1C39D6176E5D662535CA6835597905A44F181A856C74FF05AA99A3450644BE6CF85FE66A52F4A8FB3B00A6E9A111980626CC0E0F84C1D70045800
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: SQLite format 3......@ ..........................................................................C..........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):16972
                                                      Entropy (8bit):0.7779907602890861
                                                      Encrypted:false
                                                      SSDEEP:24:34KyLiXxh0GY/l1rWR1PmCx9fZjsBX+T6UwO3n:oKdBmw6fUR3n
                                                      MD5:B9E908E905341AE27F0D74E4BEB72BE7
                                                      SHA1:BA815C40C0A25FE27D52B673D4C89EADD5DE874C
                                                      SHA-256:2EAE393266D1E5385FE1C5B2EAD15CA4014644B07F2C433749C3584E11817AD7
                                                      SHA-512:C4B9E8CF8CFF71F1FD104814402B640376B5C365C2CE3A3573993F14EF8D3A70799A6AD680D60D6E963867877230F831EDF1B2B10B3D0972A836AD74EC753DFA
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: ...............|........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):19
                                                      Entropy (8bit):1.8784775129881184
                                                      Encrypted:false
                                                      SSDEEP:3:FQxlX:qT
                                                      MD5:0407B455F23E3655661BA46A574CFCA4
                                                      SHA1:855CB7CC8EAC30458B4207614D046CB09EE3A591
                                                      SHA-256:AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
                                                      SHA-512:3020F7C87DC5201589FA43E03B1591ED8BEB64523B37EB3736557F3AB7D654980FB42284115A69D91DE44204CEFAB751B60466C0EF677608467DE43D41BFB939
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: .f.5...............
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):378
                                                      Entropy (8bit):5.224758081432155
                                                      Encrypted:false
                                                      SSDEEP:6:msTeWJIq2PN723iKKdK25+Xqx8chI+IFUtpdTtjZZmwPdTCkwON723iKKdK25+Xc:tFavVa5KkTXfchI3FUtpdx9/Pd25Oa5G
                                                      MD5:AADEEFFD24BDDE16231B99E85BFC415C
                                                      SHA1:5E9844B7F0E6ACF2F5F76462E6313252D5C8972D
                                                      SHA-256:6D0552253E8A39B9F5CDA0FC20FD1A74E37778452DE6104199ACCF0F749F47EE
                                                      SHA-512:0D4F526433A526560EF19822DF9133CE6CE2D0065862A461BA1A65F1C3BB6A09714DE981F5938B4EAF42FBAFE20B0481CAF329572837562099A2979ED0923027
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:52:08.405 1384 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2021/05/04-16:52:08.407 1384 Recovering log #3.2021/05/04-16:52:08.408 1384 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):364
                                                      Entropy (8bit):5.1862767810308865
                                                      Encrypted:false
                                                      SSDEEP:6:msTlMOIq2PN723iKKdK25+XuoIFUtpdTliZZmwPdTlLdPkwON723iKKdK25+Xuxo:tSOIvVa5KkTXYFUtpdU/Pdb5Oa5KkTXp
                                                      MD5:5F9916E4E88BB462E0A3A0B8DD78D1F2
                                                      SHA1:8525D105674E140C8BB562F22843F1E350153B3E
                                                      SHA-256:4BB4E946378A2DE460D82620C5BA88C920BB320269141DAB692933B14165C6BD
                                                      SHA-512:72980F8A7EF5315229A237779CF4ED65CEB1D7480DA0D18B5493E4FDF7D40F324CDE05289121A8BDC345B3B0F15B80F1C0309E42DA68DB3D355978E7E2ABD2DE
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:52:08.382 1384 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2021/05/04-16:52:08.385 1384 Recovering log #3.2021/05/04-16:52:08.386 1384 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):336
                                                      Entropy (8bit):5.229862913149312
                                                      Encrypted:false
                                                      SSDEEP:6:msTl+q2PN723iKKdKWT5g1IdqIFUtpdTl7a9ZmwPdTl7aPkwON723iKKdKWT5g1L:tUvVa5Kkg5gSRFUtpd1a9/Pd1aP5Oa5N
                                                      MD5:D54E8D7A4648761CD5025B1C40A21021
                                                      SHA1:2858D3211C57B3502E37EBA9D7736D479DDA25E1
                                                      SHA-256:98749B713D059F06C9D5BFCBD5EE09AB002263101F893CF0BC12981A2A9BFF26
                                                      SHA-512:1996E7841080BF9926E6BD81F192F5BBBD6E119BF7CB72256423AC9FC57E7934EAECB865DFFF7A3C325433D7FF984EF3C23E339BBAEEEBCE31D64B455DAA8253
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:52:08.359 1384 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2021/05/04-16:52:08.363 1384 Recovering log #3.2021/05/04-16:52:08.363 1384 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:SQLite 3.x database, last written using SQLite version 3032001
                                                      Category:dropped
                                                      Size (bytes):32768
                                                      Entropy (8bit):0.09773983748395396
                                                      Encrypted:false
                                                      SSDEEP:6:l9bNFlqQCNa/lvAZy6fSa48O1BcTvFRolkqoOo/lCxthieIGCxC+/erKcH+5g9aO:TL+A/+y6fSanO1Bc9NuQTGI/yz9anOn
                                                      MD5:AEBDF7D7D82A21AC88945A3FD96DE240
                                                      SHA1:597B7792B1236F59C3E5AE4BAFF12A0C2FB0C8AD
                                                      SHA-256:C21403F953C4891E45303C0B7CC349E6BCD91154F30809C997518D4E844F679D
                                                      SHA-512:7A4C94717D3ACA680B0CE365F0DE84DDEC072A0D7216308D81F8B1071EF1AB2BFF2F2F9A0466687DDE0CC89BC54CDFE23AAD41E7F37D970BF7CEB3BD5217F2F4
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):500
                                                      Entropy (8bit):5.092807009784912
                                                      Encrypted:false
                                                      SSDEEP:12:oq3SKGCGCgk/SjINUQbN+tejJGC3nury5Bk778B/xgskJ+5danO9Sl:oq3S5BCh3B+tesMGy/Y78BJgskqdaO9W
                                                      MD5:5147D69FA5E2284089E17573EC070B5B
                                                      SHA1:EC028BF73011A7BE45DD983494BDF43AC788F8AE
                                                      SHA-256:44C9ADFE803E07EA72A8A0828A990DA2458FF4E0C79FF1A9F67F4292A9A38E84
                                                      SHA-512:273DB19F7E7A502135ED82C73767E2D8FEA4D3906FB168C0651723211BC243CC3F32830329CA2E1587A0B011FA9064D97022DE491DA405067BB028B3314B334A
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: ..........."3....bronzed..glitch..https..me..onedrive..pet..same*O......bronzed......glitch......https......me......onedrive......pet......same..2.........a........b........c........d.........e............g........h.........i.........l........m.........n.........o.........p.........r.........s.........t..........v........z...:A.................................................................BS...O...... .......*#https://same-bronzed-pet.glitch.me/2.Onedrive:...............J.............. ...
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):33356
                                                      Entropy (8bit):0.04747596494984347
                                                      Encrypted:false
                                                      SSDEEP:3:u03llu/fllOElNllOhfllO/lNllOIFllOVfllOWFllOCMRgSWbNFl/l/4ltNll/z:u0vEGheuI4grpg9bNFlWCj/lwj/l3n
                                                      MD5:88C6B81FCDF383EBEA4F32885E24C8E7
                                                      SHA1:1D1304E5A3FE7D54F7029582760B6B0C5ED4C496
                                                      SHA-256:D653B6552656221B93CCC087F4355B36C7339C8846FB9D888B1A2315B5C3410A
                                                      SHA-512:30A31C51404C75AA2482A60A260BFCE6AE8A3378E44B49269B5C524E6D52A39687BB1C55300FAF7A1CB7E7646B08E3CD9877F7B481546699181812A262F4CFB5
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: ............R.e.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):2955
                                                      Entropy (8bit):5.480467439523753
                                                      Encrypted:false
                                                      SSDEEP:48:ATNGTba78MS8db5p5ubQSefgGpNrS0U9RdiN96:Aaa78MRdb5p5ubQ5fgGjrS0U
                                                      MD5:719C0ADD56317991F7FC2C36C965C1A7
                                                      SHA1:3772896F4FC1506E7A2EB651AA2F692F6F4E8A7B
                                                      SHA-256:AB24A6545F8CEA6F2820D0B472475D02B4F539DD3F50676A003B44D48F09284A
                                                      SHA-512:C371EC152FBAA98DA55756F02340694594E789148D595C5C93B55E543FFEB284D899B8090DEC51B46EC1C4E90D39530CA7CEAF081F42DB22378A9FA60BEA811A
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: !2.^...*............8META:chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm...........Y_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.HangoutSinkDiscoveryService;.{"cache":{"sinks":{},"g":{},"h":null},"manualHangouts":{}}.a_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.IdGenerator.cast.RequestIdGenerator..193977000.H_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.LogManager...["[2021-05-04 16:52:10.88][INFO][mr.Init] MR instance ID: 0b877afe-5786-46e3-95c0-90d4de519cf5\n","[2021-05-04 16:52:10.88][INFO][mr.Init] Native Cast MRP is disabled.\n","[2021-05-04 16:52:10.88][INFO][mr.Init] Native Mirroring Service is enabled.\n","[2021-05-04 16:52:10.88][INFO][mr.PersistentDataManager] removeTemporary_: 163 chars used\n","[2021-05-04 16:52:10.88][INFO][mr.PersistentDataManager] initialize: 163 chars used, 67 other chars\n","[2021-05-04 16:52:10.89][INFO][mr.CastProvider] Query enabled: true\n","[2021-05-04 16:52:10.89][INFO][mr.CloudProvider]
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):338
                                                      Entropy (8bit):5.145539771155459
                                                      Encrypted:false
                                                      SSDEEP:6:msTwhum+q2PN723iKKdK8a2jMGIFUtpdTwjX5ZmwPdTwqVkwON723iKKdK8a2jM4:tBnvVa5Kk8EFUtpdSX5/Pdj5Oa5Kk8bJ
                                                      MD5:EAA5F701DC7F9CF6EA1AB6A7863BB91A
                                                      SHA1:79671F93978AFE9A25035F766D207F7FE0F49691
                                                      SHA-256:C74147EB2403DE9F5AA5794FA2BADA04A64D4FBFC5047DD339A2F784C4728390
                                                      SHA-512:B18CE34DF0FE86B2E72C661B51AE5666340C9F65AF05606DDC6E4836A9E7E078FE73EB8EBAF47C0DA712F1F82150E95C5EC5E430F194A255B39FDBDFCA41C927
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:51:50.084 1098 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/05/04-16:51:50.086 1098 Recovering log #3.2021/05/04-16:51:50.090 1098 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):340
                                                      Entropy (8bit):5.133500477676035
                                                      Encrypted:false
                                                      SSDEEP:6:msTwUp9+q2PN723iKKdKgXz4rRIFUtpdTw1E2WZmwPdTwE9VkwON723iKKdKgXzW:tNp9+vVa5KkgXiuFUtpdxJ/Pd/9V5OaR
                                                      MD5:2574CDCCC81FB02B4E1389445A3F7016
                                                      SHA1:B195966604CC1B11ADB0938BE6F127221B1C82B7
                                                      SHA-256:8D35CF65FC05CE2A5ED63AA1B37EAFC9CB14F452449325058D7C0E63CE2FF8F9
                                                      SHA-512:B9369A91228BF8EEFAFEB716ECAE0EF965CC8F9FB4EDF73530891C2A04C99D3F6AEA8E8D9D65B6A4AAF60A2BFA58526C485AF0F6C334868464F848368EE0A1CC
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:51:50.404 150c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/05/04-16:51:50.406 150c Recovering log #3.2021/05/04-16:51:50.408 150c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:SQLite 3.x database, last written using SQLite version 3032001
                                                      Category:modified
                                                      Size (bytes):28672
                                                      Entropy (8bit):1.0792347519225705
                                                      Encrypted:false
                                                      SSDEEP:48:TUIopK2rJNVr1GJmm8pF82phrJNVrdHX/cjrJN2yJ1n4n1GmhGUdd7KvZUMX28CT:wIElwQF8mpcSmgKBiKECU
                                                      MD5:55824249BCD7FC13D2250AC45C619A3B
                                                      SHA1:CB9F6B5CBED2F67B5009E70AF060690617105CF8
                                                      SHA-256:8DF4112866F2E53747447C202D4EEEF44D7976CD56AC826E2413C12550110612
                                                      SHA-512:8755497E138058A515204531CB1A534D82D336CAE58B10FE2AB531091342584B2B86F8115807E2E2ADC445EDF5A68FA4F56EB29AC8D1534EE40D1A52C85A541D
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: SQLite format 3......@ ..........................................................................C..........g...^.........j............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):29252
                                                      Entropy (8bit):0.6282937439077959
                                                      Encrypted:false
                                                      SSDEEP:48:zoqkIopK2rJNVr1GJmm8pF82phrJNVrdHX/cjrJN2yJ1n4n1GmhGUh4:zohIElwQF8mpcSC
                                                      MD5:CDBE7A604B23B1D749FDADC6CD099752
                                                      SHA1:42E4E9882D44C34161B59036452AA756FDC377D4
                                                      SHA-256:A965874A753584E6CEF711182F21A798BB9D42F9AE5CEE6E02F3E3C00EC9FB94
                                                      SHA-512:256C24A8E3923C8E57409CB289790B2FD3111EF8F626EAB649A5AEDBD2F577CD60778F660BC8982D126F0C095EBB17C8BA1BD3EFCED38AC0AE0ADD84C6C2CC9B
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: .............S=%........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):114
                                                      Entropy (8bit):1.9837406708828553
                                                      Encrypted:false
                                                      SSDEEP:3:5ljljljljljl:5ljljljljljl
                                                      MD5:1B4FA89099996CE3C9E5A0A9768230E8
                                                      SHA1:9026E1E0906E3B3FE0E414EE814CC5A042807A04
                                                      SHA-256:537818AAFD0902A8B2D58B483674391E33E762B5E1E8CD226D873098CCE9C8F9
                                                      SHA-512:4279C9380ACC5AB329EC6BCDA10CCF0A7437CEF63845B63E741CE517042CFE83340D2D362DD6B9E039BF55E61F484CCF72B8FD8477D1D0292E0B879CB949461B
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: ..&f.................&f.................&f.................&f.................&f.................&f...............
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):323
                                                      Entropy (8bit):5.135716740590584
                                                      Encrypted:false
                                                      SSDEEP:6:msTwA3+q2PN723iKKdKrQMxIFUtpdTwF5ZmwPdTwAVkwON723iKKdKrQMFLJ:tNOvVa5KkCFUtpdS/Pdn5Oa5KktJ
                                                      MD5:307436449E29C3D0330BFCF818B25A3E
                                                      SHA1:94E63E2AC5BA596032389C4260E307A8A1160D8C
                                                      SHA-256:B7C77EC8347E7479FFF719FC34CFD2B7E682DB988CF8161E6FCB51EDDD2351A2
                                                      SHA-512:C6DE4370001783E5C3C8F5FFE1DDFD93A9518FE9AB4B1FE0E18621382EB4E28E59BDEF147FDE7614573FD5E64387560ED5E90EB113DFB4EDA1F2110D016EC306
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:51:50.252 fd8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/05/04-16:51:50.255 fd8 Recovering log #3.2021/05/04-16:51:50.256 fd8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):354
                                                      Entropy (8bit):5.18887012250715
                                                      Encrypted:false
                                                      SSDEEP:6:msTIsVSVq2PN723iKKdK7Uh2ghZIFUtpdTvugZmwPdTd+IkwON723iKKdK7Uh2gd:tUsYVvVa5KkIhHh2FUtpdCg/Pd5+I5Ox
                                                      MD5:619E66C8D39530C849DA5E33E28764D4
                                                      SHA1:6ABE4F9FA4DC3587C8A03F3818EDB231D77C5FF8
                                                      SHA-256:7F1B92BF40B17D24ADD45A0B0A95A3D49A2F411CB58AABB7DFEC0B20F5B1142B
                                                      SHA-512:099B066CAA1D96F485C7975CD6670F17152D2932157789B99701A6B0BF16C2CF22BC8D74421C0F5BD6FB1079AAC5097AAD0C09A779237D7B78A300C590AFC3F4
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:51:49.976 12d0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/05/04-16:51:49.981 12d0 Recovering log #3.2021/05/04-16:51:49.983 12d0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\58bd681f-569c-4170-93bb-f1ca17d2e3f2.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):325
                                                      Entropy (8bit):4.95629898779197
                                                      Encrypted:false
                                                      SSDEEP:6:YHpoNXR8+eq7JdV5kjxZsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdSZsBdLJlyH7E4f3K33y
                                                      MD5:D5BB2F0F1694209F0C6AE5BA44DAC338
                                                      SHA1:41B2CDE10C8937FC9607E608AF65EDF709033350
                                                      SHA-256:20FC2ED4DA8AC625B83B6B84C1B88B534BC35B18DC8BD7521C66FFDABAB53738
                                                      SHA-512:A713918E0F88AE62AFAC2A6202107CF547B962900BCB779C7C5C2C8A228C140AAC5191A50BDAF5718EAAE91446DB21648CF2A7B967B9029AF16F13E923FD6EE2
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248544897343531","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):296
                                                      Entropy (8bit):0.19535324365485862
                                                      Encrypted:false
                                                      SSDEEP:3:8E:8
                                                      MD5:C4DF0FB10C4332150B2C336396CE1B66
                                                      SHA1:780A76E101DE3DE2E68D23E64AB1A44D47A73207
                                                      SHA-256:18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
                                                      SHA-512:51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: .'..(...................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):436
                                                      Entropy (8bit):5.2416958840531045
                                                      Encrypted:false
                                                      SSDEEP:6:msTwmt+q2PN723iKKdKusNpV/2jMGIFUtpdTwkZmwPdTwEVkwON723iKKdKusNp+:t3ovVa5KkFFUtpdz/Pdp5Oa5KkOJ
                                                      MD5:5D8BC91824A9528756171463354D2E43
                                                      SHA1:3CC6FD5D250A5A46A3FBBD259B269434DA6F16B6
                                                      SHA-256:7732FCC56A34F48E9A7FFDCA92A0F3E7B1C773B5298CD174CB03374811F7A22E
                                                      SHA-512:180AF7E5E5E85CDA4B80AECC0CF3B4F8B2C521799EE657C913C98E139913E04A8A226EC3EE55A460121FC30E2A1571EF515F48D3486DC69686F2A02AC4D9D96F
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:51:50.310 1598 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/05/04-16:51:50.312 1598 Recovering log #3.2021/05/04-16:51:50.312 1598 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):438
                                                      Entropy (8bit):5.2556548140589365
                                                      Encrypted:false
                                                      SSDEEP:6:msTwV+q2PN723iKKdKusNpqz4rRIFUtpdTwwU6XZmwPdTwmVkwON723iKKdKusN9:tvvVa5KkmiuFUtpdrX/Pd35Oa5Kkm2J
                                                      MD5:1859C3AEC2D7563532867E326650D60D
                                                      SHA1:8E521BB6EC32B86A2114DAFA8A84F6DC309FEF21
                                                      SHA-256:10A3DCCA231EF55B4132171B5A6E26D3DF49583813364B028BA86CEE0E2CD2A9
                                                      SHA-512:215D04F8488FB5877A0BFDF4681BE676291FF4C4E629EB8F6E4AD7B91031AE1AA708FBEA8EFDA7B37AAC318414BF27DDA4C8BAC11E21119FB6B215857368A9D5
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:51:50.406 1098 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/05/04-16:51:50.409 1098 Recovering log #3.2021/05/04-16:51:50.410 1098 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):19
                                                      Entropy (8bit):1.9837406708828553
                                                      Encrypted:false
                                                      SSDEEP:3:5l:5l
                                                      MD5:E556F26DF3E95C19DBAECA8F5DF0C341
                                                      SHA1:247A89F0557FC3666B5173833DB198B188F3AA2E
                                                      SHA-256:B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
                                                      SHA-512:055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: ..&f...............
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):424
                                                      Entropy (8bit):5.280647094750032
                                                      Encrypted:false
                                                      SSDEEP:12:tMFbvVa5KkMFUtpds5/PdIFKz5Oa5KkTJ:tCVa5KkUgTs/IF8Oa5Kkl
                                                      MD5:BD250C6EB9D300AD53D08318C5C1D5E5
                                                      SHA1:C30A6E9C7ED1E2944361372A79A4D5D3E7A47320
                                                      SHA-256:58A820CD4F5DB7748BDC5D5E2FC10402ECAAE6EF9D228E6BF17ADE0FD408278D
                                                      SHA-512:7954045DEFE1E688470A8316DE34DE874BA698DA4ECA04A3D1506B367FD9F51AEF023B2890DB832F295836C8D0AF37DE31D5B125737BDE9D797B7CE2A5ED474C
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:52:07.430 1598 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/MANIFEST-000001.2021/05/04-16:52:07.433 1598 Recovering log #3.2021/05/04-16:52:07.434 1598 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\8083f027-475a-4ebd-a106-2bbd41dd91e4.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):325
                                                      Entropy (8bit):4.958114650763609
                                                      Encrypted:false
                                                      SSDEEP:6:YHpoNXR8+eq7JdV59YIEsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdXXEsBdLJlyH7E4f3K33y
                                                      MD5:F08847672DDD58749FE32FEFD1DBBAE9
                                                      SHA1:C4C1750B297311628D53B0D3DD473F3EDD6019E9
                                                      SHA-256:4165A9C7A2CA81E34A969C02FC75FFA899F49A5B04899EBA10E341C44839CC90
                                                      SHA-512:541C4ADF3A92398F61F1E90C9995FD9CCB668FF51F578968C6CCD73AB81AB24668D969A9F98A1B529F631022EF4A3D224D76B4EDCB656ADADB27A7E4065395A0
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248544901990438","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):296
                                                      Entropy (8bit):0.19535324365485862
                                                      Encrypted:false
                                                      SSDEEP:3:8E:8
                                                      MD5:C4DF0FB10C4332150B2C336396CE1B66
                                                      SHA1:780A76E101DE3DE2E68D23E64AB1A44D47A73207
                                                      SHA-256:18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
                                                      SHA-512:51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: .'..(...................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):433
                                                      Entropy (8bit):5.197807327155552
                                                      Encrypted:false
                                                      SSDEEP:12:tzhIvVa5KkkGHArBFUtpdzhd5/PdzU5Oa5KkkGHAryJ:t0Va5KkkGgPgTtd/qOa5KkkGga
                                                      MD5:C956F39F5322AF49B8527052588281E9
                                                      SHA1:7BA482F3F5682BC367653A40B164B354DB5E79B1
                                                      SHA-256:EDBEEE95022AB5ABECE36FD64A1A5028D8FD42573A5ED200C6CF305733F878FB
                                                      SHA-512:27949B474C3B653B55B6B0EBE080EAF9B9974C3134C3A315AA7F2755103EA07428731A1BE546F9A308A88689FF36E6D32F9E326DE1317BD8EF409CD473B160C5
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:52:08.959 fd8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/MANIFEST-000001.2021/05/04-16:52:08.962 fd8 Recovering log #3.2021/05/04-16:52:08.963 fd8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):438
                                                      Entropy (8bit):5.218160193099422
                                                      Encrypted:false
                                                      SSDEEP:12:tznvVa5KkkGHArqiuFUtpdzByX/Pdze5Oa5KkkGHArq2J:tLVa5KkkGgCgTc98Oa5KkkGg7
                                                      MD5:1CECF178FDDAD80C709AF83FB1EBE1B2
                                                      SHA1:3A5C5A9518BADAD8D92034A323BFEE43B0B160E8
                                                      SHA-256:21671715A4C440FB58D4D9CBB114FA30D86934B38B07E5390CE682B4260A2077
                                                      SHA-512:D18FE85789BA74FDE7A901676B3AF06B6DF2A994A41759EBD0906E57887E23E1DCBB4CFF5A1700C5E191D1E539E3487BBA315B1EA07B155F24735E1BDEC69429
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:52:08.967 1450 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/MANIFEST-000001.2021/05/04-16:52:08.969 1450 Recovering log #3.2021/05/04-16:52:08.970 1450 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):19
                                                      Entropy (8bit):1.9837406708828553
                                                      Encrypted:false
                                                      SSDEEP:3:5l:5l
                                                      MD5:E556F26DF3E95C19DBAECA8F5DF0C341
                                                      SHA1:247A89F0557FC3666B5173833DB198B188F3AA2E
                                                      SHA-256:B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
                                                      SHA-512:055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: ..&f...............
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):421
                                                      Entropy (8bit):5.191108859029539
                                                      Encrypted:false
                                                      SSDEEP:12:tQvvVa5KkkGHArAFUtpdQxZ/PdQCt5Oa5KkkGHArfJ:tcVa5KkkGgkgTaR/Oa5KkkGgV
                                                      MD5:A83127C473A89A545829E867436BBCF8
                                                      SHA1:487AE40D34CBC8ABA092224F9102401F765E753D
                                                      SHA-256:CD8CC25997B0FAE04CD211C68DA87FB962D5086E9F364A8A55C30E8063C5F9DE
                                                      SHA-512:2059CE3A11D41AEE5640615D0741D978A28AA51055AC71607FF772951BC548491873D4636BE4EDAA3DA1BFE913DDE7A56CDCA1BF90F8A9F9480125283F272ABC
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:52:24.386 fd8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/MANIFEST-000001.2021/05/04-16:52:24.387 fd8 Recovering log #3.2021/05/04-16:52:24.388 fd8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):38
                                                      Entropy (8bit):1.9837406708828553
                                                      Encrypted:false
                                                      SSDEEP:3:sgGg:st
                                                      MD5:45A8ECA4E5C4A6B1395080C1B728B6C9
                                                      SHA1:8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E
                                                      SHA-256:DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
                                                      SHA-512:8EE91A3A1E77459273553F6A776C423A8EE95DB9DCFA897771814B7AD13FD84F06BB2B859F22B6DDA384B39EAA91F1819F170BABED6DA16BDBCF5BCB06CF2124
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: ..F..................F................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):330
                                                      Entropy (8bit):5.228183941217177
                                                      Encrypted:false
                                                      SSDEEP:6:msTNTQ+q2PN723iKKdKpIFUtpdTbTgZmwPdT6KQQVkwON723iKKdKa/WLJ:tBRvVa5KkmFUtpdM/PdrT5Oa5KkaUJ
                                                      MD5:121C76E597E217B50C5B170403982F6A
                                                      SHA1:86D37692D81345AFBFFACC7705CBE75896351C22
                                                      SHA-256:6B858F5B5F928B29C3D2A503A7FE8DE2464D122385B897A88A580AA7E077CB55
                                                      SHA-512:9E95B99B17415CEB6B5BBEFE51F1640C074C72E484CB66340758CB33874FE1C731410AD4E585FF7953056C3B7C4D20B4EDDE241426F9113B1E2B12A82920C01F
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:51:49.993 1408 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/05/04-16:51:49.995 1408 Recovering log #3.2021/05/04-16:51:49.996 1408 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):408
                                                      Entropy (8bit):5.320284782540536
                                                      Encrypted:false
                                                      SSDEEP:12:tbhavVa5KkkOrsFUtpdbL/PdbB5Oa5KkkOrzJ:tSVa5Kk+gTlvOa5Kkn
                                                      MD5:3A9FA6F8DB353938DF7B1CCB44D2E4C6
                                                      SHA1:32182098CB44D78E10BB7183E767BCC698CF6E5A
                                                      SHA-256:1D096A7FA2FCAABF4AB5D69D4443EC3B238FC2BBF754805ACF20564647A0387E
                                                      SHA-512:CA63DC51437D3850320E39DFEC78C3EDE024E3DF31BF562BB788DBE707591FA21B57AB6D8DC6B22E57A1FCEACAE816173F86244126F77C623E14291D54A78BDB
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:52:10.867 1598 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/MANIFEST-000001.2021/05/04-16:52:10.869 1598 Recovering log #3.2021/05/04-16:52:10.869 1598 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):12
                                                      Entropy (8bit):3.188721875540867
                                                      Encrypted:false
                                                      SSDEEP:3:qdv:K
                                                      MD5:E79B0C8CF2AEA71E5E23EFF60331B393
                                                      SHA1:5346A2B68E29660A41408217732CABAB090FA0C1
                                                      SHA-256:A5CE775AE05DF989D13142E188EA4B7F779B4BF37F421A098CDA7A7DA004F46C
                                                      SHA-512:49CAF9DEA3C2946B96FBA2E03A5C6928CFD84DB5B4F4E5E2AF9374DDFCA1A72C82E0FF5DA9C21E6A16733DD5DC4B54B880587DA6E09527700E842A0281BF6509
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: .....z.;.._.
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\2a490643-2e6a-4f56-87a2-66dff58116ae.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
                                                      Category:dropped
                                                      Size (bytes):175509
                                                      Entropy (8bit):5.489440694064333
                                                      Encrypted:false
                                                      SSDEEP:1536:rKbsLAR2A4VBQV1111111111111Nr366R6faFR+up0y0y2im1OsFcgYzQNL9X:rKbsLAR2fe/FZntrslfX
                                                      MD5:33EABC19FDF40F3D36B6870EF5861957
                                                      SHA1:CF3EF59C3940B58C314E9F6A1616751553F2D9A2
                                                      SHA-256:647D07F37554672865902B2CEE80864B5A5283C372C7263BB1497D5582054E57
                                                      SHA-512:47CFEDB1FDBC9BC09905C70F69A5114C64A8FC791BCA480D24972275276F00CEB230C579B4217337F9C69ECB2AB3221A3B549F06E8074D76BCE2F31773FB69F5
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: ............ .H............. ............... .p............. .h...n......... ............... ......... .... .....n...((.... .h.......00.... ..%..~H..@@.... .(B..&n..``.... .....N......... .(....D........ .w`...M..(............. ..............................+.O-8&]P>/^Q?-^&:?I.1;<....qye.f.%.......X...E.....I...k}....{.m.t.CP..........E...\...............=H..,A..,J..;P......................................................................................nnp}nnp}........~~~........!...!---2---2... ........................................(............. ................................!...7.#.:3,";3,!<.&'/............NPLYt.F.K.%.....L..C.....1...`...KOPVutz}..A.BxX.......P...Q.....1...x...tqpyxuux...0D..DP..........G...........uojuppnw....t|..9F..-=..+:..5:..rr......llkrkkmw................................ggitllkv................................hhgssss~............YY\eYY[e............nnnzXXXa.............................RRR\..........................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\Chrome Web Store Payments.ico.md5
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):16
                                                      Entropy (8bit):4.0
                                                      Encrypted:false
                                                      SSDEEP:3:SeFcn:Sec
                                                      MD5:61B979ECA159ECAC9C7F8F1D6FD43E9D
                                                      SHA1:0373696351FC2172E811DA8393DEC84036FA34A0
                                                      SHA-256:AB05E0A6FF7E8FFF89F924B279D93AFC72ACCE817C4D250C60BB8059CC534303
                                                      SHA-512:C95825DA33CBDDFA627D9FF9A5B8371BC5F4E643A09573B6E1E839A83B619F53D878C344030B9701DCBC24D4CECCC016CF4D298D10EE8C37D1B5FEC1A51682B6
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: F......r...(R..
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a35d7a52-9adb-47d5-8c38-e00ac1829e03.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):24055
                                                      Entropy (8bit):5.53392414484714
                                                      Encrypted:false
                                                      SSDEEP:384:1DctNLl6yXj1kXqKf/pUZNCgVLH2HfDnrUXHGSHGVnT8W2i46:aLl/j1kXqKf/pUZNCgVLH2Hf7rU3GSGr
                                                      MD5:381E78C7BCB669747D6DDA06CCD3BD02
                                                      SHA1:FA3FC2C15F38D8B476486778F2091D2F5F1F814F
                                                      SHA-256:B528F40F4FF037886699A6051FC42306F06C8792DDE13872EA7416CCB9A4DAAC
                                                      SHA-512:2F7CD8C9510E9A0081E73BD94BECC61CC237668C5EBB93003240686B8207796DD0282000C73CF799FA03D990606FDE21885832CA1598B7FC2D4A3C44D711E30C
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13264645909991983","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b0f2ef65-e628-40b2-a44c-6806d0e2c035.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):16745
                                                      Entropy (8bit):5.57731015635113
                                                      Encrypted:false
                                                      SSDEEP:384:1DctALl6yXj1kXqKf/pUZNCgVLH2HfDnrUKWwi4N:BLl/j1kXqKf/pUZNCgVLH2Hf7rUKpiy
                                                      MD5:4E8DDFB8EB01A60AFC40943822C4F4ED
                                                      SHA1:717A450B5255E06CF9C29BA83E504849E6AFD7EE
                                                      SHA-256:E436E25C87DED02CF104F720E0E276B82C1FF9616FC25EF32B77945319DB16E6
                                                      SHA-512:E0D5B608CE8099FD2872AC01B77390F82349B09E8A4721A224D3CF6DF5BA591EADCF2746384F22915B7F53D60F5AF07A898BCBEDD8FD642683BB71B13D11FA67
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13264645909991983","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):16
                                                      Entropy (8bit):3.2743974703476995
                                                      Encrypted:false
                                                      SSDEEP:3:1sjgWIV//Rv:1qIFJ
                                                      MD5:6752A1D65B201C13B62EA44016EB221F
                                                      SHA1:58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B
                                                      SHA-256:0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
                                                      SHA-512:9CFD838D3FB570B44FC3461623AB2296123404C6C8F576B0DE0AABD9A6020840D4C9125EB679ED384170DBCAAC2FA30DC7FA9EE5B77D6DF7C344A0AA030E0389
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: MANIFEST-000004.
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):139
                                                      Entropy (8bit):4.528405868783512
                                                      Encrypted:false
                                                      SSDEEP:3:tUKDRIUTnl0WZmwv39RIUTn2OAR1V8s9RIUTn2OAR1WGv:msTn1ZmwPdTnZA7VvdTnZA7tv
                                                      MD5:53C269988489938AFC1643098553BB06
                                                      SHA1:16B229F6F79964603749360E534EB83B7F51FEE6
                                                      SHA-256:80CBD296392B4D2F303945B23D41D4E1EF3CD8D85534A0EB54665462BE0F0C35
                                                      SHA-512:55DD639BB9C1D396FA253DC32DE59E4B99330AAE2A083945A2D63C9670F04C7DC25AC84AEA66BD0F573B5F5BF260304F70C26D919526F471EBD37AA558E0DE33
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:52:08.136 1b40 Recovering log #3.2021/05/04-16:52:08.191 1b40 Delete type=0 #3.2021/05/04-16:52:08.191 1b40 Delete type=3 #2.
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:MPEG-4 LOAS
                                                      Category:dropped
                                                      Size (bytes):50
                                                      Entropy (8bit):5.028758439731456
                                                      Encrypted:false
                                                      SSDEEP:3:Ukk/vxQRDKIVmt+8jzn:oO7t8n
                                                      MD5:031D6D1E28FE41A9BDCBD8A21DA92DF1
                                                      SHA1:38CEE81CB035A60A23D6E045E5D72116F2A58683
                                                      SHA-256:B51BC53F3C43A5B800A723623C4E56A836367D6E2787C57D71184DF5D24151DA
                                                      SHA-512:E994CD3A8EE3E3CF6304C33DF5B7D6CC8207E0C08D568925AFA9D46D42F6F1A5BDD7261F0FD1FCDF4DF1A173EF4E159EE1DE8125E54EFEE488A1220CE85AF904
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: V........leveldb.BytewiseComparator...#...........
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e19d0b4b-2f54-440b-9a02-77232fdf266c.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):2825
                                                      Entropy (8bit):4.86435102445835
                                                      Encrypted:false
                                                      SSDEEP:48:YALtdpBeMsNMHK5sJDysACs37sHWsd5/sSYMHCKs/MHCzsSOMHwsSJtFsX3RLs9D:HQxGKWDS1i/5vYGmGqOGKJ03QshS
                                                      MD5:95488A82D5073BDAAFC1480073FF801F
                                                      SHA1:E2E979B6D4A3EE16A815115C414D0A98E1DFA93F
                                                      SHA-256:C091AE68AFCD5EC632B2C324B983D70F722463CB4D05A3CE8D52E07AA7E5A5D6
                                                      SHA-512:D536466352320C5D394130A59B605617580050CDF325C4B3392D87D384C246E9D8C54FC16A247FF4B379F162536304E0D312D7781FFE245C643C5081B8BE08CD
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"net":{"http_server_properties":{"broken_alternative_services":[{"broken_count":1,"host":"accounts.google.com","isolation":[],"port":443,"protocol_str":"quic"},{"broken_count":1,"host":"www.google.com","isolation":[],"port":443,"protocol_str":"quic"}],"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248544952675493","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":32613},"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248544952813644","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248544952748754","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248544952634896","port":443,"protocol_str":"quic"}],"isolation":[],"server"
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f7861a8d-7af7-4e5e-8348-dd51cfbf7079.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):5698
                                                      Entropy (8bit):5.170659866609779
                                                      Encrypted:false
                                                      SSDEEP:96:nxfVdjGOfBjsaAVOrxk0JCKL8JLko1fezbOTQVuwn:nVVffds9EN4KqkoBeH
                                                      MD5:F80BF07919F42F08D4A6048CCDE79505
                                                      SHA1:2F13CAEDA9A353F887E66F77C9A9AE14FB136AD7
                                                      SHA-256:513256013111F528889360CADB90AA80D2D0C45837774D60064CC7CD4B7C5BC1
                                                      SHA-512:25EFC97D077E2EDFDA3DD47108118806E1C5614EA00D3A75382F7044E0D20C57CC48066B6A4E19620D7D8710CAA41C40F124A7FA0F668DC5CB275C066335D287
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13264645910345689","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245952891998324","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","1501624"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):344
                                                      Entropy (8bit):5.206039874112686
                                                      Encrypted:false
                                                      SSDEEP:6:msTjiFA9+q2PN723iKKdKfrzAdIFUtpdTjsFJ+2WZmwPdTjSN9VkwON723iKKdKS:t/l9+vVa5Kk9FUtpd/sFJ+J/Pd/SN9V8
                                                      MD5:6DEC52E53C79CE809F595D28B9793750
                                                      SHA1:354E7FEA499AD90BFAE6F70E6F5020A0385D9485
                                                      SHA-256:9156043BA714BD10AF309ADCBE8972CFC5C37B3FA4BEBADA5EBE3D798821E95E
                                                      SHA-512:5E07D74061665416DF1DE220BE319BA1171E9978C972CC151CED5110770908570C44DCE6E3DC30C5DDD2F9936B57AD63BACED0B70B340995835F3005200B7E24
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 2021/05/04-16:52:08.596 150c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2021/05/04-16:52:08.598 150c Recovering log #3.2021/05/04-16:52:08.599 150c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):106
                                                      Entropy (8bit):3.138546519832722
                                                      Encrypted:false
                                                      SSDEEP:3:tbloIlrJ5ldQxl7aXVdJiG6R0RlAl:tbdlrnQxZaHIGi0R6l
                                                      MD5:DE9EF0C5BCC012A3A1131988DEE272D8
                                                      SHA1:FA9CCBDC969AC9E1474FCE773234B28D50951CD8
                                                      SHA-256:3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
                                                      SHA-512:CEA946EBEADFE6BE65E33EDFF6C68953A84EC2E2410884E12F406CAC1E6C8A0793180433A7EF7CE097B24EA78A1FDBB4E3B3D9CDF1A827AB6FF5605DA3691724
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):13
                                                      Entropy (8bit):2.8150724101159437
                                                      Encrypted:false
                                                      SSDEEP:3:Yx7:4
                                                      MD5:C422F72BA41F662A919ED0B70E5C3289
                                                      SHA1:AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632
                                                      SHA-256:02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
                                                      SHA-512:86010ED2B2EEBDCC5A8A076B37703669C294C6D1BFAAEA963E26A9C94B81B4C53EC765D9425E5B616159C43923F800A891F9B903659575DF02F8845521F8DC46
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 85.0.4183.121
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\bc362906-8299-479f-8b4d-219273487ffe.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):92724
                                                      Entropy (8bit):3.748198339033272
                                                      Encrypted:false
                                                      SSDEEP:384:7bgf/FCs1dyD+NrrwvHN3Afl8H18GcLr2hbHxwRx1ArqnmiliNzTTsO5RLNO1LaN:4alFCZMs8ebXZJHQ3v+FKn9D5H
                                                      MD5:CF121798C7009BA808559F7BE74F90D1
                                                      SHA1:88F548F43BFBE66D116B2523F3F94F2D2E12E76D
                                                      SHA-256:A62D0E9E363B9281BDBB1F7B1C0F5CDEC378764F873EEBAFB501167394D0C689
                                                      SHA-512:3E7F257C845182E086F28E8476C497C4A99D4FD72934AC5E58E8516C5461929D11EA444AB74677A74FD40BAFED21A5976B24ADCBE814682A986173D51036F9D1
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 0j..............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....98.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
                                                      C:\Users\user\AppData\Local\Temp\05256d68-a332-4717-98c7-8207df99d4f0.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:Google Chrome extension, version 3
                                                      Category:dropped
                                                      Size (bytes):248531
                                                      Entropy (8bit):7.963657412635355
                                                      Encrypted:false
                                                      SSDEEP:3072:r+nmRykNgoldZ8GjJCiUXZSk+QSVh85PxEalRVHmcld9R6yYfEp4ABUGDcaKklrv:k3oF4Z4h45P99Fld9RBQYBVcaxlnfL
                                                      MD5:541F52E24FE1EF9F8E12377A6CCAE0C0
                                                      SHA1:189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
                                                      SHA-256:81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
                                                      SHA-512:D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f|.~.c.4.E.......0..0...*.H............0.......).'..b.*$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$|..|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...|!..A..L.+.=...kP.!.1..
                                                      C:\Users\user\AppData\Local\Temp\10ad8693-57b7-4612-a192-cbf1bb9bd1ee.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:Google Chrome extension, version 3
                                                      Category:dropped
                                                      Size (bytes):768843
                                                      Entropy (8bit):7.992932603402907
                                                      Encrypted:true
                                                      SSDEEP:12288:cK2ED9wjXNC1Gse83ru82/u0eKhgxuPFrDXgtbPz54Pm1D0fBmfH1sBrJ9mTiDga:cK2ED9I48seur0/uZKCuPNbgtbz6m1ob
                                                      MD5:A11D5CAF6BF849AEB84B0C95B1C3B7CF
                                                      SHA1:27F410CCBD75852C01C7464A1FD7EF8C29BE3916
                                                      SHA-256:D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
                                                      SHA-512:086C124DE3A01BE467647F3BCB4EA05105F690AB45417A0E3D38935ABA9E2381DF59AF98D0FFF7823CEFD5390B48807352E135AC70977AED7B413A8CC48FB590
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........6W..>Nuw9..R{c...Nq.H.K..A!....`v.k+..?.5.>v.....;.._~....tp....x.q.V...7.m.O.~.{!.o/q.'..BK..4./?'.....L..fH&.._<..&.p.k^..\s...:1y..F.N.+...X.PO@Mo....X.G1:..Y.@;..j..........=ae...0.......DU....n...n.;.Ipr..Q....:... <.....a.Y....{ei........0..0...*.H............0.......Mbh=.[O}.+..U.KHF(n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$......l-m.............m....ni...`..W.....R.p.b.+...+.\k.R$e~.J\.&c%.d...M..j..V.%...+1F....D....X\.1ct.<........E.B.+.i@...8..^...&YR...I.o...,.....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. D.'.N@.(..GK....m...A.0.."
                                                      C:\Users\user\AppData\Local\Temp\7c90e9f1-9fc1-42df-b5d4-a66d2130fe10.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:very short file (no magic)
                                                      Category:dropped
                                                      Size (bytes):1
                                                      Entropy (8bit):0.0
                                                      Encrypted:false
                                                      SSDEEP:3:L:L
                                                      MD5:5058F1AF8388633F609CADB75A75DC9D
                                                      SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                      SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                      SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: .
                                                      C:\Users\user\AppData\Local\Temp\ad4024ea-e44c-4b34-b306-3c8139028ccb.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:very short file (no magic)
                                                      Category:dropped
                                                      Size (bytes):1
                                                      Entropy (8bit):0.0
                                                      Encrypted:false
                                                      SSDEEP:3:L:L
                                                      MD5:5058F1AF8388633F609CADB75A75DC9D
                                                      SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                      SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                      SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: .
                                                      C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):16072
                                                      Entropy (8bit):4.640324214847836
                                                      Encrypted:false
                                                      SSDEEP:384:5jnh/59/iD5NGE9EImbv2aP8krpK8DNX+F6:5jnh/ueJNpRY6
                                                      MD5:8E38DBF6C9E90AC9A50A11CB6A3ECF99
                                                      SHA1:FF4CA6DF598D7B914F079263B40102558B2FB525
                                                      SHA-256:374A31CC57D5F087CDEC8C8491FC3DCA778F04F7048B2624C6E462ED00945851
                                                      SHA-512:74474676DBEA491BE2484B49B13ECDFAD49F41B4B40E30CFD282C3678A97BFD301C100759FAE9254C138468FC42B10F8F7A257B42B31CB24CEA89F7CA31C2202
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: CLIENT_HANDSHAKE_TRAFFIC_SECRET ae12e2448c1a2b787a930a3ad50252e1bbf626ac176187fa77f9c02b24eff0c2 891100c4ab3a79973842cec3331541a1eb38427f4345cacd1ecf3ed19a09f0b1.SERVER_HANDSHAKE_TRAFFIC_SECRET ae12e2448c1a2b787a930a3ad50252e1bbf626ac176187fa77f9c02b24eff0c2 cfe86d844755c91c2e33ec3a682c563e04de5be4776b9ec43928fc175ed84574.CLIENT_HANDSHAKE_TRAFFIC_SECRET 904ac683cff1c5de2173c5c98041ee1a5d98c3e9d88ad3a08c6e8af1eb14e80d f3704d3db046c67157f77f8c5161b18c1f609dce9eaa22ea4f039bf4416fc7ac.SERVER_HANDSHAKE_TRAFFIC_SECRET 904ac683cff1c5de2173c5c98041ee1a5d98c3e9d88ad3a08c6e8af1eb14e80d 0435284cae1534f8b27f6e42eb3a2db3c6eff6b886f2223db942a072300de394.CLIENT_HANDSHAKE_TRAFFIC_SECRET c6b301e3bfd69306491d1dad23b0bc4d23f0b7a45faeef69b14a59237ec4ef19 b22edef97041b1d3403597fccc7003c7ff81e2c240ce94af6eee68384fa39ca7.SERVER_HANDSHAKE_TRAFFIC_SECRET c6b301e3bfd69306491d1dad23b0bc4d23f0b7a45faeef69b14a59237ec4ef19 e210a2854f9a004fdc52712e435e83148aa2847c465aa9255510b774ad822319.CLIENT_HANDSHAKE_TRAFFIC_SEC
                                                      C:\Users\user\AppData\Local\Temp\f13fe5c5-2f04-4242-8a7f-d33276f73538.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:Google Chrome extension, version 3
                                                      Category:dropped
                                                      Size (bytes):248531
                                                      Entropy (8bit):7.963657412635355
                                                      Encrypted:false
                                                      SSDEEP:3072:r+nmRykNgoldZ8GjJCiUXZSk+QSVh85PxEalRVHmcld9R6yYfEp4ABUGDcaKklrv:k3oF4Z4h45P99Fld9RBQYBVcaxlnfL
                                                      MD5:541F52E24FE1EF9F8E12377A6CCAE0C0
                                                      SHA1:189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
                                                      SHA-256:81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
                                                      SHA-512:D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f|.~.c.4.E.......0..0...*.H............0.......).'..b.*$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$|..|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...|!..A..L.+.=...kP.!.1..
                                                      C:\Users\user\AppData\Local\Temp\f74a1edd-5022-4917-a3ab-bd8138ca9b39.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:very short file (no magic)
                                                      Category:dropped
                                                      Size (bytes):1
                                                      Entropy (8bit):0.0
                                                      Encrypted:false
                                                      SSDEEP:3:L:L
                                                      MD5:5058F1AF8388633F609CADB75A75DC9D
                                                      SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                      SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                      SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: .
                                                      C:\Users\user\AppData\Local\Temp\scoped_dir1224_1777571795\CRX_INSTALL\_locales\bg\messages.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with CRLF line terminators
                                                      Category:dropped
                                                      Size (bytes):796
                                                      Entropy (8bit):4.864931792423268
                                                      Encrypted:false
                                                      SSDEEP:12:1HEJMLkSlwZGGMLkSlwZ+WYpU34f145Gb+dgoxTyO8ZpU34f1L0frhmJ03OyZnLt:1HE7n4gn8WYpYrbhz8ZpotHOGAOf6aD
                                                      MD5:6F8E288A9AD5B1ED8633B430E2B4D4CA
                                                      SHA1:F671D3D4BEFA431D1946D706F4192D44E29B6F08
                                                      SHA-256:A114E2783D0E9B12155017323BA70838F0F82A71C7EE8DC1F115AE36991241F8
                                                      SHA-512:0F87F3F0D115B872288949E59ACD3CD41B1FBC64A622D8FDA6D71FAFC5A900D92ADFBB0E7EB926F2A8759BBAA0896D48728FB719BBF5EF54AC21027328F7700C
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {.. "app_description": {.. "message": "........ . ... ........ .. Chrome".. },.. "app_name": {.. "message": "........ . ... ........ .. Chrome".. },.. "craw_app_unavailable": {.. "message": "........... .... ...... .. .............".. },.. "craw_connect_to_network": {.. "message": "...., ........ .. . ......".. },.. "iap_unavailable": {.. "message": "........... .... ...... .. .......... ....... .. .........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "...., ...... . Chrome.".. }..}..
                                                      C:\Users\user\AppData\Local\Temp\scoped_dir1224_1777571795\CRX_INSTALL\_locales\ca\messages.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with CRLF line terminators
                                                      Category:dropped
                                                      Size (bytes):675
                                                      Entropy (8bit):4.536753193530313
                                                      Encrypted:false
                                                      SSDEEP:12:1HEJ0gbbGG0gbb+WYpU34g3YbiLO+dgyGFoO8ZpU34+puiPmb03OyZnLAOfTYABk:1HE5baib6WYpm31Lt0Z8Zp8pxOGAOfKD
                                                      MD5:1FDAFC926391BD580B655FBAF46ED260
                                                      SHA1:C95743C3F43B2B099FEBEBC5BD850F0C20E820AC
                                                      SHA-256:C67898B67F9C9209EAFDA6532B62D5789863CFB855998DD6A70E7775316CEC20
                                                      SHA-512:39D95D45C5746DA3BAA7AE6A3344EA17D7A7C3569C2A56959FF119261DA08C747A320FCF701AC72B8DBDBF8BF06FD8B239017A282CDDA444F3826D4EC672CBB4
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {.. "app_description": {.. "message": "Sistema de pagaments de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagaments de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Ara mateix aquesta aplicaci. no est. disponible.".. },.. "craw_connect_to_network": {.. "message": "Connecteu-vos a una xarxa.".. },.. "iap_unavailable": {.. "message": "La funci. Pagaments a l'aplicaci. no est. disponible actualment.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Inicieu la sessi. a Chrome.".. }..}..
                                                      C:\Users\user\AppData\Local\Temp\scoped_dir1224_1777571795\CRX_INSTALL\_locales\cs\messages.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with CRLF line terminators
                                                      Category:dropped
                                                      Size (bytes):641
                                                      Entropy (8bit):4.698608127109193
                                                      Encrypted:false
                                                      SSDEEP:12:1HEJfZGGfZ+WYpU34OBh+dgN/O8ZpU34j05U03OyZnLAOfTYWc:1HEl4G8WYpdt8Zpq5TOGAOfW
                                                      MD5:76DEC64ED1556180B452A13C83171883
                                                      SHA1:CFB1E56FD587BCDC459C1D9A683B71F9849058F9
                                                      SHA-256:32290D69A90E6BAAC428B10382C99221B12773BB9A184F3B93DFB48A4F6D7A40
                                                      SHA-512:5230A217968D5DC463E2E92D704544311A721E5CEF65C3125CBD8DEB9C0293D3BFB5C820A6011ABF77095FDEE7DAF67D541DC202B0C9CDB0908CBB85D84885CB
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {.. "app_description": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "app_name": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplikace v sou.asn. dob. nen. dostupn..".. },.. "craw_connect_to_network": {.. "message": "P.ipojte se pros.m k s.ti.".. },.. "iap_unavailable": {.. "message": "Platby v aplikaci aktu.ln. nejsou k dispozici.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "P.ihlaste se do Chromu.".. }..}..
                                                      C:\Users\user\AppData\Local\Temp\scoped_dir1224_1777571795\CRX_INSTALL\_locales\da\messages.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with CRLF line terminators
                                                      Category:dropped
                                                      Size (bytes):624
                                                      Entropy (8bit):4.5289746475384565
                                                      Encrypted:false
                                                      SSDEEP:12:1HEJJMKKFZGGJMKKFZ+WYpU34OHu+dgxlCZO8ZpU34J4Wu03OyZnLAOfTYzD:1HErMKfqMKVWYpM6lL8ZpDNOGAOfiD
                                                      MD5:238B97A36E411E42FF37CEFAF2927ED1
                                                      SHA1:4E47AC90BA24C8F4724D9293FA40CFD4ADA66FE0
                                                      SHA-256:4977D4A053542FF66967FAED6B06585DD70E68E20BFEB533B66FE3287F9655D9
                                                      SHA-512:FD0742D47B5F5AB9AAD9B4C3D57F63CB693E060EECE123A72036C6E92156D099495C7E9E9CC6DC83EEBCDDCC4B4C81FB47E4C9559DA3EBA024780FFF10C53E0A
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {.. "app_description": {.. "message": "Betalinger i Chrome Webshop".. },.. "app_name": {.. "message": "Betalinger i Chrome Webshop".. },.. "craw_app_unavailable": {.. "message": "Appen er ikke tilg.ngelig i .jeblikket.".. },.. "craw_connect_to_network": {.. "message": "Opret forbindelse til et netv.rk.".. },.. "iap_unavailable": {.. "message": "Betaling i appen er ikke tilg.ngelig i .jeblikket.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Log ind p. Chrome.".. }..}..
                                                      C:\Users\user\AppData\Local\Temp\scoped_dir1224_1777571795\CRX_INSTALL\_locales\de\messages.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with CRLF line terminators
                                                      Category:dropped
                                                      Size (bytes):651
                                                      Entropy (8bit):4.583694000020627
                                                      Encrypted:false
                                                      SSDEEP:12:1HEJQ1ZGGQ1Z+WYpU34pCEMT+dgJMlCTO8ZpU34p6FK603OyZnLAOfTYJ6K:1HEzWWYp3Bewv8Zp7k4OGAOfQj
                                                      MD5:6B3E916E8C1991AA0453CBA00FEDCAAA
                                                      SHA1:D6366D15912E40CA107FD42BFE9579C3336A51F9
                                                      SHA-256:A62FFAB910E31531758EEE48B2CC71A8857BEC3021DEAD50B668CBA3C8667053
                                                      SHA-512:87EA4311B61F29543B13F3E17DFA919D0C320B4FE370CC152E0B1514BCA79B0ABB526DDCF08621D6EBFA48923EE8FB4C667EFB120A72BD9583EEBEE7BFB80552
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {.. "app_description": {.. "message": "Chrome Web Store-Zahlungen".. },.. "app_name": {.. "message": "Chrome Web Store-Zahlungen".. },.. "craw_app_unavailable": {.. "message": "Die App ist momentan nicht verf.gbar.".. },.. "craw_connect_to_network": {.. "message": "Bitte stellen Sie eine Verbindung zu einem Netzwerk her.".. },.. "iap_unavailable": {.. "message": "In-App-Zahlungen sind momentan nicht m.glich.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Bitte melden Sie sich in Chrome an.".. }..}..
                                                      C:\Users\user\AppData\Local\Temp\scoped_dir1224_1777571795\CRX_INSTALL\_locales\el\messages.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with CRLF line terminators
                                                      Category:dropped
                                                      Size (bytes):787
                                                      Entropy (8bit):4.973349962793468
                                                      Encrypted:false
                                                      SSDEEP:24:1HEw+aZ+6WYpbWZe80A08ZpCGyDVWlOGAOf+XD:WguYpCZnpEZbGoD
                                                      MD5:05C437A322C1148B5F78B2F341339147
                                                      SHA1:AB53003A678E44A170E73711FBD9949833BBF3AA
                                                      SHA-256:A052C32B4FCAC61152EB0ADB2C260FB6A8256AD104AA0013DB93E9798D41A070
                                                      SHA-512:C36CB9202A34356DD06D377E2A088F428D0B8EBE7D2E54F8380485E9D94A0598D7F651C1E7A2FD55BE481D49C02B0812F2BA335E08611EC85EE0BD60784A6B40
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {.. "app_description": {.. "message": "........ ... Chrome Web Store".. },.. "app_name": {.. "message": "........ ... Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": ". ........ .... .. ..... ... ..... ..........".. },.. "craw_connect_to_network": {.. "message": ".......... .. ... .......".. },.. "iap_unavailable": {.. "message": ".. ........ ..... ......... ... ..... ..... .. ...... ...........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": ".......... ... Chrome.".. }..}..
                                                      C:\Users\user\AppData\Local\Temp\scoped_dir1224_1777571795\CRX_INSTALL\_locales\en\messages.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with CRLF line terminators
                                                      Category:dropped
                                                      Size (bytes):593
                                                      Entropy (8bit):4.483686991119526
                                                      Encrypted:false
                                                      SSDEEP:12:1HEJ6GG6+WYpU34OuFpR+dgGfFZO8ZpU34aEGFpR03OyZnLAOfTYdD:1HEVSWYpVp0JS8Zp5KpaOGAOfuD
                                                      MD5:91F5BC87FD478A007EC68C4E8ADF11AC
                                                      SHA1:D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6
                                                      SHA-256:92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
                                                      SHA-512:FDC2A29B04E67DDBBD8FB6E8D2443E46BADCB2B2FB3A850BBD6198CDCCC32EE0BD8A9769D929FEEFE84D1015145E6664AB5FEA114DF5A864CF963BF98A65FFD9
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {.. "app_description": {.. "message": "Chrome Web Store Payments".. },.. "app_name": {.. "message": "Chrome Web Store Payments".. },.. "craw_app_unavailable": {.. "message": "App currently unavailable.".. },.. "craw_connect_to_network": {.. "message": "Please connect to a network.".. },.. "iap_unavailable": {.. "message": "In-App Payments is currently unavailable.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Please sign into Chrome.".. }..}..
                                                      C:\Users\user\AppData\Local\Temp\scoped_dir1224_1777571795\CRX_INSTALL\_locales\en_GB\messages.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with CRLF line terminators
                                                      Category:dropped
                                                      Size (bytes):593
                                                      Entropy (8bit):4.483686991119526
                                                      Encrypted:false
                                                      SSDEEP:12:1HEJ6GG6+WYpU34OuFpR+dgGfFZO8ZpU34aEGFpR03OyZnLAOfTYdD:1HEVSWYpVp0JS8Zp5KpaOGAOfuD
                                                      MD5:91F5BC87FD478A007EC68C4E8ADF11AC
                                                      SHA1:D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6
                                                      SHA-256:92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
                                                      SHA-512:FDC2A29B04E67DDBBD8FB6E8D2443E46BADCB2B2FB3A850BBD6198CDCCC32EE0BD8A9769D929FEEFE84D1015145E6664AB5FEA114DF5A864CF963BF98A65FFD9
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {.. "app_description": {.. "message": "Chrome Web Store Payments".. },.. "app_name": {.. "message": "Chrome Web Store Payments".. },.. "craw_app_unavailable": {.. "message": "App currently unavailable.".. },.. "craw_connect_to_network": {.. "message": "Please connect to a network.".. },.. "iap_unavailable": {.. "message": "In-App Payments is currently unavailable.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Please sign into Chrome.".. }..}..
                                                      C:\Users\user\AppData\Local\Temp\scoped_dir1224_1777571795\CRX_INSTALL\_locales\es\messages.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with CRLF line terminators
                                                      Category:dropped
                                                      Size (bytes):661
                                                      Entropy (8bit):4.450938335136508
                                                      Encrypted:false
                                                      SSDEEP:12:1HEJHlbGGHlb+WYpU34ubdDH+dgxbFxTO8ZpU34lPbdlVo03OyZnLAOfTY6xjD:1HEvaC6WYpcDeEFxq8ZpNl5OGAOffD
                                                      MD5:82719BD3999AD66193A9B0BB525F97CD
                                                      SHA1:41194D511F1ACC16C1CA828AC81C18C8C6B47287
                                                      SHA-256:4DB9B2721E625C18B9E05C04B31AF5D9694712F1CAAF6219ABE34BB08E5DB1C7
                                                      SHA-512:D4C49B43427799B6292CEED11CACB1D76F7CE43EBF402B43B638A6EB2B414ED0981E386CB8CDF0B51D1BD9552934FE25B2F6392266BB73D8C9A691F65BCE0128
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {.. "app_description": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Esta aplicaci.n no est. disponible en este momento.".. },.. "craw_connect_to_network": {.. "message": "Con.ctate a una red.".. },.. "iap_unavailable": {.. "message": "Los pagos en la aplicaci.n no est.n disponibles en este momento.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Inicia sesi.n en Chrome.".. }..}..
                                                      C:\Users\user\AppData\Local\Temp\scoped_dir1224_1777571795\CRX_INSTALL\_locales\es_419\messages.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with CRLF line terminators
                                                      Category:dropped
                                                      Size (bytes):637
                                                      Entropy (8bit):4.47253983486615
                                                      Encrypted:false
                                                      SSDEEP:12:1HEJHlbGGHlb+WYpU34ubdDH+dgxbFxTO8ZpU34GLO03OyZnLAOfTYiJD:1HEvaC6WYpcDeEFxq8Zp4LlOGAOfvD
                                                      MD5:6B2583D8D1C147E36A69A88009CBEBC7
                                                      SHA1:4D4DEEB4BE6AA0181825F3371A761ABC5B4D5937
                                                      SHA-256:6659BC3705311D7641A73995DCFEA80C7734F2F4EBBC3787B3892A240348324F
                                                      SHA-512:37F0DBFCC1B5A2B8E4C92C49D2D9DEEF25616421350324F57E0149A45A6CCB437F5E3CBE97412C4B5DBBF2593783C7DF71E9C25A851AEAE6E4764C545723FA53
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {.. "app_description": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Esta aplicaci.n no est. disponible en este momento.".. },.. "craw_connect_to_network": {.. "message": "Con.ctate a una red.".. },.. "iap_unavailable": {.. "message": "En este momento, Pagos En-Apps no est. disponible.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Accede a Chrome.".. }..}..
                                                      C:\Users\user\AppData\Local\Temp\scoped_dir1224_1777571795\CRX_INSTALL\_locales\et\messages.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with CRLF line terminators
                                                      Category:dropped
                                                      Size (bytes):595
                                                      Entropy (8bit):4.467205425399467
                                                      Encrypted:false
                                                      SSDEEP:12:1HEJfPGGGfPG+WYpU34Ze7z+dgrW9O8ZpU34ZwZz03OyZnLAOfTYgoLIR:1HEdvqlWYpTeObk8ZpT/OGAOfuLIR
                                                      MD5:CFF6CB76EC724B17C1BC920726CB35A7
                                                      SHA1:14ED068251D65A840F00C05409D705259D329FFC
                                                      SHA-256:C85800BF45942FCC7FD6B1DF929C25F9CC2A977A6678966BD03D4B6B69889AFD
                                                      SHA-512:53D7D01BB30C0306DE65A79FD9551D2E8C1F71F4F45F71906B009071CB3E0F231E6A50FDD78773E9B4DE94085BC7B97F829842FA21A89A2080D33458B745C46F
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {.. "app_description": {.. "message": "Chrome'i veebipoe maksed".. },.. "app_name": {.. "message": "Chrome'i veebipoe maksed".. },.. "craw_app_unavailable": {.. "message": "Rakendus pole praegu saadaval.".. },.. "craw_connect_to_network": {.. "message": "Looge .hendus v.rguga.".. },.. "iap_unavailable": {.. "message": "Rakendusesisesed maksed ei ole praegu saadaval.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Logige Chrome'i sisse.".. }..}..
                                                      C:\Users\user\AppData\Local\Temp\scoped_dir1224_1777571795\CRX_INSTALL\_locales\fi\messages.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with CRLF line terminators
                                                      Category:dropped
                                                      Size (bytes):647
                                                      Entropy (8bit):4.595421267152647
                                                      Encrypted:false
                                                      SSDEEP:12:1HEJRuzGGRuz+WYpU34ujSBu+dgYO8ZpU34J+Bu03OyZnLAOfTY5HN:1HEFcWYpPNa8ZpD+FOGAOfEHN
                                                      MD5:3A01FEE829445C482D1721FF63153D16
                                                      SHA1:F3EAAADDC03F943FC88B30B67F534AA13E3336DD
                                                      SHA-256:0BDE54B20845124113383B6EB81E43A0F05E4EB0C44BEE3C1DFAC4CC5FEC2836
                                                      SHA-512:3B92B6C86D30FD36AA3CEFF8773BA60C3FC5CC19C693540137044C5838A5503895C770C0336A4D0A3DB5E42F3FB36274D8D3F85B9DCA2F3EC0E974FDDB0BEAD8
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {.. "app_description": {.. "message": "Chrome Web Storen maksut".. },.. "app_name": {.. "message": "Chrome Web Storen maksut".. },.. "craw_app_unavailable": {.. "message": "Sovellus ei ole t.ll. hetkell. k.ytett.viss..".. },.. "craw_connect_to_network": {.. "message": "Muodosta verkkoyhteys.".. },.. "iap_unavailable": {.. "message": "Sovelluksen sis.iset maksut eiv.t ole t.ll. hetkell. k.ytett.viss..".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Kirjaudu sis..n Chromeen.".. }..}..
                                                      C:\Users\user\AppData\Local\Temp\scoped_dir1224_1777571795\CRX_INSTALL\_locales\fil\messages.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with CRLF line terminators
                                                      Category:dropped
                                                      Size (bytes):658
                                                      Entropy (8bit):4.5231229502550745
                                                      Encrypted:false
                                                      SSDEEP:12:1HEJADlbGGADlb+WYpU34hTUT+dgHfZAFFZO8ZpU34hTjzeT03OyZnLAOfTYHfvF:1HEYah6WYp7TUSoxOS8Zp7TOsOGAOfqV
                                                      MD5:57AF5B654270A945BDA8053A83353A06
                                                      SHA1:EEEF7A4F869F97CF471A05D345E74F982D15E167
                                                      SHA-256:EC002ED92359F67818B49455DFC579E140368E6A004080AF022FD4F57F6B03F2
                                                      SHA-512:5F0AE839FCF3F4EA48FF41A76655AE0F3821564AFD5D42FBB9FBB9A38E8D8F7BB5E9B6F71064588CD441261F644095A44A755C134CE546D506D9A21E488BAF52
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {.. "app_description": {.. "message": "Mga Pagbabayad sa Chrome Web Store".. },.. "app_name": {.. "message": "Mga Pagbabayad sa Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Kasalukuyang hindi available ang app.".. },.. "craw_connect_to_network": {.. "message": "Mangyaring kumonekta sa isang network.".. },.. "iap_unavailable": {.. "message": "Kasalukuyang hindi available ang Mga Pagbabayad na In-App.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Mangyaring mag-sign in sa Chrome.".. }..}..
                                                      C:\Users\user\AppData\Local\Temp\scoped_dir1224_1777571795\CRX_INSTALL\_locales\fr\messages.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with CRLF line terminators
                                                      Category:dropped
                                                      Size (bytes):677
                                                      Entropy (8bit):4.552569602149629
                                                      Encrypted:false
                                                      SSDEEP:12:1HEJALf/nbGGALf/nb+WYpU34Owdgbyb+dgdQjO8ZpU34ITQpGnbyb03OyZnLAO8:1HE4Hna1Hn6WYpNdgpY8ZpSTQwnBOGAh
                                                      MD5:8D11C90F44A6585B57B933AB38D1FFF8
                                                      SHA1:3F9D44EA8807069A32AACA2AAAD02FD892E6CC90
                                                      SHA-256:599491F8C52B945C16C441ADF45BFD45AFAE046DA07757D97C56AF4DE75ED3B5
                                                      SHA-512:D7EF7F5AD7EF1A1595825D79B69E2B1E988AD3CF1F3881496FCCD30F241E4E9C6E457F9F5D0F855DE3536DB7A40C3E1C55946B50D3F556F4A35285066A0CD6F7
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {.. "app_description": {.. "message": "Paiements via le Chrome.Web.Store".. },.. "app_name": {.. "message": "Paiements via le Chrome.Web.Store".. },.. "craw_app_unavailable": {.. "message": "Application indisponible pour le moment.".. },.. "craw_connect_to_network": {.. "message": "Veuillez vous connecter . un r.seau.".. },.. "iap_unavailable": {.. "message": "Les paiements via l'application ne sont pas disponibles pour le moment.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Veuillez vous connecter . Chrome.".. }..}..

                                                      Static File Info

                                                      No static file info

                                                      Network Behavior

                                                      Snort IDS Alerts

                                                      TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                      05/04/21-16:51:49.797173ICMP384ICMP PING192.168.2.613.107.4.50
                                                      05/04/21-16:51:49.832204ICMP449ICMP Time-To-Live Exceeded in Transit84.17.52.126192.168.2.6
                                                      05/04/21-16:51:49.832577ICMP384ICMP PING192.168.2.613.107.4.50
                                                      05/04/21-16:51:49.867795ICMP449ICMP Time-To-Live Exceeded in Transit5.56.20.161192.168.2.6
                                                      05/04/21-16:51:49.868126ICMP384ICMP PING192.168.2.613.107.4.50
                                                      05/04/21-16:51:49.905991ICMP449ICMP Time-To-Live Exceeded in Transit91.206.52.152192.168.2.6
                                                      05/04/21-16:51:49.906361ICMP384ICMP PING192.168.2.613.107.4.50
                                                      05/04/21-16:51:53.444369ICMP384ICMP PING192.168.2.613.107.4.50
                                                      05/04/21-16:51:57.441573ICMP384ICMP PING192.168.2.613.107.4.50
                                                      05/04/21-16:52:01.447183ICMP384ICMP PING192.168.2.613.107.4.50
                                                      05/04/21-16:52:06.873906ICMP384ICMP PING192.168.2.613.107.4.50
                                                      05/04/21-16:52:10.450082ICMP384ICMP PING192.168.2.613.107.4.50
                                                      05/04/21-16:52:14.446298ICMP384ICMP PING192.168.2.613.107.4.50
                                                      05/04/21-16:52:18.447159ICMP384ICMP PING192.168.2.613.107.4.50
                                                      05/04/21-16:52:22.450698ICMP384ICMP PING192.168.2.613.107.4.50
                                                      05/04/21-16:52:26.447402ICMP384ICMP PING192.168.2.613.107.4.50
                                                      05/04/21-16:52:30.473777ICMP384ICMP PING192.168.2.613.107.4.50
                                                      05/04/21-16:52:34.449479ICMP384ICMP PING192.168.2.613.107.4.50
                                                      05/04/21-16:52:38.449570ICMP384ICMP PING192.168.2.613.107.4.50
                                                      05/04/21-16:52:38.485515ICMP408ICMP Echo Reply13.107.4.50192.168.2.6

                                                      Network Port Distribution

                                                      TCP Packets

                                                      TimestampSource PortDest PortSource IPDest IP
                                                      May 4, 2021 16:51:42.591615915 CEST4969380192.168.2.693.184.220.29
                                                      May 4, 2021 16:51:46.845216990 CEST49682443192.168.2.6204.79.197.200
                                                      May 4, 2021 16:51:46.850398064 CEST49682443192.168.2.6204.79.197.200
                                                      May 4, 2021 16:51:46.850466013 CEST49682443192.168.2.6204.79.197.200
                                                      May 4, 2021 16:51:46.850497961 CEST49682443192.168.2.6204.79.197.200
                                                      May 4, 2021 16:51:46.850518942 CEST49682443192.168.2.6204.79.197.200
                                                      May 4, 2021 16:51:46.854872942 CEST49682443192.168.2.6204.79.197.200
                                                      May 4, 2021 16:51:46.880911112 CEST44349682204.79.197.200192.168.2.6
                                                      May 4, 2021 16:51:46.880932093 CEST44349682204.79.197.200192.168.2.6
                                                      May 4, 2021 16:51:46.886084080 CEST44349682204.79.197.200192.168.2.6
                                                      May 4, 2021 16:51:46.886104107 CEST44349682204.79.197.200192.168.2.6
                                                      May 4, 2021 16:51:46.886301041 CEST44349682204.79.197.200192.168.2.6
                                                      May 4, 2021 16:51:46.886415958 CEST44349682204.79.197.200192.168.2.6
                                                      May 4, 2021 16:51:46.886439085 CEST44349682204.79.197.200192.168.2.6
                                                      May 4, 2021 16:51:46.886452913 CEST44349682204.79.197.200192.168.2.6
                                                      May 4, 2021 16:51:46.886626959 CEST44349682204.79.197.200192.168.2.6
                                                      May 4, 2021 16:51:46.886641026 CEST44349682204.79.197.200192.168.2.6
                                                      May 4, 2021 16:51:46.887393951 CEST44349682204.79.197.200192.168.2.6
                                                      May 4, 2021 16:51:46.887490988 CEST44349682204.79.197.200192.168.2.6
                                                      May 4, 2021 16:51:46.887564898 CEST44349682204.79.197.200192.168.2.6
                                                      May 4, 2021 16:51:46.887595892 CEST49682443192.168.2.6204.79.197.200
                                                      May 4, 2021 16:51:46.890311003 CEST44349682204.79.197.200192.168.2.6
                                                      May 4, 2021 16:51:46.940790892 CEST44349682204.79.197.200192.168.2.6
                                                      May 4, 2021 16:51:46.940942049 CEST49682443192.168.2.6204.79.197.200
                                                      May 4, 2021 16:51:55.475464106 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:55.476425886 CEST49721443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:55.607671022 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:55.607795000 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:55.608241081 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:55.608517885 CEST4434972134.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:55.608588934 CEST49721443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:55.609055996 CEST49721443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:55.740434885 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:55.741156101 CEST4434972134.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:55.741996050 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:55.742038012 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:55.742050886 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:55.742065907 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:55.742140055 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:55.742176056 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:55.742499113 CEST4434972134.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:55.742527008 CEST4434972134.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:55.742544889 CEST4434972134.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:55.742564917 CEST4434972134.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:55.742594957 CEST49721443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:55.742614031 CEST49721443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:55.876883030 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:55.878865957 CEST49721443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:55.878973961 CEST49721443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:55.879095078 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:55.879528999 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:56.011668921 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.011688948 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.011703014 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.011715889 CEST4434972134.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.011728048 CEST4434972134.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.011764050 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:56.011923075 CEST49721443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:56.011928082 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:56.011957884 CEST49721443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:56.012198925 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:56.056791067 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.109829903 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.109855890 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.109941959 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:56.110434055 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.110457897 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.110475063 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.110501051 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.110512972 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:56.110558033 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:56.117340088 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.117500067 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:56.143982887 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.144012928 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.144025087 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.144037962 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.144049883 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.144067049 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.144073009 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:56.144130945 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:56.144140005 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:56.144268036 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.243892908 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.243918896 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.243937969 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.243957996 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.244015932 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:56.244072914 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:56.244415998 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.244440079 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.244456053 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.244472027 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.244488001 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.244504929 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.244518995 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:56.244524002 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.244543076 CEST4434971934.230.134.23192.168.2.6
                                                      May 4, 2021 16:51:56.244566917 CEST49719443192.168.2.634.230.134.23
                                                      May 4, 2021 16:51:56.244611979 CEST49719443192.168.2.634.230.134.23

                                                      UDP Packets

                                                      TimestampSource PortDest PortSource IPDest IP
                                                      May 4, 2021 16:51:42.824028015 CEST4944853192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:42.883310080 CEST53494488.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:42.926136971 CEST6034253192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:42.977875948 CEST53603428.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:43.708163977 CEST6134653192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:43.765341997 CEST53613468.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:44.856148005 CEST5177453192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:44.904697895 CEST53517748.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:45.675297976 CEST5602353192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:45.726020098 CEST53560238.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:46.615353107 CEST5838453192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:46.666867018 CEST53583848.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:48.438796997 CEST6026153192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:48.490408897 CEST53602618.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:49.730449915 CEST5606153192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:49.795990944 CEST53560618.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:51.570038080 CEST5833653192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:51.618824959 CEST53583368.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:53.966104031 CEST5378153192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:54.014729977 CEST53537818.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:54.834419966 CEST6374553192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:54.883141994 CEST53637458.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:55.403837919 CEST5005553192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:55.411397934 CEST6137453192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:55.416889906 CEST5033953192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:55.419233084 CEST6330753192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:55.419593096 CEST4969453192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:55.460987091 CEST53500558.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:55.470675945 CEST53613748.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:55.474224091 CEST53503398.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:55.479363918 CEST53633078.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:55.489701986 CEST53496948.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:55.925246000 CEST5498253192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:55.984469891 CEST53549828.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:56.034446955 CEST5001053192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:56.085935116 CEST53500108.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:56.220653057 CEST6371853192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:56.288027048 CEST53637188.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:57.354510069 CEST6211653192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:57.364694118 CEST6381653192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:57.369020939 CEST5501453192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:57.369066954 CEST6220853192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:57.372487068 CEST5757453192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:57.377166986 CEST5181853192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:57.413412094 CEST53638168.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:57.414659023 CEST53621168.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:57.426079988 CEST53550148.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:57.434009075 CEST53518188.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:57.434166908 CEST53575748.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:57.436866045 CEST53622088.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:57.699222088 CEST5662853192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:57.731185913 CEST6077853192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:57.751862049 CEST53566288.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:57.766289949 CEST5379953192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:57.781116962 CEST53607788.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:57.817665100 CEST53537998.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:58.517004967 CEST5612953192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:58.576155901 CEST53561298.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:58.580259085 CEST5817753192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:58.628931999 CEST53581778.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:58.836009026 CEST5070053192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:58.851943970 CEST5406953192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:58.893090963 CEST53507008.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:58.910765886 CEST53540698.8.8.8192.168.2.6
                                                      May 4, 2021 16:51:59.813536882 CEST6117853192.168.2.68.8.8.8
                                                      May 4, 2021 16:51:59.862440109 CEST53611788.8.8.8192.168.2.6
                                                      May 4, 2021 16:52:01.007946968 CEST5701753192.168.2.68.8.8.8
                                                      May 4, 2021 16:52:01.073359013 CEST53570178.8.8.8192.168.2.6
                                                      May 4, 2021 16:52:01.527549982 CEST5632753192.168.2.68.8.8.8
                                                      May 4, 2021 16:52:01.586569071 CEST53563278.8.8.8192.168.2.6
                                                      May 4, 2021 16:52:01.906205893 CEST5024353192.168.2.68.8.8.8
                                                      May 4, 2021 16:52:01.956819057 CEST53502438.8.8.8192.168.2.6
                                                      May 4, 2021 16:52:02.761161089 CEST6205553192.168.2.68.8.8.8
                                                      May 4, 2021 16:52:02.809932947 CEST53620558.8.8.8192.168.2.6
                                                      May 4, 2021 16:52:03.971014023 CEST5506653192.168.2.68.8.8.8
                                                      May 4, 2021 16:52:04.022342920 CEST53550668.8.8.8192.168.2.6
                                                      May 4, 2021 16:52:09.062133074 CEST6021153192.168.2.68.8.8.8
                                                      May 4, 2021 16:52:09.129338980 CEST53602118.8.8.8192.168.2.6
                                                      May 4, 2021 16:52:10.968275070 CEST5657053192.168.2.68.8.8.8
                                                      May 4, 2021 16:52:11.038528919 CEST53565708.8.8.8192.168.2.6
                                                      May 4, 2021 16:52:19.964236021 CEST5845453192.168.2.68.8.8.8
                                                      May 4, 2021 16:52:20.015754938 CEST53584548.8.8.8192.168.2.6
                                                      May 4, 2021 16:52:34.398428917 CEST5518053192.168.2.68.8.8.8
                                                      May 4, 2021 16:52:34.457447052 CEST53551808.8.8.8192.168.2.6
                                                      May 4, 2021 16:52:38.091906071 CEST5872153192.168.2.68.8.8.8
                                                      May 4, 2021 16:52:38.156050920 CEST53587218.8.8.8192.168.2.6
                                                      May 4, 2021 16:52:46.043637991 CEST5769153192.168.2.68.8.8.8
                                                      May 4, 2021 16:52:46.100680113 CEST53576918.8.8.8192.168.2.6
                                                      May 4, 2021 16:52:46.630521059 CEST5294353192.168.2.68.8.8.8
                                                      May 4, 2021 16:52:46.689182997 CEST53529438.8.8.8192.168.2.6
                                                      May 4, 2021 16:52:47.239068031 CEST5948953192.168.2.68.8.8.8
                                                      May 4, 2021 16:52:47.296914101 CEST53594898.8.8.8192.168.2.6
                                                      May 4, 2021 16:52:48.014169931 CEST6402253192.168.2.68.8.8.8
                                                      May 4, 2021 16:52:48.071135044 CEST53640228.8.8.8192.168.2.6
                                                      May 4, 2021 16:52:48.540396929 CEST6002353192.168.2.68.8.8.8
                                                      May 4, 2021 16:52:48.588947058 CEST53600238.8.8.8192.168.2.6
                                                      May 4, 2021 16:52:49.038621902 CEST5719353192.168.2.68.8.8.8
                                                      May 4, 2021 16:52:49.087249994 CEST53571938.8.8.8192.168.2.6
                                                      May 4, 2021 16:52:49.507641077 CEST5024853192.168.2.68.8.8.8
                                                      May 4, 2021 16:52:49.565253019 CEST53502488.8.8.8192.168.2.6

                                                      ICMP Packets

                                                      TimestampSource IPDest IPChecksumCodeType
                                                      May 4, 2021 16:51:49.832204103 CEST84.17.52.126192.168.2.6f4ff(Time to live exceeded in transit)Time Exceeded
                                                      May 4, 2021 16:51:49.867794991 CEST5.56.20.161192.168.2.6f4ff(Time to live exceeded in transit)Time Exceeded
                                                      May 4, 2021 16:51:49.905991077 CEST91.206.52.152192.168.2.6f4ff(Time to live exceeded in transit)Time Exceeded

                                                      DNS Queries

                                                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                                      May 4, 2021 16:51:55.411397934 CEST192.168.2.68.8.8.80xf8f1Standard query (0)same-bronzed-pet.glitch.meA (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:57.364694118 CEST192.168.2.68.8.8.80xed73Standard query (0)code.jquery.comA (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:57.369020939 CEST192.168.2.68.8.8.80xade2Standard query (0)maxcdn.bootstrapcdn.comA (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:57.372487068 CEST192.168.2.68.8.8.80xbfb2Standard query (0)kit.fontawesome.comA (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:57.377166986 CEST192.168.2.68.8.8.80x7d9bStandard query (0)cdnjs.cloudflare.comA (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:58.517004967 CEST192.168.2.68.8.8.80xaa9Standard query (0)ka-f.fontawesome.comA (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:58.851943970 CEST192.168.2.68.8.8.80x3f64Standard query (0)blobs.officehome.msocdn.comA (IP address)IN (0x0001)
                                                      May 4, 2021 16:52:01.527549982 CEST192.168.2.68.8.8.80xb98eStandard query (0)blobs.officehome.msocdn.comA (IP address)IN (0x0001)
                                                      May 4, 2021 16:52:09.062133074 CEST192.168.2.68.8.8.80x7f0bStandard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)

                                                      DNS Answers

                                                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                                      May 4, 2021 16:51:55.470675945 CEST8.8.8.8192.168.2.60xf8f1No error (0)same-bronzed-pet.glitch.me34.230.134.23A (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:55.470675945 CEST8.8.8.8192.168.2.60xf8f1No error (0)same-bronzed-pet.glitch.me52.204.230.185A (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:55.470675945 CEST8.8.8.8192.168.2.60xf8f1No error (0)same-bronzed-pet.glitch.me3.218.219.172A (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:55.470675945 CEST8.8.8.8192.168.2.60xf8f1No error (0)same-bronzed-pet.glitch.me52.4.74.101A (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:55.470675945 CEST8.8.8.8192.168.2.60xf8f1No error (0)same-bronzed-pet.glitch.me3.223.178.114A (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:55.470675945 CEST8.8.8.8192.168.2.60xf8f1No error (0)same-bronzed-pet.glitch.me52.44.26.204A (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:55.470675945 CEST8.8.8.8192.168.2.60xf8f1No error (0)same-bronzed-pet.glitch.me54.165.206.220A (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:55.470675945 CEST8.8.8.8192.168.2.60xf8f1No error (0)same-bronzed-pet.glitch.me18.215.195.21A (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:57.413412094 CEST8.8.8.8192.168.2.60xed73No error (0)code.jquery.comcds.s5x3j6q5.hwcdn.netCNAME (Canonical name)IN (0x0001)
                                                      May 4, 2021 16:51:57.426079988 CEST8.8.8.8192.168.2.60xade2No error (0)maxcdn.bootstrapcdn.com104.18.11.207A (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:57.426079988 CEST8.8.8.8192.168.2.60xade2No error (0)maxcdn.bootstrapcdn.com104.18.10.207A (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:57.434009075 CEST8.8.8.8192.168.2.60x7d9bNo error (0)cdnjs.cloudflare.com104.16.18.94A (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:57.434009075 CEST8.8.8.8192.168.2.60x7d9bNo error (0)cdnjs.cloudflare.com104.16.19.94A (IP address)IN (0x0001)
                                                      May 4, 2021 16:51:57.434166908 CEST8.8.8.8192.168.2.60xbfb2No error (0)kit.fontawesome.comkit.fontawesome.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)
                                                      May 4, 2021 16:51:58.576155901 CEST8.8.8.8192.168.2.60xaa9No error (0)ka-f.fontawesome.comka-f.fontawesome.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)
                                                      May 4, 2021 16:51:58.910765886 CEST8.8.8.8192.168.2.60x3f64No error (0)blobs.officehome.msocdn.comwildcard.officehome.msocdn.com.edgekey.netCNAME (Canonical name)IN (0x0001)
                                                      May 4, 2021 16:52:01.586569071 CEST8.8.8.8192.168.2.60xb98eNo error (0)blobs.officehome.msocdn.comwildcard.officehome.msocdn.com.edgekey.netCNAME (Canonical name)IN (0x0001)
                                                      May 4, 2021 16:52:09.129338980 CEST8.8.8.8192.168.2.60x7f0bNo error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)
                                                      May 4, 2021 16:52:09.129338980 CEST8.8.8.8192.168.2.60x7f0bNo error (0)googlehosted.l.googleusercontent.com216.58.212.129A (IP address)IN (0x0001)

                                                      HTTPS Packets

                                                      TimestampSource IPSource PortDest IPDest PortSubjectIssuerNot BeforeNot AfterJA3 SSL Client FingerprintJA3 SSL Client Digest
                                                      May 4, 2021 16:51:55.742065907 CEST34.230.134.23443192.168.2.649719CN=glitch.com CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USCN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USMon Jan 18 01:00:00 CET 2021 Thu Oct 22 02:00:00 CEST 2015 Mon May 25 14:00:00 CEST 2015 Wed Sep 02 02:00:00 CEST 2009Wed Feb 16 00:59:59 CET 2022 Sun Oct 19 02:00:00 CEST 2025 Thu Dec 31 02:00:00 CET 2037 Wed Jun 28 19:39:16 CEST 2034771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-13-18-51-45-43-27-21,29-23-24,0b32309a26951912be7dba376398abc3b
                                                      CN=Amazon, OU=Server CA 1B, O=Amazon, C=USCN=Amazon Root CA 1, O=Amazon, C=USThu Oct 22 02:00:00 CEST 2015Sun Oct 19 02:00:00 CEST 2025
                                                      CN=Amazon Root CA 1, O=Amazon, C=USCN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USMon May 25 14:00:00 CEST 2015Thu Dec 31 02:00:00 CET 2037
                                                      CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USOU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USWed Sep 02 02:00:00 CEST 2009Wed Jun 28 19:39:16 CEST 2034
                                                      May 4, 2021 16:51:55.742564917 CEST34.230.134.23443192.168.2.649721CN=glitch.com CN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USCN=Amazon, OU=Server CA 1B, O=Amazon, C=US CN=Amazon Root CA 1, O=Amazon, C=US CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USMon Jan 18 01:00:00 CET 2021 Thu Oct 22 02:00:00 CEST 2015 Mon May 25 14:00:00 CEST 2015 Wed Sep 02 02:00:00 CEST 2009Wed Feb 16 00:59:59 CET 2022 Sun Oct 19 02:00:00 CEST 2025 Thu Dec 31 02:00:00 CET 2037 Wed Jun 28 19:39:16 CEST 2034771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-13-18-51-45-43-27-21,29-23-24,0b32309a26951912be7dba376398abc3b
                                                      CN=Amazon, OU=Server CA 1B, O=Amazon, C=USCN=Amazon Root CA 1, O=Amazon, C=USThu Oct 22 02:00:00 CEST 2015Sun Oct 19 02:00:00 CEST 2025
                                                      CN=Amazon Root CA 1, O=Amazon, C=USCN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USMon May 25 14:00:00 CEST 2015Thu Dec 31 02:00:00 CET 2037
                                                      CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=USOU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=USWed Sep 02 02:00:00 CEST 2009Wed Jun 28 19:39:16 CEST 2034

                                                      Code Manipulations

                                                      Statistics

                                                      Behavior

                                                      Click to jump to process

                                                      System Behavior

                                                      Analysis Process: chrome.exe PID: 1224 Parent PID: 4552

                                                      General

                                                      Start time:16:51:48
                                                      Start date:04/05/2021
                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      Wow64 process (32bit):false
                                                      Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://same-bronzed-pet.glitch.me/'
                                                      Imagebase:0x7ff7c15e0000
                                                      File size:2150896 bytes
                                                      MD5 hash:C139654B5C1438A95B321BB01AD63EF6
                                                      Has elevated privileges:true
                                                      Has administrator privileges:true
                                                      Programmed in:C, C++ or other language
                                                      Reputation:low

                                                      Analysis Process: chrome.exe PID: 3568 Parent PID: 1224

                                                      General

                                                      Start time:16:51:50
                                                      Start date:04/05/2021
                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      Wow64 process (32bit):false
                                                      Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1540,3329959692431217940,6560056732251076571,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1788 /prefetch:8
                                                      Imagebase:0x7ff7c15e0000
                                                      File size:2150896 bytes
                                                      MD5 hash:C139654B5C1438A95B321BB01AD63EF6
                                                      Has elevated privileges:true
                                                      Has administrator privileges:true
                                                      Programmed in:C, C++ or other language
                                                      Reputation:low

                                                      Disassembly

                                                      Reset < >