Loading ...

Play interactive tourEdit tour

Analysis Report Notes Received gcgaming.com.html

Overview

General Information

Sample Name:Notes Received gcgaming.com.html
Analysis ID:404077
MD5:9ee4dcc0d2a1097277c46f9b11c60586
SHA1:018cb127487b5007462577deedb65149588f0cdb
SHA256:c1ee5eb5ec9fa1c44b2e02e1c05f669c096702494b2e793a940d24f15a3b9bdf
Infos:

Most interesting Screenshot:

Detection

HTMLPhisher
Score:60
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Phishing site detected (based on favicon image match)
Yara detected HtmlPhish10
Phishing site detected (based on logo template match)
HTML body contains low number of good links
HTML title does not match URL
IP address seen in connection with other malware
Invalid T&C link found
JA3 SSL client fingerprint seen in connection with other malware
None HTTPS page querying sensitive user data (password, username or email)

Classification

Startup

  • System is w10x64
  • chrome.exe (PID: 6504 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'C:\Users\user\Desktop\Notes Received gcgaming.com.html' MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 6728 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1520,12644167979976499918,16360615135431647946,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1716 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

Initial Sample

SourceRuleDescriptionAuthorStrings
Notes Received gcgaming.com.htmlJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security

    Sigma Overview

    No Sigma rule has matched

    Signature Overview

    Click to jump to signature section

    Show All Signature Results

    Phishing:

    barindex
    Phishing site detected (based on favicon image match)Show sources
    Source: file:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.htmlMatcher: Template: microsoft matched with high similarity
    Yara detected HtmlPhish10Show sources
    Source: Yara matchFile source: Notes Received gcgaming.com.html, type: SAMPLE
    Source: Yara matchFile source: 76766.pages.csv, type: HTML
    Phishing site detected (based on logo template match)Show sources
    Source: file:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.htmlMatcher: Template: microsoft matched
    Source: file:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.htmlHTTP Parser: Number of links: 0
    Source: file:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.htmlHTTP Parser: Number of links: 0
    Source: file:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.htmlHTTP Parser: Title: Microsoft | Login does not match URL
    Source: file:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.htmlHTTP Parser: Title: Microsoft | Login does not match URL
    Source: file:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.htmlHTTP Parser: Invalid link: Privacy & cookies
    Source: file:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.htmlHTTP Parser: Invalid link: Privacy & cookies
    Source: file:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.htmlHTTP Parser: Has password / email / username input fields
    Source: file:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.htmlHTTP Parser: Has password / email / username input fields
    Source: file:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.htmlHTTP Parser: No <meta name="author".. found
    Source: file:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.htmlHTTP Parser: No <meta name="author".. found
    Source: file:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.htmlHTTP Parser: No <meta name="copyright".. found
    Source: file:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.htmlHTTP Parser: No <meta name="copyright".. found
    Source: unknownHTTPS traffic detected: 23.111.9.35:443 -> 192.168.2.4:49731 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 23.111.9.35:443 -> 192.168.2.4:49738 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49762 version: TLS 1.2
    Source: Joe Sandbox ViewIP Address: 23.111.9.35 23.111.9.35
    Source: Joe Sandbox ViewIP Address: 23.111.9.35 23.111.9.35
    Source: Joe Sandbox ViewJA3 fingerprint: b32309a26951912be7dba376398abc3b
    Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
    Source: Ruleset Data.0.drString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
    Source: Ruleset Data.0.drString found in binary or memory: www.facebook.com/ad.*^ajaxpipe^ equals www.facebook.com (Facebook)
    Source: Ruleset Data.0.drString found in binary or memory: www.facebook.com/ad.*^ajaxpipe^>- equals www.facebook.com (Facebook)
    Source: Ruleset Data.0.drString found in binary or memory: www.facebook.com/ajax/ads/ equals www.facebook.com (Facebook)
    Source: unknownDNS traffic detected: queries for: code.jquery.com
    Source: 77EC63BDA74BD0D0E0426DC8F8008506.1.drString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
    Source: Reporting and NEL.1.drString found in binary or memory: https://a.nel.cloudflare.com/report?s=eKkcKZGE4SLEjH4x47aVtZDCLIoIOuXNkDlS0qmI349vOtITazO3akcFcocWTU
    Source: bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://aadcdn.msftauth.net
    Source: Notes Received gcgaming.com.html, Favicons.0.drString found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
    Source: manifest.json0.0.dr, c688863d-9283-425e-9e93-741c5cb10b7f.tmp.1.dr, bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://accounts.google.com
    Source: bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://ajax.googleapis.com
    Source: Notes Received gcgaming.com.htmlString found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
    Source: manifest.json0.0.dr, c688863d-9283-425e-9e93-741c5cb10b7f.tmp.1.dr, bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://apis.google.com
    Source: bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://cdnjs.cloudflare.com
    Source: Notes Received gcgaming.com.htmlString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
    Source: c688863d-9283-425e-9e93-741c5cb10b7f.tmp.1.dr, bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://clients2.google.com
    Source: manifest.json1.0.drString found in binary or memory: https://clients2.google.com/service/update2/crx
    Source: c688863d-9283-425e-9e93-741c5cb10b7f.tmp.1.dr, bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://clients2.googleusercontent.com
    Source: bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://code.jquery.com
    Source: Notes Received gcgaming.com.htmlString found in binary or memory: https://code.jquery.com/jquery-3.1.1.min.js
    Source: Notes Received gcgaming.com.htmlString found in binary or memory: https://code.jquery.com/jquery-3.2.1.slim.min.js
    Source: Notes Received gcgaming.com.htmlString found in binary or memory: https://code.jquery.com/jquery-3.3.1.js
    Source: manifest.json0.0.drString found in binary or memory: https://content.googleapis.com
    Source: 31d64b09-23e6-4832-8e95-3b4c6c2de016.tmp.1.dr, bb0a1b34-7c56-47f1-b172-3e7b38348b5a.tmp.1.dr, c688863d-9283-425e-9e93-741c5cb10b7f.tmp.1.dr, bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://dns.google
    Source: manifest.json0.0.drString found in binary or memory: https://feedback.googleusercontent.com
    Source: c688863d-9283-425e-9e93-741c5cb10b7f.tmp.1.dr, bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://fonts.googleapis.com
    Source: Notes Received gcgaming.com.htmlString found in binary or memory: https://fonts.googleapis.com/css?family=Archivo
    Source: manifest.json0.0.drString found in binary or memory: https://fonts.googleapis.com;
    Source: c688863d-9283-425e-9e93-741c5cb10b7f.tmp.1.dr, bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://fonts.gstatic.com
    Source: manifest.json0.0.drString found in binary or memory: https://fonts.gstatic.com;
    Source: manifest.json0.0.drString found in binary or memory: https://hangouts.google.com/
    Source: bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://maxcdn.bootstrapcdn.com
    Source: Notes Received gcgaming.com.htmlString found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
    Source: Notes Received gcgaming.com.htmlString found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
    Source: c688863d-9283-425e-9e93-741c5cb10b7f.tmp.1.dr, bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://ogs.google.com
    Source: manifest.json1.0.drString found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
    Source: c688863d-9283-425e-9e93-741c5cb10b7f.tmp.1.dr, bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://play.google.com
    Source: c688863d-9283-425e-9e93-741c5cb10b7f.tmp.1.drString found in binary or memory: https://r5---sn-h0jeln7l.gvt1.com
    Source: c688863d-9283-425e-9e93-741c5cb10b7f.tmp.1.dr, bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://redirector.gvt1.com
    Source: manifest.json1.0.drString found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
    Source: c688863d-9283-425e-9e93-741c5cb10b7f.tmp.1.dr, bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://ssl.gstatic.com
    Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/answer/2998456
    Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
    Source: bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://use.fontawesome.com
    Source: Notes Received gcgaming.com.htmlString found in binary or memory: https://use.fontawesome.com/releases/v5.7.0/css/all.css
    Source: manifest.json0.0.dr, c688863d-9283-425e-9e93-741c5cb10b7f.tmp.1.dr, bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://www.google.com
    Source: manifest.json1.0.drString found in binary or memory: https://www.google.com/
    Source: manifest.json0.0.drString found in binary or memory: https://www.google.com;
    Source: c688863d-9283-425e-9e93-741c5cb10b7f.tmp.1.dr, bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://www.googleapis.com
    Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/
    Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
    Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
    Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore
    Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
    Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/clouddevices
    Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts
    Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
    Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/meetings
    Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
    Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/sierra
    Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
    Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/userinfo.email
    Source: c688863d-9283-425e-9e93-741c5cb10b7f.tmp.1.dr, bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drString found in binary or memory: https://www.gstatic.com
    Source: manifest.json0.0.drString found in binary or memory: https://www.gstatic.com;
    Source: Notes Received gcgaming.com.htmlString found in binary or memory: https://www.office.com/
    Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
    Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
    Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
    Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
    Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
    Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
    Source: unknownHTTPS traffic detected: 23.111.9.35:443 -> 192.168.2.4:49731 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 23.111.9.35:443 -> 192.168.2.4:49738 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49762 version: TLS 1.2
    Source: classification engineClassification label: mal60.phis.winHTML@45/243@7/8
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-6091691B-1968.pmaJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Temp\a42773f2-21fc-4eb0-ba08-1efd58e67399.tmpJump to behavior
    Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'C:\Users\user\Desktop\Notes Received gcgaming.com.html'
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1520,12644167979976499918,16360615135431647946,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1716 /prefetch:8
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1520,12644167979976499918,16360615135431647946,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1716 /prefetch:8
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeAutomated click: Next
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeAutomated click: Next
    Source: Window RecorderWindow detected: More than 3 window changes detected

    Mitre Att&ck Matrix

    Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
    Valid AccountsWindows Management InstrumentationPath InterceptionProcess Injection1Masquerading1OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network MediumEncrypted Channel2Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
    Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsProcess Injection1LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothNon-Application Layer Protocol1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
    Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationApplication Layer Protocol2Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.

    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    No Antivirus matches

    Dropped Files

    No Antivirus matches

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    https://dns.google0%URL Reputationsafe
    https://dns.google0%URL Reputationsafe
    https://dns.google0%URL Reputationsafe
    https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico0%URL Reputationsafe
    https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico0%URL Reputationsafe
    https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico0%URL Reputationsafe
    https://aadcdn.msftauth.net0%URL Reputationsafe
    https://aadcdn.msftauth.net0%URL Reputationsafe
    https://aadcdn.msftauth.net0%URL Reputationsafe

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    cs1100.wpc.omegacdn.net
    152.199.23.37
    truefalse
      unknown
      cdnjs.cloudflare.com
      104.16.18.94
      truefalse
        high
        fontawesome-cdn.fonticons.netdna-cdn.com
        23.111.9.35
        truefalse
          high
          maxcdn.bootstrapcdn.com
          104.18.10.207
          truefalse
            high
            googlehosted.l.googleusercontent.com
            216.58.212.129
            truefalse
              high
              use.fontawesome.com
              unknown
              unknownfalse
                high
                clients2.googleusercontent.com
                unknown
                unknownfalse
                  high
                  code.jquery.com
                  unknown
                  unknownfalse
                    high
                    aadcdn.msftauth.net
                    unknown
                    unknownfalse
                      unknown

                      Contacted URLs

                      NameMaliciousAntivirus DetectionReputation
                      file:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.htmltrue
                        low

                        URLs from Memory and Binaries

                        NameSourceMaliciousAntivirus DetectionReputation
                        https://www.office.com/Notes Received gcgaming.com.htmlfalse
                          high
                          https://dns.google31d64b09-23e6-4832-8e95-3b4c6c2de016.tmp.1.dr, bb0a1b34-7c56-47f1-b172-3e7b38348b5a.tmp.1.dr, c688863d-9283-425e-9e93-741c5cb10b7f.tmp.1.dr, bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drfalse
                          • URL Reputation: safe
                          • URL Reputation: safe
                          • URL Reputation: safe
                          unknown
                          https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.jsNotes Received gcgaming.com.htmlfalse
                            high
                            https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.icoNotes Received gcgaming.com.html, Favicons.0.drfalse
                            • URL Reputation: safe
                            • URL Reputation: safe
                            • URL Reputation: safe
                            unknown
                            https://code.jquery.com/jquery-3.2.1.slim.min.jsNotes Received gcgaming.com.htmlfalse
                              high
                              https://code.jquery.com/jquery-3.1.1.min.jsNotes Received gcgaming.com.htmlfalse
                                high
                                https://maxcdn.bootstrapcdn.combd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drfalse
                                  high
                                  https://use.fontawesome.com/releases/v5.7.0/css/all.cssNotes Received gcgaming.com.htmlfalse
                                    high
                                    https://aadcdn.msftauth.netbd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drfalse
                                    • URL Reputation: safe
                                    • URL Reputation: safe
                                    • URL Reputation: safe
                                    unknown
                                    https://code.jquery.combd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drfalse
                                      high
                                      https://cdnjs.cloudflare.combd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drfalse
                                        high
                                        https://clients2.googleusercontent.comc688863d-9283-425e-9e93-741c5cb10b7f.tmp.1.dr, bd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drfalse
                                          high
                                          https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.jsNotes Received gcgaming.com.htmlfalse
                                            high
                                            https://a.nel.cloudflare.com/report?s=eKkcKZGE4SLEjH4x47aVtZDCLIoIOuXNkDlS0qmI349vOtITazO3akcFcocWTUReporting and NEL.1.drfalse
                                              high
                                              https://use.fontawesome.combd75052c-cbdd-4a23-b472-308da9f828a6.tmp.1.drfalse
                                                high
                                                https://code.jquery.com/jquery-3.3.1.jsNotes Received gcgaming.com.htmlfalse
                                                  high
                                                  https://feedback.googleusercontent.commanifest.json0.0.drfalse
                                                    high
                                                    https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.cssNotes Received gcgaming.com.htmlfalse
                                                      high

                                                      Contacted IPs

                                                      • No. of IPs < 25%
                                                      • 25% < No. of IPs < 50%
                                                      • 50% < No. of IPs < 75%
                                                      • 75% < No. of IPs

                                                      Public

                                                      IPDomainCountryFlagASNASN NameMalicious
                                                      23.111.9.35
                                                      fontawesome-cdn.fonticons.netdna-cdn.comUnited States
                                                      33438HIGHWINDS2USfalse
                                                      104.18.10.207
                                                      maxcdn.bootstrapcdn.comUnited States
                                                      13335CLOUDFLARENETUSfalse
                                                      216.58.212.129
                                                      googlehosted.l.googleusercontent.comUnited States
                                                      15169GOOGLEUSfalse
                                                      239.255.255.250
                                                      unknownReserved
                                                      unknownunknownfalse
                                                      152.199.23.37
                                                      cs1100.wpc.omegacdn.netUnited States
                                                      15133EDGECASTUSfalse
                                                      104.16.18.94
                                                      cdnjs.cloudflare.comUnited States
                                                      13335CLOUDFLARENETUSfalse

                                                      Private

                                                      IP
                                                      192.168.2.1
                                                      127.0.0.1

                                                      General Information

                                                      Joe Sandbox Version:32.0.0 Black Diamond
                                                      Analysis ID:404077
                                                      Start date:04.05.2021
                                                      Start time:17:31:58
                                                      Joe Sandbox Product:CloudBasic
                                                      Overall analysis duration:0h 8m 25s
                                                      Hypervisor based Inspection enabled:false
                                                      Report type:light
                                                      Sample file name:Notes Received gcgaming.com.html
                                                      Cookbook file name:defaultwindowshtmlcookbook.jbs
                                                      Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                      Number of analysed new started processes analysed:23
                                                      Number of new started drivers analysed:0
                                                      Number of existing processes analysed:0
                                                      Number of existing drivers analysed:0
                                                      Number of injected processes analysed:0
                                                      Technologies:
                                                      • HCA enabled
                                                      • EGA enabled
                                                      • HDC enabled
                                                      • AMSI enabled
                                                      Analysis Mode:default
                                                      Analysis stop reason:Timeout
                                                      Detection:MAL
                                                      Classification:mal60.phis.winHTML@45/243@7/8
                                                      Cookbook Comments:
                                                      • Adjust boot time
                                                      • Enable AMSI
                                                      • Found application associated with file extension: .html
                                                      Warnings:
                                                      Show All
                                                      • Exclude process from analysis (whitelisted): BackgroundTransferHost.exe, RuntimeBroker.exe, Microsoft.Photos.exe, backgroundTaskHost.exe, svchost.exe, wuapihost.exe
                                                      • TCP Packets have been reduced to 100
                                                      • Created / dropped Files have been reduced to 100
                                                      • Excluded IPs from analysis (whitelisted): 20.82.210.154, 52.113.196.254, 13.88.21.125, 92.122.145.220, 69.16.175.42, 69.16.175.10, 142.250.185.78, 142.250.184.234, 142.250.186.106, 216.58.212.173, 142.250.185.227, 142.250.185.206, 93.184.221.240, 104.43.139.144, 95.168.222.141, 142.250.184.195, 142.250.185.170, 52.255.188.83, 104.42.151.234, 34.104.35.123, 142.250.186.138, 142.250.186.170, 142.250.184.202, 172.217.18.106, 172.217.23.106, 216.58.212.138, 142.250.185.74, 172.217.16.138, 142.250.185.106, 142.250.185.138, 142.250.185.202, 142.250.185.234, 142.250.181.234, 92.122.213.194, 92.122.213.247, 2.20.142.209, 2.20.142.210, 216.58.212.131, 142.250.186.67, 95.168.222.81, 52.155.217.156, 20.54.26.129, 20.50.102.62, 95.168.222.79, 95.168.222.147, 95.168.222.80, 95.168.222.143, 142.250.185.99, 95.168.222.83
                                                      • Excluded domains from analysis (whitelisted): gstaticadssl.l.google.com, cds.s5x3j6q5.hwcdn.net, arc.msn.com.nsatc.net, clientservices.googleapis.com, r4.sn-n02xgoxufvg3-2gbs.gvt1.com, r8.sn-n02xgoxufvg3-2gbl.gvt1.com, clients2.google.com, audownload.windowsupdate.nsatc.net, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, watson.telemetry.microsoft.com, www.gstatic.com, r5.sn-n02xgoxufvg3-2gbl.gvt1.com, au-bg-shim.trafficmanager.net, fonts.googleapis.com, ajax.googleapis.com, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, ris-prod.trafficmanager.net, aadcdnoriginneu.azureedge.net, skypedataprdcolcus16.cloudapp.net, r8.sn-n02xgoxufvg3-2gbs.gvt1.com, www.googleapis.com, r6---sn-n02xgoxufvg3-2gbl.gvt1.com, ris.api.iris.microsoft.com, r4.sn-n02xgoxufvg3-2gbl.gvt1.com, edgedl.me.gvt1.com, store-images.s-microsoft.com, r2.sn-n02xgoxufvg3-2gbs.gvt1.com, translate.googleapis.com, blobcollector.events.data.trafficmanager.net, clients.l.google.com, au.download.windowsupdate.com.edgesuite.net, r8---sn-n02xgoxufvg3-2gbs.gvt1.com, r2---sn-n02xgoxufvg3-2gbs.gvt1.com, store-images.s-microsoft.com-c.edgekey.net, a1449.dscg2.akamai.net, arc.msn.com, wu.azureedge.net, consumerrp-displaycatalog-aks2eap-europe.md.mp.microsoft.com.akadns.net, db5eap.displaycatalog.md.mp.microsoft.com.akadns.net, teams-9999.teams-msedge.net, e12564.dspb.akamaiedge.net, redirector.gvt1.com, cs11.wpc.v0cdn.net, arc.trafficmanager.net, displaycatalog.mp.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, wu.wpc.apr-52dd2.edgecastdns.net, r4---sn-n02xgoxufvg3-2gbl.gvt1.com, r6.sn-n02xgoxufvg3-2gbl.gvt1.com, displaycatalog-europeeap.md.mp.microsoft.com.akadns.net, accounts.google.com, fonts.gstatic.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, a767.dscg3.akamai.net, aadcdnoriginneu.ec.azureedge.net, skypedataprdcoleus17.cloudapp.net, r5---sn-n02xgoxufvg3-2gbl.gvt1.com, r8---sn-n02xgoxufvg3-2gbl.gvt1.com, r4---sn-n02xgoxufvg3-2gbs.gvt1.com, teams-ring.teams-9999.teams-msedge.net, teams-ring.msedge.net, skypedataprdcolwus15.cloudapp.net, skypedataprdcolwus16.cloudapp.net, displaycatalog-rp.md.mp.microsoft.com.akadns.net
                                                      • Report size getting too big, too many NtCreateFile calls found.
                                                      • Report size getting too big, too many NtOpenFile calls found.
                                                      • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
                                                      • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                                      • VT rate limit hit for: /opt/package/joesandbox/database/analysis/404077/sample/Notes Received gcgaming.com.html

                                                      Simulations

                                                      Behavior and APIs

                                                      TimeTypeDescription
                                                      17:32:47API Interceptor2x Sleep call for process: chrome.exe modified

                                                      Joe Sandbox View / Context

                                                      IPs

                                                      MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                      23.111.9.35http://1minutemarketing.net/Get hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      http://www.visioncraftng.com/wp-admin/paclm/aTOOClFPHUo66zGet hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      http://giftbuying411.com/wp-includes/64358352543832/1xd5izerfl-00002/Get hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      http://www.00rcasey.sebelt.com/?VGH=cmNhc2V5QGNnc2luYy5jb20=Get hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      http://www.00dhoy.sebelt.com/?VGH=ZGhveUBjZ3NpbmMuY2E=Get hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      http://casehunter.com.brGet hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      http://alaksir.com/Scripts/TW6LJpx/Get hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      http://azetta.org/Manage-AbsaOnlineBanking-httpsib.absa.co.zaabsa-onlinelogin.jsp-Logon-AbsaExpress/~AbsaOnline%206-1.htmGet hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      http://bluetechprism.com/css/9zWF1bV_EzUmPytyJH5nFH6_sector/individual_n8i69k9xbanwxg_cnav2o/549242_o6OPbP/Get hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      http://magecart.netGet hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      https://protect-us.mimecast.com/s/uOyvC4xWr5FzL0Zyux-GUS?domain=t.yesware.comGet hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      https://telegra.ph/Notification-Checkpoin2020-07-12-2?fbclid=IwAR3CW1pVoB2bo4DBxz90-mn4s4lYZcDve12Q_Z31J30jf9ZtOUBqmdx9ZjEGet hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      http://bespokemerchandises.comGet hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      https://v.ht/5DsSGet hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      http://lavicentelopezcaferesto.com.ar/aquawestdubbo/prop/normal/Get hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      http://earningtipsbd.com/pn/Buy-Sell_Agreement_0786719_04272020.zipGet hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      https://onedrive.live.com/view.aspx?resid=1A4116533EC50398!1032&authkey=!AEhxS1cHS1VlwMYGet hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      http://www.8888scents.com/js/Get hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      http://sakshampharmaceuticals.com/wp-includes/wglyons.php?t=VHVlLCAxNCBBcHIgMjAyMCAyMjowMTMwMA==Get hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?
                                                      http://rjsimmonscpa.com/colopeaksGet hashmaliciousBrowse
                                                      • use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.eot?

                                                      Domains

                                                      MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                      fontawesome-cdn.fonticons.netdna-cdn.comBCJOphish040520219700.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      Pro-Forma invoicve.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      Minebest686.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      afafd.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      sean.adair@redwirespace.com1__redwirespace.com.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      Hanglung872.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      wyg.com Leave Policy Thursday, April 15th, 2021.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      FARASIS.xlsxGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      FARASIS.xlsxGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      Friday, April 2nd, 2021, 20210402062906.8CE1B73ADE2A192C@compassionarmy.com.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      covid.exeGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      SOC_0#7198, INV#512 Via GoogleDocs gracechung.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      New_Message_caroline.vogel@axpo.comSecured.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      #U041e#U0442#U043a#U0440#U044b#U0442#U044c www.sberbank.ru-0152 .htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      Xeros from condor.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      eib-invoice-333154_xls.HtMlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      cae-invoice-497149_xls.HtMlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      Thursday, February 11th, 2021, 20210211033346.3BD4A181171AEBE1@gotasdeamor.cl.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      tmpC3F5.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      Tuesday, February 9th, 2021 8%3A1%3A54 a.m., _20210209080154.8E45EAA12FF8DC21@sophiajoyas.cl_.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      cdnjs.cloudflare.comBCJOphish040520219700.htmlGet hashmaliciousBrowse
                                                      • 104.16.18.94
                                                      ATT51630.htmGet hashmaliciousBrowse
                                                      • 104.16.18.94
                                                      ATT50279.htmlGet hashmaliciousBrowse
                                                      • 104.16.19.94
                                                      efax637637637.htmGet hashmaliciousBrowse
                                                      • 104.16.19.94
                                                      Minebest686.htmlGet hashmaliciousBrowse
                                                      • 104.16.19.94
                                                      afafd.htmGet hashmaliciousBrowse
                                                      • 104.16.18.94
                                                      agnesng@hanglung.comOnedrive.htmlGet hashmaliciousBrowse
                                                      • 104.16.18.94
                                                      FAXNIV0MSWBUP.htmGet hashmaliciousBrowse
                                                      • 104.16.18.94
                                                      Telex_Copy.htmlGet hashmaliciousBrowse
                                                      • 104.16.18.94
                                                      .htmGet hashmaliciousBrowse
                                                      • 104.16.19.94
                                                      sean.adair@redwirespace.com1__redwirespace.com.htmGet hashmaliciousBrowse
                                                      • 104.16.19.94
                                                      FAXQKJEZPA42S.htmGet hashmaliciousBrowse
                                                      • 104.16.18.94
                                                      #Ud83d#Udcde.htmGet hashmaliciousBrowse
                                                      • 104.16.18.94
                                                      ATT50064.htmlGet hashmaliciousBrowse
                                                      • 104.16.18.94
                                                      Remittance_Advice_-7889x_pdf.HTmlGet hashmaliciousBrowse
                                                      • 104.16.19.94
                                                      Hanglung872.htmlGet hashmaliciousBrowse
                                                      • 104.16.18.94
                                                      Final_report_202110.htmGet hashmaliciousBrowse
                                                      • 104.16.19.94
                                                      775.htmGet hashmaliciousBrowse
                                                      • 104.16.18.94
                                                      file.htmGet hashmaliciousBrowse
                                                      • 104.16.18.94
                                                      file.htmGet hashmaliciousBrowse
                                                      • 104.16.18.94
                                                      cs1100.wpc.omegacdn.netBCJOphish040520219700.htmlGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      Master Fund Distributions.pdf.htmlGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      efax637637637.htmGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      Minebest686.htmlGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      afafd.htmGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      efax663663663.htmGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      sean.adair@redwirespace.com1__redwirespace.com.htmGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      New%20order%20contract.htmlGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      Hanglung872.htmlGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      775.htmGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      VoicePlayback (0129) for nerlyn.cama ibo .htmlGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      VoicePlayback (0151) for norgaardr sacda .htmlGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      VoicePlayback (0151) for norgaardr sacda .htmlGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      E3761 80251728_03312021.htmlGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      AttachementHtm.htmlGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      VoicePlayback (0155) for umclune myumanitoba .htmlGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      1-page-fax-from-+33822822.htmGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      VoicePlayback (0195) for turnerrd pellamw .htmlGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      VoicePlayback (0162) for jonathan.siberry wyg .htmlGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      VoicePlayback (0129) for paul.mathias brewin .htmlGet hashmaliciousBrowse
                                                      • 152.199.23.37

                                                      ASN

                                                      MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                      HIGHWINDS2USBCJOphish040520219700.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      Pro-Forma invoicve.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      Minebest686.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      afafd.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      sean.adair@redwirespace.com1__redwirespace.com.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      Hanglung872.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      wyg.com Leave Policy Thursday, April 15th, 2021.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      6BympvyPAv.exeGet hashmaliciousBrowse
                                                      • 23.111.8.154
                                                      Three.exeGet hashmaliciousBrowse
                                                      • 23.111.8.154
                                                      Four.exeGet hashmaliciousBrowse
                                                      • 23.111.8.154
                                                      Six.exeGet hashmaliciousBrowse
                                                      • 23.111.8.154
                                                      One.exeGet hashmaliciousBrowse
                                                      • 23.111.8.154
                                                      Five.exeGet hashmaliciousBrowse
                                                      • 23.111.8.154
                                                      Two.exeGet hashmaliciousBrowse
                                                      • 23.111.8.154
                                                      FARASIS.xlsxGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      FARASIS.xlsxGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      Friday, April 2nd, 2021, 20210402062906.8CE1B73ADE2A192C@compassionarmy.com.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      covid.exeGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      scan-100218.docmGet hashmaliciousBrowse
                                                      • 108.161.187.71
                                                      SOC_0#7198, INV#512 Via GoogleDocs gracechung.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      CLOUDFLARENETUSDHL 4677348255142.exeGet hashmaliciousBrowse
                                                      • 104.21.19.200
                                                      BCJOphish040520219700.htmlGet hashmaliciousBrowse
                                                      • 104.16.18.94
                                                      5.exeGet hashmaliciousBrowse
                                                      • 104.17.62.50
                                                      Payment.xlsxGet hashmaliciousBrowse
                                                      • 66.235.200.147
                                                      pasteBorder.dllGet hashmaliciousBrowse
                                                      • 104.20.184.68
                                                      Indeed_Update_File.htmlGet hashmaliciousBrowse
                                                      • 104.16.169.131
                                                      AgTxGlXxu9.exeGet hashmaliciousBrowse
                                                      • 104.22.18.188
                                                      08917506_by_Libranalysis.exeGet hashmaliciousBrowse
                                                      • 23.227.38.74
                                                      f97e137e_by_Libranalysis.exeGet hashmaliciousBrowse
                                                      • 162.159.134.233
                                                      heUGqZXAJv.exeGet hashmaliciousBrowse
                                                      • 104.21.33.129
                                                      6ccd0000.bilper.dllGet hashmaliciousBrowse
                                                      • 104.20.184.68
                                                      6bae0000.bilper.dllGet hashmaliciousBrowse
                                                      • 104.20.184.68
                                                      6c130000.da.dllGet hashmaliciousBrowse
                                                      • 104.20.184.68
                                                      gNRcIqPGkE.exeGet hashmaliciousBrowse
                                                      • 104.21.21.140
                                                      Halkbank_Ekstre_20210504_080203_744632.exeGet hashmaliciousBrowse
                                                      • 104.21.19.200
                                                      3QHQELjQ1s.exeGet hashmaliciousBrowse
                                                      • 104.21.21.140
                                                      EXPEDIENTE CSJVAA 20-43.jsGet hashmaliciousBrowse
                                                      • 104.26.5.223
                                                      valuePasteList.dllGet hashmaliciousBrowse
                                                      • 104.20.184.68
                                                      Payment Invoice.pdf.exeGet hashmaliciousBrowse
                                                      • 104.23.98.190
                                                      oiY37pLlj7.exeGet hashmaliciousBrowse
                                                      • 172.67.208.174

                                                      JA3 Fingerprints

                                                      MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                      b32309a26951912be7dba376398abc3bTree Top.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      efax637637637.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      afafd.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      FedEx Shipment Address Update Form2021.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      sean.adair@redwirespace.com1__redwirespace.com.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      FAXQKJEZPA42S.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      Monday, April 19th, 2021, 20210419034211.37352E088CBDC09B@classactsautobody.com.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      042021.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      Maersk_BL Draft_copy_Shipping_documents.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      042021.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      042021.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      AttachementHtm.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      1-page-fax-from-+33822822.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      #U266b VM-Tunes-Playback.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      VoicePlayback (0195) for turnerrd pellamw .htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      Monday, April 19th, 2021, 20210419111136.68B7C9F20FAF4F3F@classactsautobody.com.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      P A Y M E N T (1).htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      Dobra-Dossin.htmlGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      Cocha904.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      eFax_Sg803.htmGet hashmaliciousBrowse
                                                      • 23.111.9.35
                                                      37f463bf4616ecd445d4a1937da06e197D1E.exeGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      5.exeGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      ordine n#U00b0 276.exeGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      statistic-2067311372.xlsmGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      statistic-2069354685.xlsmGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      statistic-2070252624.xlsmGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      statistic-2072807337.xlsmGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      statistic-207394368.xlsmGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      f97e137e_by_Libranalysis.exeGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      e1df57de_by_Libranalysis.xlsGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      MV RED SEA.docxGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      MyUY1HeWNL.exeGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      IMG-WA7905432.exeGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      catalog-1521295750.xlsmGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      Documents_111651917_375818984.xlsGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      Remittance Advice pdf.exeGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      #U260e#Ufe0fAUDIO-2020-05-26-18-51-m4a_MP4messages_2202-434.htmGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      Documents_95326461_1831689059.xlsGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      Tree Top.htmlGet hashmaliciousBrowse
                                                      • 152.199.23.37
                                                      PT6-1152.docGet hashmaliciousBrowse
                                                      • 152.199.23.37

                                                      Dropped Files

                                                      No context

                                                      Created / dropped Files

                                                      C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:Microsoft Cabinet archive data, 58596 bytes, 1 file
                                                      Category:dropped
                                                      Size (bytes):117192
                                                      Entropy (8bit):7.995478615012125
                                                      Encrypted:true
                                                      SSDEEP:3072:F2qSSwIm1m/QEBbgb1om2qSSwIm1m/QEBbgb1oQ:FJdwIm1m/QEOb1omJdwIm1m/QEOb1oQ
                                                      MD5:2FEBC5EB397A71B7A4862D0DCC21CA5E
                                                      SHA1:5568FBD6D7DB899850D3AAFF95FEC08952361678
                                                      SHA-256:2E9BE05B763D01CB0CD6FDE8BC64432A012AD3ECD9A6F3099DDE740A2D148A13
                                                      SHA-512:B7D42B634F3B0CDC81CB94F281C8BB743BB98421AE54E21005637F762292D865EB1D71D43C4FF96AEE824527E9F7FB94FE5F5A4D35A22363A2A86AF8ABE0C414
                                                      Malicious:false
                                                      Reputation:moderate, very likely benign file
                                                      Preview: MSCF............,...................I........T........bR. .authroot.stl...s~.4..CK..8T....c_.d....A.K......&.-.J...."Y...$E.KB..D...D.....3.n..u.............|..=H4..c&.......f.,..=..-....p2.:..`HX......b.......Di.a......M.....4.....i..}..:~N.<..>.*.V..CX......B......,.q.M.....HB..E~Q...)..Gax../..}7..f......O0...x..k..ha...y.K.0.h..(....{2Y.].g...yw..|0.+?.`-../.xvy..e......w.+^...w|.Q.k.9&.Q.EzS.f......>?w.G.......v.F......A......-P.$.Y...u....Z..g..>.0&.y.(..<.].`>... ..R.q...g.Y..s.y.B..B....Z.4.<?.R....1.8.<.=.8..[a.s.......add..).NtX....r....R.&W4.5]....k.._iK..xzW.w.M.>,5.}..}.tLX5Ls3_..).!..X.~...%.B.....YS9m.,.....BV`.Cee.....?......:.x-.q9j...Yps..W...1.A<.X.O....7.ei..a\.~=X....HN.#....h,....y...\.br.8.y"k).....~B..v....GR.g|.z..+.D8.m..F .h...*.........ItNs.\....s..,.f`D...]..k...:9..lk.<D....u...........[...*.wY.O....P?.U.l....Fc.ObLq......Fvk..G9.8..!..\T:K`.......'.3......;.u..h...uD..^.bS...r........j..j .=...s .FxV....g.c.s..9.
                                                      C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):652
                                                      Entropy (8bit):3.133720182351511
                                                      Encrypted:false
                                                      SSDEEP:12:9HwTJrkPlE99SNxAhUe0hpwTJrkPlE99SNxAhUe0ht:u5kPcUQUPhe5kPcUQUPht
                                                      MD5:61941CC686B9B72338C5603602211EE7
                                                      SHA1:7BED42924B93ABCB29395E59E4DCAADB514F4238
                                                      SHA-256:3852FD3A6993A4A0E0A3EEAFECE478D855F375DF80C6AFEE4DAB6648556AE312
                                                      SHA-512:5CD30531004B47ECD9EC1B9F6AD9CC501773449862431E937DB1D1D2C888C9C8F59DAC82D1DC3588278D30C2C69A121DC11F83773ACE0069D4E9C75863147011
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: p...... ........|D~..@..(....................................................... ...................$...............h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".0.d.8.f.4.f.3.f.6.f.d.7.1.:.0."...p...... .........)o..@..(....................................................... ...................$...............h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".0.d.8.f.4.f.3.f.6.f.d.7.1.:.0."...
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\1a3558b0-68da-4f8d-8e78-a03a586068b7.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):160386
                                                      Entropy (8bit):6.052217644061395
                                                      Encrypted:false
                                                      SSDEEP:3072:o6Hi8A6zsByu8VXAVzkbOBLvMlNEopvR/XQrXwFcbXafIB0u1GOJmA3iuRH:/T7OoQVzkq9vMwSR/JaqfIlUOoSiuRH
                                                      MD5:31257FB3AF4B15E657342033B36F551E
                                                      SHA1:DCB394A5969C4E36B5C11F8D066F5743FC6FB94A
                                                      SHA-256:235ABE1F1D414EF13CD7686677E65BB4BBC0BEEB4AAADB54439AED3B85408D63
                                                      SHA-512:1A6882360182184963462B1344EFA402BA88CBCEB93E71F2771C3F94309A6999982112E38CF62422C3C7048E0416C605442626E6C58494F896694D4652B69247
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620142367105653e+12,"network":1.62014237e+12,"ticks":303559418.0,"uncertainty":5321529.0}},"origin_trials":{"disabled_features":["SecurePaymentConfirmation"]},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\4060b2be-d650-40da-8128-eec278ace3b2.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):168433
                                                      Entropy (8bit):6.081083185257597
                                                      Encrypted:false
                                                      SSDEEP:3072:cUNi8A6zsByu8VXAVzkbOBLvMlNEopvR/XQrXwFcbXafIB0u1GOJmA3iuRH:LNT7OoQVzkq9vMwSR/JaqfIlUOoSiuRH
                                                      MD5:36CBF845F1444EFE864B696D3ADE88F2
                                                      SHA1:8610BCB05341E582169AE50F7D31D698CAE224FE
                                                      SHA-256:D1956AB2DAAD23CFD009DFE5F7273E9BE9093375A91A11CBF4D1B87E007DD853
                                                      SHA-512:57DDF535793940AD2327442BAE70FFA651C755E5CF8AAD5DF79426CDB70FFE52F6178A52E135B4812876F6384E60314F821A6E251477DBBB5B38A2307E3CAE8E
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620142367105653e+12,"network":1.62014237e+12,"ticks":303559418.0,"uncertainty":5321529.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715786548"},"plugins":{"metadata":{"adobe-flash-player":{"di
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\488198f4-5f4e-4c10-9720-09439b09059e.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):160282
                                                      Entropy (8bit):6.051914929622016
                                                      Encrypted:false
                                                      SSDEEP:3072:67Hi8A6zsByu8VXAVzkbOBLvMlNEopvR/XQrXwFcbXafIB0u1GOJmA3iuRH:UT7OoQVzkq9vMwSR/JaqfIlUOoSiuRH
                                                      MD5:F9BC1CBCC2276ED2569EE652078F9202
                                                      SHA1:77A8D8BC6831512985E903B9DFF5E87CBD13C7B3
                                                      SHA-256:62F5A2C3A4516C48B1671F9D29CAE08616F5F6D8551ADD9323620F8175B4FFA5
                                                      SHA-512:D4AEC3D3A23425083AD73510D21255C776328042ACBFA0ABE18707E2BAB6F72A0A2D322B19298422AEC0032CA2B7B90F046384BB512010FB95069B251DD58896
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620142367105653e+12,"network":1.62014237e+12,"ticks":303559418.0,"uncertainty":5321529.0}},"origin_trials":{"disabled_features":["SecurePaymentConfirmation"]},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\4dcbf3d3-a271-4e4b-b44d-fe788540d1d7.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):160470
                                                      Entropy (8bit):6.052367706226153
                                                      Encrypted:false
                                                      SSDEEP:3072:o6ri8A6zsByu8VXAVzkbOBLvMlNEopvR/XQrXwFcbXafIB0u1GOJmA3iuRH:zT7OoQVzkq9vMwSR/JaqfIlUOoSiuRH
                                                      MD5:54797737D4E17D82993686AF0EEA1A3A
                                                      SHA1:A565778BC6440BED047862FB35B7B8469123241D
                                                      SHA-256:9D228690F3F19870CC0BC07CB9203A374A193BF5AC4AAF765A4575A6DAA91263
                                                      SHA-512:431387387A1875E6D8B93575667D181611A146E8D70BF29241680135034A97BB4E933E1EE6A49D66577969B81DAAE97D5247EF1B35676F466FC2FB604213AD94
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620142367105653e+12,"network":1.62014237e+12,"ticks":303559418.0,"uncertainty":5321529.0}},"origin_trials":{"disabled_features":["SecurePaymentConfirmation"]},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\61d31713-6d14-490e-8d64-084a286df4dd.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):160042
                                                      Entropy (8bit):6.051214722796367
                                                      Encrypted:false
                                                      SSDEEP:3072:6O4i8A6zsByu8VXAVzkbOBLvMlNEopvR/XQrXwFcbXafIB0u1GOJmA3iuRH:MT7OoQVzkq9vMwSR/JaqfIlUOoSiuRH
                                                      MD5:D193D55E74C37858F7EBEC254DBD4401
                                                      SHA1:46993AC1892E5CB182FB66431DC21DD58E003DF5
                                                      SHA-256:B15B9943B93871DB0ED626F57281DB6543C5D4807BA408D9BEC20F619E67E4C7
                                                      SHA-512:FCF6A32F1441128ECEA40DF634B9A33C31D8DF26EAD492442C5ADD6B1E64167A0E67C2080BAFB8B82F243CFA2E6821B79200068BE161823CA711B07BBB7B93C0
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620142367105653e+12,"network":1.62014237e+12,"ticks":303559418.0,"uncertainty":5321529.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715786548"},"plugins":{"metadata":{"adobe-flash-player":{"di
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\64c3decb-5135-4b82-8826-c9b1311b3744.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):168433
                                                      Entropy (8bit):6.081080079586874
                                                      Encrypted:false
                                                      SSDEEP:3072:MDxi8A6zsByu8VXAVzkbOBLvMlNEopvR/XQrXwFcbXafIB0u1GOJmA3iuRH:sxT7OoQVzkq9vMwSR/JaqfIlUOoSiuRH
                                                      MD5:901F94037BDB9641691819CA46AB9D0E
                                                      SHA1:43D4F2AA4C89DCB871811D37FA9A832C2FD39730
                                                      SHA-256:AFC9A040A92437E52812AFE44FD036990E656543794E3073470BB3363957F98E
                                                      SHA-512:04947E15554C66F425FEE23CDF1541C1EF52B9CE458C31121F0161215B2E11AAF7D95C0261DA9A38D912B5ECA1DF3DA0DDAA5AD56109FE88FCDFF61EB47C99C5
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620142367105653e+12,"network":1.62014237e+12,"ticks":303559418.0,"uncertainty":5321529.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715401452"},"plugins":{"metadata":{"adobe-flash-player":{"di
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\666a8c19-869e-434f-8a4f-8913131bc04e.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):159956
                                                      Entropy (8bit):6.051047882325824
                                                      Encrypted:false
                                                      SSDEEP:3072:6Ai8A6zsByu8VXAVzkbOBLvMlNEopvR/XQrXwFcbXafIB0u1GOJmA3iuRH:/T7OoQVzkq9vMwSR/JaqfIlUOoSiuRH
                                                      MD5:4FDC077D01384E2051FB70DE91EEB2A8
                                                      SHA1:B3F046082AD6BF271B45D45B997E530529569AA0
                                                      SHA-256:481B77C86D82554D6B0BD13ABB356B4559568630F953B9D1F7C3DCD057A586E1
                                                      SHA-512:08EF909427982ADEB3734F730FCD7F1566A7674A61C8A9E21B5A1DB424C1C2AE8932B937DC9DC8B404BFF16563038ED1DC3BE0FD85292513AA766D17CB323F90
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620142367105653e+12,"network":1.62014237e+12,"ticks":303559418.0,"uncertainty":5321529.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715786548"},"plugins":{"metadata":{"adobe-flash-player":{"di
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\75fce1e2-2730-430a-902a-949ea415dba1.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):160470
                                                      Entropy (8bit):6.052367706226153
                                                      Encrypted:false
                                                      SSDEEP:3072:o6ri8A6zsByu8VXAVzkbOBLvMlNEopvR/XQrXwFcbXafIB0u1GOJmA3iuRH:zT7OoQVzkq9vMwSR/JaqfIlUOoSiuRH
                                                      MD5:54797737D4E17D82993686AF0EEA1A3A
                                                      SHA1:A565778BC6440BED047862FB35B7B8469123241D
                                                      SHA-256:9D228690F3F19870CC0BC07CB9203A374A193BF5AC4AAF765A4575A6DAA91263
                                                      SHA-512:431387387A1875E6D8B93575667D181611A146E8D70BF29241680135034A97BB4E933E1EE6A49D66577969B81DAAE97D5247EF1B35676F466FC2FB604213AD94
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620142367105653e+12,"network":1.62014237e+12,"ticks":303559418.0,"uncertainty":5321529.0}},"origin_trials":{"disabled_features":["SecurePaymentConfirmation"]},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\7dcffd98-b0b3-4dc0-8996-14f6fdba5af4.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):92724
                                                      Entropy (8bit):3.748508567876386
                                                      Encrypted:false
                                                      SSDEEP:384:LLIX3taUNlKb2Njrov/l34HtUH9UGkTrOJDPx4559YrSfmKtKVrLLUOBJDN21jSS:AK1FiRE0Meb/xBQH/+9KPVr5o
                                                      MD5:1B4E1303B47B06D0F918D439D6785ECE
                                                      SHA1:074C34F7699652D3F3CF273D245ABBBD16220AA3
                                                      SHA-256:9F6824934C429AC3C07A3772D18C6CC1C44A03C84DA6DD46DBE35E5F61F0EAC8
                                                      SHA-512:7C6E3F081AC9D6DFFEF7443B7BE8322078309C19F9EC0EDE692A1B4F822BA2BF48165DC6D78640676DA96D3BFCC298376C4670EAACF659D03DDC1A9E0E3C3B3F
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview: 0j..............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....98.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\8a56a875-3379-494e-afbb-e98513bab60f.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):160656
                                                      Entropy (8bit):6.052868258304527
                                                      Encrypted:false
                                                      SSDEEP:3072:ozPi8A6zsByu8VXAVzkbOBLvMlNEopvR/XQrXwFcbXafIB0u1GOJmA3iuRH:GT7OoQVzkq9vMwSR/JaqfIlUOoSiuRH
                                                      MD5:EF61CE783ED7366ADB0FA030566B4FAA
                                                      SHA1:95B634BC326403A67126247B74BF219E454A1EFF
                                                      SHA-256:8D9AC57A1AB661582F7EF25B1E638C04F4160C9749DA7CEAC93DA3110C5A7E33
                                                      SHA-512:AE97C6EEE63AC3DFA7FD7EE26FB4C16E8F442A0897B64E5639BAD4B36A37383BCE815CE5F8A04442A5E348DEC3651522A5733DD79456A165A8BE0844AAB4377C
                                                      Malicious:false
                                                      Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620142367105653e+12,"network":1.62014237e+12,"ticks":303559418.0,"uncertainty":5321529.0}},"origin_trials":{"disabled_features":["SecurePaymentConfirmation"]},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\908f7df4-63fc-4101-bb89-1c3b16479f2a.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):168433
                                                      Entropy (8bit):6.0810809828802075
                                                      Encrypted:false
                                                      SSDEEP:3072:M1hi8A6zsByu8VXAVzkbOBLvMlNEopvR/XQrXwFcbXafIB0u1GOJmA3iuRH:yhT7OoQVzkq9vMwSR/JaqfIlUOoSiuRH
                                                      MD5:A42996343710969A5229BE8921FEE546
                                                      SHA1:0253528775E3FF53EF1FE2497052F686B1B1702A
                                                      SHA-256:9A890034A367D989F05B8CDD367C594FFDE9D8A1FDC1046F89182569822A2893
                                                      SHA-512:4C8E598D37F8CC5EDE04CE88AE60F25897D3A07E1108AC854690E52D988649CB4BAF9B30043758AC47D8D00FD608CBA876FD0501DE9DD4FAB7DEC44B53D6E398
                                                      Malicious:false
                                                      Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620142367105653e+12,"network":1.62014237e+12,"ticks":303559418.0,"uncertainty":5321529.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715401452"},"plugins":{"metadata":{"adobe-flash-player":{"di
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\9ba84bd1-4950-4e7a-9fde-45f8ec57b3ee.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):160042
                                                      Entropy (8bit):6.051214722796367
                                                      Encrypted:false
                                                      SSDEEP:3072:6O4i8A6zsByu8VXAVzkbOBLvMlNEopvR/XQrXwFcbXafIB0u1GOJmA3iuRH:MT7OoQVzkq9vMwSR/JaqfIlUOoSiuRH
                                                      MD5:D193D55E74C37858F7EBEC254DBD4401
                                                      SHA1:46993AC1892E5CB182FB66431DC21DD58E003DF5
                                                      SHA-256:B15B9943B93871DB0ED626F57281DB6543C5D4807BA408D9BEC20F619E67E4C7
                                                      SHA-512:FCF6A32F1441128ECEA40DF634B9A33C31D8DF26EAD492442C5ADD6B1E64167A0E67C2080BAFB8B82F243CFA2E6821B79200068BE161823CA711B07BBB7B93C0
                                                      Malicious:false
                                                      Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620142367105653e+12,"network":1.62014237e+12,"ticks":303559418.0,"uncertainty":5321529.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715786548"},"plugins":{"metadata":{"adobe-flash-player":{"di
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):120
                                                      Entropy (8bit):3.3041625260016576
                                                      Encrypted:false
                                                      SSDEEP:3:FkXwgs0oRL6twgs0oRL6twgs0oRLn:+taRL+taRL+taRLn
                                                      MD5:E6C1693D9F0F6B6E878D098FBFD4C92A
                                                      SHA1:D9D2708143B4A3BA5D14DFED59DCB6B88DF172D9
                                                      SHA-256:E9DA6B8F6549D084D8740EB4C25755989B057EBF4F36B5E526F34DFFAB7500CF
                                                      SHA-512:19B28BFE66708B294AB033C2F87D219E1C29D4F9363AC92E89B9406F6E2ACB13AD5DF73DD7E163D1ADEC0AF89C42DA112AE153EB23378EC29302F91192B7C5A9
                                                      Malicious:false
                                                      Preview: sdPC.....................UO..E.D.Q.o....sdPC.....................UO..E.D.Q.o....sdPC.....................UO..E.D.Q.o....
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\106fad97-6d3b-4f3c-be18-29ea57159de0.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):22601
                                                      Entropy (8bit):5.535547289860462
                                                      Encrypted:false
                                                      SSDEEP:384:H+Ot4LlWUXb1kXqKf/pUZNCgVLH2HfDhrUwHGRnZCT/QV94R:MLl1b1kXqKf/pUZNCgVLH2HfdrU0GRne
                                                      MD5:4AFEF5E62CFBA9195E979497FB791D45
                                                      SHA1:4C265BA2AF6D169E1FDF2C50D4AF8F3508C57F69
                                                      SHA-256:F599E8CB09ADA27F8221F691029B97D31CFF5DE28C703E8CD8843BCD576CA695
                                                      SHA-512:8A25EE9F7450514CF670409061A32BC411D21D3652813106313575DA74259D24A9B094742C3C1919D84A21F9326B90235DD6910197392FCCCCC9014AC3502DEE
                                                      Malicious:false
                                                      Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13264615963826329","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4467d1c1-0d28-4437-ae95-5dec3c10c404.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):24064
                                                      Entropy (8bit):5.533608361395022
                                                      Encrypted:false
                                                      SSDEEP:384:H+Ot4LlWUXb1kXqKf/pUZNCgVLH2HfDhrUhHGgHGenZCT/Q294C:MLl1b1kXqKf/pUZNCgVLH2HfdrUVGkGx
                                                      MD5:1B121AD52D482FD4B3B2C582E8D4A940
                                                      SHA1:3C75D3EFD03C036D47064F2DF190BB39DEE78380
                                                      SHA-256:423BAB33A35211F77B2F6D88D5AC5119FA70462D4704A130A1278FF4A009D71D
                                                      SHA-512:1977374AAB81FF8465435F4E2BADF1A96B7DB7D625EFF638EC7E4A9CD5CCD787B10FC8B10229F0A610B6BD8423A584058F550C695820EEC0ECE8668C8BCA5D04
                                                      Malicious:false
                                                      Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13264615963826329","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6c3b97e7-5a63-463e-a425-b7f86c08f69a.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):1041
                                                      Entropy (8bit):5.565926414537616
                                                      Encrypted:false
                                                      SSDEEP:24:Ym6H0UhsSTG1KUeiXzkq/HeUe8zUe8hUts7wUeE4sRUeiQ:Ym6UUhyKUeiYqPeUekUez6wUecUeP
                                                      MD5:D859304B0966B4B0ADF91735927AFCAE
                                                      SHA1:9A5ABE26BE6AC3576A176B74E36DF6A8DC1F43D6
                                                      SHA-256:24033DA68B3090CC85B76E615EBC0CFDB7B86D85E6C840DC9BFC67D076D3A959
                                                      SHA-512:1B4D8C53AAB012624A8FE77B66997AC00DB0D3AC39119D6A2848432F512DD0590DA7625A61E1480578337329BDF67796BF7A15D52E26DEA1992296645AD779E9
                                                      Malicious:false
                                                      Preview: {"expect_ct":[],"sts":[{"expiry":1632986995.029294,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601450995.029298},{"expiry":1632986994.959502,"host":"nAuqgR4iEWti7SOdT3UHPl6rmZU/DeaIm38P2O2OkgA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601450994.959505},{"expiry":1632987007.31909,"host":"0J7rAWV0ouCFYJ9XrkDiKnAO1SshXJmLJE1SS3V8kDM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601451007.319093},{"expiry":1632987013.78633,"host":"5EdUoB7YUY9zZV+2DkgVXgho8WUvp+D+6KpeUOhNQIM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601451013.786337},{"expiry":1632987013.793603,"host":"8/RrMmQlCD2Gsp14wUCE1P8r7B2C5+yE0+g79IPyRsc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601451013.793607},{"expiry":1632986995.164829,"host":"+ccWXqaoHJ9hfuXbleKV6FQUrBlyXAJ31BdqjNQJpHs=","mode":"force-https","sts_include_subdomains":false,"sts_o
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\742c41d1-f28d-41fa-9373-bcac73476df1.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):4822
                                                      Entropy (8bit):4.932164476124368
                                                      Encrypted:false
                                                      SSDEEP:48:YcskMklilQIGEqAuQqTlYGlQuoTw00jrf4MqM8C1Nfct/9BhUJo3KhmeSnpNGzFc:naL7GpdfpIV65k0JCKL8bbOTlVuHn
                                                      MD5:2648D159988674A718688F573EB8F104
                                                      SHA1:2854B40EDD84D50AEB787FE98F58DF36D2C6C835
                                                      SHA-256:EDE06846DA40085EF265BE88056A7936EE3E488324D10C091D561E936B239EFD
                                                      SHA-512:73B488DCAEE3068E02105C491D91431EB99CAAE7492BA041FB6EA4AD655C7BCE19F4CF36A01C2BBAEDA1E4878AD09066FF8572F22ECC94E54BE96BF574E3B246
                                                      Malicious:false
                                                      Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13264615963989299","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245924509391818","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"bookmark_bar":{"show_on_all_tabs":false},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2042016"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0"
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\76963cb8-2d88-4b63-90a2-0b95f0be1736.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):5493
                                                      Entropy (8bit):5.1644546893801175
                                                      Encrypted:false
                                                      SSDEEP:96:naL7GBdfcsbQnIV65k0JCKL8obOTzeO1VuHn:na34fcsbQnIUh4KupU
                                                      MD5:2E0AD0F666102D7B798D293DD4DB5EEE
                                                      SHA1:E97D7A89B812881B59CE876DAD4D53F15BF0E517
                                                      SHA-256:31C832FD9958E3B0999D3674486DF2FC68ADFBA7481C904CC4395CEAB7D93337
                                                      SHA-512:E3D57A89DDFBED9DB753E561BFB1DE73EB259D289E5E9CB026FE4B6B55E15AEAB5C9D8DD1060AFB6C5B150675DA5C1E6585760EA891743DDB9009E4AF9E88782
                                                      Malicious:false
                                                      Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13264615963989299","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245924509391818","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"bookmark_bar":{"show_on_all_tabs":false},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2042016"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0"
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\944b2494-5b89-4683-8003-bf20e5d43c80.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):16918
                                                      Entropy (8bit):5.579071413141473
                                                      Encrypted:false
                                                      SSDEEP:384:H+OttLlWUXb1kXqKf/pUZNCgVLH2HfDhrUE/QQ94T:JLl1b1kXqKf/pUZNCgVLH2HfdrUEYQ9o
                                                      MD5:0D7510BE455D85D9D31F67DEF99E3785
                                                      SHA1:8C39FA0F7819B421A16588726C33318923CC3D1B
                                                      SHA-256:BC23A8CB9AF856A0411DB8561245976709100C4C7A193B3B60357C4814CDDFB5
                                                      SHA-512:6FB3E38E7B14ECF3144A123F056662E6FD4CFEE4D558014C073517895E0E9A81E9A3E27418D0F1A5F0266364E3AE270128DA4171D2B55984F697EE8A39468353
                                                      Malicious:false
                                                      Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13264615963826329","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\98cd95ed-1674-47c8-9df8-c56bebcb1abf.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:very short file (no magic)
                                                      Category:dropped
                                                      Size (bytes):1
                                                      Entropy (8bit):0.0
                                                      Encrypted:false
                                                      SSDEEP:3:L:L
                                                      MD5:5058F1AF8388633F609CADB75A75DC9D
                                                      SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                      SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                      SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                      Malicious:false
                                                      Preview: .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):334
                                                      Entropy (8bit):5.239089858788194
                                                      Encrypted:false
                                                      SSDEEP:6:msfQRLdQL+q2Pwkn23iKKdK9RXXTZIFUtpdfQRLXHG1ZmwPdfQRLSQLVkwOwkn2v:t6SyvYf5Kk7XT2FUtpd6Q/Pd6jR5Jf51
                                                      MD5:C069DF4C89A0D8457CFF026FB464B065
                                                      SHA1:962391424A1053B3F7C0766F218AE032CEA28E4D
                                                      SHA-256:44CD8782D2B7863128308F0F566341A1CBB77E72A8D9D5442A2F80B9F67AA55F
                                                      SHA-512:B8F18C96E5DA9EA03BC931E628DF14282BCE51FA16C6BCCCC619B23CB91B0F3C9AF0CCA63174D8A24C5941B6EF7F92C74F67104556C13C283E32EB02D29E920D
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:54.450 1d18 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2021/05/04-17:32:54.452 1d18 Recovering log #3.2021/05/04-17:32:54.453 1d18 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):318
                                                      Entropy (8bit):5.237872997804387
                                                      Encrypted:false
                                                      SSDEEP:6:msfQRLp+SQL+q2Pwkn23iKKdKyDZIFUtpdfQRLhHG1ZmwPdfQRLfQLVkwOwkn23m:t6cjyvYf5Kk02FUtpd6O/Pd64R5Jf5K1
                                                      MD5:56A41B7F06EE9B73C4C13B31FAA5FFA0
                                                      SHA1:344B38E92F47C91D75F47235300DF18F593166B2
                                                      SHA-256:EBBB14ACE3B7772DDFEAC3C025E7343A88F23663ABEB534F4E42558A7FEF8C51
                                                      SHA-512:84BDFA864C92BE49B0A1CD095009BD896C3B879606197BD11FDC1954DB45E27B92AA864823701E8D568113B88D0E5CB5E3CFA8D1B936B1B681938081CAFE5C96
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:54.401 1d18 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2021/05/04-17:32:54.436 1d18 Recovering log #3.2021/05/04-17:32:54.438 1d18 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:SQLite 3.x database, last written using SQLite version 3032001
                                                      Category:dropped
                                                      Size (bytes):12288
                                                      Entropy (8bit):0.6863571317626186
                                                      Encrypted:false
                                                      SSDEEP:12:TLyen4ufFdbXGwcFOaOndOtJRbGMNmt2SH/+eVpUHFxOUwae6:TLyqJLbXaFpEO5bNmISHn06Uwd
                                                      MD5:1C0EAEEE6463CAE33B7A7CD9D9DF4DA5
                                                      SHA1:FBC6A28A1501E40154FDC0A9D0C2F34A5F88AA65
                                                      SHA-256:ED8AE7C5E6885874A39F4E86258F552670352A18D29BE1FF4D372A2F4CD06C8A
                                                      SHA-512:355D19828609971998B09B36E7C7D304B7FB88C7A726670BEBF5CF2E2710F8E71B0F9DEF6FE9712B484C1EB122AEEEFDECF31D13E02C4539C399DFB86EC7619F
                                                      Malicious:false
                                                      Preview: SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):12836
                                                      Entropy (8bit):0.9744311570016887
                                                      Encrypted:false
                                                      SSDEEP:24:Oe9H6pf1H1oNJqLbJLbXaFpEO5bNmISHn06UwdY8:ObfvoNJq5LLOpEO5J/Kn7Ut8
                                                      MD5:F8BEAA79C24762CE89FE5DDE2B1D876D
                                                      SHA1:0E8809F57B2F02EA748E0BB91CEF98DE92990C3E
                                                      SHA-256:B16BA294357136D150A1D8FB04A96DBD8A05F3FE9AFA631AE0A0EBFD2DC97EA6
                                                      SHA-512:1F86F23E6FB4785AC52882CDFBBD9C309BEA27655AD5BA8128934D0B1C36742DDDD0F0D200F19A10B06D54645A476BDF54703CC3499F5002B7F976DFA4EEA31B
                                                      Malicious:false
                                                      Preview: ........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):2161
                                                      Entropy (8bit):3.3895707050350996
                                                      Encrypted:false
                                                      SSDEEP:24:34SL9ybElrlJK5p+QzMqsGlYp+4pRB1OqsGlQLh1cp+AKlr:34sxS+Q46Y+4RC6KhW+A+r
                                                      MD5:662F6A1DC9B5FB76E226B84B2C6D9205
                                                      SHA1:FF36AA0AEEB842C88A28A589442292B812A7DFBF
                                                      SHA-256:7B808AF3132AF3FF478815351886FAFCB53B546E7677957902B916195A0FB675
                                                      SHA-512:4089D1C9522FB8AC0C51CDFAC9F122410DD9416380FE7F8F3131FE9B3F3AE5EA7456C1D170BF2C43847EEB62738F4ED3940F20E86BFDC44D1D75ACB2FF0B1D93
                                                      Malicious:false
                                                      Preview: SNSS....................................................!.............................................1..,.......$...8e819949_df2d_4664_94c2_cb1e41303037..........................................................................................................5..0.......&...{730C75E3-B87A-4292-818B-DC8F984D08AE}............................C...file:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.html.....................................................h.......`........................................................6&.....6&....0.......H...................................C...f.i.l.e.:./././.C.:./.U.s.e.r.s./.j.o.n.e.s./.D.e.s.k.t.o.p./.N.o.t.e.s.%.2.0.R.e.c.e.i.v.e.d.%.2.0.g.c.g.a.m.i.n.g...c.o.m...h.t.m.l...................................8.......0.......8....................................................................... .......................................................C...file:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.html.......... /.............
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):8
                                                      Entropy (8bit):1.8112781244591325
                                                      Encrypted:false
                                                      SSDEEP:3:3Dtn:3h
                                                      MD5:0686D6159557E1162D04C44240103333
                                                      SHA1:053E9DB58E20A67D1E158E407094359BF61D0639
                                                      SHA-256:3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
                                                      SHA-512:884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
                                                      Malicious:false
                                                      Preview: SNSS....
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):183
                                                      Entropy (8bit):4.267376444120917
                                                      Encrypted:false
                                                      SSDEEP:3:FQxlXayz/t2Hmwg0EOZL7Ao4uhFkEuRLKyC5Ei5+GgGg:qT5z/t2qoEwhXeLKBt
                                                      MD5:7FA0F874EABF1EED31988230680AD210
                                                      SHA1:E71B360F1E8D5C278A051AD03DFB9027ACCF38C3
                                                      SHA-256:09E15F8939364145E710C314EBD93FD19BF60C2B6B20BF8023315D617B6B141B
                                                      SHA-512:AF4C2E595AA0B1FD96474A0E73530B38BE5F2906B10BE1DEFC0A9221129A3E5BB8D0816777550863AD426C5C836ECA1F0C384986C2A1108E2E4CA20EF10A7824
                                                      Malicious:false
                                                      Preview: .f.5................i.Wd...............Sgdaefkejpgkiemlaofpalmlakkmbjdnl.declarative_rules.declarativeContent.onPageChanged.[]..F..................F..................F................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):320
                                                      Entropy (8bit):5.139658997345479
                                                      Encrypted:false
                                                      SSDEEP:6:msf87Iq2Pwkn23iKKdK8aPrqIFUtpdfWZZmwPdfWzkwOwkn23iKKdK8amLJ:tk7IvYf5KkL3FUtpdeZ/Pdez5Jf5KkQJ
                                                      MD5:B717A8BC405DB4CD19DD945C2459118E
                                                      SHA1:3709F61794E0DF2C506C8AEDB243540B78473149
                                                      SHA-256:2FF2780EDC2515AFB70B6D02D0972D3F3519EF6C36C4EB72C4E388C31BE888CB
                                                      SHA-512:B665E0347E716F79B8FC057FCB58913BD7EFD1B46882EC1E6BF7708F01E9C50708DA9F0671CE6CB949F2D7B6AAB3812A1BEEC1497B48C2AD20DCB5283C03A739
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:44.040 1a34 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/05/04-17:32:44.042 1a34 Recovering log #3.2021/05/04-17:32:44.042 1a34 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):627
                                                      Entropy (8bit):1.8784775129881184
                                                      Encrypted:false
                                                      SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW:
                                                      MD5:9D7435EA49A80FDD66E4915F513017F9
                                                      SHA1:469F6C6E4B19B85CC1BE497812B2F20864F4FF2C
                                                      SHA-256:409D4C47E940688527D730B996E8991E010988C7671565467ED69D640D0947F3
                                                      SHA-512:0561CD632D4219AEF4686DE40EC092921384CA89755D354801E0EAEC8645A8630A180807AF518AC8FCF01F71EB3D10FAA9CE1E62C7A7226A274975BDCB7EEB4C
                                                      Malicious:false
                                                      Preview: .f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):320
                                                      Entropy (8bit):5.230812173663402
                                                      Encrypted:false
                                                      SSDEEP:6:msfiX+q2Pwkn23iKKdK8NIFUtpdfiGXWZmwPdfiiFdVkwOwkn23iKKdK8+eLJ:tqX+vYf5KkpFUtpdqGXW/PdqmdV5Jf5c
                                                      MD5:93D0D59B389837FA326A88AC6B4EA8AA
                                                      SHA1:F36BC1F1410FCBEE32756703A45A5B2E1CD26235
                                                      SHA-256:36813B59C4CF76D7BDEC96A7BD4E358F3F376E3923FFFB2929C8212424DE8C34
                                                      SHA-512:51505437E60AF60BEE33E856F86D2AD862A8EEF3EFC3043C7D2202F2CCE99C1972C9CF79278812278558C7CCF03E8B0B65F8222387196D046185A3C58AB61A33
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:46.193 19ec Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/05/04-17:32:46.195 19ec Recovering log #3.2021/05/04-17:32:46.196 19ec Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):11217
                                                      Entropy (8bit):6.069602775336632
                                                      Encrypted:false
                                                      SSDEEP:192:GbylJnlTwGB7V9Hne4qasKxXItmLG48gcLg/PkI:Gb+nldByaFx4toj8VEPT
                                                      MD5:90F880064A42B29CCFF51FE5425BF1A3
                                                      SHA1:6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF
                                                      SHA-256:965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
                                                      SHA-512:D9CBFCD865356F19A57954F8FD952CAF3D31B354112766C41892D1EF40BD2533682D4EC3F4DA0E59A5397364F67A484B45091BA94E6C69ED18AB681403DFD3F3
                                                      Malicious:false
                                                      Preview: {"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAFMms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):11217
                                                      Entropy (8bit):6.069602775336632
                                                      Encrypted:false
                                                      SSDEEP:192:GbylJnlTwGB7V9Hne4qasKxXItmLG48gcLg/PkI:Gb+nldByaFx4toj8VEPT
                                                      MD5:90F880064A42B29CCFF51FE5425BF1A3
                                                      SHA1:6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF
                                                      SHA-256:965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
                                                      SHA-512:D9CBFCD865356F19A57954F8FD952CAF3D31B354112766C41892D1EF40BD2533682D4EC3F4DA0E59A5397364F67A484B45091BA94E6C69ED18AB681403DFD3F3
                                                      Malicious:false
                                                      Preview: {"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAFMms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):23474
                                                      Entropy (8bit):6.059847580419268
                                                      Encrypted:false
                                                      SSDEEP:384:7dNc1NC6IcafusK4H1IIGRlhKlkIALQWdynQh2RX4K6M1tVztzr7XSNyzH:7dOscSRKc1nGRSkIhEw6M1tf7SNyb
                                                      MD5:6AE2135EA4583C2F06CDEBEA4AE70FA4
                                                      SHA1:DCEB26C7F02D53B5F214305F4C75B4A33A79CDC2
                                                      SHA-256:03AA1944CB3C4F39E20B6361571BC45DFBEBD3FFDA3D8F148CC6ECB29958F903
                                                      SHA-512:B5945E67D9F73DD1982D687E5C6D9B5D6B3886C8050363A259755C76AC0F93651F3425FA7C21AA6A13977AC1C8C9322F998F131648CB8909096058D4F0D23312
                                                      Malicious:false
                                                      Preview: {"file_hashes":[{"block_hashes":["DOZdV3jFvk12AM2JNDYKo3KZrIVRprmJ+sVGWkqqE4Q=","rVElW3Hu3T52SzDDUqGT5YiJTBGUv2h3pNuBKFlhZ1U=","X/3fg4KZxgQ1jBr5QGq0F5JnflgE27UErd88mrxTcxs=","VibLbpy0ig+5INMOU71fTYN76iaka2XVpmm1qAKYsX8=","EChCwCbQHbHQ7oDdGT2qNyiRJ0yck2YC2emNGq4whtE="],"block_size":4096,"path":"_locales/iw/messages.json"},{"block_hashes":["xklkoZ7iSU1+7cd6DAtEmUC5lPFd+EgcbnzxkOiFwlk=","3KbsvoxKY/3AwqgF2aAdVQRpMhsNVRkQ3rx2A6Z2Z+Y=","o9+tsohquaCMj+70zeinRG/hBhA2uLoDl/WoC1uokME=","xV/K8xucyWJELVT8Cqn+ugFjobBVmg8pnmACF+2PP4Y=","p/mvJm2wuCl32Rx3it654MljKAsMe3S9IDEabc1A8mE=","j8mPrTb5oOsBTj2Fer78JE6xG6+kR64Cvu2SW8d3j/k=","nqSRpGQ3USU2bZJsZ+AzBmFOyann8omwJrhEWFZDTXc=","eTcQyJUuNuF9yCga/fXGyFCj/pysSceanhBzksdx23s=","Wj7faqnspelXKMvnduxHn1XUBG8TEOqyns7/oUihekM=","VtBwXoadI3EP336rAiL33Gz19KGqtN+RYdKnMKAXoLw=","iDgLXQqXJp8nCZxgLuC9LXM45DGfufvGnXvmHsn18wc=","g+RfdDfrWTUK0Pkcsbot7NJ4SC9wVRV/dVVMuHAtEj8=","2oC4HcCuXu3VjFf6wnKlznt9uqQNaebcuWpm/mWj69U=","aMUIpuFqPMiieSaWhIktCK62v2P3OZQAWupWsYzCnvk=","L
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:SQLite 3.x database, last written using SQLite version 3032001
                                                      Category:dropped
                                                      Size (bytes):16384
                                                      Entropy (8bit):1.228237267345407
                                                      Encrypted:false
                                                      SSDEEP:24:LLitYxh0GY/l1rWR1PmCx9fZjsBX+T6UwxKppAIT5BlotsaDc90R4sgmwTnNGR8+:tBmw6fUvzAA1otjI90R4NGq2l
                                                      MD5:8490F8A9F4AA787FE7D0B6DD2BC5A290
                                                      SHA1:F4594F28DE88FB2FFD8E6C354759BA016CD2DDDE
                                                      SHA-256:DF6958AE02CFB7C2F9BB5290D7919DDFD85754C504B6E79DFE60779AA79C8EAD
                                                      SHA-512:EE826A187CBCE5672ED5D48DF17B34061904AA84B39E50DFA314364784AC7A21F2663CC2794F08C9B5676FBD674817F2C270C38E4F6B5BEC6E2DA028243AA0C1
                                                      Malicious:false
                                                      Preview: SQLite format 3......@ ..........................................................................C..........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):16972
                                                      Entropy (8bit):0.8140008624828093
                                                      Encrypted:false
                                                      SSDEEP:24:XH9JlHvY1QQyvyLjtVxh0GY/l1rWR1PmCx9fZjsBX+T6UwXY3n:RHq2CBmw6fUsY3n
                                                      MD5:2EDA3A19584572717AED592C22443A4A
                                                      SHA1:23385331FE7DA71786784738D4E7D8828A6EBAA3
                                                      SHA-256:5AEFFEF17029CEF8CFFD922FA92F001E20C6D7FCFE57BCD20901BEAEC026A7C5
                                                      SHA-512:1FFD5A3DBFA8677990A720120FB6E04EDC60F601EE98BA06B45BCAFF6C98FADE3BA7198A195269B1F8FF7F6A72FDBB288AE2798A455130DFF150B25B0E637EEB
                                                      Malicious:false
                                                      Preview: ............5"..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):19
                                                      Entropy (8bit):1.8784775129881184
                                                      Encrypted:false
                                                      SSDEEP:3:FQxlX:qT
                                                      MD5:0407B455F23E3655661BA46A574CFCA4
                                                      SHA1:855CB7CC8EAC30458B4207614D046CB09EE3A591
                                                      SHA-256:AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
                                                      SHA-512:3020F7C87DC5201589FA43E03B1591ED8BEB64523B37EB3736557F3AB7D654980FB42284115A69D91DE44204CEFAB751B60466C0EF677608467DE43D41BFB939
                                                      Malicious:false
                                                      Preview: .f.5...............
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):372
                                                      Entropy (8bit):5.299488504199489
                                                      Encrypted:false
                                                      SSDEEP:6:msfQRLXQL+q2Pwkn23iKKdK25+Xqx8chI+IFUtpdfQRLQkQG1ZmwPdfQRLQTFOQO:t6AyvYf5KkTXfchI3FUtpd6h5/Pd6GFW
                                                      MD5:3906C38065603BD3A32F35C77ECB3186
                                                      SHA1:906567D57232A2BD610E1AC3580B7E2797DEF7BD
                                                      SHA-256:9921122361653714BBAC5945001B3C410B9E14B3C5A8FC3D2707C6F5E56C07BE
                                                      SHA-512:7530AFFFA13986BF4AB2A19A62BEC7B9BA1CD60FC6516BB3845DA076899BEC298B74FF2299DB222936ECA9A02D88B76F763D8FE909444FCBF3DD4AC7D371D9B5
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:54.319 1d18 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2021/05/04-17:32:54.325 1d18 Recovering log #3.2021/05/04-17:32:54.326 1d18 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):358
                                                      Entropy (8bit):5.246520917413015
                                                      Encrypted:false
                                                      SSDEEP:6:msfQRLsQL+q2Pwkn23iKKdK25+XuoIFUtpdfQRLEBG1ZmwPdfQRLE3UdSQLVkwOo:t6xyvYf5KkTXYFUtpd69/Pd60EjR5JfR
                                                      MD5:C2701C72FC0C99BBF87C8CE147101951
                                                      SHA1:A4414C53268E24DB8640917A5EAB88CE7E7D5B18
                                                      SHA-256:AC80275AFEF623295DDC7DAE0ED827E6CF24371721BCD85DD3EE4013237E163F
                                                      SHA-512:F38C50F0EBADFE7CAE14127CAC05F6E14A6CE2AE41E9E53BFF311685956D15658D1F84D3CE133E17A67A2C2A56522BC1653D69E331D8C25044A1191CC2E8B9D9
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:54.176 1d18 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2021/05/04-17:32:54.183 1d18 Recovering log #3.2021/05/04-17:32:54.185 1d18 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):330
                                                      Entropy (8bit):5.245692765846343
                                                      Encrypted:false
                                                      SSDEEP:6:msfQRLMoxQL+q2Pwkn23iKKdKWT5g1IdqIFUtpdfQRLfOG1ZmwPdfQRLaOESQLVH:t6BWyvYf5Kkg5gSRFUtpd67/Pd6aOwRH
                                                      MD5:95B7BAD938137D6F6D77F23855E94404
                                                      SHA1:89884C3BCE2DE600B68CADC42BCF5179CA204738
                                                      SHA-256:E807DD75CA012347711DC7A2D6F1953407A9A39F0F36BD9E42EDB6C655B1798E
                                                      SHA-512:7C0041117CBA0A47C97F45EFAE258D756BF07363FDCFAE8608CEB1A6517874EF7AA7230F1777A8BECAD1F13F262B14AC6F7FE49ADEDB198C9EF514954C750F81
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:54.104 1d18 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2021/05/04-17:32:54.138 1d18 Recovering log #3.2021/05/04-17:32:54.151 1d18 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):296
                                                      Entropy (8bit):0.4481240366544235
                                                      Encrypted:false
                                                      SSDEEP:3:8Eflzl//:8k1
                                                      MD5:2C5AC9FC6CEDB343BF8BC6C85AC837F0
                                                      SHA1:B3D34594E9937B6341A2387B08FAF772070C610A
                                                      SHA-256:73006E8A74E59CB502FA92D8AE8B3A73684646340D6076B2AF5A68D640FACDBF
                                                      SHA-512:6B59D07EB451A69A03B202319ADFA4F667D47C288F445084DE7E474F698F10A866C6F24E19DEEE1110C517A705A286B5286B8ECFDD2E92EAFB8414537A47F6C0
                                                      Malicious:false
                                                      Preview: .'..(....................................................................................................................................................................................................................................................................f.. /.........................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:SQLite 3.x database, last written using SQLite version 3032001
                                                      Category:dropped
                                                      Size (bytes):32768
                                                      Entropy (8bit):0.12781846825839588
                                                      Encrypted:false
                                                      SSDEEP:12:TL+A/ShBf9cfy66hNuQj3IGI/hnFRBf98:TLxkpOdOuOcRpe
                                                      MD5:E49EAD6007263141A39B966E0A718A67
                                                      SHA1:4697D43F0BF71359469D5F89975965317C921FE1
                                                      SHA-256:2B35F8F316B799A2D896A1FEE76DFDF87038172A9513DBD0F61C39142A17C134
                                                      SHA-512:3D89C0D3FAB643AD868F9DEF8047FD005AA3C8C36E1DF262093D62E134B3AFD06EA9834FD3DEF6C02EB13036361246D12E5A21E0AA4F1943FD14BE2EB6A1C171
                                                      Malicious:false
                                                      Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):731
                                                      Entropy (8bit):5.269645360916794
                                                      Encrypted:false
                                                      SSDEEP:12:g7M3YqKAs9lxyBAIT6GQqAhOxaypNliKBk778B/xgskZBa9sNiyDRUbBf9VZfXst:b0AsrIT6DqAMIaNliIY78BJgskfa9yBN
                                                      MD5:9470687AE90566E63E522E3A69E3407C
                                                      SHA1:83029F0900425258D2E5C4DAE208C178B888D475
                                                      SHA-256:B55116B514EC192CB724941E23639C2766C6D31B3781B15C5B316F0AF939BDED
                                                      SHA-512:AED09053C660D7686264754CD946DDC43F058029ED7EF4E8BAA0A272977AF627C2CBF345FB3EEEEE62043054F462DB1FD63EC51508874828B51622F20AB0A804
                                                      Malicious:false
                                                      Preview: ............."Z....c..com..desktop..file..gcgaming..html..user..login..microsoft..notes..received..users*........c......com......desktop......file......gcgaming......html......user......login......microsoft......notes......received......users..2.........a........c............d.........e.............f.........g.........h........i............j........k........l..........m...........n...........o.............p........r..........s............t...........u........v...:n..............................................................................................................B|...x...... ......*Cfile:///C:/Users/user/Desktop/Notes%20Received%20gcgaming.com.html2.Microsoft | Login:..............J...............%.7;....
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):42076
                                                      Entropy (8bit):0.11718976586992927
                                                      Encrypted:false
                                                      SSDEEP:12:gCbJwqLBj/Fv3lmd4nMWQASjG9L7jBQZ8fON:NwqLBFv3Vf1NfTf4
                                                      MD5:ECA2A3CD7E7518F26F81E3A8C2962BB1
                                                      SHA1:120248FF5D3DCE185AD1D644A3D2867963F863B2
                                                      SHA-256:B84B5F1FF94914293EB9E945682AABFABFB4225141A8191B431C3C232FE75BF4
                                                      SHA-512:7282E725DECB459C765752BBCE8D4995F511114A347F10F91ADF37A41BF004BC57AC1821538C62FDB5C41AB2D138D4C996C381D8426A334296FC02C39A3FA231
                                                      Malicious:false
                                                      Preview: .......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:DOS executable (COM, 0x8C-variant)
                                                      Category:dropped
                                                      Size (bytes):2955
                                                      Entropy (8bit):5.48269917747029
                                                      Encrypted:false
                                                      SSDEEP:48:tnGuda7rMa8dbq8MDbQSefgG0NrS0U9RdiN97F8:ba7rMZdbq8MDbQ5fgG0rS0Vy
                                                      MD5:6F805A64B1006FFBAC63F41ABAFEE3C9
                                                      SHA1:1368A7DDFACB2B451E58F8896210AB187049240F
                                                      SHA-256:9D3908A3683BF44BF81F26970510D2D8B2549E47683E8182B0AF917D980014B1
                                                      SHA-512:82BDF35A4C00DE7153BE2C015C1935DE8C2DE6A8EA3C46AE2CF8A23930FEE956DEB5B9A627A448F86CDBB31228EF6D095F04484335EC6A88F0951904B1A52364
                                                      Malicious:false
                                                      Preview: ......*............8META:chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm............Y_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.HangoutSinkDiscoveryService;.{"cache":{"sinks":{},"g":{},"h":null},"manualHangouts":{}}.a_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.IdGenerator.cast.RequestIdGenerator..665158000.H_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.LogManager...["[2021-05-04 17:32:56.60][INFO][mr.Init] MR instance ID: e8ba94d0-d292-4434-ba17-c782e5c3c591\n","[2021-05-04 17:32:56.60][INFO][mr.Init] Native Cast MRP is disabled.\n","[2021-05-04 17:32:56.60][INFO][mr.Init] Native Mirroring Service is enabled.\n","[2021-05-04 17:32:56.60][INFO][mr.PersistentDataManager] removeTemporary_: 163 chars used\n","[2021-05-04 17:32:56.60][INFO][mr.PersistentDataManager] initialize: 163 chars used, 67 other chars\n","[2021-05-04 17:32:56.60][INFO][mr.CastProvider] Query enabled: true\n","[2021-05-04 17:32:56.61][INFO][mr.CloudProvider]
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):332
                                                      Entropy (8bit):5.211576835105662
                                                      Encrypted:false
                                                      SSDEEP:6:msfyzN4q2Pwkn23iKKdK8a2jMGIFUtpdfvJZmwPdfYRv3DkwOwkn23iKKdK8a2jz:tazN4vYf5Kk8EFUtpdXJ/PdCD5Jf5Kkw
                                                      MD5:F069A22A67B711CACE43A645FED7E965
                                                      SHA1:CB35D449210A96B7105D06E22877FD384FECFA0F
                                                      SHA-256:04F3F28216766246B9019D1E27A11D7AC65A6A00F5BF6CC6541A8DB6B99CCE97
                                                      SHA-512:9BB99AE36C53718405EEB2C89628E78EEBC2051A5B7B399710DF3CA21C8386759967C864E8F89F34A1EBC22F9DB9E18EB2D238293991A0B269880B9490770AA5
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:43.866 1a60 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/05/04-17:32:43.867 1a60 Recovering log #3.2021/05/04-17:32:43.868 1a60 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):334
                                                      Entropy (8bit):5.2262819984226185
                                                      Encrypted:false
                                                      SSDEEP:6:msfVF34q2Pwkn23iKKdKgXz4rRIFUtpdf1JZmwPdf1DkwOwkn23iKKdKgXz4q8LJ:tovYf5KkgXiuFUtpd3/Pdl5Jf5KkgX2J
                                                      MD5:2D72E465F9B3DFD8B7DCFA6E5E51E52D
                                                      SHA1:E1555B9E6A2A3D7445AD2C0913A7BE77014DE9D7
                                                      SHA-256:68554B55A3CA4E64981DB7EF971E5E005343E1AE69F74D33851CACB17D908239
                                                      SHA-512:73788919207160B259DCE7270B5C38A52C4D20D5D85B07F5BC51D40FFA844C9DA437F1EADB2736E6C55B67E61A8877EA8C2A0614B4D643DC6A8F214934674C9F
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:44.066 1a84 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/05/04-17:32:44.068 1a84 Recovering log #3.2021/05/04-17:32:44.068 1a84 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:SQLite 3.x database, last written using SQLite version 3032001
                                                      Category:dropped
                                                      Size (bytes):28672
                                                      Entropy (8bit):0.8562447533572108
                                                      Encrypted:false
                                                      SSDEEP:48:TUIopK2rJNVr1GJmm8pF82phrJNVrdHX/cjrJN2yJ1n4n1GmhGUYzI1VUOezUUOg:wIElwQF8mpcSBNwaJqx
                                                      MD5:F810C2DF1A7C1B7C175C50ABE0E0FFF1
                                                      SHA1:5F4F189A1CDD8E47638DF0C73EED972B0B907209
                                                      SHA-256:1AB81FE642668891061A585CB327C724886870AAA77F2DAA2DAC65952D6F61DE
                                                      SHA-512:76B083A527AD644C20DE38B255BC6005D0604DFD624A56DDB78B7CBB42FED5777D9211EC715C58AFFAF9D6D2537BFF4BA15A0383E785CFAD1E7F7A99647607EF
                                                      Malicious:false
                                                      Preview: SQLite format 3......@ ..........................................................................C..........g...^.........j............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):29252
                                                      Entropy (8bit):0.6286139977555415
                                                      Encrypted:false
                                                      SSDEEP:48:wEqkIopK2rJNVr1GJmm8pF82phrJNVrdHX/cjrJN2yJ1n4n1GmhGUi4:wEhIElwQF8mpcSp
                                                      MD5:417D7B9BBB883C0F5C18CCB5B8BB571A
                                                      SHA1:0F4430822FAE06B6CFA29D32DD73F802687011B9
                                                      SHA-256:88343ADFB7ED708B17959BFC176E5D69BDAA1822833B45535AEBD2FD1A37A998
                                                      SHA-512:A56B7DA1E85754E214D761E5DEB5BEDD2F5E0C5573D6717697FB82C964A09D30F3C5F989209E7B30BBB34DAFB3B6AB5EE4EDE84C32718AF2D6150E6C55CC1D94
                                                      Malicious:false
                                                      Preview: ............V...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):114
                                                      Entropy (8bit):1.9837406708828553
                                                      Encrypted:false
                                                      SSDEEP:3:5ljljljljljl:5ljljljljljl
                                                      MD5:1B4FA89099996CE3C9E5A0A9768230E8
                                                      SHA1:9026E1E0906E3B3FE0E414EE814CC5A042807A04
                                                      SHA-256:537818AAFD0902A8B2D58B483674391E33E762B5E1E8CD226D873098CCE9C8F9
                                                      SHA-512:4279C9380ACC5AB329EC6BCDA10CCF0A7437CEF63845B63E741CE517042CFE83340D2D362DD6B9E039BF55E61F484CCF72B8FD8477D1D0292E0B879CB949461B
                                                      Malicious:false
                                                      Preview: ..&f.................&f.................&f.................&f.................&f.................&f...............
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):320
                                                      Entropy (8bit):5.191235967960574
                                                      Encrypted:false
                                                      SSDEEP:6:msflN+q2Pwkn23iKKdKrQMxIFUtpdf//ZmwPdf//VkwOwkn23iKKdKrQMFLJ:tNIvYf5KkCFUtpdX//PdXt5Jf5KktJ
                                                      MD5:08D457E87044411D4D074F63CC5E7317
                                                      SHA1:774EF0E59629A875554E34030C9BAF6866C0EAD1
                                                      SHA-256:BB06E0E2497D6464561BC71AE6785819E463AEFCE5825BE6C9523BCB7A41373D
                                                      SHA-512:E7A9009F6080B6DD2390A52784733E38ADE5A73975379B989EABF4A7A633E026A39A7231132B8BF9302676BB5AF959131164D4009324AA5CA20C41379816EDD0
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:43.979 1a88 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/05/04-17:32:43.980 1a88 Recovering log #3.2021/05/04-17:32:43.980 1a88 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):348
                                                      Entropy (8bit):5.148410278222198
                                                      Encrypted:false
                                                      SSDEEP:6:msfWyq2Pwkn23iKKdK7Uh2ghZIFUtpdf+/1ZmwPdfbpRkwOwkn23iKKdK7Uh2gnd:tzvYf5KkIhHh2FUtpd41/Pdz5Jf5KkIT
                                                      MD5:208E3542831A57D2A144A7AD4F5808CE
                                                      SHA1:A960DB628550119D15ECBC9072B4B942976A58C9
                                                      SHA-256:9B06478E1CB2C0B69F2E407F21235AF45036A29D4B8D5647C1DC77AEB3B03F66
                                                      SHA-512:CC1438A1BCAF3C8DFD97CEA355A11B02CB904535F37988BAB89DB3BD42DEBB08758C35F25F4B3235CB982338FDD80A080C2BF8EB176BF87C5607BD11488D0349
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:43.807 1a14 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/05/04-17:32:43.810 1a14 Recovering log #3.2021/05/04-17:32:43.811 1a14 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):296
                                                      Entropy (8bit):0.19535324365485862
                                                      Encrypted:false
                                                      SSDEEP:3:8E:8
                                                      MD5:C4DF0FB10C4332150B2C336396CE1B66
                                                      SHA1:780A76E101DE3DE2E68D23E64AB1A44D47A73207
                                                      SHA-256:18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
                                                      SHA-512:51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
                                                      Malicious:false
                                                      Preview: .'..(...................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):430
                                                      Entropy (8bit):5.250039902220699
                                                      Encrypted:false
                                                      SSDEEP:6:msf6d54q2Pwkn23iKKdKusNpV/2jMGIFUtpdfwUY3JZmwPdfwUY3DkwOwkn23iK4:tkavYf5KkFFUtpdYbZ/PdYbz5Jf5KkOJ
                                                      MD5:41988A8A00914D5B43A5EE89DC89A15A
                                                      SHA1:D0A28F7380CD5F3545AAAD25F17210F66BA4F855
                                                      SHA-256:80829C3F1EECD6C08068C672EF3D2A9B1FD87044D0872EE41A6F1D345B8D61BA
                                                      SHA-512:15767D66E044698FD8857C6A75C556C91A38E7D5AAE6DD4972E472D1AE6AD7190CBBD4C5EF239CB2A63F74F8DEBFAD1FA48DB41CF70178ADF225BD43BAE65077
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:44.007 1a84 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/05/04-17:32:44.009 1a84 Recovering log #3.2021/05/04-17:32:44.009 1a84 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):432
                                                      Entropy (8bit):5.269432361701315
                                                      Encrypted:false
                                                      SSDEEP:6:msfNw+q2Pwkn23iKKdKusNpqz4rRIFUtpdfug5ZmwPdfItVkwOwkn23iKKdKusN9:tfvYf5KkmiuFUtpdN5/PdQT5Jf5Kkm2J
                                                      MD5:A9889DF8408D7BBC3C599F0A74041960
                                                      SHA1:569D4F8504E10CB40682DDDE6A479B46326DADFF
                                                      SHA-256:D9E128F4FBE6DDB17B7FDAEEA978D52342F01558C33B367EEAD620AB796E5142
                                                      SHA-512:AC632052B754DED396EEDB5E31EA0693110D7A0D5E2AEF6312D413EC1584DCF44DBAF7ED0502C00E5986B73C4E3549B092C30E09C206D7940566D3096ADA79EF
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:44.071 1a18 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/05/04-17:32:44.072 1a18 Recovering log #3.2021/05/04-17:32:44.073 1a18 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):19
                                                      Entropy (8bit):1.9837406708828553
                                                      Encrypted:false
                                                      SSDEEP:3:5l:5l
                                                      MD5:E556F26DF3E95C19DBAECA8F5DF0C341
                                                      SHA1:247A89F0557FC3666B5173833DB198B188F3AA2E
                                                      SHA-256:B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
                                                      SHA-512:055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
                                                      Malicious:false
                                                      Preview: ..&f...............
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):418
                                                      Entropy (8bit):5.251948459653191
                                                      Encrypted:false
                                                      SSDEEP:6:msWL4q2Pwkn23iKKdKusNpZQMxIFUtpdWCY3JZmwPdWCY3DkwOwkn23iKKdKusNP:t1vYf5KkMFUtpdeZ/Pdez5Jf5KkTJ
                                                      MD5:DA31B9F3B657F1B42FC8C67B5E500325
                                                      SHA1:14BAEBA1BE0BE024152FA3770D16397F7A9B89B2
                                                      SHA-256:0182CFCDC27E1F48205DF7E4D4025E71233A34A51DEC4D8C0A5927B6CFBE414D
                                                      SHA-512:29D28A58A85791EDBE3328B8D8532616C152FFB120E1B464BB7A8EAE0BEA153BA02758D7293ABA3F5EA5E8895233B3674B160F9CEC4C5CC52C0A513FBE6E15B7
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:33:00.347 1a84 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/MANIFEST-000001.2021/05/04-17:33:00.349 1a84 Recovering log #3.2021/05/04-17:33:00.349 1a84 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\bb0a1b34-7c56-47f1-b172-3e7b38348b5a.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):325
                                                      Entropy (8bit):4.971623449303805
                                                      Encrypted:false
                                                      SSDEEP:6:YHpoNXR8+eq7JdV5p7DHJShsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdHfHYhsBdLJlyH7E4f3K33y
                                                      MD5:8CA9278965B437DFC789E755E4C61B82
                                                      SHA1:5776B6C90CA1D2DDC765ED673B5E6DC8E167F0D6
                                                      SHA-256:A57D9231244C1FBDE58A1BF50CAD3A1E3EA28D042BFA272782B65139446E7C51
                                                      SHA-512:3065FE0743AD88E02F8C8FF6CF03B832B616DD08061EAE25A5106422228D45EB999EE2CBE4E9C96D5FFC108CB817766240E27BF97E3E5C2A58081D369E2968F8
                                                      Malicious:false
                                                      Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248516514667526","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\31d64b09-23e6-4832-8e95-3b4c6c2de016.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):325
                                                      Entropy (8bit):4.9616384877719995
                                                      Encrypted:false
                                                      SSDEEP:6:YHpoNXR8+eq7JdV5pirhsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdHirhsBdLJlyH7E4f3K33y
                                                      MD5:B0429187E1BE99DE4D548DC5B2EDEA0A
                                                      SHA1:B3E07BEE5D753BF1B613BD2DE665C7C21E8184F6
                                                      SHA-256:D8DABBF936DAB4F17437ECA255020EA847D76D6B789F9486010C95E995CFED03
                                                      SHA-512:233F7BDAA848A295E9F58CA52761829FE1044DA1DE1FBCAC407FADC8C7ABA1E4FFD7CA7A4FBE649E83FD1815DC2E3619ACB2A22CE5B2C7241E474CDB9AF2F7ED
                                                      Malicious:false
                                                      Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248516523181804","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):592
                                                      Entropy (8bit):0.19535324365485862
                                                      Encrypted:false
                                                      SSDEEP:3:8E8E:8N
                                                      MD5:B505641E5E90B7CF4BC869DD1B4BE451
                                                      SHA1:0EC7B13DC043E054AB48B8F45FE49EF1209C01AA
                                                      SHA-256:2755F85F14CF33404CEEBF053D0CB79DC3B98D643A51075737E6A5BE154FE1D9
                                                      SHA-512:610AF095630C93B0586F4D9CA84FA75454C472C557D4FDBC0D5C1851F9AABF8653079A7ADE4659ABADDEDC2E02E58AD13C7244CD004B0AA5A462307F293F83A3
                                                      Malicious:false
                                                      Preview: .'..(....................................................................................................................................................................................................................................................................................................'..(...................................................................................................................................................................................................................................................................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):430
                                                      Entropy (8bit):5.217240910879318
                                                      Encrypted:false
                                                      SSDEEP:12:t6NOvYf5KkkGHArBFUtpd6N0jZ/Pd6DN5Jf5KkkGHAryJ:t6NMYf5KkkGgPgT6Of6zJf5KkkGga
                                                      MD5:6B7CDA9A1F0D4F72949704887BF2E128
                                                      SHA1:B9C61DD01DBE444EAA760F2CE5B0EB4B3596A899
                                                      SHA-256:84C69AFC0B749BD0B3AC332A4BC402B985F973E48720BC79FB73183484D654CF
                                                      SHA-512:C2787A1A42CB42A095A4549189620135CCD5CD591FEB08D86099F692ABF9825FB3D1F834857BB8224640131D5A30C019982CECE2B4088555D9E426D14F6C04FA
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:54.224 1a84 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/MANIFEST-000001.2021/05/04-17:32:54.229 1a84 Recovering log #3.2021/05/04-17:32:54.231 1a84 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):432
                                                      Entropy (8bit):5.201083160403618
                                                      Encrypted:false
                                                      SSDEEP:12:t6pvYf5KkkGHArqiuFUtpd6u/Pd64mF5Jf5KkkGHArq2J:t6VYf5KkkGgCgT6664mXJf5KkkGg7
                                                      MD5:BA4829BDF5AAF4FB979C225EE017A886
                                                      SHA1:6559A2A809F9076F072F7A8E30CD2F4B3D4A518C
                                                      SHA-256:06D8F1544C2DECF93016D465EEA413AE05BF3A624CFBE4B060DD52B584C8C8EE
                                                      SHA-512:261796ED558E581086879B20EFE214B8AF8D050196BEA03AC4385F345739C27CB5EB8ECED8542B749435F245C7F39467568CA53BCE0FB9171D4332E76985B878
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:54.237 1a70 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/MANIFEST-000001.2021/05/04-17:32:54.240 1a70 Recovering log #3.2021/05/04-17:32:54.241 1a70 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):38
                                                      Entropy (8bit):1.9837406708828553
                                                      Encrypted:false
                                                      SSDEEP:3:5ljl:5ljl
                                                      MD5:E9C694B34731BF91073CF432768A9C44
                                                      SHA1:861F5A99AD9EF017106CA6826EFE42413CDA1A0E
                                                      SHA-256:01C766E2C0228436212045FA98D970A0AD1F1F73ABAA6A26E97C6639A4950D85
                                                      SHA-512:2A359571C4326559459C881CBA4FF4FA9F312F6A7C2955B120B907430B700EA6FD42A48FBB3CC9F0CA2950D114DF036D1BB3B0618D137A36EBAAA17092FE5F01
                                                      Malicious:false
                                                      Preview: ..&f.................&f...............
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):418
                                                      Entropy (8bit):5.1941030916753475
                                                      Encrypted:false
                                                      SSDEEP:12:tuIvYf5KkkGHArAFUtpdF/PdX5Jf5KkkGHArfJ:tu6Yf5KkkGgkgTDJJf5KkkGgV
                                                      MD5:8565F58F985A5D2553B97AE89321E36E
                                                      SHA1:1715F53A210ECC3448078B7C7505010DD489F54D
                                                      SHA-256:3497B3547F6D7C5CAAFF0354966F471E08B76D1B6AE06DF6E484ACDC488B5826
                                                      SHA-512:3115B875312791E116DA496CB69A4C65ABAE5489CC540B865AAAF8178C4FFE10615079D29E648D1CEE45EB61C8CBF6F2F9FD96162C0814D2436243843551EB67
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:33:09.556 1a70 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/MANIFEST-000001.2021/05/04-17:33:09.557 1a70 Recovering log #3.2021/05/04-17:33:09.557 1a70 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):38
                                                      Entropy (8bit):1.9837406708828553
                                                      Encrypted:false
                                                      SSDEEP:3:sgGg:st
                                                      MD5:45A8ECA4E5C4A6B1395080C1B728B6C9
                                                      SHA1:8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E
                                                      SHA-256:DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
                                                      SHA-512:8EE91A3A1E77459273553F6A776C423A8EE95DB9DCFA897771814B7AD13FD84F06BB2B859F22B6DDA384B39EAA91F1819F170BABED6DA16BDBCF5BCB06CF2124
                                                      Malicious:false
                                                      Preview: ..F..................F................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):324
                                                      Entropy (8bit):5.199370023530715
                                                      Encrypted:false
                                                      SSDEEP:6:msfpq2Pwkn23iKKdKpIFUtpdfkxZmwPdfxzkwOwkn23iKKdKa/WLJ:txvYf5KkmFUtpdsx/PdJ5Jf5KkaUJ
                                                      MD5:6349AB573C1F95B41E1AE346EC2A1C4D
                                                      SHA1:1D665E6191ABF53963664B6CC63138A13E18636E
                                                      SHA-256:797F05147BB4ABB92629A8D1988D18EBF543911E2BD7E776D9BB88BF6437F566
                                                      SHA-512:22BA25F792D6F62570A68F71DB4A1E7903D0824F164C4F45697CA897C5F6C53BF40AAF916816186CDCE35F6F4025B3E2C4FA0BF656EFD21C041939A65B65D14B
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:43.811 1a20 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/05/04-17:32:43.813 1a20 Recovering log #3.2021/05/04-17:32:43.814 1a20 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):402
                                                      Entropy (8bit):5.321792299741379
                                                      Encrypted:false
                                                      SSDEEP:12:teI+vYf5KkkOrsFUtpdePWW/PdeyV5Jf5KkkOrzJ:teBYf5Kk+gTeuyeUJf5Kkn
                                                      MD5:9AE11E16B1C50545D8F90C91BE759975
                                                      SHA1:A4BEC7AA69A7D2F1739DEE5A660D3948C3A3954F
                                                      SHA-256:60422969513004F6F4D94F0553FA76572F5A46B4516412ABE8859A816D1DBEFF
                                                      SHA-512:2C09347F527AFB3D63702C2F7C1FC95A2860C3B6CA68EE178309FE001C6C3FF9DDCDC2FB49A26F9F18CE8F550C2211812D83D2B316471936564BB988F4FF1C1D
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:56.573 19ec Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/MANIFEST-000001.2021/05/04-17:32:56.574 19ec Recovering log #3.2021/05/04-17:32:56.575 19ec Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):12
                                                      Entropy (8bit):3.188721875540867
                                                      Encrypted:false
                                                      SSDEEP:3:jzsaS:j/S
                                                      MD5:C1BD990A7438DC762A4D4886FD242DB9
                                                      SHA1:D32FA5BE26F2F4970479407B5CBA016CDE830AA1
                                                      SHA-256:02634E8D87B0281E80B0D9A9BA2EB83AD52F70B8D15FD77E844E19EA322017FC
                                                      SHA-512:8906A86232AC89EB72387E88764A9CC9DF33D0766352E358DDF60F6F4165D10158420C9C4CF257832E9735E84C26E4CAE0F1B7B2637BEF85E95C8B5123A2713E
                                                      Malicious:false
                                                      Preview: .....(...?.
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\3f033881-b49b-4f26-a2ea-c5544b060e22.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
                                                      Category:dropped
                                                      Size (bytes):175509
                                                      Entropy (8bit):5.489440694064333
                                                      Encrypted:false
                                                      SSDEEP:1536:rKbsLAR2A4VBQV1111111111111Nr366R6faFR+up0y0y2im1OsFcgYzQNL9X:rKbsLAR2fe/FZntrslfX
                                                      MD5:33EABC19FDF40F3D36B6870EF5861957
                                                      SHA1:CF3EF59C3940B58C314E9F6A1616751553F2D9A2
                                                      SHA-256:647D07F37554672865902B2CEE80864B5A5283C372C7263BB1497D5582054E57
                                                      SHA-512:47CFEDB1FDBC9BC09905C70F69A5114C64A8FC791BCA480D24972275276F00CEB230C579B4217337F9C69ECB2AB3221A3B549F06E8074D76BCE2F31773FB69F5
                                                      Malicious:false
                                                      Preview: ............ .H............. ............... .p............. .h...n......... ............... ......... .... .....n...((.... .h.......00.... ..%..~H..@@.... .(B..&n..``.... .....N......... .(....D........ .w`...M..(............. ..............................+.O-8&]P>/^Q?-^&:?I.1;<....qye.f.%.......X...E.....I...k}....{.m.t.CP..........E...\...............=H..,A..,J..;P......................................................................................nnp}nnp}........~~~........!...!---2---2... ........................................(............. ................................!...7.#.:3,";3,!<.&'/............NPLYt.F.K.%.....L..C.....1...`...KOPVutz}..A.BxX.......P...Q.....1...x...tqpyxuux...0D..DP..........G...........uojuppnw....t|..9F..-=..+:..5:..rr......llkrkkmw................................ggitllkv................................hhgssss~............YY\eYY[e............nnnzXXXa.............................RRR\..........................................................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\Chrome Web Store Payments.ico.md5
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):16
                                                      Entropy (8bit):4.0
                                                      Encrypted:false
                                                      SSDEEP:3:SeFcn:Sec
                                                      MD5:61B979ECA159ECAC9C7F8F1D6FD43E9D
                                                      SHA1:0373696351FC2172E811DA8393DEC84036FA34A0
                                                      SHA-256:AB05E0A6FF7E8FFF89F924B279D93AFC72ACCE817C4D250C60BB8059CC534303
                                                      SHA-512:C95825DA33CBDDFA627D9FF9A5B8371BC5F4E643A09573B6E1E839A83B619F53D878C344030B9701DCBC24D4CECCC016CF4D298D10EE8C37D1B5FEC1A51682B6
                                                      Malicious:false
                                                      Preview: F......r...(R..
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a845f929-f62a-4756-b554-97e0e293e113.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):22602
                                                      Entropy (8bit):5.535527592601796
                                                      Encrypted:false
                                                      SSDEEP:384:H+Ot4LlWUXb1kXqKf/pUZNCgVLH2HfDhrUwHGYnZCT/QZF947k:MLl1b1kXqKf/pUZNCgVLH2HfdrU0GYnh
                                                      MD5:13191D00B3DE2721CB434F31CCBA0FB1
                                                      SHA1:3894DB59E69F018773B9E396794B83E93639C39A
                                                      SHA-256:256BE96C4CCA20EB9E8080A5957B3FF0AF915CCBD474D5665A833AC4E2AF0275
                                                      SHA-512:0200F7C2DBB233C3DA36620D60B903786DF3AA3A5BE88FA9DA4D98E02684A0C503D5656F7C652571C5B86FB7C01F81EC538C26B921DD8353917D3FB98025BA7F
                                                      Malicious:false
                                                      Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13264615963826329","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bd75052c-cbdd-4a23-b472-308da9f828a6.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:modified
                                                      Size (bytes):2457
                                                      Entropy (8bit):4.85615892226589
                                                      Encrypted:false
                                                      SSDEEP:48:Y2nzMKDHGXCtwT56NTpsYRLsj8zsp6qgJOcsZyKsV3zskMH5Yhbw:JnzMKDHGXCOT56NfkLxGOtMlGGhM
                                                      MD5:788B4F2FA525A8DC3E0F21C6A7A6A5D9
                                                      SHA1:B2525D35D713A586AC88352FF6EFF3E6CCA5FAD3
                                                      SHA-256:D1EC7C582E24DFF99AEE0B654E1769B84335D051E2B7FC6C253F516E81347AAA
                                                      SHA-512:ECE5452B8918B4BC4DB686AA99AE96DC369B2592C431A3DE8C0B258257ED4AA43CDC5B1D3EFAE71ACC98B6CA85ED040FC8861568E5E4D8B1D1D414792D12FD9C
                                                      Malicious:false
                                                      Preview: {"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://www.google.com","supports_spdy":true},{"isolation":[],"server":"https://dns.google","supports_spdy":true},{"isolation":[],"server":"https://redirector.gvt1.com","supports_spdy":true},{"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"isolation":[],"server":"https://play.google.com","supports_spdy":true},{"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"isolation":[],"server":"https://fonts.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://ssl.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://www.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://maxcdn.bootstrapcdn.com","supports_spdy":true},{"isolation":[],"server":"https://cdnjs.cloudflare.com","supports_spdy":true},{"isolation":[],"server":"https://use.fontawesome.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c688863d-9283-425e-9e93-741c5cb10b7f.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):3473
                                                      Entropy (8bit):4.884843136744451
                                                      Encrypted:false
                                                      SSDEEP:96:6FGX0G70GhIGpyGzRDYLiEHYDBKGzUGaCGjHGESHG/OG6mhM:6Fe0i0sIIyGzRDYLiEHYDBKSUpCQHrSP
                                                      MD5:494384A177157C36E9017D1FFB39F0BF
                                                      SHA1:CE5D9754A70CD84CEE77C9180DB92C69715BE105
                                                      SHA-256:07CF0A5189FAD30A4AA721F4F6DA1B15100991115833EACFA1E2DC84A1B54337
                                                      SHA-512:BFB80EEC0C0B5D9E487047703BE49826321A4D249422E0C81E978E6C8A310F41C7B4B8F849229BA87484FDF4831DD6A98FF994D0FDA5CE3D341CE615C15F2F1C
                                                      Malicious:false
                                                      Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607497410","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":27387},"server":"https://www.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607334226","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":34287},"server":"https://ssl.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607463627","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31787},"server":"https://fonts.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607318875","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":23359},"server":"https://apis.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):16
                                                      Entropy (8bit):3.2743974703476995
                                                      Encrypted:false
                                                      SSDEEP:3:1sjgWIV//Rv:1qIFJ
                                                      MD5:6752A1D65B201C13B62EA44016EB221F
                                                      SHA1:58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B
                                                      SHA-256:0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
                                                      SHA-512:9CFD838D3FB570B44FC3461623AB2296123404C6C8F576B0DE0AABD9A6020840D4C9125EB679ED384170DBCAAC2FA30DC7FA9EE5B77D6DF7C344A0AA030E0389
                                                      Malicious:false
                                                      Preview: MANIFEST-000004.
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):139
                                                      Entropy (8bit):4.548129746724654
                                                      Encrypted:false
                                                      SSDEEP:3:tUKDRIU3PQWOeWZmwv39RIU3PQWvSWJAR1V8s9RIU3PQWvSWJAR1WGv:msfQPhZmwPdfQmSOA7VvdfQmSOA7tv
                                                      MD5:39806B1FA461A9469EAB73F914821681
                                                      SHA1:7CCE3C18B2425872163988DA94F104309E9D0555
                                                      SHA-256:1EFA105068A3B7EAFBA4D7FA9E7AFC674FEEF91B8647C0CF43B067B16A945D1A
                                                      SHA-512:0CFBA53FB2D018B3D4994F7BC5D8E3235E1B0DFD8212C6726D67A35F979E9513114AF95404B36756C742916B22CB1E005ACB55E49F99F24B8455571256141685
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:32:53.308 19f0 Recovering log #3.2021/05/04-17:32:53.429 19f0 Delete type=0 #3.2021/05/04-17:32:53.429 19f0 Delete type=3 #2.
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:MPEG-4 LOAS
                                                      Category:dropped
                                                      Size (bytes):50
                                                      Entropy (8bit):5.028758439731456
                                                      Encrypted:false
                                                      SSDEEP:3:Ukk/vxQRDKIVmt+8jzn:oO7t8n
                                                      MD5:031D6D1E28FE41A9BDCBD8A21DA92DF1
                                                      SHA1:38CEE81CB035A60A23D6E045E5D72116F2A58683
                                                      SHA-256:B51BC53F3C43A5B800A723623C4E56A836367D6E2787C57D71184DF5D24151DA
                                                      SHA-512:E994CD3A8EE3E3CF6304C33DF5B7D6CC8207E0C08D568925AFA9D46D42F6F1A5BDD7261F0FD1FCDF4DF1A173EF4E159EE1DE8125E54EFEE488A1220CE85AF904
                                                      Malicious:false
                                                      Preview: V........leveldb.BytewiseComparator...#...........
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f08ae697-7f62-4c68-be16-f1d24f825e20.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):5467
                                                      Entropy (8bit):5.161806616988944
                                                      Encrypted:false
                                                      SSDEEP:96:naL7GQdfcsbQnIV65k0JCKL8bbOTzeO1VuHn:na3zfcsbQnIUh4KZpU
                                                      MD5:75CD5C3C0429698AA7F550CA0CE3AB2C
                                                      SHA1:370B0F226405EFA0996B0A03479914C4EF725451
                                                      SHA-256:F6CD06C9DCACBCA756E92276315707A51543C8AEE51384816C883946DB26480C
                                                      SHA-512:25579219B16C3A024F033A1CDE363D1D72FD99BFDD36A637DD6DB10EDEA94455ECDA990A0320D5EE117A06C1032E212CFADE4A7C8C9F9C1BED9B2FA5DD8E2C18
                                                      Malicious:false
                                                      Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13264615963989299","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245924509391818","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"bookmark_bar":{"show_on_all_tabs":false},"browser":{"has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2042016"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0"
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):338
                                                      Entropy (8bit):5.178977243993404
                                                      Encrypted:false
                                                      SSDEEP:6:msWT4jIq2Pwkn23iKKdKfrzAdIFUtpdWTaZZmwPdWTCukwOwkn23iKKdKfrzILJ:tUMIvYf5Kk9FUtpdUaZ/PdUCu5Jf5KkS
                                                      MD5:0E769267A32C6A2A2283C8E7EB08B01B
                                                      SHA1:833047A5987C34EF7F67FEDA6F8053030EB9DC22
                                                      SHA-256:D9C4F63676A41A3553CA8894AEDEC6E5AA066D373F2BDAAFBEBF690B53CE17B4
                                                      SHA-512:41FABD0C597F71A93101D9DE3D657D4573B273539B97BA4FFDB1D00AFCCBB049A57C334DA1C42D417B70B8E2A105C4BF77DBF0D4FA950509FAB51721F5152F3B
                                                      Malicious:false
                                                      Preview: 2021/05/04-17:33:00.624 1a70 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2021/05/04-17:33:00.626 1a70 Recovering log #3.2021/05/04-17:33:00.627 1a70 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/000003.log .
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):106
                                                      Entropy (8bit):3.138546519832722
                                                      Encrypted:false
                                                      SSDEEP:3:tbloIlrJ5ldQxl7aXVdJiG6R0RlAl:tbdlrnQxZaHIGi0R6l
                                                      MD5:DE9EF0C5BCC012A3A1131988DEE272D8
                                                      SHA1:FA9CCBDC969AC9E1474FCE773234B28D50951CD8
                                                      SHA-256:3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
                                                      SHA-512:CEA946EBEADFE6BE65E33EDFF6C68953A84EC2E2410884E12F406CAC1E6C8A0793180433A7EF7CE097B24EA78A1FDBB4E3B3D9CDF1A827AB6FF5605DA3691724
                                                      Malicious:false
                                                      Preview: C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):13
                                                      Entropy (8bit):2.8150724101159437
                                                      Encrypted:false
                                                      SSDEEP:3:Yx7:4
                                                      MD5:C422F72BA41F662A919ED0B70E5C3289
                                                      SHA1:AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632
                                                      SHA-256:02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
                                                      SHA-512:86010ED2B2EEBDCC5A8A076B37703669C294C6D1BFAAEA963E26A9C94B81B4C53EC765D9425E5B616159C43923F800A891F9B903659575DF02F8845521F8DC46
                                                      Malicious:false
                                                      Preview: 85.0.4183.121
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):296
                                                      Entropy (8bit):0.4481240366544235
                                                      Encrypted:false
                                                      SSDEEP:3:8Eflsl/:89
                                                      MD5:9C77E6B61CDDA8791FFB8EE5641F59B3
                                                      SHA1:8B7C38848C2581EE9C5A046199AFFD70CBC781C3
                                                      SHA-256:76598625D106932C25BA32A3D2569E09DFCD2854388D0E1DCE96A0195D0F7FD9
                                                      SHA-512:125E32F402F5C396C52CD7FB91D9099D40D63A1CD23B50DA040A7CBACD772E201A303C236DD6F2E59A3F04B5EA8B5E121ECF1221A042ACF1BA37FF748FDC021C
                                                      Malicious:false
                                                      Preview: .'..(...................................................................................................................................................................................................................................................................T<c.. /.........................
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\9.22.0\Indexing in Progress
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:empty
                                                      Category:dropped
                                                      Size (bytes):0
                                                      Entropy (8bit):0.0
                                                      Encrypted:false
                                                      SSDEEP:3::
                                                      MD5:D41D8CD98F00B204E9800998ECF8427E
                                                      SHA1:DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
                                                      SHA-256:E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
                                                      SHA-512:CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
                                                      Malicious:false
                                                      Preview:
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir6504_528778333\Ruleset Data
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):208920
                                                      Entropy (8bit):4.964307261909652
                                                      Encrypted:false
                                                      SSDEEP:3072:gzChBJeloN++/mYWcT8WSkb1RqmYb8zpoPo/smfgbpxT0C0oUBXrvzpnuidAut:5clEHRAqggCyIW1
                                                      MD5:A96F63877D2B8648563905C60513B9F0
                                                      SHA1:EE63F5F68E176DCEA8416C9877F09533C4E5498E
                                                      SHA-256:B5A3D515B1673D134B197878D681C0CC8290BC476EB69D69EF27FF9669EC2E80
                                                      SHA-512:C137035D92E4161FF55AF447D61F7F61E9FB8812EF0D32649011A6D7A07AEBA317B4197CF0205B37B755FACF7A1ABCA586507A1B825BC2FD4194E8306DB4E008
                                                      Malicious:false
                                                      Preview: ........................$...,........C..................................................p.......P...........,...........................geips....... n..........lgoog........R..........ozama...................onwod.......h...(.......g.bat.......<...@.......uotpo...........X.......ennab...................nozam............e..l....E......................-.................l...P...........,.........................................|.......h...p...H...,...........\...X...T...P......H.......@...<...8.......d...,...(...$... ...............,.........................................................................`...D...........................................................|...x...t......l...h...d...`.......X.......P...L...\...D...@...<...8...0...0.............. ...........................................`..................0...........................................................................h.......H...,.......x......p...l...h...d...`...\...X...T...P...L...H...
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\b87a3687-babf-43d1-a87b-0187ba279bda.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:SysEx File -
                                                      Category:dropped
                                                      Size (bytes):94708
                                                      Entropy (8bit):3.7491555935660488
                                                      Encrypted:false
                                                      SSDEEP:384:1LIX3taUBulZVmsb2Njrov/l34HtUH9UGkTrOJDPx4559YrSfmKtKVrLLUOBJDNW:12K1FiRE0Meb/xBQH/+9KPVr5a
                                                      MD5:430BAB21C09E90D8457D2A43C95E5868
                                                      SHA1:A486E26252ACF05B40B3C2F504A729EF350BAEE2
                                                      SHA-256:2C4012D137F8500F4B25F80905B8DDC25B2A0EEA3A198C0EBC5E87E2CA21BE7F
                                                      SHA-512:7F25F1D66288A8322C3A0B69E73C6081054A2E079C2D214DC264CDDD6D1505CB6594812DFABBB6801A693977419E3924FFDA5590B6248F4FE7D2B182C5C87E03
                                                      Malicious:false
                                                      Preview: .q..............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....98.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\c99ee505-80e7-44dc-a7a4-2390a8cc943f.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):160656
                                                      Entropy (8bit):6.052868258304527
                                                      Encrypted:false
                                                      SSDEEP:3072:ozPi8A6zsByu8VXAVzkbOBLvMlNEopvR/XQrXwFcbXafIB0u1GOJmA3iuRH:GT7OoQVzkq9vMwSR/JaqfIlUOoSiuRH
                                                      MD5:EF61CE783ED7366ADB0FA030566B4FAA
                                                      SHA1:95B634BC326403A67126247B74BF219E454A1EFF
                                                      SHA-256:8D9AC57A1AB661582F7EF25B1E638C04F4160C9749DA7CEAC93DA3110C5A7E33
                                                      SHA-512:AE97C6EEE63AC3DFA7FD7EE26FB4C16E8F442A0897B64E5639BAD4B36A37383BCE815CE5F8A04442A5E348DEC3651522A5733DD79456A165A8BE0844AAB4377C
                                                      Malicious:false
                                                      Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620142367105653e+12,"network":1.62014237e+12,"ticks":303559418.0,"uncertainty":5321529.0}},"origin_trials":{"disabled_features":["SecurePaymentConfirmation"]},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\d3b56f9c-e35d-4ba3-9cb2-e9f9b0a7ca71.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):160564
                                                      Entropy (8bit):6.052622594974497
                                                      Encrypted:false
                                                      SSDEEP:3072:o6Pi8A6zsByu8VXAVzkbOBLvMlNEopvR/XQrXwFcbXafIB0u1GOJmA3iuRH:XT7OoQVzkq9vMwSR/JaqfIlUOoSiuRH
                                                      MD5:EC4B11D53B602C15819A49AD70B57E7C
                                                      SHA1:FF4084FA91C50DB5A63BAE4AF7623C3DAC5AA12A
                                                      SHA-256:1820D0804BF868370B7CEE1BB4AA6FFA77E84106805228CC6F3CA685AC83210A
                                                      SHA-512:0EC5B8AC4462B1BE5C6908CD216FBF50CF3776AA12E2900F599D4A4678EC147C6AB08C13B6490CBEB0F26720B9C9A17C175F449E36AA63D78046B01AA2BB844A
                                                      Malicious:false
                                                      Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620142367105653e+12,"network":1.62014237e+12,"ticks":303559418.0,"uncertainty":5321529.0}},"origin_trials":{"disabled_features":["SecurePaymentConfirmation"]},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\da6549f0-80b5-4a1e-a732-2c1a75e36f8b.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):95428
                                                      Entropy (8bit):3.749026658260818
                                                      Encrypted:false
                                                      SSDEEP:384:lLIX3taUBulZVmsb2Njrov/l34HtUH9UGkTrOJDPx4559YrSfmKOQKVrLLUOBJDM:F2K1FiRE0Meb/xBQH/+9KPVr5O
                                                      MD5:FC33E004AEE46EF0E5198F16DD43FB87
                                                      SHA1:01257CB668B1D6A3DEE9F8E6A144BAAE4266790D
                                                      SHA-256:05C2FCD337EE8CC5C286DC025545AECFF1779D2C9BD27E93A81D2E8FBB4DA0CF
                                                      SHA-512:C8AFE0DFD1009610B46A3A1C2539802E212AB7E1B796D08351103DD2255839F7A6AAEA418A516AA454FBD507584CA30C5ED23DBCA91CD37C7A2FBF091F6B9E45
                                                      Malicious:false
                                                      Preview: .t..............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....98.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
                                                      C:\Users\user\AppData\Local\Google\Chrome\User Data\dbebda3e-df5d-4a3f-9220-4df7ed3e8d93.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with very long lines, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):160564
                                                      Entropy (8bit):6.052622594974497
                                                      Encrypted:false
                                                      SSDEEP:3072:o6Pi8A6zsByu8VXAVzkbOBLvMlNEopvR/XQrXwFcbXafIB0u1GOJmA3iuRH:XT7OoQVzkq9vMwSR/JaqfIlUOoSiuRH
                                                      MD5:EC4B11D53B602C15819A49AD70B57E7C
                                                      SHA1:FF4084FA91C50DB5A63BAE4AF7623C3DAC5AA12A
                                                      SHA-256:1820D0804BF868370B7CEE1BB4AA6FFA77E84106805228CC6F3CA685AC83210A
                                                      SHA-512:0EC5B8AC4462B1BE5C6908CD216FBF50CF3776AA12E2900F599D4A4678EC147C6AB08C13B6490CBEB0F26720B9C9A17C175F449E36AA63D78046B01AA2BB844A
                                                      Malicious:false
                                                      Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620142367105653e+12,"network":1.62014237e+12,"ticks":303559418.0,"uncertainty":5321529.0}},"origin_trials":{"disabled_features":["SecurePaymentConfirmation"]},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"
                                                      C:\Users\user\AppData\Local\Temp\4200571a-399b-478a-8686-666b27d3e919.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:very short file (no magic)
                                                      Category:dropped
                                                      Size (bytes):1
                                                      Entropy (8bit):0.0
                                                      Encrypted:false
                                                      SSDEEP:3:L:L
                                                      MD5:5058F1AF8388633F609CADB75A75DC9D
                                                      SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                      SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                      SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                      Malicious:false
                                                      Preview: .
                                                      C:\Users\user\AppData\Local\Temp\50c16608-9c7c-496c-b697-a29ae82e1188.tmp
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:Google Chrome extension, version 3
                                                      Category:dropped
                                                      Size (bytes):248531
                                                      Entropy (8bit):7.963657412635355
                                                      Encrypted:false
                                                      SSDEEP:3072:r+nmRykNgoldZ8GjJCiUXZSk+QSVh85PxEalRVHmcld9R6yYfEp4ABUGDcaKklrv:k3oF4Z4h45P99Fld9RBQYBVcaxlnfL
                                                      MD5:541F52E24FE1EF9F8E12377A6CCAE0C0
                                                      SHA1:189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
                                                      SHA-256:81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
                                                      SHA-512:D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
                                                      Malicious:false
                                                      Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f|.~.c.4.E.......0..0...*.H............0.......).'..b.*$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$|..|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...|!..A..L.+.=...kP.!.1..
                                                      C:\Users\user\AppData\Local\Temp\6504_1029710420\manifest.fingerprint
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):66
                                                      Entropy (8bit):3.9570514164363635
                                                      Encrypted:false
                                                      SSDEEP:3:SVCBGERJd9WaHpYx4eiXoA:SVCwERJdVMiXd
                                                      MD5:C6ABF42CB5AF869629971C2E42A87FD5
                                                      SHA1:6EB0FAE28D9466E76FA12E31FE6CDADD3ACCE4D1
                                                      SHA-256:D281AFDA759075F4CB7D7CEEC4A3CB2AF135213B4D691F27090E13F238486AD1
                                                      SHA-512:EDDF7E4883E82718743C589E8F2E48BEAD948428E730231FEFADAD380853343332BC56C9DC61C963B3F537CD4865B06FF330CEF012B152CEA35F8A0AA2C7B56D
                                                      Malicious:false
                                                      Preview: 1.fd515ec0dc30d25a09641b8b83729234bc50f4511e35ce17d24fd996252eaace
                                                      C:\Users\user\AppData\Local\Temp\6504_1450021168\manifest.fingerprint
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):66
                                                      Entropy (8bit):3.8661423255272727
                                                      Encrypted:false
                                                      SSDEEP:3:SS2BBS0XnGJHXhcWeVxObhNIL:SSmBSmnGJHdMsI
                                                      MD5:8067D1C22DD706E20C3B1B1C6A64B0B8
                                                      SHA1:2BDA3268F06E453ADAB2EDFB9F0585BB306122B4
                                                      SHA-256:1AA6AF004762782DD8FA229C950C90946FA71145F3F12C6CE078F85FD2E7EFF6
                                                      SHA-512:27E66AF3F49C5E6F7C5D3153CDCED0A63B1ADCEAC06AF5660354B1C71C05780A0D2D0364A852A5DEF9B2D917740C0C66A53BDF59DD1C0B2B9538AFC6BDA995B2
                                                      Malicious:false
                                                      Preview: 1.749cadd76db233b1ee2c3051cb01c2d2393e2d293df1042f7f00343bf458f6bf
                                                      C:\Users\user\AppData\Local\Temp\6504_1658016523\manifest.fingerprint
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):66
                                                      Entropy (8bit):3.89429824295036
                                                      Encrypted:false
                                                      SSDEEP:3:SRwGXyUtz24TSXhV6DDt5WBG9EBn:SGGXyA5kDoDt5WwaBn
                                                      MD5:7FB6C0307DFC7235990A87216D6EFE79
                                                      SHA1:9C86024DE6EE647227E73C5905468DB9C31D8447
                                                      SHA-256:F01B98701AE70087F82AAC256AB3ECFB736F4865B7DF915051C7D5B1C51BA78E
                                                      SHA-512:AC7106F2503DB666C4B3A382587C9DAE424CC5692D75E555D1F6BC0E4F4B3A360B82C1C356D06E4F607EA40206699191F5F206979E67B9614F1DE2073D5B0E40
                                                      Malicious:false
                                                      Preview: 1.4dcc255c0d82123c9c4251bb453165672ea0458f0379f3a7a534dc2a666d7c6d
                                                      C:\Users\user\AppData\Local\Temp\6504_292950672\manifest.fingerprint
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):66
                                                      Entropy (8bit):3.9669759926795995
                                                      Encrypted:false
                                                      SSDEEP:3:SfvHUTa8URTTH/BXDj6:SXD3TfB36
                                                      MD5:E3EDA33A5C956F4FC9C5BBD91FF10252
                                                      SHA1:182B989E299A3EC306622A9DD45C3B74A4DF6077
                                                      SHA-256:6D7A462B703F1617286B65BFE0116F267328BEFC379812BCE774D8C640289647
                                                      SHA-512:A49FF4979FEC3512C44899840CCF8D112806330C93812C515F09953B9B6DBA6B1DAB1828382D634235CF23E093C983AEFA860B7A75FDCB5F3F98DD928D4F47D7
                                                      Malicious:false
                                                      Preview: 1.d730fdd6875bfda19ae43c639e89fe6c24e48b53ec4f466b1d7de2001f97e03c
                                                      C:\Users\user\AppData\Local\Temp\6504_342219710\manifest.fingerprint
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):66
                                                      Entropy (8bit):3.9038730072798953
                                                      Encrypted:false
                                                      SSDEEP:3:SbE71mckqWGMdKHSDX5QCdM:Semn5xvM
                                                      MD5:0E19773D8AE759FFA0271FDB6E99998D
                                                      SHA1:91D4B7813D8056F43A02A6CCCA86CA751949AC68
                                                      SHA-256:5581125D97967B76F685C2149D3E1F68AABC3E533357A710A71E11395B77DCF8
                                                      SHA-512:313ACBD2ABE980AF30AF98FB3D4C09CC07394A035D893F8BFA616DD17829BFF663AAF4419AFA79918D322838440482A0D533CE84411F680FDE6766B84CBEC3D5
                                                      Malicious:false
                                                      Preview: 1.cacf8de20a51296cf5c0975b99bfbc8e21dec29872fb7f1ca6a88432a6db68f5
                                                      C:\Users\user\AppData\Local\Temp\6504_468282735\manifest.fingerprint
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):66
                                                      Entropy (8bit):3.872935977280404
                                                      Encrypted:false
                                                      SSDEEP:3:S0bEVMqCVQD5mhG8d6+qGn:SGlQUhG8Im
                                                      MD5:A43371DACA3F176ED5A048BC5E2899B1
                                                      SHA1:32FC0A9ECB568BDF3CE13F9EA17E827A900EDB42
                                                      SHA-256:736DB43A7CCB37136CAEFF0B80670BD76BFE528203856CB19CB6C3D161B48F9C
                                                      SHA-512:8754C5D823A9EED2749852B37084F5ED14176B6CB74D946CA3F152DD91F2C03CC4457F1CA0219D883522C7213C4CD04FCD2E33BBB31C7F7EBD6968CEE35AF951
                                                      Malicious:false
                                                      Preview: 1.a8a79d350c2a5e3bc36226633a8e0bed0dfab184e77f38fc8f0820ebacf8eafc
                                                      C:\Users\user\AppData\Local\Temp\6504_605143129\manifest.fingerprint
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):66
                                                      Entropy (8bit):3.928261499316817
                                                      Encrypted:false
                                                      SSDEEP:3:STDLGswXEVBcVdBiTDt3zLsW:SPLGLErcVdBiDtf3
                                                      MD5:C00BCE97F21B1AD61EB9B8CD001795EE
                                                      SHA1:8E0392FF3DB267D847711C3F4E0D7468060E1535
                                                      SHA-256:59F06F04230E32E8BC839F45B984D31D611930427B631C963D09E7064A602363
                                                      SHA-512:9930E44A6ECC62505DBADCEED5E05645909FF09816FB12AAC0414E6D2830AC09758366C3B7D4EDD7839C87EB16DFA4C66D8981AE6237D408B37135C3506F4CD2
                                                      Malicious:false
                                                      Preview: 1.6f6bc93dcd62dc251850d2ff458fda96083ceb7fbe8eeb11248b8485ef2aea23
                                                      C:\Users\user\AppData\Local\Temp\6504_71426246\manifest.fingerprint
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with no line terminators
                                                      Category:dropped
                                                      Size (bytes):66
                                                      Entropy (8bit):3.866533712632772
                                                      Encrypted:false
                                                      SSDEEP:3:SpUCQEd2dq8ebEJW2GnnHR:SXQ5Y88EJeR
                                                      MD5:423CB83A2A3B602B0AA82B51B3DA2869
                                                      SHA1:58BC924AF90A89CE87807919F228FE6C915AD854
                                                      SHA-256:0047059C732D70AF8C2F407089237F745838A0FE4F75710ABF1E669B81243E9C
                                                      SHA-512:F80E9B5D544894A667F74CFD0A4D784311299DB080CA6793AABD93B95CF1E2870F74AD38A6386D862580220047F828457240577335C565B7F38B0C6677811660
                                                      Malicious:false
                                                      Preview: 1.ffd1d2d75a8183b0a1081bd03a7ce1d140fded7a9fb52cf3ae864cd4d408ceb4
                                                      C:\Users\user\AppData\Local\Temp\6504_824990445\manifest.fingerprint
                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      File Type:ASCII text, with no line terminators
                                                      Category:modified
                                                      Size (bytes):66
                                                      Entropy (8bit):3.8930693175496365
                                                      Encrypted:false
                                                      SSDEEP:3:SUnVaQhScJ1ZQAQcISUaHt/QdTgdL:SUV4cJ1ZVQcISUu/gcL
                                                      MD5:F59ECC2CE0B171DEF3F23762AB413CC0
                                                      SHA1:9A6FC649656C9E109C29092B826BF95A786B7171
                                                      SHA-256:AD708E42FDCD11998DDBBBA651EBE1F7B520168A2DD8EACE1DDE49AAB954FF32
                                                      SHA-512:60CA66134171A1F990762561EDA12D6BB1693D699D2FEF2B0C705C7A9B26105E19BCE341914AB07E63CEAACEC6E2B5ABF5BC1BAE75837DD40C66B650BB3F3B2C
                                                      Malicious:false
                                                      Preview: 1.1f2c1b01f5f8279f0b0acd2ee595877a0e3011fb0b50aa49a3873836cdb008c9

                                                      Static File Info

                                                      General

                                                      File type:HTML document, ASCII text, with very long lines, with CRLF line terminators
                                                      Entropy (8bit):5.99240571290167
                                                      TrID:
                                                      • HyperText Markup Language (13003/1) 100.00%
                                                      File name:Notes Received gcgaming.com.html
                                                      File size:24685
                                                      MD5:9ee4dcc0d2a1097277c46f9b11c60586
                                                      SHA1:018cb127487b5007462577deedb65149588f0cdb
                                                      SHA256:c1ee5eb5ec9fa1c44b2e02e1c05f669c096702494b2e793a940d24f15a3b9bdf
                                                      SHA512:02d513ab819b5b1075bde341a7f942f17afe914dfa063f438336550077203a008e9455db1c1a48bb094d715db010d8bcab46ead77416572df02022560348f6e9
                                                      SSDEEP:384:tW8iX7NaTqdXxuZeEHiX7NaTqdXiQY5sbnS6m:tj+haGxxuZem+haGxiQA
                                                      File Content Preview:..<!doctype html>..<html lang="it">..<head>.. <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>.. <script type="text/javascript" src="https://code.jquery.com/jquery-3.1.1.min.js"></script>.

                                                      Network Behavior

                                                      Network Port Distribution

                                                      TCP Packets

                                                      TimestampSource PortDest PortSource IPDest IP
                                                      May 4, 2021 17:32:47.339420080 CEST49731443192.168.2.423.111.9.35
                                                      May 4, 2021 17:32:47.339695930 CEST49732443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:47.339909077 CEST49733443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:47.350965977 CEST49734443192.168.2.4104.16.18.94
                                                      May 4, 2021 17:32:47.385688066 CEST4434973123.111.9.35192.168.2.4
                                                      May 4, 2021 17:32:47.391185999 CEST49731443192.168.2.423.111.9.35
                                                      May 4, 2021 17:32:47.391287088 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:47.391295910 CEST44349733104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:47.391508102 CEST49732443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:47.393230915 CEST49733443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:47.403186083 CEST44349734104.16.18.94192.168.2.4
                                                      May 4, 2021 17:32:47.403320074 CEST49734443192.168.2.4104.16.18.94
                                                      May 4, 2021 17:32:47.523514986 CEST49737443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:47.523786068 CEST49738443192.168.2.423.111.9.35
                                                      May 4, 2021 17:32:47.524020910 CEST49739443192.168.2.4104.16.18.94
                                                      May 4, 2021 17:32:47.527627945 CEST49734443192.168.2.4104.16.18.94
                                                      May 4, 2021 17:32:47.527954102 CEST49733443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:47.528224945 CEST49732443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:47.528584957 CEST49731443192.168.2.423.111.9.35
                                                      May 4, 2021 17:32:47.570280075 CEST4434973823.111.9.35192.168.2.4
                                                      May 4, 2021 17:32:47.570451975 CEST49738443192.168.2.423.111.9.35
                                                      May 4, 2021 17:32:47.575191021 CEST44349737104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:47.575215101 CEST4434973123.111.9.35192.168.2.4
                                                      May 4, 2021 17:32:47.575304031 CEST49737443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:47.575510025 CEST44349739104.16.18.94192.168.2.4
                                                      May 4, 2021 17:32:47.575594902 CEST49739443192.168.2.4104.16.18.94
                                                      May 4, 2021 17:32:47.577020884 CEST4434973123.111.9.35192.168.2.4
                                                      May 4, 2021 17:32:47.577053070 CEST4434973123.111.9.35192.168.2.4
                                                      May 4, 2021 17:32:47.577076912 CEST4434973123.111.9.35192.168.2.4
                                                      May 4, 2021 17:32:47.577117920 CEST4434973123.111.9.35192.168.2.4
                                                      May 4, 2021 17:32:47.577131033 CEST49731443192.168.2.423.111.9.35
                                                      May 4, 2021 17:32:47.577156067 CEST49731443192.168.2.423.111.9.35
                                                      May 4, 2021 17:32:47.579638958 CEST44349734104.16.18.94192.168.2.4
                                                      May 4, 2021 17:32:47.579662085 CEST44349733104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:47.580142975 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:47.584019899 CEST44349734104.16.18.94192.168.2.4
                                                      May 4, 2021 17:32:47.584041119 CEST44349734104.16.18.94192.168.2.4
                                                      May 4, 2021 17:32:47.584063053 CEST44349733104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:47.584080935 CEST44349733104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:47.584115028 CEST49734443192.168.2.4104.16.18.94
                                                      May 4, 2021 17:32:47.584157944 CEST49733443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:47.584402084 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:47.584425926 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:47.584506989 CEST49732443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:47.613460064 CEST49739443192.168.2.4104.16.18.94
                                                      May 4, 2021 17:32:47.613630056 CEST49737443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:47.614238977 CEST49738443192.168.2.423.111.9.35
                                                      May 4, 2021 17:32:47.662803888 CEST4434973823.111.9.35192.168.2.4
                                                      May 4, 2021 17:32:47.665230036 CEST4434973823.111.9.35192.168.2.4
                                                      May 4, 2021 17:32:47.665256023 CEST4434973823.111.9.35192.168.2.4
                                                      May 4, 2021 17:32:47.665282011 CEST4434973823.111.9.35192.168.2.4
                                                      May 4, 2021 17:32:47.665304899 CEST4434973823.111.9.35192.168.2.4
                                                      May 4, 2021 17:32:47.665323019 CEST49738443192.168.2.423.111.9.35
                                                      May 4, 2021 17:32:47.665342093 CEST49738443192.168.2.423.111.9.35
                                                      May 4, 2021 17:32:47.665994883 CEST44349737104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:47.667078018 CEST44349739104.16.18.94192.168.2.4
                                                      May 4, 2021 17:32:47.667901993 CEST44349737104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:47.667927980 CEST44349737104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:47.668018103 CEST49737443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:47.668823957 CEST44349739104.16.18.94192.168.2.4
                                                      May 4, 2021 17:32:47.668852091 CEST44349739104.16.18.94192.168.2.4
                                                      May 4, 2021 17:32:47.668936014 CEST49739443192.168.2.4104.16.18.94
                                                      May 4, 2021 17:32:48.059528112 CEST49732443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.060405016 CEST49733443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.061162949 CEST49737443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.061260939 CEST49737443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.061425924 CEST49733443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.061506987 CEST49732443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.061877966 CEST49732443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.061923027 CEST49732443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.110737085 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.110841036 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.112616062 CEST44349733104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.112735033 CEST44349733104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.112802982 CEST49733443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.113235950 CEST44349737104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.113723993 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.113821030 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.113879919 CEST49732443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.113917112 CEST44349733104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.113972902 CEST49733443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.114317894 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.115031004 CEST44349737104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.115123034 CEST49737443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.122255087 CEST49732443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.137068987 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.137100935 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.137124062 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.137137890 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.137151003 CEST49732443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.137160063 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.137176037 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.137191057 CEST49732443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.137245893 CEST49732443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.137717962 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.137749910 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.137778044 CEST49732443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.137816906 CEST49732443192.168.2.4104.18.10.207
                                                      May 4, 2021 17:32:48.138961077 CEST44349732104.18.10.207192.168.2.4
                                                      May 4, 2021 17:32:48.138994932 CEST44349732104.18.10.207192.168.2.4

                                                      UDP Packets

                                                      TimestampSource PortDest PortSource IPDest IP
                                                      May 4, 2021 17:32:36.906778097 CEST6464653192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:36.957181931 CEST53646468.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:37.639066935 CEST6529853192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:37.696235895 CEST53652988.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:38.778650045 CEST5912353192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:38.830246925 CEST53591238.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:39.978595972 CEST5453153192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:40.027430058 CEST53545318.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:40.645680904 CEST4971453192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:40.704580069 CEST53497148.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:41.141663074 CEST5802853192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:41.190206051 CEST53580288.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:42.673327923 CEST5309753192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:42.724112988 CEST53530978.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:43.905616999 CEST4925753192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:43.954694986 CEST53492578.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:47.253437996 CEST5585453192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:47.258682966 CEST6454953192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:47.273564100 CEST6315353192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:47.279190063 CEST5299153192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:47.289551973 CEST5370053192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:47.295249939 CEST5172653192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:47.309237003 CEST53558548.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:47.316845894 CEST53645498.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:47.321842909 CEST5679453192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:47.333533049 CEST53529918.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:47.336162090 CEST5653453192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:47.336441040 CEST53631538.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:47.349529982 CEST53537008.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:47.365560055 CEST53517268.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:47.391267061 CEST53567948.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:47.401556015 CEST53565348.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:48.644660950 CEST5662153192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:48.657082081 CEST6311653192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:48.667515039 CEST6407853192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:48.686116934 CEST6480153192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:48.711296082 CEST53566218.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:48.723335028 CEST53631168.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:48.724592924 CEST53640788.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:48.735137939 CEST53648018.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:48.836177111 CEST6172153192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:48.886351109 CEST53617218.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:49.589505911 CEST5125553192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:49.655468941 CEST53512558.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:49.868818045 CEST6152253192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:49.943528891 CEST53615228.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:49.955272913 CEST5233753192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:50.019057989 CEST53523378.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:50.049362898 CEST5504653192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:50.107167959 CEST53550468.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:50.859318018 CEST4961253192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:50.916749954 CEST53496128.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:51.144025087 CEST4928553192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:51.197141886 CEST53492858.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:52.392111063 CEST5917253192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:52.441279888 CEST53591728.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:53.472224951 CEST6242053192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:53.520859957 CEST53624208.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:54.474291086 CEST6057953192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:54.543488026 CEST53605798.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:55.669275999 CEST4922853192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:55.727364063 CEST53492288.8.8.8192.168.2.4
                                                      May 4, 2021 17:32:57.115165949 CEST5979453192.168.2.48.8.8.8
                                                      May 4, 2021 17:32:57.172532082 CEST53597948.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:01.765139103 CEST5275253192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:01.815807104 CEST53527528.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:03.084945917 CEST6054253192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:03.136421919 CEST53605428.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:05.907102108 CEST6068953192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:05.959860086 CEST53606898.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:06.982824087 CEST6420653192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:07.034331083 CEST53642068.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:07.947105885 CEST5090453192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:07.997288942 CEST53509048.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:08.917773962 CEST5752553192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:08.967631102 CEST53575258.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:09.818933964 CEST5381453192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:09.867898941 CEST53538148.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:10.883675098 CEST5341853192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:10.933890104 CEST53534188.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:11.759305954 CEST6283353192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:11.808458090 CEST53628338.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:11.846760035 CEST5926053192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:11.895380020 CEST53592608.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:12.727107048 CEST4994453192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:12.775670052 CEST53499448.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:13.978008986 CEST6330053192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:14.035300970 CEST53633008.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:32.352535009 CEST6144953192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:32.425282955 CEST53614498.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:44.910278082 CEST5127553192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:44.958908081 CEST53512758.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:45.046225071 CEST6349253192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:45.103605986 CEST53634928.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:46.012479067 CEST6077953192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:46.069755077 CEST53607798.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:48.597004890 CEST6401453192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:48.656275988 CEST53640148.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:48.802788973 CEST5709153192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:48.869554043 CEST53570918.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:49.020777941 CEST5590453192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:49.082326889 CEST53559048.8.8.8192.168.2.4
                                                      May 4, 2021 17:33:51.003307104 CEST5210953192.168.2.48.8.8.8
                                                      May 4, 2021 17:33:51.062197924 CEST53521098.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:11.615927935 CEST5445053192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:11.767911911 CEST53544508.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:12.309271097 CEST4937453192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:12.366256952 CEST53493748.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:12.943231106 CEST5043653192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:13.073570013 CEST53504368.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:13.122411966 CEST6260553192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:13.195338964 CEST53626058.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:13.500473976 CEST5425653192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:13.557853937 CEST53542568.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:14.084335089 CEST5218953192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:14.141654015 CEST53521898.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:14.715703011 CEST5613153192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:14.776452065 CEST53561318.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:15.228864908 CEST6299253192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:15.289124966 CEST53629928.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:16.134480953 CEST5443253192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:16.195029974 CEST53544328.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:17.114752054 CEST5722753192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:17.172810078 CEST53572278.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:17.644635916 CEST5838353192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:17.702142954 CEST53583838.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:24.407847881 CEST6313653192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:24.472666979 CEST53631368.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:24.630469084 CEST5091153192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:24.688174963 CEST53509118.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:29.499052048 CEST6340953192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:29.547795057 CEST53634098.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:31.165628910 CEST5918553192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:31.240492105 CEST53591858.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:32.610290051 CEST6423653192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:32.680495024 CEST53642368.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:32.836153984 CEST5615753192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:32.898561001 CEST53561578.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:49.072261095 CEST5560153192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:49.137779951 CEST53556018.8.8.8192.168.2.4
                                                      May 4, 2021 17:34:49.290808916 CEST5298453192.168.2.48.8.8.8
                                                      May 4, 2021 17:34:49.345669031 CEST53529848.8.8.8192.168.2.4
                                                      May 4, 2021 17:35:05.555565119 CEST5114153192.168.2.48.8.8.8
                                                      May 4, 2021 17:35:05.625785112 CEST53511418.8.8.8192.168.2.4
                                                      May 4, 2021 17:35:05.785990000 CEST5361053192.168.2.48.8.8.8
                                                      May 4, 2021 17:35:05.842885017 CEST53536108.8.8.8192.168.2.4
                                                      May 4, 2021 17:35:26.189254999 CEST6124753192.168.2.48.8.8.8
                                                      May 4, 2021 17:35:26.256496906 CEST53612478.8.8.8192.168.2.4
                                                      May 4, 2021 17:35:26.554977894 CEST6516553192.168.2.48.8.8.8
                                                      May 4, 2021 17:35:26.623820066 CEST53651658.8.8.8192.168.2.4
                                                      May 4, 2021 17:35:42.591706991 CEST5207653192.168.2.48.8.8.8
                                                      May 4, 2021 17:35:42.651523113 CEST53520768.8.8.8192.168.2.4
                                                      May 4, 2021 17:36:15.755254984 CEST5490353192.168.2.48.8.8.8
                                                      May 4, 2021 17:36:15.823525906 CEST53549038.8.8.8192.168.2.4
                                                      May 4, 2021 17:36:15.991121054 CEST5504553192.168.2.48.8.8.8
                                                      May 4, 2021 17:36:16.048626900 CEST53550458.8.8.8192.168.2.4
                                                      May 4, 2021 17:36:57.309710979 CEST5097053192.168.2.48.8.8.8
                                                      May 4, 2021 17:36:57.366986036 CEST53509708.8.8.8192.168.2.4
                                                      May 4, 2021 17:37:05.122210026 CEST5526153192.168.2.48.8.8.8
                                                      May 4, 2021 17:37:05.181597948 CEST53552618.8.8.8192.168.2.4
                                                      May 4, 2021 17:37:05.243113041 CEST5980953192.168.2.48.8.8.8
                                                      May 4, 2021 17:37:05.303380013 CEST53598098.8.8.8192.168.2.4

                                                      DNS Queries

                                                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                                      May 4, 2021 17:32:47.253437996 CEST192.168.2.48.8.8.80x5581Standard query (0)code.jquery.comA (IP address)IN (0x0001)
                                                      May 4, 2021 17:32:47.273564100 CEST192.168.2.48.8.8.80xe7c5Standard query (0)maxcdn.bootstrapcdn.comA (IP address)IN (0x0001)
                                                      May 4, 2021 17:32:47.279190063 CEST192.168.2.48.8.8.80x378bStandard query (0)use.fontawesome.comA (IP address)IN (0x0001)
                                                      May 4, 2021 17:32:47.289551973 CEST192.168.2.48.8.8.80xef23Standard query (0)cdnjs.cloudflare.comA (IP address)IN (0x0001)
                                                      May 4, 2021 17:32:49.955272913 CEST192.168.2.48.8.8.80x3affStandard query (0)aadcdn.msftauth.netA (IP address)IN (0x0001)
                                                      May 4, 2021 17:32:50.859318018 CEST192.168.2.48.8.8.80xb47eStandard query (0)aadcdn.msftauth.netA (IP address)IN (0x0001)
                                                      May 4, 2021 17:32:54.474291086 CEST192.168.2.48.8.8.80x27daStandard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)

                                                      DNS Answers

                                                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                                      May 4, 2021 17:32:47.309237003 CEST8.8.8.8192.168.2.40x5581No error (0)code.jquery.comcds.s5x3j6q5.hwcdn.netCNAME (Canonical name)IN (0x0001)
                                                      May 4, 2021 17:32:47.333533049 CEST8.8.8.8192.168.2.40x378bNo error (0)use.fontawesome.comfontawesome-cdn.fonticons.netdna-cdn.comCNAME (Canonical name)IN (0x0001)
                                                      May 4, 2021 17:32:47.333533049 CEST8.8.8.8192.168.2.40x378bNo error (0)fontawesome-cdn.fonticons.netdna-cdn.com23.111.9.35A (IP address)IN (0x0001)
                                                      May 4, 2021 17:32:47.336441040 CEST8.8.8.8192.168.2.40xe7c5No error (0)maxcdn.bootstrapcdn.com104.18.10.207A (IP address)IN (0x0001)
                                                      May 4, 2021 17:32:47.336441040 CEST8.8.8.8192.168.2.40xe7c5No error (0)maxcdn.bootstrapcdn.com104.18.11.207A (IP address)IN (0x0001)
                                                      May 4, 2021 17:32:47.349529982 CEST8.8.8.8192.168.2.40xef23No error (0)cdnjs.cloudflare.com104.16.18.94A (IP address)IN (0x0001)
                                                      May 4, 2021 17:32:47.349529982 CEST8.8.8.8192.168.2.40xef23No error (0)cdnjs.cloudflare.com104.16.19.94A (IP address)IN (0x0001)
                                                      May 4, 2021 17:32:50.019057989 CEST8.8.8.8192.168.2.40x3affNo error (0)aadcdn.msftauth.netaadcdnoriginneu.azureedge.netCNAME (Canonical name)IN (0x0001)
                                                      May 4, 2021 17:32:50.019057989 CEST8.8.8.8192.168.2.40x3affNo error (0)cs1100.wpc.omegacdn.net152.199.23.37A (IP address)IN (0x0001)
                                                      May 4, 2021 17:32:50.916749954 CEST8.8.8.8192.168.2.40xb47eNo error (0)aadcdn.msftauth.netaadcdnoriginneu.azureedge.netCNAME (Canonical name)IN (0x0001)
                                                      May 4, 2021 17:32:50.916749954 CEST8.8.8.8192.168.2.40xb47eNo error (0)cs1100.wpc.omegacdn.net152.199.23.37A (IP address)IN (0x0001)
                                                      May 4, 2021 17:32:54.543488026 CEST8.8.8.8192.168.2.40x27daNo error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)
                                                      May 4, 2021 17:32:54.543488026 CEST8.8.8.8192.168.2.40x27daNo error (0)googlehosted.l.googleusercontent.com216.58.212.129A (IP address)IN (0x0001)

                                                      HTTPS Packets

                                                      TimestampSource IPSource PortDest IPDest PortSubjectIssuerNot BeforeNot AfterJA3 SSL Client FingerprintJA3 SSL Client Digest
                                                      May 4, 2021 17:32:47.577076912 CEST23.111.9.35443192.168.2.449731CN=*.fontawesome.com, O=Fonticons Inc, L=Bentonville, ST=Arkansas, C=US CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USCN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Nov 13 01:00:00 CET 2020 Thu Sep 24 02:00:00 CEST 2020 Fri Nov 10 01:00:00 CET 2006Wed Dec 15 00:59:59 CET 2021 Tue Sep 24 01:59:59 CEST 2030 Mon Nov 10 01:00:00 CET 2031771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-13-18-51-45-43-27-21,29-23-24,0b32309a26951912be7dba376398abc3b
                                                      CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USThu Sep 24 02:00:00 CEST 2020Tue Sep 24 01:59:59 CEST 2030
                                                      CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Nov 10 01:00:00 CET 2006Mon Nov 10 01:00:00 CET 2031
                                                      May 4, 2021 17:32:47.665282011 CEST23.111.9.35443192.168.2.449738CN=*.fontawesome.com, O=Fonticons Inc, L=Bentonville, ST=Arkansas, C=US CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USCN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Nov 13 01:00:00 CET 2020 Thu Sep 24 02:00:00 CEST 2020 Fri Nov 10 01:00:00 CET 2006Wed Dec 15 00:59:59 CET 2021 Tue Sep 24 01:59:59 CEST 2030 Mon Nov 10 01:00:00 CET 2031771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-13-18-51-45-43-27-21,29-23-24,0b32309a26951912be7dba376398abc3b
                                                      CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USThu Sep 24 02:00:00 CEST 2020Tue Sep 24 01:59:59 CEST 2030
                                                      CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Nov 10 01:00:00 CET 2006Mon Nov 10 01:00:00 CET 2031
                                                      May 4, 2021 17:32:51.011018038 CEST152.199.23.37443192.168.2.449762CN=aadcdn.msftauth.net, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USCN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USThu Jul 09 02:00:00 CEST 2020 Fri Mar 08 13:00:00 CET 2013 Fri Nov 10 01:00:00 CET 2006Fri Jul 09 14:00:00 CEST 2021 Wed Mar 08 13:00:00 CET 2023 Mon Nov 10 01:00:00 CET 2031771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                      CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Mar 08 13:00:00 CET 2013Wed Mar 08 13:00:00 CET 2023
                                                      CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USCN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=USFri Nov 10 01:00:00 CET 2006Mon Nov 10 01:00:00 CET 2031

                                                      Code Manipulations

                                                      Statistics

                                                      Behavior

                                                      Click to jump to process

                                                      System Behavior

                                                      General

                                                      Start time:17:32:42
                                                      Start date:04/05/2021
                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      Wow64 process (32bit):false
                                                      Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'C:\Users\user\Desktop\Notes Received gcgaming.com.html'
                                                      Imagebase:0x7ff609c80000
                                                      File size:2150896 bytes
                                                      MD5 hash:C139654B5C1438A95B321BB01AD63EF6
                                                      Has elevated privileges:true
                                                      Has administrator privileges:true
                                                      Programmed in:C, C++ or other language
                                                      Reputation:moderate

                                                      General

                                                      Start time:17:32:44
                                                      Start date:04/05/2021
                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      Wow64 process (32bit):false
                                                      Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1520,12644167979976499918,16360615135431647946,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1716 /prefetch:8
                                                      Imagebase:0x7ff609c80000
                                                      File size:2150896 bytes
                                                      MD5 hash:C139654B5C1438A95B321BB01AD63EF6
                                                      Has elevated privileges:true
                                                      Has administrator privileges:true
                                                      Programmed in:C, C++ or other language
                                                      Reputation:moderate

                                                      Disassembly

                                                      Reset < >