Play interactive tour

Edit tour

Analysis Report reflective_practice_template_nhs[1].pdf

Overview

General Information

Sample Name:	reflective_practice_template_nhs[1].pdf
Analysis ID:	404286
MD5:	bd93c6b39cf6fbfb5f2009a320f70ab2
SHA1:	bc2b60452dbe4994d0d1d8ab2a769b278a5cd58d
SHA256:	834c0a2229054d27ad6ce7ff422a332cd18694bd828c4a4b3a4745b0086fe144
Infos:
Most interesting Screenshot:

Detection

Score:	22
Range:	0 - 100
Whitelisted:	false
Confidence:	60%

Signatures

Machine Learning detection for sample

Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)

IP address seen in connection with other malware

Potential document exploit detected (performs DNS queries)

Potential document exploit detected (performs HTTP gets)

Potential document exploit detected (unknown TCP traffic)

Classification

Analysis Advice

No malicious behavior found, analyze the document also on other version of Office / Acrobat

Uses HTTPS for network communication, use the 'Proxy HTTPS (port 443) to read its encrypted data' cookbook for further analysis

Startup

System is w10x64

AcroRd32.exe (PID: 6180 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' 'C:\Users\user\Desktop\reflective_practice_template_nhs[1].pdf' MD5: B969CF0C7B2C443A99034881E8C8740A)

AcroRd32.exe (PID: 6268 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\Desktop\reflective_practice_template_nhs[1].pdf' MD5: B969CF0C7B2C443A99034881E8C8740A)

RdrCEF.exe (PID: 6488 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043 MD5: 9AEBA3BACD721484391D15478A4080C7)

RdrCEF.exe (PID: 6784 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1588,5207695692286208694,13668873235774985554,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=4477307787754487931 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4477307787754487931 --renderer-client-id=2 --mojo-platform-channel-handle=1716 --allow-no-sandbox-job /prefetch:1 MD5: 9AEBA3BACD721484391D15478A4080C7)

RdrCEF.exe (PID: 6832 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1588,5207695692286208694,13668873235774985554,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=5528301929327232026 --mojo-platform-channel-handle=1728 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2 MD5: 9AEBA3BACD721484391D15478A4080C7)

RdrCEF.exe (PID: 6912 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1588,5207695692286208694,13668873235774985554,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=9756364306558423637 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9756364306558423637 --renderer-client-id=4 --mojo-platform-channel-handle=1824 --allow-no-sandbox-job /prefetch:1 MD5: 9AEBA3BACD721484391D15478A4080C7)

RdrCEF.exe (PID: 5984 cmdline: 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1588,5207695692286208694,13668873235774985554,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=7523555841818072242 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7523555841818072242 --renderer-client-id=5 --mojo-platform-channel-handle=2224 --allow-no-sandbox-job /prefetch:1 MD5: 9AEBA3BACD721484391D15478A4080C7)

chrome.exe (PID: 5228 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation -- 'https://traffking.ru/square?utm_term=reflective+practice+template+nhs' MD5: C139654B5C1438A95B321BB01AD63EF6)

chrome.exe (PID: 5564 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1560,17001144406219017590,14380291932932443674,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1824 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)

cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

Machine Learning detection for sample

Show sources

Source: reflective_practice_template_nhs[1].pdf

Joe Sandbox ML: detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Source: global traffic

DNS query: name: traffking.ru

Source: global traffic

TCP traffic: 192.168.2.5:49720 -> 172.67.171.190:443

Source: global traffic

TCP traffic: 192.168.2.5:49720 -> 172.67.171.190:443

Source: Joe Sandbox View	IP Address: 239.255.255.250 239.255.255.250
Source: Joe Sandbox View	IP Address: 80.0.0.0 80.0.0.0

Source: unknown

DNS traffic detected: queries for: traffking.ru

Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertEVCodeSigningCA-SHA2.crt0
Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt0
Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
Source: AcroRd32.exe, 00000002.00000002.410868252.0000000009340000.00000004.00000001.sdmp	String found in binary or memory: http://cipa.jp/exif/1.0/
Source: AcroRd32.exe, 00000002.00000002.410868252.0000000009340000.00000004.00000001.sdmp	String found in binary or memory: http://cipa.jp/exif/1.0/(15)8
Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: http://crl3.digicert.com/EVCodeSigningSHA2-g1.crl07
Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02
Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: http://crl4.digicert.com/EVCodeSigningSHA2-g1.crl0K
Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0
Source: AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	String found in binary or memory: http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/
Source: AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	String found in binary or memory: http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/Pk
Source: AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	String found in binary or memory: http://iptc.org/std/Iptc4xmpExt/2008-02-29/
Source: AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	String found in binary or memory: http://iptc.org/std/Iptc4xmpExt/2008-02-29/ik
Source: AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	String found in binary or memory: http://ns.useplus.org/ldf/xmp/1.0/
Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: http://ocsp.digicert.com0C
Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: http://ocsp.digicert.com0H
Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: http://ocsp.digicert.com0I
Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: http://ocsp.digicert.com0O
Source: AcroRd32.exe, 00000002.00000002.423732062.000000000B4B1000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFL
Source: AcroRd32.exe, 00000002.00000002.423732062.000000000B4B1000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFL
Source: AcroRd32.exe, 00000002.00000002.431313305.000000000E686000.00000004.00000001.sdmp	String found in binary or memory: http://www.adobe.
Source: AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	String found in binary or memory: http://www.adobe.9
Source: AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/extension/
Source: AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/field#
Source: AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/field#Id
Source: AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/id/
Source: AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/id/-
Source: AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/id/c
Source: AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/property#
Source: AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/schema#
Source: AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/type#
Source: AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfe/ns/id/
Source: AcroRd32.exe, 00000002.00000002.423732062.000000000B4B1000.00000004.00000001.sdmp	String found in binary or memory: http://www.ascendercorp.com/
Source: AcroRd32.exe, 00000002.00000002.423732062.000000000B4B1000.00000004.00000001.sdmp	String found in binary or memory: http://www.ascendercorp.com/http://www.ascendercorp.com/http://www.ascendercorp.com/typedesigners.ht
Source: AcroRd32.exe, 00000002.00000002.423732062.000000000B4B1000.00000004.00000001.sdmp	String found in binary or memory: http://www.ascendercorp.com/typedesigners.html
Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: http://www.digicert.com/ssl-cps-repository.htm0
Source: AcroRd32.exe, 00000002.00000002.423999541.000000000B5DB000.00000004.00000001.sdmp	String found in binary or memory: http://www.fontbureau.comhttp://www.fontbureau.com/designersNegritaAgency
Source: AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	String found in binary or memory: http://www.npes.org/pdfx/ns/id/
Source: AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	String found in binary or memory: http://www.npes.org/pdfx/ns/id/R
Source: AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	String found in binary or memory: http://www.npes.org/pdfx/ns/id/l
Source: AcroRd32.exe, 00000002.00000002.405944190.0000000007C70000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/default/1.0%http://www.osmf.org/mediatype/default
Source: AcroRd32.exe, 00000002.00000002.405944190.0000000007C70000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/drm/default
Source: AcroRd32.exe, 00000002.00000002.405944190.0000000007C70000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/elementId%http://www.osmf.org/temporal/embedded$http://www.osmf.org/temporal/dyn
Source: AcroRd32.exe, 00000002.00000002.405944190.0000000007C70000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/layout/anchor
Source: AcroRd32.exe, 00000002.00000002.405944190.0000000007C70000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/layout/padding%http://www.osmf.org/layout/attributes
Source: AcroRd32.exe, 00000002.00000002.405944190.0000000007C70000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/region/target#http://www.osmf.org/layout/renderer#http://www.osmf.org/layout/abs
Source: AcroRd32.exe, 00000002.00000002.405944190.0000000007C70000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/subclip/1.0
Source: AcroRd32.exe, 00000002.00000002.405944190.0000000007C70000.00000002.00000001.sdmp	String found in binary or memory: http://www.quicktime.com.Acrobat
Source: AcroRd32.exe, 00000002.00000002.431436814.000000000E777000.00000004.00000001.sdmp	String found in binary or memory: https://.OKCancelEdit
Source: AcroRd32.exe, 00000002.00000002.431313305.000000000E686000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/
Source: AcroRd32.exe, 00000002.00000002.431313305.000000000E686000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/$
Source: AcroRd32.exe, 00000002.00000002.423999541.000000000B5DB000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/
Source: AcroRd32.exe, 00000002.00000002.423999541.000000000B5DB000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/4
Source: AcroRd32.exe, 00000002.00000002.423999541.000000000B5DB000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/We9
Source: AcroRd32.exe, 00000002.00000002.423999541.000000000B5DB000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/i
Source: AcroRd32.exe, 00000002.00000002.423999541.000000000B5DB000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/ma
Source: AcroRd32.exe, 00000002.00000002.423999541.000000000B5DB000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/rlA
Source: AcroRd32.exe, 00000002.00000002.431313305.000000000E686000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/dfo
Source: 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr	String found in binary or memory: https://a.nel.cloudflare.com
Source: Reporting and NEL.22.dr	String found in binary or memory: https://a.nel.cloudflare.com/report?s=XgDtas6rxmQXi1NtYYQGGtjvlm1lLbMIYjkQIprM4iwF0ZZj3tp0ISGyKdYPkd
Source: 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr, manifest.json0.21.dr, 1704ca54-9349-4cf0-ac97-9bff9f5ae3ef.tmp.22.dr	String found in binary or memory: https://accounts.google.com
Source: AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	String found in binary or memory: https://api.echosign.com
Source: AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	String found in binary or memory: https://api.echosign.com7
Source: AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	String found in binary or memory: https://api.echosign.comRL
Source: 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr, manifest.json0.21.dr, 1704ca54-9349-4cf0-ac97-9bff9f5ae3ef.tmp.22.dr	String found in binary or memory: https://apis.google.com
Source: AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.sqhk.co/kapopajij/WiinigQ/protozoa_vs_bacteria_vs_virus_size.pdf
Source: reflective_practice_template_nhs[1].pdf	String found in binary or memory: https://cdn.sqhk.co/kapopajij/WiinigQ/protozoa_vs_bacteria_vs_virus_size.pdf)
Source: AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.sqhk.co/kapopajij/WiinigQ/protozoa_vs_bacteria_vs_virus_size.pdfg-
Source: AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.sqhk.co/kilatelazobe/jetdOgd/retro_fridge_with_water_dispenser.pdf
Source: reflective_practice_template_nhs[1].pdf	String found in binary or memory: https://cdn.sqhk.co/kilatelazobe/jetdOgd/retro_fridge_with_water_dispenser.pdf)
Source: AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.sqhk.co/ludibipimilu/DhcRxOb/movie_software_for_windows_10.pdf
Source: reflective_practice_template_nhs[1].pdf	String found in binary or memory: https://cdn.sqhk.co/ludibipimilu/DhcRxOb/movie_software_for_windows_10.pdf)
Source: AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.sqhk.co/potexunajo/Qjajchj/hitman_2_silent_assassin_cheats.pdf
Source: reflective_practice_template_nhs[1].pdf	String found in binary or memory: https://cdn.sqhk.co/potexunajo/Qjajchj/hitman_2_silent_assassin_cheats.pdf)
Source: 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr, 1704ca54-9349-4cf0-ac97-9bff9f5ae3ef.tmp.22.dr	String found in binary or memory: https://clients2.google.com
Source: manifest.json0.21.dr	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr, 1704ca54-9349-4cf0-ac97-9bff9f5ae3ef.tmp.22.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: manifest.json0.21.dr	String found in binary or memory: https://content.googleapis.com
Source: Reporting and NEL.22.dr	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
Source: ed8954d8-3f2b-4e1b-b29d-f26f5a04eaca.tmp.22.dr, 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr, 10b9cad4-7dff-4d1c-b1c2-32538d1f314b.tmp.22.dr, 1704ca54-9349-4cf0-ac97-9bff9f5ae3ef.tmp.22.dr	String found in binary or memory: https://dns.google
Source: manifest.json0.21.dr	String found in binary or memory: https://feedback.googleusercontent.com
Source: 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr, 1704ca54-9349-4cf0-ac97-9bff9f5ae3ef.tmp.22.dr	String found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.21.dr	String found in binary or memory: https://fonts.googleapis.com;
Source: 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr, 1704ca54-9349-4cf0-ac97-9bff9f5ae3ef.tmp.22.dr	String found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.21.dr	String found in binary or memory: https://fonts.gstatic.com;
Source: AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	String found in binary or memory: https://genigudepa.weebly.com/uploads/1/3/1/0/131070712/kasodopizafazakoxuk.pdf
Source: reflective_practice_template_nhs[1].pdf	String found in binary or memory: https://genigudepa.weebly.com/uploads/1/3/1/0/131070712/kasodopizafazakoxuk.pdf)
Source: AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	String found in binary or memory: https://gofolepoxi.weebly.com/uploads/1/3/4/8/134882907/7674727.pdf
Source: reflective_practice_template_nhs[1].pdf	String found in binary or memory: https://gofolepoxi.weebly.com/uploads/1/3/4/8/134882907/7674727.pdf)
Source: manifest.json0.21.dr	String found in binary or memory: https://hangouts.google.com/
Source: AcroRd32.exe, 00000002.00000002.410868252.0000000009340000.00000004.00000001.sdmp	String found in binary or memory: https://ims-na1.adobelogin.com
Source: AcroRd32.exe, 00000002.00000002.423954231.000000000B595000.00000004.00000001.sdmp	String found in binary or memory: https://najijufo.weebly.com/uploads/1/3/4/7/134714833/peguloxufera_kudulavigiwub.pdf
Source: reflective_practice_template_nhs[1].pdf	String found in binary or memory: https://najijufo.weebly.com/uploads/1/3/4/7/134714833/peguloxufera_kudulavigiwub.pdf)
Source: AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	String found in binary or memory: https://nalabusapigo.weebly.com/uploads/1/3/2/7/132740218/4175162.pdf
Source: reflective_practice_template_nhs[1].pdf	String found in binary or memory: https://nalabusapigo.weebly.com/uploads/1/3/2/7/132740218/4175162.pdf)
Source: AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	String found in binary or memory: https://nalabusapigo.weebly.com/uploads/1/3/2/7/132740218/4175162.pdfp-
Source: 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr, 1704ca54-9349-4cf0-ac97-9bff9f5ae3ef.tmp.22.dr	String found in binary or memory: https://ogs.google.com
Source: manifest.json.21.dr	String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: AcroRd32.exe, 00000002.00000002.411079859.0000000009425000.00000004.00000001.sdmp	String found in binary or memory: https://pumoguviponurin.weebly.com/uploads/1/3/4/7/134773216/miretigegurugi.pdf
Source: reflective_practice_template_nhs[1].pdf	String found in binary or memory: https://pumoguviponurin.weebly.com/uploads/1/3/4/7/134773216/miretigegurugi.pdf)
Source: 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr	String found in binary or memory: https://r7---sn-n02xgoxufvg3-2gbs.gvt1.com
Source: 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr	String found in binary or memory: https://redirector.gvt1.com
Source: manifest.json.21.dr	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr, 1704ca54-9349-4cf0-ac97-9bff9f5ae3ef.tmp.22.dr	String found in binary or memory: https://ssl.gstatic.com
Source: messages.json56.21.dr	String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json56.21.dr	String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	String found in binary or memory: https://tipefejiri.weebly.com/uploads/1/3/0/9/130969755/buwobu.pdf
Source: reflective_practice_template_nhs[1].pdf	String found in binary or memory: https://tipefejiri.weebly.com/uploads/1/3/0/9/130969755/buwobu.pdf)
Source: AcroRd32.exe, 00000002.00000002.431313305.000000000E686000.00000004.00000001.sdmp, 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr	String found in binary or memory: https://traffking.ru
Source: Current Session.21.dr	String found in binary or memory: https://traffking.ru/square?utm_term=reflective
Source: AcroRd32.exe, 00000002.00000002.423954231.000000000B595000.00000004.00000001.sdmp	String found in binary or memory: https://uploads.strikinglycdn.com/files/4371836f-f017-4f30-9831-11554ca34703/botunuxojok.pdf
Source: reflective_practice_template_nhs[1].pdf	String found in binary or memory: https://uploads.strikinglycdn.com/files/4371836f-f017-4f30-9831-11554ca34703/botunuxojok.pdf)
Source: AcroRd32.exe, 00000002.00000002.423954231.000000000B595000.00000004.00000001.sdmp	String found in binary or memory: https://uploads.strikinglycdn.com/files/4371836f-f017-4f30-9831-11554ca34703/botunuxojok.pdfN
Source: AcroRd32.exe, 00000002.00000002.424135864.000000000B685000.00000004.00000001.sdmp, reflective_practice_template_nhs[1].pdf	String found in binary or memory: https://uploads.strikinglycdn.com/files/8c547329-0d1e-4dfa-b95f-2dc323cb86d4/world_war_one_weapons_c
Source: AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	String found in binary or memory: https://wixotavu.weebly.com/uploads/1/3/4/7/134764887/2953325.pdf
Source: reflective_practice_template_nhs[1].pdf	String found in binary or memory: https://wixotavu.weebly.com/uploads/1/3/4/7/134764887/2953325.pdf)
Source: AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	String found in binary or memory: https://wixotavu.weebly.com/uploads/1/3/4/7/134764887/2953325.pdfb.
Source: AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	String found in binary or memory: https://wosufixojiniki.weebly.com/uploads/1/3/4/7/134720754/4081785.pdf
Source: reflective_practice_template_nhs[1].pdf	String found in binary or memory: https://wosufixojiniki.weebly.com/uploads/1/3/4/7/134720754/4081785.pdf)
Source: AcroRd32.exe, 00000002.00000002.410704532.0000000008B2D000.00000002.00000001.sdmp	String found in binary or memory: https://www.digicert.com/CPS0
Source: 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr, manifest.json0.21.dr, 1704ca54-9349-4cf0-ac97-9bff9f5ae3ef.tmp.22.dr	String found in binary or memory: https://www.google.com
Source: manifest.json.21.dr	String found in binary or memory: https://www.google.com/
Source: manifest.json0.21.dr	String found in binary or memory: https://www.google.com;
Source: 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr, 1704ca54-9349-4cf0-ac97-9bff9f5ae3ef.tmp.22.dr	String found in binary or memory: https://www.googleapis.com
Source: manifest.json.21.dr	String found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.21.dr	String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.21.dr	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.21.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.21.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.21.dr	String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.21.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.21.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.21.dr	String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.21.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.21.dr	String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.21.dr	String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.21.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr, 1704ca54-9349-4cf0-ac97-9bff9f5ae3ef.tmp.22.dr	String found in binary or memory: https://www.gstatic.com
Source: manifest.json0.21.dr	String found in binary or memory: https://www.gstatic.com;
Source: AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	String found in binary or memory: https://zeginuvo.weebly.com/uploads/1/3/0/7/130775519/vapajukaba.pdf
Source: reflective_practice_template_nhs[1].pdf	String found in binary or memory: https://zeginuvo.weebly.com/uploads/1/3/0/7/130775519/vapajukaba.pdf)
Source: AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	String found in binary or memory: https://zopugazuf.weebly.com/uploads/1/3/4/6/134658021/6123242.pdf
Source: reflective_practice_template_nhs[1].pdf	String found in binary or memory: https://zopugazuf.weebly.com/uploads/1/3/4/6/134658021/6123242.pdf)
Source: AcroRd32.exe, 00000002.00000002.423954231.000000000B595000.00000004.00000001.sdmp	String found in binary or memory: https://zoxiniguve.weebly.com/uploads/1/3/4/5/134584112/lunopamug_wemezuvulezurob.pdf
Source: reflective_practice_template_nhs[1].pdf	String found in binary or memory: https://zoxiniguve.weebly.com/uploads/1/3/4/5/134584112/lunopamug_wemezuvulezurob.pdf)

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443

Source: classification engine

Classification label: sus22.winPDF@50/263@4/7

Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://genigudepa.weebly.com/uploads/1/3/1/0/131070712/kasodopizafazakoxuk.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://cdn.sqhk.co/kilatelazobe/jetdOgd/retro_fridge_with_water_dispenser.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://cdn.sqhk.co/potexunajo/Qjajchj/hitman_2_silent_assassin_cheats.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://traffking.ru/square?utm_term=reflective+practice+template+nhs
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://pumoguviponurin.weebly.com/uploads/1/3/4/7/134773216/miretigegurugi.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://tipefejiri.weebly.com/uploads/1/3/0/9/130969755/buwobu.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://cdn.sqhk.co/kapopajij/WiinigQ/protozoa_vs_bacteria_vs_virus_size.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://cdn.sqhk.co/ludibipimilu/DhcRxOb/movie_software_for_windows_10.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://cdn.sqhk.co/ludibipimilu/dhcrxob/movie_software_for_windows_10.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://uploads.strikinglycdn.com/files/8c547329-0d1e-4dfa-b95f-2dc323cb86d4/world_war_one_weapons_crossword_answers.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://zopugazuf.weebly.com/uploads/1/3/4/6/134658021/6123242.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://zoxiniguve.weebly.com/uploads/1/3/4/5/134584112/lunopamug_wemezuvulezurob.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://cdn.sqhk.co/potexunajo/qjajchj/hitman_2_silent_assassin_cheats.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://nalabusapigo.weebly.com/uploads/1/3/2/7/132740218/4175162.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://wixotavu.weebly.com/uploads/1/3/4/7/134764887/2953325.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://zeginuvo.weebly.com/uploads/1/3/0/7/130775519/vapajukaba.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://wosufixojiniki.weebly.com/uploads/1/3/4/7/134720754/4081785.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://gofolepoxi.weebly.com/uploads/1/3/4/8/134882907/7674727.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://cdn.sqhk.co/kapopajij/wiinigq/protozoa_vs_bacteria_vs_virus_size.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://cdn.sqhk.co/kilatelazobe/jetdogd/retro_fridge_with_water_dispenser.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://uploads.strikinglycdn.com/files/4371836f-f017-4f30-9831-11554ca34703/botunuxojok.pdf
Source: reflective_practice_template_nhs[1].pdf	Initial sample: https://najijufo.weebly.com/uploads/1/3/4/7/134714833/peguloxufera_kudulavigiwub.pdf

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

File created: C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons

Jump to behavior

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

File created: C:\Users\user\AppData\Local\Temp\acrord32_sbx

Jump to behavior

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

File read: C:\Program Files (x86)\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' 'C:\Users\user\Desktop\reflective_practice_template_nhs[1].pdf'
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\Desktop\reflective_practice_template_nhs[1].pdf'
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1588,5207695692286208694,13668873235774985554,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=4477307787754487931 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4477307787754487931 --renderer-client-id=2 --mojo-platform-channel-handle=1716 --allow-no-sandbox-job /prefetch:1
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1588,5207695692286208694,13668873235774985554,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=5528301929327232026 --mojo-platform-channel-handle=1728 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1588,5207695692286208694,13668873235774985554,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=9756364306558423637 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9756364306558423637 --renderer-client-id=4 --mojo-platform-channel-handle=1824 --allow-no-sandbox-job /prefetch:1
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1588,5207695692286208694,13668873235774985554,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=7523555841818072242 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7523555841818072242 --renderer-client-id=5 --mojo-platform-channel-handle=2224 --allow-no-sandbox-job /prefetch:1
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation -- 'https://traffking.ru/square?utm_term=reflective+practice+template+nhs'
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1560,17001144406219017590,14380291932932443674,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1824 /prefetch:8
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\Desktop\reflective_practice_template_nhs[1].pdf'	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation -- 'https://traffking.ru/square?utm_term=reflective+practice+template+nhs'	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1588,5207695692286208694,13668873235774985554,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=4477307787754487931 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4477307787754487931 --renderer-client-id=2 --mojo-platform-channel-handle=1716 --allow-no-sandbox-job /prefetch:1	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1588,5207695692286208694,13668873235774985554,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=5528301929327232026 --mojo-platform-channel-handle=1728 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1588,5207695692286208694,13668873235774985554,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=9756364306558423637 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9756364306558423637 --renderer-client-id=4 --mojo-platform-channel-handle=1824 --allow-no-sandbox-job /prefetch:1	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1588,5207695692286208694,13668873235774985554,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=7523555841818072242 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7523555841818072242 --renderer-client-id=5 --mojo-platform-channel-handle=2224 --allow-no-sandbox-job /prefetch:1	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1560,17001144406219017590,14380291932932443674,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1824 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

File opened: C:\Windows\SysWOW64\Msftedit.dll

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Source: reflective_practice_template_nhs[1].pdf	Initial sample: PDF keyword /JS count = 0
Source: reflective_practice_template_nhs[1].pdf	Initial sample: PDF keyword /JavaScript count = 0

Source: reflective_practice_template_nhs[1].pdf

Initial sample: PDF keyword /EmbeddedFile count = 0

Source: reflective_practice_template_nhs[1].pdf

Initial sample: PDF keyword obj count = 59

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior

Source: AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp

Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

Code function: 2_2_05016003 LdrInitializeThunk,

2_2_05016003

Source: AcroRd32.exe, 00000002.00000002.405093312.0000000005940000.00000002.00000001.sdmp	Binary or memory string: Shell_TrayWnd
Source: AcroRd32.exe, 00000002.00000002.405093312.0000000005940000.00000002.00000001.sdmp	Binary or memory string: Progman
Source: AcroRd32.exe, 00000002.00000002.405093312.0000000005940000.00000002.00000001.sdmp	Binary or memory string: SProgram Managerl
Source: AcroRd32.exe, 00000002.00000002.405093312.0000000005940000.00000002.00000001.sdmp	Binary or memory string: Shell_TrayWnd,
Source: AcroRd32.exe, 00000002.00000002.405093312.0000000005940000.00000002.00000001.sdmp	Binary or memory string: Progmanlock

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Spearphishing Link1	Exploitation for Client Execution3	Path Interception	Process Injection2	Masquerading3	OS Credential Dumping	Security Software Discovery1	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection2	LSASS Memory	Process Discovery1	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol1	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	File and Directory Discovery1	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol2	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
reflective_practice_template_nhs[1].pdf	100%	Joe Sandbox ML

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

Source	Detection	Scanner	Label
https://cdn.sqhk.co/kilatelazobe/jetdOgd/retro_fridge_with_water_dispenser.pdf	0%	Avira URL Cloud	safe
https://traffking.ru/square?utm_term=reflective	0%	Avira URL Cloud	safe
https://api.echosign.com7	0%	Avira URL Cloud	safe
http://www.osmf.org/region/target#http://www.osmf.org/layout/renderer#http://www.osmf.org/layout/abs	0%	URL Reputation	safe
http://www.osmf.org/region/target#http://www.osmf.org/layout/renderer#http://www.osmf.org/layout/abs	0%	URL Reputation	safe
http://www.osmf.org/region/target#http://www.osmf.org/layout/renderer#http://www.osmf.org/layout/abs	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpExt/2008-02-29/ik	0%	Avira URL Cloud	safe
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/ma	0%	Avira URL Cloud	safe
http://cipa.jp/exif/1.0/	0%	URL Reputation	safe
http://cipa.jp/exif/1.0/	0%	URL Reputation	safe
http://cipa.jp/exif/1.0/	0%	URL Reputation	safe
http://www.osmf.org/default/1.0%http://www.osmf.org/mediatype/default	0%	URL Reputation	safe
http://www.osmf.org/default/1.0%http://www.osmf.org/mediatype/default	0%	URL Reputation	safe
http://www.osmf.org/default/1.0%http://www.osmf.org/mediatype/default	0%	URL Reputation	safe
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/i	0%	Avira URL Cloud	safe
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/dfo	0%	Avira URL Cloud	safe
https://cdn.sqhk.co/kapopajij/WiinigQ/protozoa_vs_bacteria_vs_virus_size.pdf	0%	Avira URL Cloud	safe
https://cdn.sqhk.co/ludibipimilu/DhcRxOb/movie_software_for_windows_10.pdf)	0%	Avira URL Cloud	safe
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/	0%	Avira URL Cloud	safe
https://cdn.sqhk.co/ludibipimilu/DhcRxOb/movie_software_for_windows_10.pdf	0%	Avira URL Cloud	safe
https://cdn.sqhk.co/kapopajij/WiinigQ/protozoa_vs_bacteria_vs_virus_size.pdf)	0%	Avira URL Cloud	safe
http://www.npes.org/pdfx/ns/id/	0%	URL Reputation	safe
http://www.npes.org/pdfx/ns/id/	0%	URL Reputation	safe
http://www.npes.org/pdfx/ns/id/	0%	URL Reputation	safe
http://www.osmf.org/drm/default	0%	URL Reputation	safe
http://www.osmf.org/drm/default	0%	URL Reputation	safe
http://www.osmf.org/drm/default	0%	URL Reputation	safe
http://www.npes.org/pdfx/ns/id/l	0%	Avira URL Cloud	safe
https://api.echosign.comRL	0%	URL Reputation	safe
https://api.echosign.comRL	0%	URL Reputation	safe
https://api.echosign.comRL	0%	URL Reputation	safe
http://www.osmf.org/elementId%http://www.osmf.org/temporal/embedded$http://www.osmf.org/temporal/dyn	0%	URL Reputation	safe
http://www.osmf.org/elementId%http://www.osmf.org/temporal/embedded$http://www.osmf.org/temporal/dyn	0%	URL Reputation	safe
http://www.osmf.org/elementId%http://www.osmf.org/temporal/embedded$http://www.osmf.org/temporal/dyn	0%	URL Reputation	safe
http://www.ascendercorp.com/typedesigners.html	0%	URL Reputation	safe
http://www.ascendercorp.com/typedesigners.html	0%	URL Reputation	safe
http://www.ascendercorp.com/typedesigners.html	0%	URL Reputation	safe
https://cdn.sqhk.co/kilatelazobe/jetdOgd/retro_fridge_with_water_dispenser.pdf)	0%	Avira URL Cloud	safe
https://cdn.sqhk.co/potexunajo/Qjajchj/hitman_2_silent_assassin_cheats.pdf)	0%	Avira URL Cloud	safe
http://www.osmf.org/subclip/1.0	0%	URL Reputation	safe
http://www.osmf.org/subclip/1.0	0%	URL Reputation	safe
http://www.osmf.org/subclip/1.0	0%	URL Reputation	safe
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/rlA	0%	Avira URL Cloud	safe
http://www.ascendercorp.com/http://www.ascendercorp.com/http://www.ascendercorp.com/typedesigners.ht	0%	Avira URL Cloud	safe
https://dns.google	0%	URL Reputation	safe
https://dns.google	0%	URL Reputation	safe
https://dns.google	0%	URL Reputation	safe
http://www.fontbureau.comhttp://www.fontbureau.com/designersNegritaAgency	0%	Avira URL Cloud	safe
http://ns.useplus.org/ldf/xmp/1.0/	0%	URL Reputation	safe
http://ns.useplus.org/ldf/xmp/1.0/	0%	URL Reputation	safe
http://ns.useplus.org/ldf/xmp/1.0/	0%	URL Reputation	safe
http://www.ascendercorp.com/	0%	URL Reputation	safe
http://www.ascendercorp.com/	0%	URL Reputation	safe
http://www.ascendercorp.com/	0%	URL Reputation	safe
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/$	0%	Avira URL Cloud	safe
https://.OKCancelEdit	0%	Avira URL Cloud	safe
http://iptc.org/std/Iptc4xmpExt/2008-02-29/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpExt/2008-02-29/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpExt/2008-02-29/	0%	URL Reputation	safe
http://www.osmf.org/layout/anchor	0%	URL Reputation	safe
http://www.osmf.org/layout/anchor	0%	URL Reputation	safe
http://www.osmf.org/layout/anchor	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	0%	URL Reputation	safe
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	0%	URL Reputation	safe
http://www.npes.org/pdfx/ns/id/R	0%	Avira URL Cloud	safe
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/Pk	0%	Avira URL Cloud	safe
https://cdn.sqhk.co/kapopajij/WiinigQ/protozoa_vs_bacteria_vs_virus_size.pdfg-	0%	Avira URL Cloud	safe
http://cipa.jp/exif/1.0/(15)8	0%	Avira URL Cloud	safe
https://cdn.sqhk.co/potexunajo/Qjajchj/hitman_2_silent_assassin_cheats.pdf	0%	Avira URL Cloud	safe
https://traffking.ru	0%	Avira URL Cloud	safe
http://www.osmf.org/layout/padding%http://www.osmf.org/layout/attributes	0%	URL Reputation	safe
http://www.osmf.org/layout/padding%http://www.osmf.org/layout/attributes	0%	URL Reputation	safe
http://www.osmf.org/layout/padding%http://www.osmf.org/layout/attributes	0%	URL Reputation	safe
http://www.adobe.9	0%	Avira URL Cloud	safe
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/We9	0%	Avira URL Cloud	safe
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/	0%	Avira URL Cloud	safe
http://www.quicktime.com.Acrobat	0%	URL Reputation	safe
http://www.quicktime.com.Acrobat	0%	URL Reputation	safe
http://www.quicktime.com.Acrobat	0%	URL Reputation	safe
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/4	0%	Avira URL Cloud	safe
http://www.adobe.	0%	URL Reputation	safe
http://www.adobe.	0%	URL Reputation	safe
http://www.adobe.	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
a.nel.cloudflare.com	35.190.80.1	true	false	high
traffking.ru	172.67.171.190	true	false	unknown
googlehosted.l.googleusercontent.com	216.58.212.129	true	false	high
clients2.googleusercontent.com	unknown	unknown	false	high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://cdn.sqhk.co/kilatelazobe/jetdOgd/retro_fridge_with_water_dispenser.pdf	AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://uploads.strikinglycdn.com/files/8c547329-0d1e-4dfa-b95f-2dc323cb86d4/world_war_one_weapons_c	AcroRd32.exe, 00000002.00000002.424135864.000000000B685000.00000004.00000001.sdmp, reflective_practice_template_nhs[1].pdf	false		high
http://www.aiim.org/pdfa/ns/field#Id	AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	false		high
https://nalabusapigo.weebly.com/uploads/1/3/2/7/132740218/4175162.pdf)	reflective_practice_template_nhs[1].pdf	false		high
https://traffking.ru/square?utm_term=reflective	Current Session.21.dr	false	Avira URL Cloud: safe	unknown
https://wosufixojiniki.weebly.com/uploads/1/3/4/7/134720754/4081785.pdf)	reflective_practice_template_nhs[1].pdf	false		high
http://www.aiim.org/pdfa/ns/schema#	AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	false		high
https://api.echosign.com7	AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
http://www.aiim.org/pdfa/ns/id/c	AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	false		high
http://www.osmf.org/region/target#http://www.osmf.org/layout/renderer#http://www.osmf.org/layout/abs	AcroRd32.exe, 00000002.00000002.405944190.0000000007C70000.00000002.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://zopugazuf.weebly.com/uploads/1/3/4/6/134658021/6123242.pdf	AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	false		high
http://iptc.org/std/Iptc4xmpExt/2008-02-29/ik	AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://zoxiniguve.weebly.com/uploads/1/3/4/5/134584112/lunopamug_wemezuvulezurob.pdf	AcroRd32.exe, 00000002.00000002.423954231.000000000B595000.00000004.00000001.sdmp	false		high
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/ma	AcroRd32.exe, 00000002.00000002.423999541.000000000B5DB000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	low
https://uploads.strikinglycdn.com/files/4371836f-f017-4f30-9831-11554ca34703/botunuxojok.pdf)	reflective_practice_template_nhs[1].pdf	false		high
https://gofolepoxi.weebly.com/uploads/1/3/4/8/134882907/7674727.pdf)	reflective_practice_template_nhs[1].pdf	false		high
https://zeginuvo.weebly.com/uploads/1/3/0/7/130775519/vapajukaba.pdf	AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	false		high
http://cipa.jp/exif/1.0/	AcroRd32.exe, 00000002.00000002.410868252.0000000009340000.00000004.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://www.osmf.org/default/1.0%http://www.osmf.org/mediatype/default	AcroRd32.exe, 00000002.00000002.405944190.0000000007C70000.00000002.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://najijufo.weebly.com/uploads/1/3/4/7/134714833/peguloxufera_kudulavigiwub.pdf)	reflective_practice_template_nhs[1].pdf	false		high
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/i	AcroRd32.exe, 00000002.00000002.423999541.000000000B5DB000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	low
http://www.aiim.org/pdfa/ns/type#	AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	false		high
https://a.nel.cloudflare.com	4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr	false		high
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/dfo	AcroRd32.exe, 00000002.00000002.431313305.000000000E686000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	low
https://zoxiniguve.weebly.com/uploads/1/3/4/5/134584112/lunopamug_wemezuvulezurob.pdf)	reflective_practice_template_nhs[1].pdf	false		high
https://tipefejiri.weebly.com/uploads/1/3/0/9/130969755/buwobu.pdf	AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	false		high
https://cdn.sqhk.co/kapopajij/WiinigQ/protozoa_vs_bacteria_vs_virus_size.pdf	AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://cdn.sqhk.co/ludibipimilu/DhcRxOb/movie_software_for_windows_10.pdf)	reflective_practice_template_nhs[1].pdf	false	Avira URL Cloud: safe	unknown
https://api.echosign.com	AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	false		high
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/	AcroRd32.exe, 00000002.00000002.423999541.000000000B5DB000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	low
https://cdn.sqhk.co/ludibipimilu/DhcRxOb/movie_software_for_windows_10.pdf	AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://cdn.sqhk.co/kapopajij/WiinigQ/protozoa_vs_bacteria_vs_virus_size.pdf)	reflective_practice_template_nhs[1].pdf	false	Avira URL Cloud: safe	unknown
http://www.npes.org/pdfx/ns/id/	AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://www.osmf.org/drm/default	AcroRd32.exe, 00000002.00000002.405944190.0000000007C70000.00000002.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://zopugazuf.weebly.com/uploads/1/3/4/6/134658021/6123242.pdf)	reflective_practice_template_nhs[1].pdf	false		high
http://www.npes.org/pdfx/ns/id/l	AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://api.echosign.comRL	AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://www.osmf.org/elementId%http://www.osmf.org/temporal/embedded$http://www.osmf.org/temporal/dyn	AcroRd32.exe, 00000002.00000002.405944190.0000000007C70000.00000002.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://www.ascendercorp.com/typedesigners.html	AcroRd32.exe, 00000002.00000002.423732062.000000000B4B1000.00000004.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://cdn.sqhk.co/kilatelazobe/jetdOgd/retro_fridge_with_water_dispenser.pdf)	reflective_practice_template_nhs[1].pdf	false	Avira URL Cloud: safe	unknown
https://zeginuvo.weebly.com/uploads/1/3/0/7/130775519/vapajukaba.pdf)	reflective_practice_template_nhs[1].pdf	false		high
http://www.aiim.org/pdfa/ns/extension/	AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	false		high
http://scripts.sil.org/OFLhttp://scripts.sil.org/OFL	AcroRd32.exe, 00000002.00000002.423732062.000000000B4B1000.00000004.00000001.sdmp	false		high
https://cdn.sqhk.co/potexunajo/Qjajchj/hitman_2_silent_assassin_cheats.pdf)	reflective_practice_template_nhs[1].pdf	false	Avira URL Cloud: safe	unknown
https://gofolepoxi.weebly.com/uploads/1/3/4/8/134882907/7674727.pdf	AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	false		high
http://www.osmf.org/subclip/1.0	AcroRd32.exe, 00000002.00000002.405944190.0000000007C70000.00000002.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://genigudepa.weebly.com/uploads/1/3/1/0/131070712/kasodopizafazakoxuk.pdf)	reflective_practice_template_nhs[1].pdf	false		high
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/rlA	AcroRd32.exe, 00000002.00000002.423999541.000000000B5DB000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	low
https://nalabusapigo.weebly.com/uploads/1/3/2/7/132740218/4175162.pdfp-	AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	false		high
http://www.aiim.org/pdfa/ns/property#	AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	false		high
http://www.ascendercorp.com/http://www.ascendercorp.com/http://www.ascendercorp.com/typedesigners.ht	AcroRd32.exe, 00000002.00000002.423732062.000000000B4B1000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://dns.google	ed8954d8-3f2b-4e1b-b29d-f26f5a04eaca.tmp.22.dr, 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr, 10b9cad4-7dff-4d1c-b1c2-32538d1f314b.tmp.22.dr, 1704ca54-9349-4cf0-ac97-9bff9f5ae3ef.tmp.22.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://www.fontbureau.comhttp://www.fontbureau.com/designersNegritaAgency	AcroRd32.exe, 00000002.00000002.423999541.000000000B5DB000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
http://ns.useplus.org/ldf/xmp/1.0/	AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://www.ascendercorp.com/	AcroRd32.exe, 00000002.00000002.423732062.000000000B4B1000.00000004.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://pumoguviponurin.weebly.com/uploads/1/3/4/7/134773216/miretigegurugi.pdf	AcroRd32.exe, 00000002.00000002.411079859.0000000009425000.00000004.00000001.sdmp	false		high
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/$	AcroRd32.exe, 00000002.00000002.431313305.000000000E686000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	low
http://www.aiim.org/pdfa/ns/id/	AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	false		high
https://.OKCancelEdit	AcroRd32.exe, 00000002.00000002.431436814.000000000E777000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	low
https://tipefejiri.weebly.com/uploads/1/3/0/9/130969755/buwobu.pdf)	reflective_practice_template_nhs[1].pdf	false		high
http://iptc.org/std/Iptc4xmpExt/2008-02-29/	AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://www.osmf.org/layout/anchor	AcroRd32.exe, 00000002.00000002.405944190.0000000007C70000.00000002.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://uploads.strikinglycdn.com/files/4371836f-f017-4f30-9831-11554ca34703/botunuxojok.pdfN	AcroRd32.exe, 00000002.00000002.423954231.000000000B595000.00000004.00000001.sdmp	false		high
https://wixotavu.weebly.com/uploads/1/3/4/7/134764887/2953325.pdfb.	AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	false		high
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/	AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://www.aiim.org/pdfe/ns/id/	AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	false		high
http://www.npes.org/pdfx/ns/id/R	AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://a.nel.cloudflare.com/report?s=XgDtas6rxmQXi1NtYYQGGtjvlm1lLbMIYjkQIprM4iwF0ZZj3tp0ISGyKdYPkd	Reporting and NEL.22.dr	false		high
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/Pk	AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://cdn.sqhk.co/kapopajij/WiinigQ/protozoa_vs_bacteria_vs_virus_size.pdfg-	AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://najijufo.weebly.com/uploads/1/3/4/7/134714833/peguloxufera_kudulavigiwub.pdf	AcroRd32.exe, 00000002.00000002.423954231.000000000B595000.00000004.00000001.sdmp	false		high
https://genigudepa.weebly.com/uploads/1/3/1/0/131070712/kasodopizafazakoxuk.pdf	AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	false		high
http://cipa.jp/exif/1.0/(15)8	AcroRd32.exe, 00000002.00000002.410868252.0000000009340000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://cdn.sqhk.co/potexunajo/Qjajchj/hitman_2_silent_assassin_cheats.pdf	AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://traffking.ru	AcroRd32.exe, 00000002.00000002.431313305.000000000E686000.00000004.00000001.sdmp, 4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr	false	Avira URL Cloud: safe	unknown
https://wixotavu.weebly.com/uploads/1/3/4/7/134764887/2953325.pdf)	reflective_practice_template_nhs[1].pdf	false		high
http://www.aiim.org/pdfa/ns/field#	AcroRd32.exe, 00000002.00000002.427413592.000000000D56B000.00000004.00000001.sdmp	false		high
http://www.osmf.org/layout/padding%http://www.osmf.org/layout/attributes	AcroRd32.exe, 00000002.00000002.405944190.0000000007C70000.00000002.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://nalabusapigo.weebly.com/uploads/1/3/2/7/132740218/4175162.pdf	AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	false		high
http://www.adobe.9	AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	low
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/We9	AcroRd32.exe, 00000002.00000002.423999541.000000000B5DB000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	low
https://wixotavu.weebly.com/uploads/1/3/4/7/134764887/2953325.pdf	AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	false		high
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/	AcroRd32.exe, 00000002.00000002.431313305.000000000E686000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	low
https://clients2.googleusercontent.com	4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp.22.dr, 1704ca54-9349-4cf0-ac97-9bff9f5ae3ef.tmp.22.dr	false		high
http://www.quicktime.com.Acrobat	AcroRd32.exe, 00000002.00000002.405944190.0000000007C70000.00000002.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/4	AcroRd32.exe, 00000002.00000002.423999541.000000000B5DB000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	low
https://ims-na1.adobelogin.com	AcroRd32.exe, 00000002.00000002.410868252.0000000009340000.00000004.00000001.sdmp	false		high
https://wosufixojiniki.weebly.com/uploads/1/3/4/7/134720754/4081785.pdf	AcroRd32.exe, 00000002.00000002.424349766.000000000B7AE000.00000004.00000001.sdmp	false		high
http://scripts.sil.org/OFL	AcroRd32.exe, 00000002.00000002.423732062.000000000B4B1000.00000004.00000001.sdmp	false		high
http://www.aiim.org/pdfa/ns/id/-	AcroRd32.exe, 00000002.00000002.431160906.000000000E27C000.00000004.00000001.sdmp	false		high
http://www.adobe.	AcroRd32.exe, 00000002.00000002.431313305.000000000E686000.00000004.00000001.sdmp	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://feedback.googleusercontent.com	manifest.json0.21.dr	false		high
https://uploads.strikinglycdn.com/files/4371836f-f017-4f30-9831-11554ca34703/botunuxojok.pdf	AcroRd32.exe, 00000002.00000002.423954231.000000000B595000.00000004.00000001.sdmp	false		high
https://pumoguviponurin.weebly.com/uploads/1/3/4/7/134773216/miretigegurugi.pdf)	reflective_practice_template_nhs[1].pdf	false		high

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
216.58.212.129	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.67.171.190	traffking.ru	United States	13335	CLOUDFLARENETUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
80.0.0.0	unknown	United Kingdom	5089	NTLGB	false

Private

IP
192.168.2.1
127.0.0.1

General Information

Joe Sandbox Version:	32.0.0 Black Diamond
Analysis ID:	404286
Start date:	04.05.2021
Start time:	21:36:19
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 8m 17s
Hypervisor based Inspection enabled:	false
Report type:	full
Sample file name:	reflective_practice_template_nhs[1].pdf
Cookbook file name:	defaultwindowspdfcookbook.jbs
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	40
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	SUS
Classification:	sus22.winPDF@50/263@4/7
EGA Information:	Successful, ratio: 100%
HDC Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 11 Number of non-executed functions: 0
Cookbook Comments:	Adjust boot time Enable AMSI Found application associated with file extension: .pdf Found PDF document Find and activate links Security Warning found Close Viewer
Warnings:	Show All Excluded IPs from analysis (whitelisted): 13.88.21.125, 40.88.32.150, 20.50.102.62, 131.253.33.200, 13.107.22.200, 93.184.220.29, 52.255.188.83, 23.57.80.111, 2.20.142.228, 2.20.143.130, 2.20.143.5, 2.20.142.203, 2.20.142.225, 2.20.142.226, 23.54.113.182, 204.79.197.200, 13.107.21.200, 23.54.113.53, 92.122.213.247, 92.122.213.194, 2.20.142.209, 2.20.142.210, 142.250.185.205, 142.250.185.78, 142.250.184.195, 142.250.185.206, 95.168.222.146, 34.104.35.123, 95.168.222.141, 142.250.186.74, 142.250.186.106, 142.250.186.138, 142.250.186.170, 142.250.184.202, 142.250.184.234, 172.217.18.106, 172.217.23.106, 216.58.212.138, 142.250.185.74, 172.217.16.138, 142.250.185.106, 142.250.185.138, 142.250.185.170, 142.250.185.202, 142.250.185.234, 20.54.26.129, 72.246.101.132, 172.217.23.99, 142.250.185.67, 52.155.217.156 Excluded domains from analysis (whitelisted): arc.msn.com.nsatc.net, cs9.wac.phicdn.net, clientservices.googleapis.com, fs-wildcard.microsoft.com.edgekey.net, acroipm2.adobe.com, skypedataprdcoleus15.cloudapp.net, clients2.google.com, ocsp.digicert.com, wildcard.weather.microsoft.com.edgekey.net, a122.dscd.akamai.net, www-bing-com.dual-a-0001.a-msedge.net, audownload.windowsupdate.nsatc.net, update.googleapis.com, watson.telemetry.microsoft.com, www.gstatic.com, au-bg-shim.trafficmanager.net, www.bing.com, fs.microsoft.com, acroipm2.adobe.com.edgesuite.net, dual-a-0001.a-msedge.net, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, ris-prod.trafficmanager.net, www.googleapis.com, dual-a-0001.dc-msedge.net, ris.api.iris.microsoft.com, ssl.adobe.com.edgekey.net, edgedl.me.gvt1.com, store-images.s-microsoft.com, r2.sn-n02xgoxufvg3-2gbs.gvt1.com, blobcollector.events.data.trafficmanager.net, clients.l.google.com, au.download.windowsupdate.com.edgesuite.net, e4578.dscb.akamaiedge.net, r2---sn-n02xgoxufvg3-2gbs.gvt1.com, store-images.s-microsoft.com-c.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, e15275.g.akamaiedge.net, arc.msn.com, consumerrp-displaycatalog-aks2eap-europe.md.mp.microsoft.com.akadns.net, db5eap.displaycatalog.md.mp.microsoft.com.akadns.net, e12564.dspb.akamaiedge.net, redirector.gvt1.com, arc.trafficmanager.net, displaycatalog.mp.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, displaycatalog-europeeap.md.mp.microsoft.com.akadns.net, accounts.google.com, tile-service.weather.microsoft.com, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, a767.dscg3.akamai.net, skypedataprdcoleus17.cloudapp.net, r7.sn-n02xgoxufvg3-2gbs.gvt1.com, a-0001.a-afdentry.net.trafficmanager.net, armmf.adobe.com, r7---sn-n02xgoxufvg3-2gbs.gvt1.com, skypedataprdcolwus15.cloudapp.net, displaycatalog-rp.md.mp.microsoft.com.akadns.net Report size exceeded maximum capacity and may have missing behavior information. Report size getting too big, too many NtCreateFile calls found. Report size getting too big, too many NtOpenFile calls found. Report size getting too big, too many NtQueryVolumeInformationFile calls found. Report size getting too big, too many NtSetInformationFile calls found. Report size getting too big, too many NtWriteVirtualMemory calls found.

Simulations

Behavior and APIs

Time	Type	Description
21:37:24	API Interceptor	9x Sleep call for process: RdrCEF.exe modified

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Link
239.255.255.250	test.html	Get hash	malicious	Browse
	PaymentAdvice - Copy.htm	Get hash	malicious	Browse
	INVOICE & STATEMENTS -COPY.htm	Get hash	malicious	Browse
	DGNTL04052021.2-8864.html	Get hash	malicious	Browse
	referenceMemMem.hta	Get hash	malicious	Browse
	Notes Received gcgaming.com.html	Get hash	malicious	Browse
	Tree Top.html	Get hash	malicious	Browse
	ATT51630.htm	Get hash	malicious	Browse
	message for dtriscritti@discountwaste.com.html	Get hash	malicious	Browse
	efax637637637.htm	Get hash	malicious	Browse
	afafd.htm	Get hash	malicious	Browse
	efax663663663.htm	Get hash	malicious	Browse
	FedEx Shipment Address Update Form2021.html	Get hash	malicious	Browse
	jdCsAaeOMw3AekTOgSZ92vgpOBC5TwWgMkt.html	Get hash	malicious	Browse
	Cws-Pay Application.html	Get hash	malicious	Browse
	.htm	Get hash	malicious	Browse
	sean.adair@redwirespace.com1__redwirespace.com.htm	Get hash	malicious	Browse
	FAXQKJEZPA42S.htm	Get hash	malicious	Browse
	efax702702702.htm	Get hash	malicious	Browse
	#Ud83d#Udcde.htm	Get hash	malicious	Browse
80.0.0.0	Autofactura generada mes de Abril 27-04-2021.pdf.exe	Get hash	malicious	Browse
	Autofactura generada mes de Abril 27-04-2021.pdf.exe	Get hash	malicious	Browse
	1RIA_IT_Formazione di Base Compliance_IT.pdf.exe	Get hash	malicious	Browse
	1RIA_IT_Formazione di Base Compliance_IT.pdf.exe	Get hash	malicious	Browse
	123.exe	Get hash	malicious	Browse
	123.exe	Get hash	malicious	Browse
	EiK2ZuecHv.exe	Get hash	malicious	Browse
	File6512365134_7863_20210413.html	Get hash	malicious	Browse
	DHL_Express_Shipments_Invoice_Confirmation_CBJ190517000131_74700456XXX.exe	Get hash	malicious	Browse
	DHL_Express_Shipment_Invoice_Confirmation_CBJ190517000131_74700456XXXX.exe	Get hash	malicious	Browse
	DHL_Express_Shipments_Invoice_Confirmation_CBJ190517000131_74700456XXX.exe	Get hash	malicious	Browse
	DHL_Express_Shipment_Confirmation_BKKR005545473_88700456XXXX.exe	Get hash	malicious	Browse
	APRILQUOTATION#QQO2103060_SAMPLES_KHANG HY_CO_CORPORATION.exe	Get hash	malicious	Browse
	#U260f8284.HTML	Get hash	malicious	Browse
	HunpuKMHQt.exe	Get hash	malicious	Browse
	JbQoNNPVOk.exe	Get hash	malicious	Browse
	_vm583573758.htm	Get hash	malicious	Browse
	March 17, 2021, 101142 AM.HTM	Get hash	malicious	Browse
	message_zdm.html	Get hash	malicious	Browse
	0000001_Carved.pdf	Get hash	malicious	Browse

Domains

No context

ASN

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
CLOUDFLARENETUS	j5Iw25ifjr.dll	Get hash	malicious	Browse	104.20.185.68
	IxJ7I5vVmLx6QS7.exe	Get hash	malicious	Browse	172.67.188.154
	oUvjpbnwz3.dll	Get hash	malicious	Browse	104.20.185.68
	KdLJVb0Aoi.dll	Get hash	malicious	Browse	104.20.184.68
	PaymentAdvice - Copy.htm	Get hash	malicious	Browse	104.16.19.94
	INVOICE & STATEMENTS -COPY.htm	Get hash	malicious	Browse	104.16.126.175
	DGNTL04052021.2-8864.html	Get hash	malicious	Browse	104.16.19.94
	01_extracted.exe	Get hash	malicious	Browse	172.67.188.154
	iuCN1LJ980.dll	Get hash	malicious	Browse	104.20.185.68
	i6ALtgS6nV.dll	Get hash	malicious	Browse	104.20.184.68
	iwEcXUAues.dll	Get hash	malicious	Browse	104.20.184.68
	MOe7vYpWXW.exe	Get hash	malicious	Browse	23.227.38.74
	i6ALtgS6nV.dll	Get hash	malicious	Browse	104.20.184.68
	Proforma adjunta N#U00ba 42037,pdf.exe	Get hash	malicious	Browse	172.67.188.154
	swift copy.exe	Get hash	malicious	Browse	104.21.19.200
	XmLE5f5wBX.dll	Get hash	malicious	Browse	104.20.185.68
	Presupuesto urgente PST56654256778982, pdf.exe	Get hash	malicious	Browse	104.21.19.200
	Notes Received gcgaming.com.html	Get hash	malicious	Browse	104.16.18.94
	DHL 4677348255142.exe	Get hash	malicious	Browse	104.21.19.200
	BCJOphish040520219700.html	Get hash	malicious	Browse	104.16.18.94
NTLGB	8UsA.sh	Get hash	malicious	Browse	82.32.79.178
	x86_unpacked	Get hash	malicious	Browse	82.17.192.153
	Autofactura generada mes de Abril 27-04-2021.pdf.exe	Get hash	malicious	Browse	80.0.0.0
	Autofactura generada mes de Abril 27-04-2021.pdf.exe	Get hash	malicious	Browse	80.0.0.0
	rIbyGX66Op	Get hash	malicious	Browse	86.18.93.173
	1RIA_IT_Formazione di Base Compliance_IT.pdf.exe	Get hash	malicious	Browse	80.0.0.0
	1RIA_IT_Formazione di Base Compliance_IT.pdf.exe	Get hash	malicious	Browse	80.0.0.0
	J76uxxiy.exe	Get hash	malicious	Browse	86.18.99.199
	123.exe	Get hash	malicious	Browse	80.0.0.0
	123.exe	Get hash	malicious	Browse	80.0.0.0
	EiK2ZuecHv.exe	Get hash	malicious	Browse	80.0.0.0
	File6512365134_7863_20210413.html	Get hash	malicious	Browse	80.0.0.0
	DHL_Express_Shipments_Invoice_Confirmation_CBJ190517000131_74700456XXX.exe	Get hash	malicious	Browse	80.0.0.0
	DHL_Express_Shipment_Invoice_Confirmation_CBJ190517000131_74700456XXXX.exe	Get hash	malicious	Browse	80.0.0.0
	DHL_Express_Shipments_Invoice_Confirmation_CBJ190517000131_74700456XXX.exe	Get hash	malicious	Browse	80.0.0.0
	DHL_Express_Shipment_Confirmation_BKKR005545473_88700456XXXX.exe	Get hash	malicious	Browse	80.0.0.0
	APRILQUOTATION#QQO2103060_SAMPLES_KHANG HY_CO_CORPORATION.exe	Get hash	malicious	Browse	80.0.0.0
	#U260f8284.HTML	Get hash	malicious	Browse	80.0.0.0
	HunpuKMHQt.exe	Get hash	malicious	Browse	80.0.0.0
	1.sh	Get hash	malicious	Browse	62.254.90.3

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	451603
Entropy (8bit):	5.009711072558331
Encrypted:	false
SSDEEP:	12288:ZHfRTyGZ6lup8Cfrvq4JBPKh+FBlESBw4p6:NfOCzvRKhGvwJ
MD5:	A78AD14E77147E7DE3647E61964C0335
SHA1:	CECC3DD41F4CEA0192B24300C71E1911BD4FCE45
SHA-256:	0D6803758FF8F87081FAFD62E90F0950DFB2DD7991E9607FE76A8F92D0E893FA
SHA-512:	DDE24D5AD50D68FC91E9E325D31E66EF8F624B6BB3A07D14FFED1104D3AB5F4EF1D7969A5CDE0DFBB19CB31C506F7DE97AF67C2F244F7E7E8E10648EA8321101
Malicious:	false
Reputation:	moderate, very likely benign file
Preview:	BDic.... ....6...."..Z..4g....6.2...{/...3...5....AF 1363.AF nm.AF pt.AF n1.AF p.AF tc.AF SM.AF M.AF S.AF MS.AF MNR.AF GDS.AF MNT.AF MH.AF MR.AF SZMR.AF MJ.AF MT.AF MY.AF MRZ.AF MN.AF MG.AF RM.AF N.AF MV.AF XM.AF DSM.AF SD.AF G.AF R.AF MNX.AF MRS.AF MD.AF MNRB.AF B.AF ZSMR.AF PM.AF SMNGJ.AF SMN.AF ZMR.AF SMGB.AF MZR.AF GM.AF SMR.AF SMDG.AF RMZ.AF ZM.AF MDG.AF MDT.AF SMNXT.AF SDY.AF LSDG.AF LGDS.AF GLDS.AF UY.AF U.AF DSGNX.AF GNDSX.AF DSG.AF Y.AF GS.AF IEMS.AF YP.AF ZGDRS.AF XGNVDS.AF UT.AF GNDS.AF GVDS.AF MYPS.AF XGNDS.AF TPRY.AF MDSG.AF ZGSDR.AF DYSG.AF PMYTNS.AF AGDS.AF DRZGS.AF PY.AF GSPMDY.AF EGVDS.AF SL.AF GNXDS.AF DSBG.AF IM.AF I.AF MDGS.AF SMY.AF DSGN.AF DSLG.AF GMDS.AF MDSBG.AF SGD.AF IY.AF P.AF DSMG.AF BLZGDRS.AF TR.AF AGSD.AF ZGBDRSL.AF PTRY.AF ASDGV.AF ASM.AF ICANGSD.AF ICAM.AF IKY.AF AMS.AF PMYTRS.AF BZGVDRS.AF SDRBZG.AF GVMDS.AF PSM.AF DGLS.AF GNVXDS.AF AGDSL.AF DGS.AF XDSGNV.AF BZGDRS.AF AM.AF AS.AF A.AF LDSG.AF AGVDS.AF SDG.AF LDSMG.AF EDSMG.AF EY.AF DRSMZG.AF PRYT.AF LZ

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\05349744be1ad4ad_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	410
Entropy (8bit):	5.631963286078434
Encrypted:	false
SSDEEP:	6:men9YOFLvEWdM9QJ/l/Bv/i7Z+P41TK6tEen9YOFLvEWdM9QlAu/Ni7Z+P41TK6V:vDRM90/SZiEnDRM9AA7ZiEV
MD5:	4BB57DBA51FC77C82FCAA963296A2396
SHA1:	6CA39C2DEF431B1E5167E1E43895DE23A0F6FF85
SHA-256:	071952EBA7A768CE4F2E9FAFCB4C5C0DED17C7FAE8C2C7ADAADE4E354403F079
SHA-512:	65C08488333F149176F2DC7188E05C0BF8CA2086357D9112D6DEC4021041B56BFD3FBB49B44705EECE9D1A99CECBA99E6499FAE887EF3DBA2A61BC4518754793
Malicious:	false
Reputation:	low
Preview:	0\r..m......M..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/plugin.js .....$ /....."#.D\v.D.$.A....d.{v.^.G...d.W.:...P..k%..A..Eo...................A..Eo.......cf.........0\r..m......M..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/plugin.js ..N..$ /....."#.D.b.F.$.A....d.{v.^.G...d.W.:...P..k%..A..Eo...................A..Eo......G..........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0786087c3c360803_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	348
Entropy (8bit):	5.569137326160573
Encrypted:	false
SSDEEP:	6:mi9NqEYOFLvEkot/oEi8Be7Ywcr1TK6tyoMi9NqEYOFLvEkFl//az8Be7Ywcr1TD:V9zGi9PQsoH9ziz9PQ
MD5:	F19CF255CA7BE8C9130BDC56F5CC2927
SHA1:	688798E6DA66F142D8CA23E9AB12B8C0B76F5794
SHA-256:	2C26F2BBA8F8327530631C020F185D7E6F5D55A201477481CCFCF5CAD72A13A1
SHA-512:	0814F5933CF0D37D6EE0CFE9DD51222FCA91A9BEE3E853442181ED0535C616A05425435926997707C55CE7E0FD62287FDF76DFEE044DB6AD99D7B90C5AAEC56F
Malicious:	false
Preview:	0\r..m............,....._keyhttps://rna-resource.acrobat.com/init.js ..k..$ /....."#.D...D.$.A.1.x.'.vI..\|Z..o...+.4....0..A..Eo...................A..Eo.......Q.5........0\r..m............,....._keyhttps://rna-resource.acrobat.com/init.js ..y..$ /....."#.DJ..E.$.A.1.x.'.vI..\|Z..o...+.4....0..A..Eo...................A..Eo........l ........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0998db3a32ab3f41_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	492
Entropy (8bit):	5.593123535626784
Encrypted:	false
SSDEEP:	12:DyeRVFAFjVFAFjE9vlUo6j7m5yeRVFAFjVFAFgPvlUo6j6:tB4v4wZSBq3B4v4gnSB
MD5:	47ECEC79E697ED8592C2508CC61D4824
SHA1:	33C11FFBE911E8D56C68D33E2914C9F03CB1BEE6
SHA-256:	1B3801DB5672CD182D312916649F9129E8F4CCB097B6E29342C1E63223322EF5
SHA-512:	D3A0ABA35B0B0A9F32ECBA3FDD03FF629F0368B0AECCE9D0F869F126C0FBD3F9E97C503288E6C9018BD90C684A2118A305634F9D9E129927E231AD5AFF9BA15B
Malicious:	false
Preview:	0\r..m......v...n......._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/selector.js ....$ /....."#.D<g}D.$.A..hvDO.N.t@.....n....... ....A..Eo...................A..Eo..................0\r..m......v...n......._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/selector.js .1x..$ /....."#.D...E.$.A..hvDO.N.t@.....n....... ....A..Eo...................A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0ace9ee3d914a5c0_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	232
Entropy (8bit):	5.619762637427953
Encrypted:	false
SSDEEP:	6:mNtVYOFLvEWdFCi5RsZmt/RHiWulHyA1TK6t0:IbRkiDtCWussa
MD5:	4817DAC702193AD4180A1DBC4270846A
SHA1:	5E8546137B2D7751DC60303FE990887541605BDD
SHA-256:	B2251E73512616C10E7C495A8E7DDEE23F785AA02ED72BE7F224F5D72278AA9E
SHA-512:	AC5DB61899D06107CD4BF771BC8B51A239E8CBF4A01ABF1ED976EAB4F273127B4F5FD8A70404CA22747C6F7E0D9CBD21CD227DB770BA573027FC7EB7491D9606
Malicious:	false
Preview:	0\r..m......h.....'....._keyhttps://rna-resource.acrobat.com/static/js/plugins/aicuc/js/plugins/rhp/exportpdf-rna-tool-view.js .y7..$ /....."#.Dv..D.$.A..8 P..a...R..Y....7.@..2Dm{..A..Eo...................A..Eo......BUw.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0f25049d69125b1e_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	210
Entropy (8bit):	5.549774243016546
Encrypted:	false
SSDEEP:	6:m+yiXYOFLvEWd7VIGXVu1y/6PZDRVyh9PT41TK6tBY:pyixRupPZDRV41TEX
MD5:	9A80FF643736EE36A15163179676DCD7
SHA1:	03B0359DBB07BE9377A0C0E746C87C4B48749CB6
SHA-256:	28285DFB4569A5F44DFA17C18443082D448D6C4CD9A64347DD9D9A1EBDF0957A
SHA-512:	035673B83C414E16EFD6F7DBB8507C8BAA6FB5C3853BA6C7F80A43AC8453FD9E3A545D58960E95D72D4CE082F78503C320200F16611D0F040780B17FA143906D
Malicious:	false
Preview:	0\r..m......R...kP]g...._keyhttps://rna-resource.acrobat.com/static/js/plugins/app-center/js/selector.js .....$ /....."#.D...E.$.Ak.Q.....-_..y.....O...>..1....A..Eo...................A..Eo.......@.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\230e5fe3e6f82b2c_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	216
Entropy (8bit):	5.621647904682762
Encrypted:	false
SSDEEP:	6:mvYOFLvEWdhwjQXtK/l/5qhLZIl6P41TK6t:0RhkB/6hLZC
MD5:	67B892F78CF1F66E271DB89C206610D3
SHA1:	2214C8428C11133A8D5B4E1BE1355662E77AAECC
SHA-256:	451D876F4843313A942EA48654887162F6E85314A19EDAC0190A79CEEEEB06DB
SHA-512:	058E6953611A31A7179BC12B9268AB61F4AF5428626D81B25DB7400823D472F3D9F38349D68504D04D49F0D18EFE8B770AC117B9DCACA6ED7B561359C2E35345
Malicious:	false
Preview:	0\r..m......X.....V....._keyhttps://rna-resource.acrobat.com/static/js/plugins/sign-services-auth/js/plugin.js .^1..$ /....."#.D..E.$.A.].>....uUf..N...k......c..l.A..Eo...................A..Eo......ML.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2798067b152b83c7_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	209
Entropy (8bit):	5.506299101035559
Encrypted:	false
SSDEEP:	6:mJYOFLvEWdGQRQOdQUsS//usXV6g1TK6tRAOll/:2RHRQCtsza1kO//
MD5:	5DA94A7AE9B2F5F802EC2BB89BD63305
SHA1:	C8E93945B49BC249649FBD59149776B8EDFC6A23
SHA-256:	00A2715B5084D2736D88D46EA8B64022E94C01183721C07A2D7426042252E902
SHA-512:	8F11BAA5A78CF58C30A5C2040A4D9000C613AFCD6F748FE9298348DA8071DD2B49C094942AAB399AA687F947D07070509B6324503A39292DD8D2E29A3131B61C
Malicious:	false
Preview:	0\r..m......Q..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-computer/js/plugin.js ..H..$ /....."#.D(..E.$.A..c..y/L....\|y.n..C/I.....X7-ne.A..Eo...................A..Eo......rd%w........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2a426f11fd8ebe18_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	358
Entropy (8bit):	5.592293814937624
Encrypted:	false
SSDEEP:	6:mOYOFLvECMLP//hEhMuR/41TK6tH8OYOFLvECML+/nMuR/41TK6t3cFl:Z5M9+MuR/EJ75MGMuR/EVcF
MD5:	3EB283963E429975B848489E69693261
SHA1:	D5EE59E144C5077E3B22F2A45EF1508C6BCBCD77
SHA-256:	440FC29431DE7ABC3A114EC16095E68B325B177A97726DE4CADD31628BC22B2A
SHA-512:	5C7315473F48E7518F23A9060865B9B03815655F7D8F3FF078CFF9B8E31C6CD9BB9393EE3837D63B96D03155526D0A082FBA8455710745FE85367D0EFC327208
Malicious:	false
Preview:	0\r..m......3....<lb...._keyhttps://rna-resource.acrobat.com/base_uris.js ..q..$ /....."#.D.,.D.$.A.y...L<?W.Xi..A\Q3...J.}...d..~G.A..Eo...................A..Eo......A...........0\r..m......3....<lb...._keyhttps://rna-resource.acrobat.com/base_uris.js .....$ /....."#.D..E.$.A.y...L<?W.Xi..A\Q3...J.}...d..~G.A..Eo...................A..Eo........79........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\3a4ae3940784292a_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	214
Entropy (8bit):	5.513749459842036
Encrypted:	false
SSDEEP:	6:m4fPYOFLvEWdtumKl//KBG01+by0zBUKSAA1TK6t3:pRxKlz01+beR
MD5:	9F51E3F1516A9FB719485B1E77A4B502
SHA1:	4FBAF633609F9035A2483C499237088289D27C23
SHA-256:	4F820BFC61D21BF1D519EFB3D5DC12A6B91D10746B49352D5D933C2CBF0E1725
SHA-512:	4BCDCF42DAC3639F57F7A5E0B2FC79CD16244B00928F6827983180EA8707CC3F2D085C9BCB1084FDD46D249A30BC6A34476F81BB46A0641383378D5D544BD059
Malicious:	false
Preview:	0\r..m......V..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/search-summary/js/selector.js .....$ /....."#.D.B.E.$.AQ..E.=....=h`t..t..3%A.F$..w..A..Eo...................A..Eo.......8..........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4a0e94571d979b3c_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	354
Entropy (8bit):	5.493064683834928
Encrypted:	false
SSDEEP:	6:md4HXXYOFLvEjMSWFvngQ/26p3tUdyP41TK6ted4HXXYOFLvEjMSWFvt/CtUdyPh:KkXxKMSCvng74tUlYkXxKMSCvktUl6
MD5:	ED913CC4DE8575D3D5E74715F9AC6761
SHA1:	390D6A8EAC87636CBB05721BCD122972E8756E78
SHA-256:	251E81D53C6EE9275C0A87B1379C32DA5386E547C9A12B66819F3ADC722BA2AD
SHA-512:	BBFD01C54B4F127D3D9677AA3BC1CC035EF2260DE56F461AFA8BBAB9F1A95A03EF991D2D25B5F04B0133FC9F7FCC2FB5031ADBA5FADC0A7315CB3E0B4E09E3C4
Malicious:	false
Preview:	0\r..m......1......5...._keyhttps://rna-resource.acrobat.com/plugins.js ..n..$ /....."#.D...D.$.A.PU ....t^.....a.k..u.7.M.BW6#}..A..Eo...................A..Eo.......u.q........0\r..m......1......5...._keyhttps://rna-resource.acrobat.com/plugins.js ..}..$ /....."#.D{.E.$.A.PU ....t^.....a.k..u.7.M.BW6#}..A..Eo...................A..Eo......Aa#.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\560e9c8bff5008d8_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	374
Entropy (8bit):	5.54525309073133
Encrypted:	false
SSDEEP:	6:mkl9YOFLvEWsfOL+mKt/JzumyyM+VY1TK6tbkl9YOFLvEWsfOL6li/o1yyM+VY13:5h6OL8nzdkWh6OL2Xk
MD5:	E9BA46DD99D930BC74ED0B69DD7AF121
SHA1:	5E6CA5620D1DC9E9AA34E8FDCD5BE37F64406387
SHA-256:	7C12DE1845459C1583C23D3A13AB18BFCD82157F6513B2518173F49C3015A18E
SHA-512:	861BF586DF3724C99D438AB994B448FF8D2542C19BDDB3A81C8A3D3589F7F9B974EEA6FF9F98D7670B57925BF701E4CC6E333E987214C9390150D504A986F65C
Malicious:	false
Preview:	0\r..m......;...I......._keyhttps://rna-resource.acrobat.com/static/js/desktop.js ."...$ /....."#.D0.[D.$.A..q.O...j....._y..L^z...?..@N..A..Eo...................A..Eo........8.........0\r..m......;...I......._keyhttps://rna-resource.acrobat.com/static/js/desktop.js .....$ /....."#.D.G.E.$.A..q.O...j....._y..L^z...?..@N..A..Eo...................A..Eo.......z.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\56c4cd218555ae2b_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	488
Entropy (8bit):	5.584891989953156
Encrypted:	false
SSDEEP:	12:URVFAFjVFAFeJVwSeKaTLnQLRVFAFjVFAFzK+wSeKaTLn:UB4v4UwzXLneB4v4rwzXLn
MD5:	043AAB6FCCC558E1E5C08CD95293B632
SHA1:	406ABE6507C37CAE04FF9CBF9710AD703FE2F0F8
SHA-256:	F40323CF813B38B709E4576BEDDD5C5AF9A38750591FA2FC42901980221E08EC
SHA-512:	D9D822985158CA6F09F8D06BEA78064860C10D632325F6E8AEBE5F5D1555F55BCD61920A6E517C60B27D1E2E4C83772D9A37809DC205B771567A247A9B820731
Malicious:	false
Preview:	0\r..m......t...R.1<...._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/plugin.js .i...$ /....."#.D..D.$.A......H...{...2../.k`..r4.C. .A..Eo...................A..Eo..................0\r..m......t...R.1<...._keyhttps://rna-resource.acrobat.com/static/js/plugins/tracked-send/js/plugins/tracked-send/js/home-view/plugin.js .h...$ /....."#.De..F.$.A......H...{...2../.k`..r4.C. .A..Eo...................A..Eo.......D..........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6fb6d030c4ebbc21_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	211
Entropy (8bit):	5.469776000687835
Encrypted:	false
SSDEEP:	6:ms2VYOFLvEWdvBIEGdeXuxJsi/xMtP11TK6tB:BsR2EseteMPP
MD5:	8048E3DA03DF92773353EE83CFDA4A39
SHA1:	9415540E85C31D974FA7B2E0765CB0754521DF5D
SHA-256:	2BBD46E8010078A8EA81BFA4DFCC9F8C9ABAB3C94DDCE16913BA925699D4733D
SHA-512:	2ED91133181500E1FC032BA829C409D8847EDB34BE773AF7AEA24AAE0D0161F893EB7E2C21138D8615E2477D68BE6108F34E9703C1E89638D5AE1133482CEFA0
Malicious:	false
Preview:	0\r..m......S...]......._keyhttps://rna-resource.acrobat.com/static/js/plugins/add-account/js/selector.js .>...$ /....."#.Dg..E.$.A.A.o]@r..Q.....<w.....].n\....A..Eo...................A..Eo......w@.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\7120c35b509b0fae_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	202
Entropy (8bit):	5.627644132360778
Encrypted:	false
SSDEEP:	6:maVYOFLvEWdwAPCQBsWl/Z3B7OhKlvA1TK6t:RbR16FW33BJk
MD5:	D0E0413C60FB54DC9C25EBE8E160D84C
SHA1:	B85498B6B6171DFD53286834E72D25B60D4B40D0
SHA-256:	B9AA722E708EBE76E30EC48992289A5C93FADFA162113009E4BCDEF650BBC109
SHA-512:	65E3C0D82E32129FCE9359ACECDE22AE650A8002FC7255DBAEC8F8316133ECE1DD026B7B6920A5E5DDF2FBD34632B701D57F99C6570741622EE73A1E8635DAB6
Malicious:	false
Preview:	0\r..m......J......{...._keyhttps://rna-resource.acrobat.com/static/js/plugins/home/js/plugin.js ..)..$ /....."#.D.;.E.$.A..4T].....Tw.....(..b...EO....9.A..Eo...................A..Eo.......;.s........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\71febec55d5c75cd_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	211
Entropy (8bit):	5.558552303606602
Encrypted:	false
SSDEEP:	6:ms2gEYOFLvEWdGQRQVu/mt/ZG6nQdFt1TK6tNH:B2geRHRQImHGu0b
MD5:	EE4C70D1538F5090ED8D678D06DFCE9C
SHA1:	7169411C29F7A50071264E2E9A7935A1455B4247
SHA-256:	51564E00EB97E6146A250DCAEB9DC1989AB97A03A99F6CD9E5A3963948E93C9A
SHA-512:	A246D9272C72A827608918C711685DC97FB5839B941E8C623C745FD6759E2818C340140441F2E1A7CD81E7D3930F22DD6FE33404899A9C11DEFBFB49321AB70C
Malicious:	false
Preview:	0\r..m......S...W.%z...._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-computer/js/selector.js .l...$ /....."#.D+..E.$.A@..{o]...9o\|..qY....T....{..u.b..A..Eo...................A..Eo......U74N........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\86b8040b7132b608_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	412
Entropy (8bit):	5.619768148973
Encrypted:	false
SSDEEP:	6:mzyEYOFLvEWdrIOQLKt/ev56t1S/1TK6tyEzyEYOFLvEWdrIOQsl//Ul9r56t1SF:WyeRlq6t1wkMyeRl0156t1wrH
MD5:	41346F9E107CEF1968F1BF3C534BCE43
SHA1:	EC97A08CD608EF8E36A06A0F7B1BA07565C7B66A
SHA-256:	91C953FC2C80245CA97F86012AF2170E14F593D4BE72AD96DB08F81CDE6CAAF8
SHA-512:	8AA744FC6CF732E2946B738E48432C697366D1C7A800A2A27D3551895891561C72A71ECDA13B8DFF6EA41F53082DDD60F23DEB5B2FEF90D1CFF15972CC59102D
Malicious:	false
Preview:	0\r..m......N..../......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/plugin.js ..q..$ /....."#.Dc.hD.$.A.t\a......x5.'OuE.C..@......x..A..Eo...................A..Eo......F;..........0\r..m......N..../......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/plugin.js ..9..$ /....."#.D.T.E.$.A.t\a......x5.'OuE.C..@......x..A..Eo...................A..Eo......+..........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c159cc5880890bc_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	218
Entropy (8bit):	5.490664004001275
Encrypted:	false
SSDEEP:	3:m+lKcv8RzYOCGLvHkWBGKuKjXKoyNH/KPWFvdWlll0NYNqww6U+5m1TK5ktf1:mnYOFLvEWdhwyuyl/usqwK+41TK6t
MD5:	CFBEABFADE6C70FFC9646E42834AA03E
SHA1:	14B4FABA2F9CE83EAE3C0017026489A71C0565CC
SHA-256:	8CAD39321F795AD8C31CCF015F4D646682095F0A1B9D186BBCBFADEF161E0B89
SHA-512:	E4A47720BE2A928FFD68C924B7C529299510DB276E5F48A43796F083AB844FAF46BF68E9DC74F8CBDD16B48094893A9815C46688ECCC39519D13F934E10C9E97
Malicious:	false
Preview:	0\r..m......Z.........._keyhttps://rna-resource.acrobat.com/static/js/plugins/sign-services-auth/js/selector.js .m...$ /....."#.DG..E.$.A.......7...o..a=.98I......(3.$G.A..Eo...................A..Eo......w.q6........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c84d92a9dbce3e0_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	460
Entropy (8bit):	5.61523139184034
Encrypted:	false
SSDEEP:	6:mYXYOFLvEWdrROk/RJbuie/5LsfO441TK6tXYXYOFLvEWdrROk/RJbur/2sfO44M:/RrROk/OYfLEwRrROk/OfLEg
MD5:	4C2F74FBB3FF5020AEF1AC722DF8641D
SHA1:	B072CAD2913BCBD9D5BEEB3D7BB4B11D4EAC70B2
SHA-256:	5D10AD01A0944C87C2BAD937A288D00656C50AF509212FB481CE496898D3BBA5
SHA-512:	522F273DDA046744325401E79135A51467FA475567DB9D38B14A2FB8EAC5534656D623371EC21CA92FD95419EBF577CEA2C7897B5893CEB2928C879D73CE5324
Malicious:	false
Preview:	0\r..m......f...F......._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/selector.js ....$ /....."#.DS.gD.$.A..~..rw.+[....!.)?..f.U..(=.=.A..Eo...................A..Eo.......Z.(........0\r..m......f...F......._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/selector.js ..6..$ /....."#.D.1.E.$.A..~..rw.+[....!.)?..f.U..(=.=.A..Eo...................A..Eo........^.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8e417e79df3bf0e9_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	372
Entropy (8bit):	5.578465633899711
Encrypted:	false
SSDEEP:	6:mmDEYOFLvEWXICQ//qVhRS1QPLr1TK6tI//MmDEYOFLvEWXIhi/HS1QPLr1TK6tT:xqTbgCPLnG/jqTKQSCPLn
MD5:	39970273A9D4707957C7BA4992E23FF2
SHA1:	A2BCD8CD07C7171EC77C36F68081D63AF0513536
SHA-256:	C79C429536A20641441CF6913BDAF190AFB3131DCF6024EF599290EFD62B39C5
SHA-512:	010D651305756B811C90B99C8A297214682FE0A93333F08C60C36147F26B68FA00DE8C1164DF9A072244F00ECDDCA29AB647E5B123762C24963C48EB35845556
Malicious:	false
Preview:	0\r..m......:....f......_keyhttps://rna-resource.acrobat.com/static/js/config.js . ...$ /....."#.D..[D.$.A..~]...%s..<...n.f..<.....1#..U..A..Eo...................A..Eo.........1........0\r..m......:....f......_keyhttps://rna-resource.acrobat.com/static/js/config.js .....$ /....."#.D.(.E.$.A..~]...%s..<...n.f..<.....1#..U..A..Eo...................A..Eo........=.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\91cec06bb2836fa5_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	414
Entropy (8bit):	5.623801863535604
Encrypted:	false
SSDEEP:	6:m52YOFLvEWdMAuEhl/KzsEJ41TK6tV/l252YOFLvEWdMAuri/3EzsEJ41TK6tNt:zRMiOsD7/BRMhXsDr
MD5:	18E07072BD0176CD2A329F0A170A2D2C
SHA1:	B8F038FEB8B3B6BD85DFD1AD816D942C70E7B028
SHA-256:	F81F428C4FE9928990E207839750DDC3B6A631EECB15403408BDE2ECAA4654C7
SHA-512:	A54FF6020D4C07A0C83A2FC5BA5A2E5DEBE66C39BBCC2644E3864D3D84A4BCE8955C7C2150280BCEA3345670B4647C3C8F12265145E6460D07DE2E031DE5FF0E
Malicious:	false
Preview:	0\r..m......O...a.Y....._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/selector.js .O..$ /....."#.D0.\|D.$.A..z._a...'.v.......4p3..1.']...A..Eo...................A..Eo........#.........0\r..m......O...a.Y....._keyhttps://rna-resource.acrobat.com/static/js/plugins/reviews/js/selector.js .....$ /....."#.D2!.E.$.A..z._a...'.v.......4p3..1.']...A..Eo...................A..Eo.......=i.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\927a1596c37ebe5e_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	420
Entropy (8bit):	5.572308330147026
Encrypted:	false
SSDEEP:	6:mYilPYOFLvEWd8CAdAu3dgQll/YR7BSSFong1TK6tuYilPYOFLvEWd8CAdAuEeAP:6lJR0OLBhFoM0lJRd/TTFoML
MD5:	81DE37A2C1103324E837CC8D8867C99D
SHA1:	1029866630E466210D9AE16B8C6C315D962E72DC
SHA-256:	3C50332090B76FAEBD15B20659D971BFB55CD266BD4BA7065FA6C23C25198B8D
SHA-512:	38AD4AEE9E2C4A6A203D68B16F6798ED5D98D130D4E25BE2DA61CA95D6A55BDFB2EEBEE14231E8CCF25CC705F9C8BD5BBFE0F77202E65B2AA89E4B8EA67C59E9
Malicious:	false
Preview:	0\r..m......R....\|....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/selector.js .8..$ /....."#.D.A}D.$.Ac}.H7M=M..-.....Ix..R.l...}Rl.$q.A..Eo...................A..Eo........OC........0\r..m......R....\|....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/selector.js .P...$ /....."#.D...E.$.Ac}.H7M=M..-.....Ix..R.l...}Rl.$q.A..Eo...................A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\92c56fa2a6c4d5ba_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	446
Entropy (8bit):	5.600196417211991
Encrypted:	false
SSDEEP:	6:mY8nYOFLvEWdrROk/IuAe/1LVe16wG1TK6t9/EY8nYOFLvEWdrROk/IuFe/U6PvG:F8hRrROk/W+Ze2z/n8hRrROk/yPve2A
MD5:	E3B831C5AE75A86D116AE62182DB0501
SHA1:	3F608F50B6EB5B0E7DD42E23FB553B749EA80426
SHA-256:	39FA14E47616438FA94936ECEEDDE964F7B48168BB1707E115656A0D9C81A3B1
SHA-512:	114E3348E89FDB73BF26C64C099DDFE56BC972C1A4630A3BC78E64D118C032111272967CF0DD3932A381AD64646F979CED699DF2B847F022D278EA03AD8D16E6
Malicious:	false
Preview:	0\r..m......_...h......_keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/selector.js ....$ /....."#.D..gD.$.A..%.k.SZ..~W.....:)'B..ad......A..Eo...................A..Eo......]...........0\r..m......_...h......_keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/selector.js .....$ /....."#.D...E.$.A..%.k.SZ..~W.....:)'B..ad......A..Eo...................A..Eo......l...........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\946896ee27df7947_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	426
Entropy (8bit):	5.661302849717642
Encrypted:	false
SSDEEP:	6:mLrnYOFLvEWdrIoJUQXF/XzzyeqrNJIi1TK6t2LrnYOFLvEWdrIoJUQxXgQ/mqr5:ehRcSpCRrNJICAhRcGXEqrNJICzN/
MD5:	1067C246B9D7E146F0E264E5E0A8E4B4
SHA1:	A8692A54BC900965FA6DA9D8FA5471A0A95E9A4A
SHA-256:	94899653F47EC8ED4AEB15C1F3821AB8A8213CD56E0793DAFC35A2C6310A8448
SHA-512:	C2B2D0FB7912491128AD4433B2355CD06F86C3B0ECA752B1868FCA80301D5787343B7B406B142729CBDD30BC39C5BFC6DE01E30F13969C6B3FFC7E629A52E4E9
Malicious:	false
Preview:	0\r..m......U..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files-select/js/plugin.js ..v..$ /....."#.D3PhD.$.A.;"./N_.,.:C..2....9L.H...3:...A..Eo...................A..Eo......tQ..........0\r..m......U..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files-select/js/plugin.js ..<..$ /....."#.DW..E.$.A.;"./N_.,.:C..2....9L.H...3:...A..Eo...................A..Eo.......C.H........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\983b7a3da8f39a46_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	416
Entropy (8bit):	5.597007449533491
Encrypted:	false
SSDEEP:	6:mOEYOFLvEWdrIhuqt/b8bLzgm2d/1TK6tkk+OEYOFLvEWdrIhuzAKt/MLCLzgm20:0Rgd8/ReERtvVRem
MD5:	2B28EE963602BA0EC9092A3BD63EC366
SHA1:	FA1ECE3FE9AC8F0D4197C74DD1C6799F1B183060
SHA-256:	491AE10A1364C60A56F28BC16FC3E719597CE0DB597B12197B293D05D88432BD
SHA-512:	7DF60B0843F11F66F6DECB2B94C647F530A58794D991BF74A6DDB3BDEA3832E84419680A6C2CC7D2E4923F6DC8EE6883B85E2FF1E87ACB2C570F386B2424ABFC
Malicious:	false
Preview:	0\r..m......P....r......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/selector.js .....$ /....."#.D.@gD.$.AZ.Z}Q..4.o....0+..[\|..n:..U.W.A..Eo...................A..Eo........D.........0\r..m......P....r......_keyhttps://rna-resource.acrobat.com/static/js/plugins/my-files/js/selector.js .V...$ /....."#.D...E.$.AZ.Z}Q..4.o....0+..[\|..n:..U.W.A..Eo...................A..Eo.......x.P........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\aba6710fde0876af_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	376
Entropy (8bit):	5.588423967498415
Encrypted:	false
SSDEEP:	6:mAElVYOFLvEW1Kjl/jf2kx56uvp1TK6tNItMAElVYOFLvEW1KGFu/Dkx56uvp1Tq:6JJKjLswJJKGFXA
MD5:	199A995BBB3BE2BE1C10A19BB627FED1
SHA1:	2E466F21895118E8B17DC0E4EA0C7715B18531AD
SHA-256:	84346F1B75D678922A6B40A44AA1F893D15456FB33CCDCD191EEF2501F913114
SHA-512:	C90D3B242C70A00E6452F488D7944C328EA58BF9419B6AC61D4B415A073D8E4AE3EB7BFA33EF621857E6DFA94135F0E737DF214DC5F279B22BD1D522F100AD31
Malicious:	false
Preview:	0\r..m......<...)6......_keyhttps://rna-resource.acrobat.com/static/js/rna-main.js .....$ /....."#.D..&D.$.Az?...SwC...^..y.....V..7R-O.....A..Eo...................A..Eo.......[.........0\r..m......<...)6......_keyhttps://rna-resource.acrobat.com/static/js/rna-main.js .@h..$ /....."#.D.].E.$.Az?...SwC...^..y.....V..7R-O.....A..Eo...................A..Eo........$.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\b6d5deb4812ac6e9_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	214
Entropy (8bit):	5.584151760651256
Encrypted:	false
SSDEEP:	6:mWYOFLvEWdBJvvuoi/ThUDLYtmOZn1TK6tl:xRBJxDcFZLT
MD5:	4FE084007337D605202B42C4310B59BB
SHA1:	5C565424EFECCECDB7228B824AD185D25EFC1F55
SHA-256:	A492B248CD410CCA01E8706FADEFC44B6A3555D67F5CBFFC9D1B25BBDD709D61
SHA-512:	C61B1AF3DF8DADFBF8694E888FCAD0A182FD2612E08FFEA33D7C4CEFBF11DF36F4B3ED3300DBB84342A4B08BCF06424BCCB8AB2F1E3D3AA09274E1B96AAF7737
Malicious:	false
Preview:	0\r..m......V.....h....._keyhttps://rna-resource.acrobat.com/static/js/plugins/activity-badge/js/selector.js .h...$ /....."#.DT..E.$.A....t.q..W.EZ....1...[.zC.7mD..A..Eo...................A..Eo......e...........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bba29d2e6197e2f4_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	422
Entropy (8bit):	5.601169643629143
Encrypted:	false
SSDEEP:	6:msRPYOFLvEWIa7zp7V/uVPu1TK6tQesRPYOFLvEWIa7zp78Q/akVPu1TK6tA:BPH2cgPHGkc
MD5:	367EF55EB6125193D11EAB81D2A00D52
SHA1:	F44C1A40A0007537FC69CB42BC932E2E7120766B
SHA-256:	4C908662FEF061DB5371FE4E228FA803DE4ECB28BF0EF4202717E0F00C2A2B9F
SHA-512:	DD88074EB62D151593B8CE40F45427BB8C3FF54DA76F2E36FDCFAFAED5A9A9FE6F8E80F547A8922DC72801F12D2256BF9757AD819F7772D6C7A7FE0E393098FB
Malicious:	false
Preview:	0\r..m......S...{.j....._keyhttps://rna-resource.acrobat.com/static/js/libs/require/2.1.15/require.min.js ..t..$ /....."#.D.&.D.$.A...L...Im.@.........E.nW...IP..A..Eo...................A..Eo......<...........0\r..m......S...{.j....._keyhttps://rna-resource.acrobat.com/static/js/libs/require/2.1.15/require.min.js .....$ /....."#.D.7.E.$.A...L...Im.@.........E.nW...IP..A..Eo...................A..Eo......{.y.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bf0ac66ae1eb4a7f_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	208
Entropy (8bit):	5.571219385529447
Encrypted:	false
SSDEEP:	6:mKPYOFLvEWdENU9Qsl/zsPiM3Y1TK6t9:bJRT9NWPr0
MD5:	8EBDA043FB784A279F696FCA78CCFBCD
SHA1:	AE26F884D0183878D6CF9C99BD62EA2F47E5CA3D
SHA-256:	975F96E7815CB7C13DBBD2EC2A1C9F0A4396F956EE08B29F6D062AD2747B3867
SHA-512:	F9149DB8A35B0F5FA5D4093BA527C43232456848323368C217E80CC02F82253D488D209636B4A19DED30B02742EC5F3784E08FECE5067C46E746BEFC3FD49539
Malicious:	false
Preview:	0\r..m......P...Yft....._keyhttps://rna-resource.acrobat.com/static/js/plugins/uss-search/js/plugin.js .....$ /....."#.DB..E.$.A...M....m+lS..e.....<7.U.P8*.0K.A..Eo...................A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\cf3e34002cde7e9c_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	modified
Size (bytes):	208
Entropy (8bit):	5.61379031328076
Encrypted:	false
SSDEEP:	6:mQt6EYOFLvEWdccAHQpi/PQjBRCh/41TK6t:XRc9CQQDi/E
MD5:	91F02D0A763C31C8E69EFDBE31C3D79B
SHA1:	6BD8AB82092B1ED6E8369C55B6E502520C87BEBB
SHA-256:	F2E07554750312FF4A03D0742B3BE310FBAAA648537269FCE9128410E7DB101D
SHA-512:	FC7B83C88E9BD685A543C3BC41885E24ED0D2CC46D96E74357E6CA78170EB55908D20A8CCFE97933D128D10B4259AEC377587AAE9B35131EE735E08ED0AC006B
Malicious:	false
Preview:	0\r..m......P...W3......_keyhttps://rna-resource.acrobat.com/static/js/plugins/scan-files/js/plugin.js .....$ /....."#.D...F.$.APJm...0x.x..RD...BB!@5..<..]....A..Eo...................A..Eo..................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d449e58cb15daaf1_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	231
Entropy (8bit):	5.5665675349374135
Encrypted:	false
SSDEEP:	6:mqs6XYOFLvEWdFCi5mhuLVt/g1ULlF4r1TK6t:bs6xRkipV6WLlF4n
MD5:	0122D8486A78A43A0F6FFA2A91C5D7DD
SHA1:	3539F6254F73187ABEF762C9C2E00333D45A7ECE
SHA-256:	F671754C2D1954935B37612016A43EC7636CB42246EFA44C60E88B65F8A89FD8
SHA-512:	DE68AC80A03B1C205F56CC6BD9C77297EC750693AF92A5A9C34C28AEFEA7D7199BF8719077FE67B7512B19E8CB23C595DE7B1C8C6C53D03C1333454B7ACF5465
Malicious:	false
Preview:	0\r..m......g...~.I?...._keyhttps://rna-resource.acrobat.com/static/js/plugins/aicuc/js/plugins/rhp/exportpdf-rna-selector.js .....$ /....."#.D.nD.$.A.P...#4..l....5...5..).w.. .h.~..A..Eo...................A..Eo.......w[\........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d88192ac53852604_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	215
Entropy (8bit):	5.493089298400675
Encrypted:	false
SSDEEP:	3:m+lPHYs8RzYOCGLvHkWBGKuKjXKXqjuSKPWFv6Al/llLYc9Lacu1isLK5m1TK5k7:mhYOFLvEWd/aFuMA//L1941TK6tDZ
MD5:	7AF35A9C668360E6E91E69734934774A
SHA1:	169F011E586437DA5803C6C78B5C88D689A4C5ED
SHA-256:	A6545F24FA0488E9A012A009A600AD3E99A31DC022694F83C3498EA0E8769232
SHA-512:	580F20FD7677BD9DD90128402A1680A34721932302ABDCA5314CDCFD71AA38CC6D39C4C80BA9507F25531DA148313365B4B903C09FF9C92999EA0CEACF2ADFAD
Malicious:	false
Preview:	0\r..m......W....w.m...._keyhttps://rna-resource.acrobat.com/static/js/plugins/my-recent-files/js/selector.js .c...$ /....."#.D...E.$.A...a.f.m.i.o.p..3U5.....^...I.A..Eo...................A..Eo......q...........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\de789e80edd740d6_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	208
Entropy (8bit):	5.513673234560505
Encrypted:	false
SSDEEP:	6:mR9YOFLvEWd7VIGXOdQ8//XoBMqVd3G4K41TK6trN:2DRuRXYB9Vd2kxN
MD5:	F66B198E654C3913B41E6CB0B82C2FA2
SHA1:	836A0A7D9E15463A91CEA0B07DDCC48369BC9B97
SHA-256:	3DC23BCA007CE7D09E78DF419609D841AE12960B4DDE9BB7180850896B1BD5F6
SHA-512:	2A91447AA8B24E253A03D9EE560F3787BA957EA3317DA586498389F7C8469A8C2F529CFA112D2E5780F8D32AB91B1C84CABEB8DB1C09C4982D15DF4FC15612CA
Malicious:	false
Preview:	0\r..m......P...y.p....._keyhttps://rna-resource.acrobat.com/static/js/plugins/app-center/js/plugin.js .....$ /....."#.D.!.E.$.A..y.$..$.v5j...T...z.]..._S....A..Eo...................A..Eo.......qGC........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f0cf6dfa8a1afa3d_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	416
Entropy (8bit):	5.617899702570539
Encrypted:	false
SSDEEP:	6:mkqYOFLvEWd8CAd9Qfv/l/EMmuA424r1TK6t4kqYOFLvEWd8CAd9QU/WGtuA424v:+RQGv//rnSRQfcrn
MD5:	CC7581EED2217FAF0973E227BFB0B3E2
SHA1:	604D77084E0561204951ABD906EF79F301090EB3
SHA-256:	33F3EA8922C8C2E38B6A4DB23808FD603BC913C1170073F09314E36C75E4172E
SHA-512:	25EFD2A2E5FFFFF1516F22B2B5E1CC9ECB9EF79E6D8D238E608B420E7E72FA63C48EFA4EAD5231F21F6AF85ECB35553ABDA7266435F9EF4A9C9B9CD89530CB18
Malicious:	false
Preview:	0\r..m......P...gT....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/plugin.js .+...$ /....."#.D.k.D.$.A#..@..k(v.8g..5.~_....]Pj...6.A..Eo...................A..Eo..................0\r..m......P...gT....._keyhttps://rna-resource.acrobat.com/static/js/plugins/signatures/js/plugin.js .?...$ /....."#.D...F.$.A#..@..k(v.8g..5.~_....]Pj...6.A..Eo...................A..Eo......ZQb?........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f4a0d4ca2f3b95da_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	210
Entropy (8bit):	5.493227920729181
Encrypted:	false
SSDEEP:	6:moXXYOFLvEWdENUAuPGBwl/KyC8n1TK6tnl:xhRTNGB17Qh
MD5:	09DCAF21010167505921BFD9BE9706C1
SHA1:	A788DE4F203E62D5843604C23A110667C569AD68
SHA-256:	55F5190C725642C94DE9AD1E9ED43DAB403ED25A14A713E22EF3F6C521999F13
SHA-512:	14835763288DFC82976E459DB4FBD4775D3987C9C457D13AA480F1B46A0DDFB8A036DA7BC3DAA21F8BF12CF362B27C0F0FC79CDFE8C167616FC331546EB59224
Malicious:	false
Preview:	0\r..m......R..........._keyhttps://rna-resource.acrobat.com/static/js/plugins/uss-search/js/selector.js .....$ /....."#.D...E.$.A8.../...;.\\o....1..........+..A..Eo...................A..Eo.......1..........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f941376b2efdd6e6_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	442
Entropy (8bit):	5.619772709138325
Encrypted:	false
SSDEEP:	6:mQZYOFLvEWdrROk/VQK/9zDLmB41TK6tB+QZYOFLvEWdrROk/VQW/7pLmB41TK6P:nRrROk/Vzz+mzRrROk/VSmNt
MD5:	81A4584CFBE29DD2824281AA3981DBF8
SHA1:	FEF7AAB2A0B33E99F611209FF8D43564D901BF66
SHA-256:	F49539516631BCDE41D06A3CE8330EBA55217754F0DA51FEFFBA9DA143DEDD24
SHA-512:	B2EE7882DFE0C5E82A08265CC5F3DDD9D11458196A422E34CC376B2BD8DC7EDE7B8E886B4714B3405FC68BA790FCA2E08D2689BE7CE8AAA9772F83F0A9264C09
Malicious:	false
Preview:	0\r..m......]......,...._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/plugin.js ..}..$ /....."#.DI0lD.$.A ./.ev......N~..6.b.....$.j;:C...A..Eo...................A..Eo......=...........0\r..m......]......,...._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files/js/plugin.js .,l..$ /....."#.D...E.$.A ./.ev......N~..6.b.....$.j;:C...A..Eo...................A..Eo.................

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f971b7eda7fa05c3_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	210
Entropy (8bit):	5.545992563975379
Encrypted:	false
SSDEEP:	6:mZ/lXYOFLvEWdccAWuXq/LYGAdm9741TK6tUF:qxRcVuAdu7E2F
MD5:	A8C3A23F01B78EEFDF38EE20BF8D2748
SHA1:	919B4D6D43AFB8187BC7855F0D76494ED1E2C76F
SHA-256:	0A519AC0A158580E8C65ACC87BA1C4E0B1A5A973A0F915C4BBADB4F5924AE39D
SHA-512:	209F2D77B859E3C77D674C432877768884B1599785FC20B820A6E0FA6F3BD8E0E8731CB2271C2664427C35CDADBB75EAF1F3D4DCEE4E849A127AB29814D3F9EB
Malicious:	false
Preview:	0\r..m......R...F......._keyhttps://rna-resource.acrobat.com/static/js/plugins/scan-files/js/selector.js ..}..$ /....."#.Dn..E.$.A...U...I.>P...X...x..0U.~;m.x.k.A..Eo...................A..Eo........+.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fd17b2d8331c91e8_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	204
Entropy (8bit):	5.511417306471299
Encrypted:	false
SSDEEP:	3:m+lUg18RzYOCGLvHkWBGKuKjXKrAUWiKPWFvUABwlllllmSB6shoq+Nem1TK5kt/:mMOYOFLvEWdwAPVupQll/lkJn1TK6t
MD5:	BC48DA4BCF0EFE5885D2B8C142B72E23
SHA1:	1C88A1413D37FE35C0A1EDF8184CA84DAFC943F7
SHA-256:	B0E47E2B0541C4C240A3629276B8BF4F026C634A2CED2D817709EDD6B0EEEF84
SHA-512:	1146997D661421076F58BB1E1E6E3E7A7B245BB7239D416DFC1E5C1C0B8AC3B76702B0E3B8C0CF054835C885178823198B987AE21F516E13F77D7672DEBBF0F8
Malicious:	false
Preview:	0\r..m......L....Ey....._keyhttps://rna-resource.acrobat.com/static/js/plugins/home/js/selector.js .....$ /....."#.D...E.$.A.....k....F..D..O.n;[.1m.....=..A..Eo...................A..Eo........a.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fdd733564de6fbcb_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	212
Entropy (8bit):	5.589163482503573
Encrypted:	false
SSDEEP:	6:m3PXYOFLvEWdBJvYQ5/07fzhcsBXIh1TK6tW:mxRBJQx7fDB0
MD5:	DA0676EFF7772A219800B3A9B6F2550B
SHA1:	005626E36AE3BC09D01006E2C69C1E87C709DEA0
SHA-256:	B7D5BC92517C72BEEECC5F1F0862951B2049B7AD7FFAF1C97F214DF2F2C6A58B
SHA-512:	7635AF35EAAF19CFA85B940BD3D97040733FCD5B170F42224F6745F2FF09A5D4C8E04B9B364F782550C9CF6928DD712B900B239C9EFF91E889081852A6B2A8EA
Malicious:	false
Preview:	0\r..m......T......z...._keyhttps://rna-resource.acrobat.com/static/js/plugins/activity-badge/js/plugin.js .?L..$ /....."#.D(e.E.$.A...k..`..N3.... ..d..$[.....{.A..Eo...................A..Eo.......".O........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\febb41df4ea2b63a_0 Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	456
Entropy (8bit):	5.561533995405289
Encrypted:	false
SSDEEP:	6:msPYOFLvEWdrROk/RJUQti/Hsc3Me/1TK6th98sPYOFLvEWdrROk/RJUQ/QQ/Z4x:3RrROk/sW0sc39FRrROk/sR5cU
MD5:	3D2CDAC997DB8719B93A37478AEBB43D
SHA1:	820F0EA451AAB0651C414ADB3AAFF36826A6FCF5
SHA-256:	8925B1D4F35D91D7E71B280D1707D641E454C2D524913FB630F4092B700875D9
SHA-512:	B190C4A62EC79DE5371BD61FD9126F5C9CA129D385A8DD73DD1C4EC4151458E4637733984C97C27C356CB96CD6A8FDEF4F0E4630B9EFC4EAF9938D89EA612F38
Malicious:	false
Preview:	0\r..m......d...<.s....._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/plugin.js ....$ /....."#.D%"nD.$.A.....9Q].8O.z....=..:.N.{....N{.A..Eo...................A..Eo..................0\r..m......d...<.s....._keyhttps://rna-resource.acrobat.com/static/js/plugins/desktop-connector-files-select/js/plugin.js .Cr..$ /....."#.D..E.$.A.....9Q].8O.z....=..:.N.{....N{.A..Eo...................A..Eo......tVa.........

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\temp-index Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	2016
Entropy (8bit):	5.289962133883376
Encrypted:	false
SSDEEP:	24:0I2bYdB8J6MbkeljKqRom9cbSZYdD1HBGxGMANi1zrcSqc088I7bWQi2QXN89c6L:t2kdhMkCqm9cbSW1HGxGHiFc4ap22Zg
MD5:	C4E6F9B3C9FD5306AFA5DFB7E2F892D5
SHA1:	1844737CF1D833F45D499AA8FFB559391EE89E89
SHA-256:	FD39D1ABCDF10053EFE20C54439BF389157C1E0A259015061D96600E3CCA204D
SHA-512:	725BCE6AC5B367BD39BC0812CFC6BA2AB9B6DC97A231ECF81F89B7879890C6B51A52B5A1FEB6292F731CFAD070F6946D5AAC834B4FA4B9FDC601A5DB9D926909
Malicious:	false
Preview:	......goy retne....'........'............;.y~A.@..................@...................oB...................#...(@..................k7A.@..................D.4.@...............[.i..%.@..............<...W..J................,+..._.#@...............J..j...@................6<\|...................A?.2:..@...............+.{..'@..............)....J:@................2q....@................P....V@..............+.U.!..V@.................P[. q@..............!...0.o@...............u\]..q@.....................@....................@...............o..k..@..............^.~..z.@..................o.@..............Gy.'.h.@..............F..=z;.@................3...@...............v...q..@...............C..M..@................a.....................~.,.4>.@...............&.S....@...............@..x.@..............=....m..@...............;/...@...................q.@.................MV3..@..............:..N.A..@..............Z..........4.P.oy retne

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	294
Entropy (8bit):	5.159390950412661
Encrypted:	false
SSDEEP:	6:mVjyq2P92nKuAl9OmbnIFUtpneGr1ZmwPNm9RkwO92nKuAl9OmbjLJ:Jv4HAahFUtpe81/PY5LHAaSJ
MD5:	7A28ACB59F70CF20953E0A4AA6CDD103
SHA1:	1B80619F477F2C33FC39DC66705856B58B431D5A
SHA-256:	8B7D45694EBD5B707B5B96D743F9F8758A02EA9AC26824B476E1A9B5B96536FE
SHA-512:	9776B1D1E871A14C9BAF0B63040F02CB8C38C9A1EB1D4064FD937A666F670FFED1668925FF7A5EEEF0F5332F67507F5FC5EF5BFC4E5F7F678E1F4D94CC31CFEC
Malicious:	false
Preview:	2021/05/04-21:37:37.221 1bc0 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2021/05/04-21:37:37.224 1bc0 Recovering log #3.2021/05/04-21:37:37.225 1bc0 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
File Type:	data
Category:	dropped
Size (bytes):	917504
Entropy (8bit):	0.007909552735237937
Encrypted:	false
SSDEEP:	12:I+1rDro+1rDro+1rDrolfrgrocrgAmJocrgAmJocrgAmJ:T13rz13rz13r+fUrjUVJjUVJjUVJ
MD5:	28C3F901AA5AC270CCAB75AA191F3258
SHA1:	5D399FD68F093714478F4E722E6432F2F242EC89
SHA-256:	7C8E9508FC031C0B9B0EF7AA2AC874A1C14DE506A9AA035917F03E6CA1D3480D
SHA-512:	FE180F9F8D19E668F38B787F02BA2E6871EB3B9D90BD1CB9AAC9FFBCECD2EEB1F21EE16C422994B096BE8AEAF8E05CDB4653B9DD023B9DAA8C7C870706E1E925
Malicious:	false
Preview:	VLnk.....?.......+.}.^1.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-210505043724Z-239.bmp Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:	PC bitmap, Windows 3.x format, 107 x -152 x 32
Category:	dropped
Size (bytes):	65110
Entropy (8bit):	2.1152568299519108
Encrypted:	false
SSDEEP:	48:55i5Bw6J8J86DEUcZpLqy7PFqm7ZZq8bNqbg5L6bvObiMPju3:fIBw6J8J86shLq3
MD5:	C2806B0C2398F311842C4FE04D6F5DC6
SHA1:	1FB409CAB558C07CCB9753AD8301E98012FEB9A7
SHA-256:	7F4E880D8182CBCC060227B4E916411EE670BFDF9538552E8B82C17B2C92C348
SHA-512:	7E37ADC5CF8E6A2BCB0CC1B5CB1954EA85CABFAAC6DAF826936A1E7326425273BAA868DCB16C3F63108B3B5D2274FEE833AC8201F50B62EC41AAB382452B97A6
Malicious:	false
Preview:	BMV.......6...(...k...h..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:	SQLite 3.x database, last written using SQLite version 3024000
Category:	modified
Size (bytes):	32768
Entropy (8bit):	3.3873623622141498
Encrypted:	false
SSDEEP:	96:iR49IVXEBodRBkQeOhFVCsL49IVXEBodRBkRxeOhAVCs749IVXEBodRBklxeOhTf:iGedRBCedRBWedRB3edRBr
MD5:	3828B7C42E233B119D0853817DAA07D7
SHA1:	4F414C0F0257C137623BDAFBD3CB0B55C7FA0CF0
SHA-256:	FD8979D317C5392CF5BA95E09B25528D7383F55E925D30827AE623CA178D8951
SHA-512:	B01CE61FED7BE1FEBE8D7865D94E1092DA3BCE16ED80EFB5B1460E1A56A027D9778A9B14DE931ACB2F36E85FA572F19453B7715ADFC00D332891C551DCE6971A
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................$.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:	data
Category:	dropped
Size (bytes):	34928
Entropy (8bit):	3.2002425304549593
Encrypted:	false
SSDEEP:	96:M7OhFVCPE949IVXEBodRBk4eOhFVCsBLR49IVXEBodRBkGxeOhAVCsdd49IVXEBn:MAiedRBzLGedRB8CedRB9yedRBs
MD5:	37C6F0FFB4BC6BFEF158349C66FE2F02
SHA1:	BF9E09B3623B439B0A8F2484E321562B65DF0614
SHA-256:	09CB1487A80CD0EAE68B0F68D864B5AA6538F892FB4AB260002F27C91BCC7F1C
SHA-512:	1978E6A22B7EEB063CCFB4AF0DCD7F15116FF6876E587DD562EFD01F8915D0B25DD282F505E236C9AA3C26766BFFE95C6AAF8271ACD22CFE67E9A7C57EAAB167
Malicious:	false
Preview:	............gn'^...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................X...h...y................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache.bin Download File
Process:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
File Type:	data
Category:	dropped
Size (bytes):	63598
Entropy (8bit):	5.433041226997456
Encrypted:	false
SSDEEP:	768:PCbGNFYGpiyVFiCUZcdeL6f3Tr6BfvCHIlsuO4nbcyYyu:J0GpiyVFiBcYL6f3TuXCoHJK
MD5:	B49FE17CE6BBCD288BFE9E9E8CDF92D6
SHA1:	DBB11DE534670C182E0197D40CA763D2A9969FEA
SHA-256:	00F27048CB927B07E2CE208A00131872C467B127860FAF61E08D1B26E5EF8280
SHA-512:	3A588D6594F79EFB9D7B46F5A32BD6A27B5636DFC9C0E2DF0DA34827EEB46C36A18E569729D68DE0A84C07167E60785B282096016343C783F9792CFEDEF3D014
Malicious:	false
Preview:	4.382.88.FID.2:o:........:F:AgencyFB-Reg.P:Agency FB.L:$.........................."F:Agency FB.#.94.FID.2:o:........:F:AgencyFB-Bold.P:Agency FB Bold.L:%.........................."F:Agency FB.#.82.FID.2:o:........:F:Algerian.P:Algerian.L:$..........................RF:Algerian.#.93.FID.2:o:........:F:ArialNarrow.P:Arial Narrow.L:$.........................."F:Arial Narrow.#.107.FID.2:o:........:F:ArialNarrow-Italic.P:Arial Narrow Italic.L:$.........................."F:Arial Narrow.#.103.FID.2:o:........:F:ArialNarrow-Bold.P:Arial Narrow Bold.L:%.........................."F:Arial Narrow.#.116.FID.2:o:........:F:ArialNarrow-BoldItalic.P:Arial Narrow Bold Italic.L:%.........................."F:Arial Narrow.#.75.FID.2:o:........:F:ArialMT.P:Arial.L:$.........................."F:Arial.#.89.FID.2:o:........:F:Arial-ItalicMT.P:Arial Italic.L:$.........................."F:Arial.#.85.FID.2:o:........:F:Arial-BoldMT.P:Arial Bold.L:$.........................."F:Arial.#.98.FID.2:o:........:F:Arial-B

C:\Users\user\AppData\Local\Google\Chrome\User Data\09e82636-9696-4c70-b4c9-0c4353bce75e.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SysEx File -
Category:	dropped
Size (bytes):	94708
Entropy (8bit):	3.7489562423803466
Encrypted:	false
SSDEEP:	384:RHdySsPZkvMSVn521NKr/v+G3tGkZH0tGRYrzQSUxb5IIQbrD6xmvUzgq2WVOgE2:d6mRxCEF9Qef8u0s/DWmKs2WBR
MD5:	9D9EE2D847A0307EF735D63C40FB9D46
SHA1:	214019E8B1E69BA7215D57653AB56BE06231536D
SHA-256:	776F91663D6E6249B662647D60A1996A21CCFC68BDF3F12A9219F686CD0912D0
SHA-512:	E48DDAB8AC51B0000BBF241D47BE2060D9952BF5B5E6E9D4B6C430934E7ACDEC8B391F14155221B8E91D8ABC1EF06F448E24512D2470915C7AFE435318B63C33
Malicious:	false
Preview:	.q.................C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6......M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....98.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.

C:\Users\user\AppData\Local\Google\Chrome\User Data\0b0adde5-de30-44e9-bafb-8a74599a27a7.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	modified
Size (bytes):	362936
Entropy (8bit):	6.028181733871655
Encrypted:	false
SSDEEP:	6144:WEr/NOXs8Acx6ZaurE5/EDnJpAl9SeefNqWF4iVx/9LPeq/1LHm/dBA:d7NOxxzurRDn9nfNxF4ijZVtilBA
MD5:	2CA046A323FCC5AF5C58CA940291F1FE
SHA1:	C6C61E7C79EF474A68256C8B1572ACE2A89DFD51
SHA-256:	2C5099FEAE1F7150B7A3B935140A5E4902F2D199E511DB4D49B151D75B4F8093
SHA-512:	4D4B3F63F8DF762285C5BCC27AFBECCB236B0578D0E2FF3B9E6FF772BA40DF256458E128370B26809132BE082F4156934DC82608C5DDF753903F016DAD0AD158
Malicious:	false
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620189504525977e+12,"network":1.620157107e+12,"ticks":181522551.0,"uncertainty":4884260.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABUPWY4cSyAQZRX3j8/SLmMAAAAAAIAAAAAABBmAAAAAQAAIAAAACC7lwCjByxIY/Ds1S6cdCxJW6iSr1QfjoKlVKoVEQ4EAAAAAA6AAAAAAgAAIAAAAD9PMfiGkWkdrfU+zeMpOLPS1eDxLpcgjYP2R/ndeCNxMAAAAK+RpovfP61NtB5nOpQgPMjPTyt2T1WPeru9i3yP05zNVEj0uCRDWfONruG9ricX1kAAAADB9KtQ9KY2z38GdfaF7dW2ZLcAMHOX2oEKBg8ZJG9lsuMexxChB4M8HFpyb0Bpr6axpi+zmMIXt76noTOxFzKN"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245950075120998"},"plugins":{"metadata":{"adobe-flash-player":{"disp

C:\Users\user\AppData\Local\Google\Chrome\User Data\173bf113-f70c-4cc0-858f-826f0b8bcd24.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	362842
Entropy (8bit):	6.027999935623232
Encrypted:	false
SSDEEP:	6144:OEr/NOXs8Acx6ZaurE5/EDnJpAl9SeefNqWF4iVx/9LPeq/1LHm/dBA:V7NOxxzurRDn9nfNxF4ijZVtilBA
MD5:	C16A7107D1E5ACAA31D39EE76DB57DBA
SHA1:	FAADB117817F321FAB7DBAD4A829D1E93EBE4C7B
SHA-256:	2DC30FDA58DF3AC5ECA5C8D4090CCF06B4B53D29BAA7B72B8DF0FC0FDA0394A0
SHA-512:	206CEE8677EAC18184F626689E0EE4496B0769F58A2AF8B741BDCCB3E6AE9B0D4DEBD050616CE5E331A4C0BAAA8E40225722B0A0415447CB4EA73DAB3938A8C5
Malicious:	false
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620189504525977e+12,"network":1.620157107e+12,"ticks":181522551.0,"uncertainty":4884260.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABUPWY4cSyAQZRX3j8/SLmMAAAAAAIAAAAAABBmAAAAAQAAIAAAACC7lwCjByxIY/Ds1S6cdCxJW6iSr1QfjoKlVKoVEQ4EAAAAAA6AAAAAAgAAIAAAAD9PMfiGkWkdrfU+zeMpOLPS1eDxLpcgjYP2R/ndeCNxMAAAAK+RpovfP61NtB5nOpQgPMjPTyt2T1WPeru9i3yP05zNVEj0uCRDWfONruG9ricX1kAAAADB9KtQ9KY2z38GdfaF7dW2ZLcAMHOX2oEKBg8ZJG9lsuMexxChB4M8HFpyb0Bpr6axpi+zmMIXt76noTOxFzKN"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245950075120998"},"plugins":{"metadata":{"adobe-flash-player":{"disp

C:\Users\user\AppData\Local\Google\Chrome\User Data\28f96999-f0e3-4f35-a80f-d61de713d891.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	95428
Entropy (8bit):	3.7489200208885074
Encrypted:	false
SSDEEP:	384:BHdySsPZkvMSVn521NKr/v+G3tGkZH0tGRYrzQSUxb5IIQbrD6xmvbpzgq2WVOgF:t6mRxCE89Qef8u0s/DWmKs2WBJ
MD5:	ABA8C108ED3459E556FE087A4A4998B6
SHA1:	70917A83147F261CA831FBBB77EA02C444EBEC53
SHA-256:	DF6B40775F62FCE5DC245DAB2586A4F32C72222B86DFF59AF6845B0009B430A9
SHA-512:	D6E8FD3A67060D855AFAD81F4B69EA3DE8E137123DA1C95D903A664AA59C57A0B684FF1A9F1037AB031B1ADB037078E35108505A2EC7E781575B197FF7D2500C
Malicious:	false
Preview:	.t.................C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6......M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....98.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.

C:\Users\user\AppData\Local\Google\Chrome\User Data\4a487a11-82d5-4769-825f-bb955ad785ed.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	359271
Entropy (8bit):	6.0154296632329665
Encrypted:	false
SSDEEP:	6144:dEr/NOXs8Acx6ZaurE5/EDnJpAl9SeefNqWF4iVx/9LPeq/1LHm/dBA:C7NOxxzurRDn9nfNxF4ijZVtilBA
MD5:	C4B33A3459D1B0EC724CFB2D8823E64E
SHA1:	019EC3E8504302E0951163059C80287024796CB6
SHA-256:	1ABD51E59C2745B1FEA038B4ED55CD61D28A472E12AF6A4334286100C9ADE2FD
SHA-512:	F0FDB68ACC0BAFEF225C9E2A3971900FED23F15230E0661B0E731205161FB3A0336274F645AAC5C890426EAC978C3464F18FE44E6DEDBDF22CA6945A5D553944
Malicious:	false
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620189504525977e+12,"network":1.620157107e+12,"ticks":181522551.0,"uncertainty":4884260.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABUPWY4cSyAQZRX3j8/SLmMAAAAAAIAAAAAABBmAAAAAQAAIAAAACC7lwCjByxIY/Ds1S6cdCxJW6iSr1QfjoKlVKoVEQ4EAAAAAA6AAAAAAgAAIAAAAD9PMfiGkWkdrfU+zeMpOLPS1eDxLpcgjYP2R/ndeCNxMAAAAK+RpovfP61NtB5nOpQgPMjPTyt2T1WPeru9i3yP05zNVEj0uCRDWfONruG9ricX1kAAAADB9KtQ9KY2z38GdfaF7dW2ZLcAMHOX2oEKBg8ZJG9lsuMexxChB4M8HFpyb0Bpr6axpi+zmMIXt76noTOxFzKN"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245950075120998"},"policy":{"last_statistics_update":"13264663101006

C:\Users\user\AppData\Local\Google\Chrome\User Data\6a3f39b5-eec4-4f67-9165-1d24ee68ef19.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	92724
Entropy (8bit):	3.748556024810905
Encrypted:	false
SSDEEP:	384:nHdySsPZYMb21NKr/v+G3tGkZH0tGRYrzQSUxb5IIQbrD6xmvUzgq2WVOgEmNQS/:PmRxCEF9Qef8u0s/DWmKs2WBL
MD5:	4BB4A1B85D00742D58934905D3FA11C1
SHA1:	A6355E3D9278B1855ABC50C4B24CFB7F8B36B4F9
SHA-256:	E59FF1504F8CF195B712FB313A7441887A5A18723896A4C1D34551F0E022BA74
SHA-512:	D45DFC8C9F92D5DD41A6180B86D2F90AD70BEB1D0A4DDF8C2B22DA2A9EEE9EFFAABA81FB1CB5B856B79E52592398D36CC08AE1E068B8C402062AEA5378A08C64
Malicious:	false
Preview:	0j.................C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6......M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....98.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.

C:\Users\user\AppData\Local\Google\Chrome\User Data\8d69a971-6cf3-4978-87be-562abc79c264.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	362842
Entropy (8bit):	6.027999935623232
Encrypted:	false
SSDEEP:	6144:OEr/NOXs8Acx6ZaurE5/EDnJpAl9SeefNqWF4iVx/9LPeq/1LHm/dBA:V7NOxxzurRDn9nfNxF4ijZVtilBA
MD5:	C16A7107D1E5ACAA31D39EE76DB57DBA
SHA1:	FAADB117817F321FAB7DBAD4A829D1E93EBE4C7B
SHA-256:	2DC30FDA58DF3AC5ECA5C8D4090CCF06B4B53D29BAA7B72B8DF0FC0FDA0394A0
SHA-512:	206CEE8677EAC18184F626689E0EE4496B0769F58A2AF8B741BDCCB3E6AE9B0D4DEBD050616CE5E331A4C0BAAA8E40225722B0A0415447CB4EA73DAB3938A8C5
Malicious:	false
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620189504525977e+12,"network":1.620157107e+12,"ticks":181522551.0,"uncertainty":4884260.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABUPWY4cSyAQZRX3j8/SLmMAAAAAAIAAAAAABBmAAAAAQAAIAAAACC7lwCjByxIY/Ds1S6cdCxJW6iSr1QfjoKlVKoVEQ4EAAAAAA6AAAAAAgAAIAAAAD9PMfiGkWkdrfU+zeMpOLPS1eDxLpcgjYP2R/ndeCNxMAAAAK+RpovfP61NtB5nOpQgPMjPTyt2T1WPeru9i3yP05zNVEj0uCRDWfONruG9ricX1kAAAADB9KtQ9KY2z38GdfaF7dW2ZLcAMHOX2oEKBg8ZJG9lsuMexxChB4M8HFpyb0Bpr6axpi+zmMIXt76noTOxFzKN"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245950075120998"},"plugins":{"metadata":{"adobe-flash-player":{"disp

C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	120
Entropy (8bit):	3.3041625260016576
Encrypted:	false
SSDEEP:	3:FkXYDu6cR9iTXYDu6cR9iTXYDu6cR9n:+Y66cR4TXY66cR4TXY66cR9
MD5:	569FA64ACAA310B1DE1A6250CC7356B0
SHA1:	14251450C245F8612958BF94779E8B72AE6D6213
SHA-256:	AEE20ADEBF2D35EB8A39BE2DC391B0E5966EFCB4AFDC971BB3A18115C929F563
SHA-512:	850914A053EF541046B29260266C17FEFF2466A87784394F9AB3B565D2EA1E656F61F02BDB78F9F9676E90365F837F3709BCC0856B3B844256848F477250E0C7
Malicious:	false
Preview:	sdPC.....................8...?E."..N_.sdPC.....................8...?E."..N_.sdPC.....................8...?E."..N_.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1704ca54-9349-4cf0-ac97-9bff9f5ae3ef.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.871599185186076
Encrypted:	false
SSDEEP:	48:YXs2MHRzsoMHT5s0MHyKsTMHksrDys4Csb7synWsQItFsym6zs6zMHWLsZMH5YhV:+GDGTHGmGHDW1/nOIbmOGlGGhVD
MD5:	829D5654ADF098AD43036E24C47F2A94
SHA1:	506C8BA397509BA0357787950C538C1879047DF3
SHA-256:	4D0B852D18FCA5C1A712904CF6DB3811FB905E86D8A7508A2D42F9C8D68E2211
SHA-512:	D9B18E6B0AD1E8E4BECF9E84BBE30D64730CFEC2CBEAF96D5DF52E28B907B03EADF22F020FBE0A56D137A52F4F09798031BC6CA026CFA8A979A608B3445DBCAA
Malicious:	false
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248542600883925","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":40156},"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248542628822803","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":30856},"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248542600893104","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":25300},"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248542600872791","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":34789},"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"exp

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1984a2dc-ae2c-47d2-b86b-1bc5989b41e2.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	16745
Entropy (8bit):	5.577215528253041
Encrypted:	false
SSDEEP:	384:xoR3tTLlNWX01kXqKf/pUZNCgVLH2HfDkrUArmkt4L:6Llu01kXqKf/pUZNCgVLH2HfgrUAjtQ
MD5:	19F8614143649B9130190C32DD755010
SHA1:	ACEE0509D17EDFEB69BB6D1F472ED5673AC6FA2B
SHA-256:	A5B03875366D128D55E39F11302E2F1305647B06D923F93F42295EE449A52F30
SHA-512:	528D5C839213AE19B999939C19C7E2972FD43B745D0DA0C784CBB93F00C93C7D2C2D498B53F5B7459F9C2A1DC55D85CBDC016DDE74E84ACD108D7CFFE50C5D3B
Malicious:	false
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13264663101145506","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\22bba30f-fe97-4eab-abbd-83dfa1a134ca.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	22596
Entropy (8bit):	5.535873426089377
Encrypted:	false
SSDEEP:	384:xoR3tuLlNWX01kXqKf/pUZNCgVLH2HfDkrUZHGLnTEm1it4Ln:hLlu01kXqKf/pUZNCgVLH2HfgrU9GLnn
MD5:	45992FEFE6248B62934324C01004E325
SHA1:	39BBCBBCE7AA1E1FD6874027F2CF978E21E6A69F
SHA-256:	3014F3F90DCCC022A1C00CB8C1CE29ABD4108AD20E018CDD224F1817E471D18F
SHA-512:	E9529A9734CE16E0BB437F9A7130AE8E4A92B96C73190413B7D4DDF0A7BD86DCADF9A7D3B142EB512B8886E45BE0BE06183D8C5583C5F3389245B7F392C4891A
Malicious:	false
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13264663101145506","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3fc9083a-031d-414a-8ca4-0b0c0ec65718.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5709
Entropy (8bit):	5.186489807907654
Encrypted:	false
SSDEEP:	96:nGrF85lnfVup7uSVOJIk0JCKL8xkP11CybOTQVuwn:nGrefV5SqC4KWkPP
MD5:	E449FE2B83C569E0376ABDDAA623E168
SHA1:	4D8687538C0FE7AB409A734A5CA9B13F7D1E5594
SHA-256:	63658D1563C432148CA8ADD044056C51304E06E7CD6FD6691C31D493834984B3
SHA-512:	EF0B8F885331BD97D696513CF943795135FA87F51274F19F6A7408A974703234A140E19B559878B85A7BC5A630B4F3D49D7B27C5ECC3D4DE0BD33F3AD2DE03F3
Malicious:	false
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13264663101436525","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245950583260338","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245950640095768","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","1538886"],"daily_received_length":["0","0","0","0","0","0","0","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4a93eb66-30ba-4de3-8ea0-312ddb38039b.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	modified
Size (bytes):	2235
Entropy (8bit):	4.901730162778734
Encrypted:	false
SSDEEP:	48:Y2n6qtwTCXDHz5swRLssATsbr6p1sryKsb3zsWMH3YhbxD:JnxOTCXDHzDYc6pEO/GohVD
MD5:	194340CBBD0072F2ECDB85242F9DC73D
SHA1:	55A50767056E0DCB81D2C08143F32519248A1525
SHA-256:	9C840B1F390A130DE1FE82170583EA0609701122357225880AF42542206AD16C
SHA-512:	857C09C136B7CF60EC136A3F2E5D0343B2D925E6AACAC800DCA9C2CAD73A54521C9F4BE3C39757E9899D245FA277FAA9CBA6F1E215458A44C29D5B97150C1627
Malicious:	false
Preview:	{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://www.google.com","supports_spdy":true},{"isolation":[],"server":"https://fonts.googleapis.com","supports_spdy":true},{"isolation":[],"server":"https://ssl.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://www.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://fonts.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"isolation":[],"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13267255106266119","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://accounts.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13267255106345464","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://redirector.gvt1.com","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8ec71e31-c09d-44e3-9325-61cdb8256334.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:L:L
MD5:	5058F1AF8388633F609CADB75A75DC9D
SHA1:	3A52CE780950D4D969792A2559CD519D7EE8C727
SHA-256:	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
SHA-512:	0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
Malicious:	false
Preview:	.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	336
Entropy (8bit):	5.221496184163148
Encrypted:	false
SSDEEP:	6:mTOAq2P923iKKdK9RXXTZIFUtpeqZmwPet7kwO923iKKdK9RXX5LJ:qv45Kk7XT2FUtpP/PG75L5Kk7XVJ
MD5:	CB6F794EBE68DEAAFF2C09B818A0583C
SHA1:	A9C356FD3410C44984979FB712765EE1536C1A22
SHA-256:	1275286A72FF5474D3C5F1B1C0958771B3D60F4B6C666791786D6D08E83B2540
SHA-512:	DA0F5350AEC7D627A680026470BED27A612ED57184AAE45119450FE002764F9B1CF31D972DA1E1D120D6CB0E1D1D276AAB9D451F26662F187FAD29885945C7CA
Malicious:	false
Preview:	2021/05/04-21:38:35.419 1840 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2021/05/04-21:38:35.468 1840 Recovering log #3.2021/05/04-21:38:35.478 1840 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	320
Entropy (8bit):	5.188247620292106
Encrypted:	false
SSDEEP:	6:mTXOq2P923iKKdKyDZIFUtpebxhZmwPebakwO923iKKdKyJLJ:+Ov45Kk02FUtpih/P55L5KkWJ
MD5:	C8C19CC51BAC370A1F7969CC7D2F680B
SHA1:	078B9E8C5AED7D32F0EB2F7D0942A40EA17BE3B3
SHA-256:	ACA33F8B27FC3197DA9FA3013708AF9C15525EEF3C08C60AFEF65EF1D76DF24C
SHA-512:	FE436E2F95DFB7B0605E334B79F3C8AA61E9942F08FB4D4E73330B1601657091F621BA9CC8D8EB1F4E2E92D1811AC508E27700F69AB69CC2792754CD00ADEE6E
Malicious:	false
Preview:	2021/05/04-21:38:35.346 1840 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2021/05/04-21:38:35.351 1840 Recovering log #3.2021/05/04-21:38:35.352 1840 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	12288
Entropy (8bit):	1.3006771036344906
Encrypted:	false
SSDEEP:	24:TLyqJLbXaFpEO5bNmISHn06UwV/q9xqa0ZbOEikr7D0rzPS:TekLLOpEO5J/Kn7Uyq9xWZb2kn
MD5:	4D1388A02CCC5EC5DD3CAF5632A1ECAC
SHA1:	D1BB41B6D1A92CD76AECED42550604A1B058FB03
SHA-256:	845440E197FE113A6E2248A01C4200708A915F4060F5580B3D080D977F122D5F
SHA-512:	9D8E901A4508BFE617A35D725655A315DC2119B97FC9D397D9C5220B2D1871E2387F5258C3F60556AF65D4D80356F604507A2531F25CCDFC6FB4C99C9963CCFF
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	12836
Entropy (8bit):	0.9695656481849182
Encrypted:	false
SSDEEP:	24:BIL4rtEy8WRqLbJLbXaFpEO5bNmISHn06UwK8:BI+7q5LLOpEO5J/Kn7U58
MD5:	CB850731F58D110D3601BB0274D58807
SHA1:	8FF1CED0415560BFF1019B1E8392445B7D843A05
SHA-256:	DA35BB58CEB999C56DCF986295FC624399C49602239E803AF1A0C6277FE5ED8D
SHA-512:	8A2632CDC8F0A99264D15EDCE725D121F5D260187DB9B0E32EB83490802D29C6B10F0A3C18D79DB68D56FD2895C43C4CB295DE94798AD81A1102F29D87D6FD78
Malicious:	false
Preview:	...............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	1143
Entropy (8bit):	3.511622682669762
Encrypted:	false
SSDEEP:	24:34Sun/83ylrlCJc0kVxMPX/7Ee+uL4z0QMexEMP6lLlr:34vnkGxec0kwPX/p+a4zPTPORr
MD5:	65CAD1DE2494E106DE8625DCFFBE212B
SHA1:	2964CD0579B1A4EB52C9CB754FA9CED3949E3323
SHA-256:	4411ACF800B988497CE0B0C29C25C304E7E28FE95ED3C75EFFF2AEEFDBA25CEF
SHA-512:	00BE899BCF15C0743BC49AAC0E84353E374593BB0AE819867FD9E477A2494D1046A96F72C3100040C4AA840F84C4AA5BBFD94C0EB3DB778FED21F525CE4E70B6
Malicious:	false
Preview:	SNSS....................................................!.............................................1..,.......$...f0f9d329_37c1_44f9_9b8c_fae89f394cdc......................B..................................................................................5..0.......&...{2F4F8386-A58B-4B0C-A17B-2FAAF764E551}.......................................E...https://traffking.ru/square?utm_term=reflective+practice+template+nhs.......................................................h.......`.......................................................5......6......8.......P.......P...........................E...h.t.t.p.s.:././.t.r.a.f.f.k.i.n.g...r.u./.s.q.u.a.r.e.?.u.t.m._.t.e.r.m.=.r.e.f.l.e.c.t.i.v.e.+.p.r.a.c.t.i.c.e.+.t.e.m.p.l.a.t.e.+.n.h.s.......................................8.......0.......8..............?........................................................ ...............................................null....................E...https://traffking.ru/square?utm_term=reflective+pract

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	8
Entropy (8bit):	1.8112781244591325
Encrypted:	false
SSDEEP:	3:3Dtn:3h
MD5:	0686D6159557E1162D04C44240103333
SHA1:	053E9DB58E20A67D1E158E407094359BF61D0639
SHA-256:	3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
SHA-512:	884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
Malicious:	false
Preview:	SNSS....

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	183
Entropy (8bit):	4.267376444120917
Encrypted:	false
SSDEEP:	3:FQxlXayz/t2Hmwg0EOZL7Ao4uhFkEuRLKyC5Ei5+GgGg:qT5z/t2qoEwhXeLKBt
MD5:	7FA0F874EABF1EED31988230680AD210
SHA1:	E71B360F1E8D5C278A051AD03DFB9027ACCF38C3
SHA-256:	09E15F8939364145E710C314EBD93FD19BF60C2B6B20BF8023315D617B6B141B
SHA-512:	AF4C2E595AA0B1FD96474A0E73530B38BE5F2906B10BE1DEFC0A9221129A3E5BB8D0816777550863AD426C5C836ECA1F0C384986C2A1108E2E4CA20EF10A7824
Malicious:	false
Preview:	.f.5................i.Wd...............Sgdaefkejpgkiemlaofpalmlakkmbjdnl.declarative_rules.declarativeContent.onPageChanged.[]..F..................F..................F................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	322
Entropy (8bit):	5.204483480296538
Encrypted:	false
SSDEEP:	6:mT4l+q2P923iKKdK8aPrqIFUtpe4UZmwPe40VkwO923iKKdK8amLJ:Sv45KkL3FUtpK/P25L5KkQJ
MD5:	B19B5671F8D1A1E56F9C9649C4D119D3
SHA1:	F8C24F1E18D7616CD7CD26880DF1CFED4B165F7B
SHA-256:	9A5926CBD53207DCA86B1B2B881C6DBF884E8054FB1E3F791BF1525BC228E02C
SHA-512:	63518826A0EA578DC911D4513618546CA4C4F2FD7BC7A986ED3B2E72F7E5BA75A1651EF0D2F8D7D72FA575BB905B27656AB0AC734EE9EF8D6D744839226588A9
Malicious:	false
Preview:	2021/05/04-21:38:21.461 16d8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/05/04-21:38:21.462 16d8 Recovering log #3.2021/05/04-21:38:21.462 16d8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	627
Entropy (8bit):	1.8784775129881184
Encrypted:	false
SSDEEP:	12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW:
MD5:	9D7435EA49A80FDD66E4915F513017F9
SHA1:	469F6C6E4B19B85CC1BE497812B2F20864F4FF2C
SHA-256:	409D4C47E940688527D730B996E8991E010988C7671565467ED69D640D0947F3
SHA-512:	0561CD632D4219AEF4686DE40EC092921384CA89755D354801E0EAEC8645A8630A180807AF518AC8FCF01F71EB3D10FAA9CE1E62C7A7226A274975BDCB7EEB4C
Malicious:	false
Preview:	.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	322
Entropy (8bit):	5.189030036236107
Encrypted:	false
SSDEEP:	6:mTSq2P923iKKdK8NIFUtpexFa9ZmwPeDRFkwO923iKKdK8+eLJ:vv45KkpFUtp3/Ps5L5KkqJ
MD5:	D3B19CE65E9C83E417D9CEB1C2FC0A86
SHA1:	E0F56FAA6620997E38311F49492AC27E652A659C
SHA-256:	769425B8BB9CA58CB67C270D1EDE34EA33175380BAAE301ED607809BC4DE81FA
SHA-512:	482CB1A75ABE3BECB247712D4CE63BB05C6CCAEABDD87A0C09B8A2B1EE39BAA783A35FA4B419DCB2C7FC9087D76518C52DE8CE0256083F1B428FBA231550B4DB
Malicious:	false
Preview:	2021/05/04-21:38:23.815 1514 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/05/04-21:38:23.816 1514 Recovering log #3.2021/05/04-21:38:23.817 1514 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	11217
Entropy (8bit):	6.069602775336632
Encrypted:	false
SSDEEP:	192:GbylJnlTwGB7V9Hne4qasKxXItmLG48gcLg/PkI:Gb+nldByaFx4toj8VEPT
MD5:	90F880064A42B29CCFF51FE5425BF1A3
SHA1:	6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF
SHA-256:	965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
SHA-512:	D9CBFCD865356F19A57954F8FD952CAF3D31B354112766C41892D1EF40BD2533682D4EC3F4DA0E59A5397364F67A484B45091BA94E6C69ED18AB681403DFD3F3
Malicious:	false
Preview:	{"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAFMms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	11217
Entropy (8bit):	6.069602775336632
Encrypted:	false
SSDEEP:	192:GbylJnlTwGB7V9Hne4qasKxXItmLG48gcLg/PkI:Gb+nldByaFx4toj8VEPT
MD5:	90F880064A42B29CCFF51FE5425BF1A3
SHA1:	6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF
SHA-256:	965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
SHA-512:	D9CBFCD865356F19A57954F8FD952CAF3D31B354112766C41892D1EF40BD2533682D4EC3F4DA0E59A5397364F67A484B45091BA94E6C69ED18AB681403DFD3F3
Malicious:	false
Preview:	{"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAFMms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	23474
Entropy (8bit):	6.059847580419268
Encrypted:	false
SSDEEP:	384:7dNc1NC6IcafusK4H1IIGRlhKlkIALQWdynQh2RX4K6M1tVztzr7XSNyzH:7dOscSRKc1nGRSkIhEw6M1tf7SNyb
MD5:	6AE2135EA4583C2F06CDEBEA4AE70FA4
SHA1:	DCEB26C7F02D53B5F214305F4C75B4A33A79CDC2
SHA-256:	03AA1944CB3C4F39E20B6361571BC45DFBEBD3FFDA3D8F148CC6ECB29958F903
SHA-512:	B5945E67D9F73DD1982D687E5C6D9B5D6B3886C8050363A259755C76AC0F93651F3425FA7C21AA6A13977AC1C8C9322F998F131648CB8909096058D4F0D23312
Malicious:	false
Preview:	{"file_hashes":[{"block_hashes":["DOZdV3jFvk12AM2JNDYKo3KZrIVRprmJ+sVGWkqqE4Q=","rVElW3Hu3T52SzDDUqGT5YiJTBGUv2h3pNuBKFlhZ1U=","X/3fg4KZxgQ1jBr5QGq0F5JnflgE27UErd88mrxTcxs=","VibLbpy0ig+5INMOU71fTYN76iaka2XVpmm1qAKYsX8=","EChCwCbQHbHQ7oDdGT2qNyiRJ0yck2YC2emNGq4whtE="],"block_size":4096,"path":"_locales/iw/messages.json"},{"block_hashes":["xklkoZ7iSU1+7cd6DAtEmUC5lPFd+EgcbnzxkOiFwlk=","3KbsvoxKY/3AwqgF2aAdVQRpMhsNVRkQ3rx2A6Z2Z+Y=","o9+tsohquaCMj+70zeinRG/hBhA2uLoDl/WoC1uokME=","xV/K8xucyWJELVT8Cqn+ugFjobBVmg8pnmACF+2PP4Y=","p/mvJm2wuCl32Rx3it654MljKAsMe3S9IDEabc1A8mE=","j8mPrTb5oOsBTj2Fer78JE6xG6+kR64Cvu2SW8d3j/k=","nqSRpGQ3USU2bZJsZ+AzBmFOyann8omwJrhEWFZDTXc=","eTcQyJUuNuF9yCga/fXGyFCj/pysSceanhBzksdx23s=","Wj7faqnspelXKMvnduxHn1XUBG8TEOqyns7/oUihekM=","VtBwXoadI3EP336rAiL33Gz19KGqtN+RYdKnMKAXoLw=","iDgLXQqXJp8nCZxgLuC9LXM45DGfufvGnXvmHsn18wc=","g+RfdDfrWTUK0Pkcsbot7NJ4SC9wVRV/dVVMuHAtEj8=","2oC4HcCuXu3VjFf6wnKlznt9uqQNaebcuWpm/mWj69U=","aMUIpuFqPMiieSaWhIktCK62v2P3OZQAWupWsYzCnvk=","L

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	19
Entropy (8bit):	1.8784775129881184
Encrypted:	false
SSDEEP:	3:FQxlX:qT
MD5:	0407B455F23E3655661BA46A574CFCA4
SHA1:	855CB7CC8EAC30458B4207614D046CB09EE3A591
SHA-256:	AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
SHA-512:	3020F7C87DC5201589FA43E03B1591ED8BEB64523B37EB3736557F3AB7D654980FB42284115A69D91DE44204CEFAB751B60466C0EF677608467DE43D41BFB939
Malicious:	false
Preview:	.f.5...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	374
Entropy (8bit):	5.220401544194585
Encrypted:	false
SSDEEP:	6:mToq2P923iKKdK25+Xqx8chI+IFUtpeZ1ZmwPeRkwO923iKKdK25+Xqx8ch+/WLJ:hv45KkTXfchI3FUtpW/Pu5L5KkTXfchn
MD5:	C1CFDE34205758F06E1FCAA2C3A7B30A
SHA1:	F9CA7B66E8A0CEB685AFB8D0B00086F8C8746AA7
SHA-256:	9910CE66ED9993D0FA6E4B73DB125F368D2184C59FC62998D819331E7BC796A5
SHA-512:	413CA27F3E93295299C2B6EA71B3A2C9EE1B7F363353E80B24173FF06AB753C5050F4C26296133C8012265653F2ADAE9F77C33A5DCEBF6763A0C11725BA025F4
Malicious:	false
Preview:	2021/05/04-21:38:35.300 1840 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2021/05/04-21:38:35.302 1840 Recovering log #3.2021/05/04-21:38:35.306 1840 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	360
Entropy (8bit):	5.230772925665142
Encrypted:	false
SSDEEP:	6:mTjUq2P923iKKdK25+XuoIFUtpetFUdzZmwPexkwO923iKKdK25+XuxWLJ:tv45KkTXYFUtp6U1/PS5L5KkTXHJ
MD5:	89F9AF7B35C53B88B74390E43F092686
SHA1:	77F8E4DF22E096306E5CFEB4D9C90458F2D8CA9B
SHA-256:	BC524A0D4D82F02604B175CCF219BC910AA13865DBF19673416630BB5BAF9F8D
SHA-512:	148787DCF29E1D065909F842C5118571A30CD69C6F2595E4D32B98B0B65724AA2632155628D0BCCE72132394C90B360D6AD8DEC9D1E1BFE8336EE700D6DBC552
Malicious:	false
Preview:	2021/05/04-21:38:35.267 1840 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2021/05/04-21:38:35.268 1840 Recovering log #3.2021/05/04-21:38:35.269 1840 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	332
Entropy (8bit):	5.216624366369379
Encrypted:	false
SSDEEP:	6:mTmDq2P923iKKdKWT5g1IdqIFUtpeJZmwPe17kwO923iKKdKWT5g1I3ULJ:JDv45Kkg5gSRFUtp8/PC5L5Kkg5gS3SJ
MD5:	8F2B9EB9AF84854CD7CECDDD040D9A3B
SHA1:	C1318480EC4BDCB25B4B26CB8AB1848369B7CE1D
SHA-256:	3D2B9ADFF6B582EB798C31AB300C22BD9E503DDEA5F760D9CC5D815A593FD4F5
SHA-512:	5AAF0ABA8FB1BE898F4079DBAA63CEFE78DF12BE282B25582BB26603EE59795A3A6A47B4E31D96D6980AE796193D464B1AB5AB4869D47BE2F24AA9EFCEE1F5EE
Malicious:	false
Preview:	2021/05/04-21:38:35.186 1840 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2021/05/04-21:38:35.209 1840 Recovering log #3.2021/05/04-21:38:35.210 1840 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	8720
Entropy (8bit):	0.21916490374438005
Encrypted:	false
SSDEEP:	3:mPllilln3lljq7A/mhWJFuQ3yy7IOWUKBll9ol/dweytllrE9SFcTp4AGZVV9RUA:mPlSs75fOe4/d0Xi99pG/3
MD5:	C65A01A39B268F57BEF17B80CF55822B
SHA1:	4E428B83731C36AC848E71F02101191516218C1F
SHA-256:	A43F614E3B7ADFAA80C764E77EBE543B8B05959F0DD8511E7085A2B3B77F2A88
SHA-512:	DB965E07ADECF6A2B4A47786E78ED5AE94E5A2A7D89A3364C2AF74FCC6E51A22A7CD4DD439ED5D58D7ED5DC841025DAC328E48513F04363930E76F6C41E61095
Malicious:	false
Preview:	............/.#.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	2955
Entropy (8bit):	5.475654169114387
Encrypted:	false
SSDEEP:	48:bc4GXAwYLa7dLMh+8dbJV5spByLbQSefgGsNrS0U9RdiN9e:YThYLa7dLMhVdbJV5SByLbQ5fgGsrS0A
MD5:	5536E123249BFCEFA607D8D2E411C8BA
SHA1:	DC36B16A74449EDED022EE142A59E1D827E7B568
SHA-256:	32791262754DEDC51A0F3C074F716A8882DF12B4B74A750EC8ECC3C4D8544A6A
SHA-512:	F7BD7BEC0F2E9F1A832B3AED4E184144FE8BD50745B656B6E59E8251FE80B98EC8DAB280986F49B3ADFCE9D57C0FD2ED8F856787E1211461B8486960C4EDA9B7
Malicious:	false
Preview:	w.FY...*............8META:chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..............Y_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.HangoutSinkDiscoveryService;.{"cache":{"sinks":{},"g":{},"h":null},"manualHangouts":{}}.a_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.IdGenerator.cast.RequestIdGenerator..238125000.H_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.LogManager...["[2021-05-04 21:38:38.10][INFO][mr.Init] MR instance ID: 7292d652-dd55-4c6c-8231-2093a011d130\n","[2021-05-04 21:38:38.10][INFO][mr.Init] Native Cast MRP is disabled.\n","[2021-05-04 21:38:38.10][INFO][mr.Init] Native Mirroring Service is enabled.\n","[2021-05-04 21:38:38.10][INFO][mr.PersistentDataManager] removeTemporary_: 163 chars used\n","[2021-05-04 21:38:38.10][INFO][mr.PersistentDataManager] initialize: 163 chars used, 67 other chars\n","[2021-05-04 21:38:38.10][INFO][mr.CastProvider] Query enabled: true\n","[2021-05-04 21:38:38.10][INFO][mr.CloudProvider]

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	331
Entropy (8bit):	5.150619344873859
Encrypted:	false
SSDEEP:	6:mTGWq2P923iKKdK8a2jMGIFUtpeaZmwPeATkwO923iKKdK8a2jMmLJ:7Wv45Kk8EFUtp9/PN5L5Kk8bJ
MD5:	5A3F81690615A9E49F5AA61EB8C200E4
SHA1:	13BB74FFB13D4A2F6AC526BF9DC392F6079FBF5E
SHA-256:	AEB6F86DFA786C239B338F6BB44D35C799011596C958E3AFF55D3F5EAB4B98B9
SHA-512:	A81C6616592BB55BE910700F33525F265D736ACB90330CFFF37239654CA0FFDF90C518194AD2CD7A359822CA3EF326973606A7629977FBC1A2C6221C0F633928
Malicious:	false
Preview:	2021/05/04-21:38:21.226 d80 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/05/04-21:38:21.233 d80 Recovering log #3.2021/05/04-21:38:21.244 d80 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	336
Entropy (8bit):	5.165904031722438
Encrypted:	false
SSDEEP:	6:mT7934q2P923iKKdKgXz4rRIFUtpe7ExJZmwPe7/n3DkwO923iKKdKgXz4q8LJ:MIv45KkgXiuFUtpT/Psz5L5KkgX2J
MD5:	B8BC015BD8D80BDDAC4B2E4C75F8A989
SHA1:	AB27AA5B14C4547F000C4C1F24D42A9FEFB57EB8
SHA-256:	4F6B639D2EC10D4F7B4957EDF79E5E9AF777825558C6F5FE81C17385B933DD78
SHA-512:	0338469D3F548A925F21C3EBBBA2E713506C2CD507E116BF1D53257FE21F23D68FB1ED27C0B772C5F03278CFDC9DC38E459EBEEB45BBCA1ADB76BEE4F25BAE74
Malicious:	false
Preview:	2021/05/04-21:38:21.513 1540 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/05/04-21:38:21.518 1540 Recovering log #3.2021/05/04-21:38:21.519 1540 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	28672
Entropy (8bit):	0.9692823692710901
Encrypted:	false
SSDEEP:	48:TUIopK2rJNVr1GJmm8pF82phrJNVrdHX/cjrJN2yJ1n4n1GmhGUgZis6bCoTRsyl:wIElwQF8mpcSYN6tjqLF+ySnV1
MD5:	4BE4C838E4E4DE6D1E4C3E6F1EA4788D
SHA1:	B787A24CEF054EA1CBD1CA82A8B0309A74ADA085
SHA-256:	496F9536D1031CDA040B01E02FEE32AA274B6F4D3CBCEE20D8F3DB27D8AEA34C
SHA-512:	E8AD1EB139D7F4669AFAE2B5A7B5ECB753E126A6D97CB50BB0B0A226AE4416F4E29E20529940C3DD0D90941DA84486FA377A80BE3BF1A42DCEAD3CC22E67BC2B
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................C..........g...^.........j............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	29252
Entropy (8bit):	0.6282849498115335
Encrypted:	false
SSDEEP:	48:84qkIopK2rJNVr1GJmm8pF82phrJNVrdHX/cjrJN2yJ1n4n1GmhGUn4:84hIElwQF8mpcSs
MD5:	A98A2F8A8692A79315EB5AC11FC41DC3
SHA1:	3863DB43D33D81ED6161F8B16F8D6A0D100D4DA6
SHA-256:	37A5831CA65BE3D33827B8B616AD24DAC2E61C0F81162B0747AB205F63143E09
SHA-512:	B3D1819B50D318EBCDC701337A3C0828764C9D4B1E6EB2BF46F817B3C3B1F5CE817AF075FBCA25BC0AEDB92A8C6138F62CD0CEBE71CC49A1067642C57C75E8EE
Malicious:	false
Preview:	............f*&.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	114
Entropy (8bit):	1.9837406708828553
Encrypted:	false
SSDEEP:	3:5ljljljljljl:5ljljljljljl
MD5:	1B4FA89099996CE3C9E5A0A9768230E8
SHA1:	9026E1E0906E3B3FE0E414EE814CC5A042807A04
SHA-256:	537818AAFD0902A8B2D58B483674391E33E762B5E1E8CD226D873098CCE9C8F9
SHA-512:	4279C9380ACC5AB329EC6BCDA10CCF0A7437CEF63845B63E741CE517042CFE83340D2D362DD6B9E039BF55E61F484CCF72B8FD8477D1D0292E0B879CB949461B
Malicious:	false
Preview:	..&f.................&f.................&f.................&f.................&f.................&f...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	322
Entropy (8bit):	5.177189599495799
Encrypted:	false
SSDEEP:	6:mTpat+q2P923iKKdKrQMxIFUtpep5ZmwPeDKLVkwO923iKKdKrQMFLJ:kv45KkCFUtpy/PWKR5L5KktJ
MD5:	2832A25FA38A5BB2C3C3251CB962D954
SHA1:	D607EEE7956D8FEB894ED3E557B48F0E56C5594C
SHA-256:	8C61EB3CBD139BF02118B04FE76C000F76E2B521E1708201B2DFC5DC924F52BE
SHA-512:	4C4A5B9A76935CC04A2C9DCCA860CB9B4425ADB7B7AD65326D6533BB65C3BDA202AFB8E98989B602883B4AA943C431781976A60A31D4DA3BA77403F6648F8C2A
Malicious:	false
Preview:	2021/05/04-21:38:21.434 16d8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/05/04-21:38:21.435 16d8 Recovering log #3.2021/05/04-21:38:21.436 16d8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	350
Entropy (8bit):	5.136479081115454
Encrypted:	false
SSDEEP:	6:mT/Tq2P923iKKdK7Uh2ghZIFUtpe/V9ZmwPe/EkwO923iKKdK7Uh2gnLJ:2v45KkIhHh2FUtp69/PX5L5KkIhHLJ
MD5:	89C13CB4CCFC1B679EEFFB316932CCCC
SHA1:	B582AC2AA0A97E758AC35F754A1C7D8224DCC2DF
SHA-256:	BB8DB94FC0E50235F3AB3A00528CE09C5DA6BF0117F0A6B61AECA7D594652C52
SHA-512:	D0CB22A05C9FBFB54C9CAA3FB9B3E31BD553EA70091068529DD2D51ACF797D4F93DF1B0B97492A30B58A95AF443748C781BCC4C6584B3498CD12877205D91E1C
Malicious:	false
Preview:	2021/05/04-21:38:21.142 1514 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/05/04-21:38:21.152 1514 Recovering log #3.2021/05/04-21:38:21.166 1514 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\10b9cad4-7dff-4d1c-b1c2-32538d1f314b.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	325
Entropy (8bit):	4.956993026220225
Encrypted:	false
SSDEEP:	6:YHpoNXR8+eq7JdV5rAcJksDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdVAsBdLJlyH7E4f3K33y
MD5:	0C03D530AC97788D62D27B2802C34D83
SHA1:	20F78B6B32D98FA52846C70DF78E4E5CEF663E2D
SHA-256:	7941FADA9867DAAE08EBC196BAFC6952DD506842C3E7D8FB14DF9D4E402D894B
SHA-512:	D5905C124060997A14322D12DECE5C00C63F7174743C740C974D00E88B03F203909CC2AC972B2759E8087B0B10F6306C6E66BF853319B5AC96907F34C8456C80
Malicious:	false
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248542588505091","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	296
Entropy (8bit):	0.19535324365485862
Encrypted:	false
SSDEEP:	3:8E:8
MD5:	C4DF0FB10C4332150B2C336396CE1B66
SHA1:	780A76E101DE3DE2E68D23E64AB1A44D47A73207
SHA-256:	18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
SHA-512:	51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
Malicious:	false
Preview:	.'..(...................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	432
Entropy (8bit):	5.2583291615259755
Encrypted:	false
SSDEEP:	6:mTo4q2P923iKKdKusNpV/2jMGIFUtpe0JZmwPevNDkwO923iKKdKusNpV/2jMmLJ:+v45KkFFUtpj/P+5L5KkOJ
MD5:	760C4E1F5525DF28C40E22F8DDBF15E0
SHA1:	59047565B9B44E6A9445930BB63246BD53EDA87A
SHA-256:	7099A63BD9004F4BF947AD05CB7D88B20493535BF6AD5E5F32E850359773094A
SHA-512:	8B2A870E4A9CB6D1A0C840AA8E6A585D79693B6210C5FE4106A08D216922EC72D89997634621A49F3FD68B1D36A6EEEA2C5DE7A2ABD1B3C4CF584BEA75911FDE
Malicious:	false
Preview:	2021/05/04-21:38:21.473 1540 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/05/04-21:38:21.477 1540 Recovering log #3.2021/05/04-21:38:21.478 1540 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	434
Entropy (8bit):	5.266933286641677
Encrypted:	false
SSDEEP:	6:mT7EO3+q2P923iKKdKusNpqz4rRIFUtpe7scZmwPe7scVkwO923iKKdKusNpqz4n:jv45KkmiuFUtpRc/PRc5L5Kkm2J
MD5:	C5E0BF6160FA6ABDD167B4C6E680B022
SHA1:	DE91275EDBB565E92C8DEBEEDEB40A2E89BAF079
SHA-256:	C764F55FA33454764B874B6BF675EB95C07DC745F5E9E5415524D3D7B8F76560
SHA-512:	051213EDD7BD7BA94102896E177F548ADE78318BBD23E0FE285EE7BD5A92B85CA22404C7321D8031513F8E5B4D68D68167379C8B71887DA50FA19C748FE34E84
Malicious:	false
Preview:	2021/05/04-21:38:21.518 16f8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/05/04-21:38:21.521 16f8 Recovering log #3.2021/05/04-21:38:21.521 16f8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	19
Entropy (8bit):	1.9837406708828553
Encrypted:	false
SSDEEP:	3:5l:5l
MD5:	E556F26DF3E95C19DBAECA8F5DF0C341
SHA1:	247A89F0557FC3666B5173833DB198B188F3AA2E
SHA-256:	B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
SHA-512:	055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
Malicious:	false
Preview:	..&f...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	420
Entropy (8bit):	5.302178064293459
Encrypted:	false
SSDEEP:	6:mTbR+q2P923iKKdKusNpZQMxIFUtpenZmwPe2tVkwO923iKKdKusNpZQMFLJ:Jv45KkMFUtpu/PZ5L5KkTJ
MD5:	6E3AC55FA230FDF0C9F4F81A89E6E8F4
SHA1:	33E7A15833D85C4A945B52DD0DCE6F46753EFCF3
SHA-256:	B896E5C3F0CB7AA8D801F9525D913E2E7F77B9D9F6B49184E16D6B2829BEA07C
SHA-512:	818A1CCAAAB78A40D2940CA3AC278A06C58D89051E828282AE69214ECF4694BD250654098DFCD3096EF7DA7243775DABD879DBC01DAAB8D8C7A49497671A394D
Malicious:	false
Preview:	2021/05/04-21:38:37.931 16f8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/MANIFEST-000001.2021/05/04-21:38:37.933 16f8 Recovering log #3.2021/05/04-21:38:37.934 16f8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	592
Entropy (8bit):	0.19535324365485862
Encrypted:	false
SSDEEP:	3:8E8E:8N
MD5:	B505641E5E90B7CF4BC869DD1B4BE451
SHA1:	0EC7B13DC043E054AB48B8F45FE49EF1209C01AA
SHA-256:	2755F85F14CF33404CEEBF053D0CB79DC3B98D643A51075737E6A5BE154FE1D9
SHA-512:	610AF095630C93B0586F4D9CA84FA75454C472C557D4FDBC0D5C1851F9AABF8653079A7ADE4659ABADDEDC2E02E58AD13C7244CD004B0AA5A462307F293F83A3
Malicious:	false
Preview:	.'..(....................................................................................................................................................................................................................................................................................................'..(...................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	432
Entropy (8bit):	5.2318762995659505
Encrypted:	false
SSDEEP:	12:vyv45KkkGHArBFUtpBm/PsZR5L5KkkGHAryJ:vY45KkkGgPgLPZDL5KkkGga
MD5:	1CCCAEC205F9CEABD1647205DAF860C4
SHA1:	59A3DDF4AB0ABCD2C81794D44892C735CEF80C1F
SHA-256:	C617D691F34972FD8F66B21F1E21FE36D55E2F67494126F100BE835EBA09666D
SHA-512:	EF8DC72E627520C2F764E57C5096D7535D8DDC3AB706995DDF3BAB1E715DC09C791FFED70E9C7CDFF1839BC5D35947C5351B732E6DC3F4ABA43E3DA9844B0671
Malicious:	false
Preview:	2021/05/04-21:38:35.749 15c4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/MANIFEST-000001.2021/05/04-21:38:35.762 15c4 Recovering log #3.2021/05/04-21:38:35.777 15c4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	434
Entropy (8bit):	5.260569895712682
Encrypted:	false
SSDEEP:	12:2v45KkkGHArqiuFUtp//Ps35L5KkkGHArq2J:U45KkkGgCgqpL5KkkGg7
MD5:	7246DC3F5C29A8A7B72970A938BE5E76
SHA1:	FC4A1934415535E1EEA05AAD4E19BD2536B58EA3
SHA-256:	A5E256B846E7A5E38722E48A8B212C692EE8B9053A9CE07723CCC7DA23DB3846
SHA-512:	187462C5195563EA2AA04D9965D8338E65906D6D41D172D613B799FADEB068F1ECC49E01B3FC1373BD1FCD6C57DBB54CC3F82EA4CBC344C07D4FD5F09E071036
Malicious:	false
Preview:	2021/05/04-21:38:35.749 16f8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/MANIFEST-000001.2021/05/04-21:38:35.763 16f8 Recovering log #3.2021/05/04-21:38:35.777 16f8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	38
Entropy (8bit):	1.9837406708828553
Encrypted:	false
SSDEEP:	3:5ljl:5ljl
MD5:	E9C694B34731BF91073CF432768A9C44
SHA1:	861F5A99AD9EF017106CA6826EFE42413CDA1A0E
SHA-256:	01C766E2C0228436212045FA98D970A0AD1F1F73ABAA6A26E97C6639A4950D85
SHA-512:	2A359571C4326559459C881CBA4FF4FA9F312F6A7C2955B120B907430B700EA6FD42A48FBB3CC9F0CA2950D114DF036D1BB3B0618D137A36EBAAA17092FE5F01
Malicious:	false
Preview:	..&f.................&f...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	420
Entropy (8bit):	5.214368138244304
Encrypted:	false
SSDEEP:	12:nv45KkkGHArAFUtpV5/PdcDT5L5KkkGHArfJ:v45KkkGgkgfLcL5KkkGgV
MD5:	9B543DA0E42C6BBF12B8BBE6034BAC74
SHA1:	70E3679F8CEC7E1E546A1CB5C3786B8BA6D5552E
SHA-256:	EA19A9B963E80CA50843ECC6C7C0A99F1EFF36495760B6B0DC4FA3F85536BE8A
SHA-512:	6B25BB0EF3848410CC38834B382259C92062397F4D0337321645B3C9D9770C5627EFB95D1A7FE06C67909AE5624CC0EF8FBC81C6CD24068A8DE9EBE5FEBBE233
Malicious:	false
Preview:	2021/05/04-21:38:51.384 16f8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/MANIFEST-000001.2021/05/04-21:38:51.390 16f8 Recovering log #3.2021/05/04-21:38:51.391 16f8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\ed8954d8-3f2b-4e1b-b29d-f26f5a04eaca.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	325
Entropy (8bit):	4.976576189225149
Encrypted:	false
SSDEEP:	6:YHpoNXR8+eq7JdV5OV/sDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdysBdLJlyH7E4f3K33y
MD5:	5886A009EB58EE06A16EFD6D1BA9A046
SHA1:	A867B5052F3FBB811693DF8CE3FDAA794F2F2E40
SHA-256:	9E3392126DE2D81D019E0AB3E17F20BADD0EC9FBD944BCB7C4DAF449D937D496
SHA-512:	D24F30A2E35F903AC10AACC4425C58BECB1C6BE2BA30A3C2B9D9D46CE04914AA71F55B3B16ED89081AD65A7090C77F5DC4A258B7B98D71E6A994D176536FBB27
Malicious:	false
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248542597817103","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	38
Entropy (8bit):	1.9837406708828553
Encrypted:	false
SSDEEP:	3:sgGg:st
MD5:	45A8ECA4E5C4A6B1395080C1B728B6C9
SHA1:	8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E
SHA-256:	DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
SHA-512:	8EE91A3A1E77459273553F6A776C423A8EE95DB9DCFA897771814B7AD13FD84F06BB2B859F22B6DDA384B39EAA91F1819F170BABED6DA16BDBCF5BCB06CF2124
Malicious:	false
Preview:	..F..................F................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	326
Entropy (8bit):	5.200249651630065
Encrypted:	false
SSDEEP:	6:mT/bWM+q2P923iKKdKpIFUtpe/zSz1ZmwPe/GWMVkwO923iKKdKa/WLJ:CL+v45KkmFUtpQSZ/P7LV5L5KkaUJ
MD5:	1190E9CD8C76FCEC38F85E6B5EC31EB9
SHA1:	169DFB0D486D972953F47DFE56A09F9F12BC2BC6
SHA-256:	07D45AF7A6516D21C6CFFDE1714A8BBBAC6A3A64122751F5EFE09821738A2351
SHA-512:	2B3D545106CE62C16C1231203D61ADD93ABCD2567451F0EC4B052C041D4505A50AFBBDA32CD0E5BC3E82D070A015CB7B27CCEDA5D7C3F3ED22435B2D6CE06936
Malicious:	false
Preview:	2021/05/04-21:38:21.150 14ac Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/05/04-21:38:21.166 14ac Recovering log #3.2021/05/04-21:38:21.175 14ac Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	404
Entropy (8bit):	5.325630840845407
Encrypted:	false
SSDEEP:	6:mTIVR+q2P923iKKdKks8Y5JKKhdIFUtpeIJZmwPeI9VkwO923iKKdKks8Y5JKKTd:3Vcv45KkkOrsFUtpHJ/PHD5L5KkkOrzJ
MD5:	B22631AF87065105FE9D0D6273C57957
SHA1:	F3FC031F05736275B5839E14D41813E5F52808F1
SHA-256:	7C4633B4028BFA29E0964F5CDD8348DA5F55BBCBAF6E69228ABF9F5C2BB1D8AF
SHA-512:	347E82A754B9A0106AA4B6EED417210AF5E61530391AD323065E7F8E6A856E59A723147DBB96BC914EC7397C8E6DC7661F41E82EF64151DCE7DE585709853979
Malicious:	false
Preview:	2021/05/04-21:38:38.076 16f8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/MANIFEST-000001.2021/05/04-21:38:38.078 16f8 Recovering log #3.2021/05/04-21:38:38.078 16f8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\Chrome Web Store Payments.ico.md5 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	16
Entropy (8bit):	4.0
Encrypted:	false
SSDEEP:	3:SeFcn:Sec
MD5:	61B979ECA159ECAC9C7F8F1D6FD43E9D
SHA1:	0373696351FC2172E811DA8393DEC84036FA34A0
SHA-256:	AB05E0A6FF7E8FFF89F924B279D93AFC72ACCE817C4D250C60BB8059CC534303
SHA-512:	C95825DA33CBDDFA627D9FF9A5B8371BC5F4E643A09573B6E1E839A83B619F53D878C344030B9701DCBC24D4CECCC016CF4D298D10EE8C37D1B5FEC1A51682B6
Malicious:	false
Preview:	F......r...(R..

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\b5a8ecfe-7314-4317-b824-5b7b7b4e9fc4.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
Category:	dropped
Size (bytes):	175509
Entropy (8bit):	5.489440694064333
Encrypted:	false
SSDEEP:	1536:rKbsLAR2A4VBQV1111111111111Nr366R6faFR+up0y0y2im1OsFcgYzQNL9X:rKbsLAR2fe/FZntrslfX
MD5:	33EABC19FDF40F3D36B6870EF5861957
SHA1:	CF3EF59C3940B58C314E9F6A1616751553F2D9A2
SHA-256:	647D07F37554672865902B2CEE80864B5A5283C372C7263BB1497D5582054E57
SHA-512:	47CFEDB1FDBC9BC09905C70F69A5114C64A8FC791BCA480D24972275276F00CEB230C579B4217337F9C69ECB2AB3221A3B549F06E8074D76BCE2F31773FB69F5
Malicious:	false
Preview:	............ .H............. ............... .p............. .h...n......... ............... ......... .... .....n...((.... .h.......00.... ..%..~H..@@.... .(B..&n..``.... .....N......... .(....D........ .w`...M..(............. ..............................+.O-8&]P>/^Q?-^&:?I.1;<....qye.f.%.......X...E.....I...k}....{.m.t.CP..........E...\...............=H..,A..,J..;P......................................................................................nnp}nnp}........~~~........!...!---2---2... ........................................(............. ................................!...7.#.:3,";3,!<.&'/............NPLYt.F.K.%.....L..C.....1...`...KOPVutz}..A.BxX.......P...Q.....1...x...tqpyxuux...0D..DP..........G...........uojuppnw....t\|..9F..-=..+:..5:..rr......llkrkkmw................................ggitllkv................................hhgssss~............YY\eYY[e............nnnzXXXa.............................RRR\..........................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ca1cee88-2646-4171-b683-d27ad9a2c281.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	22595
Entropy (8bit):	5.535910381681179
Encrypted:	false
SSDEEP:	384:xoR3tuLlNWX01kXqKf/pUZNCgVLH2HfDkrUZHGunTEmqt4u:hLlu01kXqKf/pUZNCgVLH2HfgrU9Gun8
MD5:	B9E94FFE0CE8DC46AA3C85763A55B3F1
SHA1:	8B4B186A02D0F1D3D2EA013AEA655E26EC91D77A
SHA-256:	1BD157C48A82CC6BF3D549D3DC30D91B6F3A131EBD786FD9D56BE1890978F179
SHA-512:	6EC6C306A63844E47F8E83A38E3A8D5DBBF1732FD49C0D2627B9D20032E75DD42AED37A5801802A8780FEC047DAAEB622861FE83A9747D2E05E6758345350BD4
Malicious:	false
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13264663101145506","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	16
Entropy (8bit):	3.2743974703476995
Encrypted:	false
SSDEEP:	3:1sjgWIV//Rv:1qIFJ
MD5:	6752A1D65B201C13B62EA44016EB221F
SHA1:	58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B
SHA-256:	0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
SHA-512:	9CFD838D3FB570B44FC3461623AB2296123404C6C8F576B0DE0AABD9A6020840D4C9125EB679ED384170DBCAAC2FA30DC7FA9EE5B77D6DF7C344A0AA030E0389
Malicious:	false
Preview:	MANIFEST-000004.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	139
Entropy (8bit):	4.466711622844021
Encrypted:	false
SSDEEP:	3:tUKDRIXUifQN/XZmwv39RIXUifTVUQVvJ1V8s9RIXUifTVUQVvJ1WGv:mTC/XZmwPebVUQVvjVvebVUQVvjtv
MD5:	393D5C587B24A16B9EC0FC9230B51D72
SHA1:	47E4C9DE216F7B24B216BD342E80C117F73F2A76
SHA-256:	D5DCF073C3DDD2E9C9FD61031618E82FE8D23B4F0EA12C36B2344A4083CD3E2D
SHA-512:	326F4E4B5E5544C82E29CB8C7E31AD9F6E09556B8955B0DCD802291C0976BEE4D9C3157DC626704175D1B59DA25A1870E5037BA0DC185E820E1617E151A17A69
Malicious:	false
Preview:	2021/05/04-21:38:34.794 1500 Recovering log #3.2021/05/04-21:38:34.942 1500 Delete type=0 #3.2021/05/04-21:38:34.942 1500 Delete type=3 #2.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MPEG-4 LOAS
Category:	dropped
Size (bytes):	50
Entropy (8bit):	5.028758439731456
Encrypted:	false
SSDEEP:	3:Ukk/vxQRDKIVmt+8jzn:oO7t8n
MD5:	031D6D1E28FE41A9BDCBD8A21DA92DF1
SHA1:	38CEE81CB035A60A23D6E045E5D72116F2A58683
SHA-256:	B51BC53F3C43A5B800A723623C4E56A836367D6E2787C57D71184DF5D24151DA
SHA-512:	E994CD3A8EE3E3CF6304C33DF5B7D6CC8207E0C08D568925AFA9D46D42F6F1A5BDD7261F0FD1FCDF4DF1A173EF4E159EE1DE8125E54EFEE488A1220CE85AF904
Malicious:	false
Preview:	V........leveldb.BytewiseComparator...#...........

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ed5d6151-0d60-484f-90d7-800486bfe018.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	874
Entropy (8bit):	5.552952881494632
Encrypted:	false
SSDEEP:	24:YT6H0UhHPkG1KUe9aUeCBcRb7wUuQzBRUeIQ:YT6UUhvDKUeAUeCBAwUVUeh
MD5:	45C89F6483F11A11D31DD6876A2DA4E2
SHA1:	3C3C859C40B4085B255350D58370A5989329E64F
SHA-256:	31C7EE26F1865E58D59BE6D7CD7056C0642679ACC8C9F0F3EDAA965F64C7D405
SHA-512:	070D3ED9D145518BBD4C4923BF98CECD727A71C5DF6CFD813A8A0B1A50C79836CC7D03F9C7D154480F1157411B60B58BCF31B81179A853286D5876AD09A4B4AC
Malicious:	false
Preview:	{"expect_ct":[],"sts":[{"expiry":1633013028.822833,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601477028.822838},{"expiry":1633013028.743725,"host":"nAuqgR4iEWti7SOdT3UHPl6rmZU/DeaIm38P2O2OkgA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601477028.743728},{"expiry":1633013040.850112,"host":"5EdUoB7YUY9zZV+2DkgVXgho8WUvp+D+6KpeUOhNQIM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601477040.850115},{"expiry":1651725506.266218,"host":"8/RrMmQlCD2Gsp14wUCE1P8r7B2C5+yE0+g79IPyRsc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1620189506.266222},{"expiry":1633013028.952627,"host":"+ccWXqaoHJ9hfuXbleKV6FQUrBlyXAJ31BdqjNQJpHs=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601477028.95263}],"version":2}

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f6521908-2c4e-411a-b23c-a3f6481e054e.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5619
Entropy (8bit):	5.183368202704861
Encrypted:	false
SSDEEP:	96:nGrF8olnfVup7uSVOJIk0JCKL8xkP11GbOTQVuwn:nGr1fV5SqC4KWkPk
MD5:	E378D877D4417405BED98D42C5DC1F1A
SHA1:	2A61103B0B004B4F4E45596E93B6E74127A511DA
SHA-256:	2D55AB05B1847A6A75D1E4DE44A25E2F8DF9B51EF9CB7726ED579BAE2E33CE7C
SHA-512:	D7804FCEF59C590423A7F87BB5AC0B980F1E4085E5C1939091ABB06289E6C82CE641120D62966D52228F0E10D7768F9968B03455C294D6EF7BA284D4889F9139
Malicious:	false
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13264663101436525","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245950583260338","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245950640095768","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","1538886"],"daily_received_length":["0","0","0","0","0","0","0","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fa27fcb2-2537-4f8a-82f2-aecdcf05d6ed.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5022
Entropy (8bit):	4.965040570599417
Encrypted:	false
SSDEEP:	96:nGrF8oGfpSVOJIk0JCKL8xkP11GbOTQVuwn:nGr2fpSqC4KWkPk
MD5:	A309A74ED1BB8B6C7F2C9DE10B7B9019
SHA1:	E20AED1F7E0D853180612EE4E0223D77F2FDD56D
SHA-256:	254FB267DF155D027116A428F3B437966A6E1CF56AA4FF3AD74CE0A0BFEBEF04
SHA-512:	90C090EF60563B19C3DD5FB3FB7303B6F21874BE8E9B8BA62E12E1CFBAF72E3352A1D05DF432EF0B98CBA933FF3E996A17706F7D8E023F2126408844F44BA823
Malicious:	false
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13264663101436525","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245950583260338","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245950640095768","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","1538886"],"daily_received_length":["0","0","0","0","0","0","0","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fa6d6a80-d129-4b65-9faf-0bbdec545827.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	24055
Entropy (8bit):	5.53366702616242
Encrypted:	false
SSDEEP:	384:xoR3tuLlNWX01kXqKf/pUZNCgVLH2HfDkrUoHGBHGBnTEmbt4I:hLlu01kXqKf/pUZNCgVLH2HfgrUcG1Gj
MD5:	32761058C8F9E7DB5F3410724855C720
SHA1:	DDEF4F6A501FDEFCA60A24E412B18A51D9EDB34C
SHA-256:	A8D7A927AA137EE890797F26E83F6A203195D1B24CAA7A52258AE72164AA3F7A
SHA-512:	A848AA06EB747F0A6CA785EFA9E6C45CF1298D2DDD49997AC6DF2C7279377DE35AFC5E22858F2CA65E4A91DFBD6CAE123BDB2CF7618A4B47BB10AF1E8424FBCE
Malicious:	false
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13264663101145506","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	337
Entropy (8bit):	5.219639904657454
Encrypted:	false
SSDEEP:	6:mTEq2P923iKKdKfrzAdIFUtpeFcZmwPeFckwO923iKKdKfrzILJ:bv45Kk9FUtpKc/PKc5L5Kk2J
MD5:	E4B308B60CE071A13D9FE0706A0F95A9
SHA1:	7A1F22707B8A36E1AC6E9228FE7F8EADED5391C5
SHA-256:	D25AC3FB0C8D7063FDEF9654CC5FBDA6857BEEE7E2B64F8DE27E6240D6E5E643
SHA-512:	90BE2749B48C94468518291D1595A0270B4F504945A328FE66E2743DBC2F8E6677255553B4CFF0F1DFD589FFF2A3ACAEF3FAB466262DF89CC0CF4F23C4949077
Malicious:	false
Preview:	2021/05/04-21:38:35.609 c40 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2021/05/04-21:38:35.611 c40 Recovering log #3.2021/05/04-21:38:35.611 c40 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	106
Entropy (8bit):	3.138546519832722
Encrypted:	false
SSDEEP:	3:tbloIlrJ5ldQxl7aXVdJiG6R0RlAl:tbdlrnQxZaHIGi0R6l
MD5:	DE9EF0C5BCC012A3A1131988DEE272D8
SHA1:	FA9CCBDC969AC9E1474FCE773234B28D50951CD8
SHA-256:	3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
SHA-512:	CEA946EBEADFE6BE65E33EDFF6C68953A84EC2E2410884E12F406CAC1E6C8A0793180433A7EF7CE097B24EA78A1FDBB4E3B3D9CDF1A827AB6FF5605DA3691724
Malicious:	false
Preview:	C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	13
Entropy (8bit):	2.8150724101159437
Encrypted:	false
SSDEEP:	3:Yx7:4
MD5:	C422F72BA41F662A919ED0B70E5C3289
SHA1:	AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632
SHA-256:	02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
SHA-512:	86010ED2B2EEBDCC5A8A076B37703669C294C6D1BFAAEA963E26A9C94B81B4C53EC765D9425E5B616159C43923F800A891F9B903659575DF02F8845521F8DC46
Malicious:	false
Preview:	85.0.4183.121

C:\Users\user\AppData\Local\Google\Chrome\User Data\a40ff550-3ee6-43bb-b91f-d73c23c5f402.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	359271
Entropy (8bit):	6.015429440290693
Encrypted:	false
SSDEEP:	6144:lEr/NOXs8Acx6ZaurE5/EDnJpAl9SeefNqWF4iVx/9LPeq/1LHm/dBA:q7NOxxzurRDn9nfNxF4ijZVtilBA
MD5:	81DD776C6694ABA4B9EAA2AF54DBD210
SHA1:	A704E0C126A139CEA8F6533DED35486B11ED124A
SHA-256:	249887E1B4EDD73E6DE42C9E6861C7C68558496190AE4A9751EF71623C792B9D
SHA-512:	C51D8FE4054493E1DF4319DC6945F7B514C9A124FE43381AA04775181897A003B857BBCFE6DC180D08C65CD7C050F02CF15D7F40AB3471E2C10259BA162AA08D
Malicious:	false
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620189504525977e+12,"network":1.620157107e+12,"ticks":181522551.0,"uncertainty":4884260.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABUPWY4cSyAQZRX3j8/SLmMAAAAAAIAAAAAABBmAAAAAQAAIAAAACC7lwCjByxIY/Ds1S6cdCxJW6iSr1QfjoKlVKoVEQ4EAAAAAA6AAAAAAgAAIAAAAD9PMfiGkWkdrfU+zeMpOLPS1eDxLpcgjYP2R/ndeCNxMAAAAK+RpovfP61NtB5nOpQgPMjPTyt2T1WPeru9i3yP05zNVEj0uCRDWfONruG9ricX1kAAAADB9KtQ9KY2z38GdfaF7dW2ZLcAMHOX2oEKBg8ZJG9lsuMexxChB4M8HFpyb0Bpr6axpi+zmMIXt76noTOxFzKN"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245950075265799"},"policy":{"last_statistics_update":"13264663101006

C:\Users\user\AppData\Local\Google\Chrome\User Data\f73a47cd-912c-4b81-a68d-6f838ad87f0a.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	359271
Entropy (8bit):	6.01542917681747
Encrypted:	false
SSDEEP:	6144:rEr/NOXs8Acx6ZaurE5/EDnJpAl9SeefNqWF4iVx/9LPeq/1LHm/dBA:o7NOxxzurRDn9nfNxF4ijZVtilBA
MD5:	90152FED4C842CF980C2CF33AC15B791
SHA1:	342D8BE3468B096F243F0CB78943AECEC2076780
SHA-256:	0DEABE5830C23D08779E44F75BAD5A21C1C26418B76AC0C47865895EC6AA038F
SHA-512:	585CAC47BE16E6EF0751C7BBBAA0CF58C01BD27C27F969B1FDA983F65EF68332C7043E73AF471E8E71FCACFFEE81D5B9C5232A414075A68D97FAA2686CA36237
Malicious:	false
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.620189504525977e+12,"network":1.620157107e+12,"ticks":181522551.0,"uncertainty":4884260.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABUPWY4cSyAQZRX3j8/SLmMAAAAAAIAAAAAABBmAAAAAQAAIAAAACC7lwCjByxIY/Ds1S6cdCxJW6iSr1QfjoKlVKoVEQ4EAAAAAA6AAAAAAgAAIAAAAD9PMfiGkWkdrfU+zeMpOLPS1eDxLpcgjYP2R/ndeCNxMAAAAK+RpovfP61NtB5nOpQgPMjPTyt2T1WPeru9i3yP05zNVEj0uCRDWfONruG9ricX1kAAAADB9KtQ9KY2z38GdfaF7dW2ZLcAMHOX2oEKBg8ZJG9lsuMexxChB4M8HFpyb0Bpr6axpi+zmMIXt76noTOxFzKN"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245950075265799"},"policy":{"last_statistics_update":"13264663101006

C:\Users\user\AppData\Local\Temp\0e2af63c-5c7c-441f-834a-07958c449341.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:L:L
MD5:	5058F1AF8388633F609CADB75A75DC9D
SHA1:	3A52CE780950D4D969792A2559CD519D7EE8C727
SHA-256:	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
SHA-512:	0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
Malicious:	false
Preview:	.

C:\Users\user\AppData\Local\Temp\31ee3490-1c20-4cae-a68c-fc3026a84dba.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Google Chrome extension, version 3
Category:	dropped
Size (bytes):	768843
Entropy (8bit):	7.992932603402907
Encrypted:	true
SSDEEP:	12288:cK2ED9wjXNC1Gse83ru82/u0eKhgxuPFrDXgtbPz54Pm1D0fBmfH1sBrJ9mTiDga:cK2ED9I48seur0/uZKCuPNbgtbz6m1ob
MD5:	A11D5CAF6BF849AEB84B0C95B1C3B7CF
SHA1:	27F410CCBD75852C01C7464A1FD7EF8C29BE3916
SHA-256:	D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
SHA-512:	086C124DE3A01BE467647F3BCB4EA05105F690AB45417A0E3D38935ABA9E2381DF59AF98D0FFF7823CEFD5390B48807352E135AC70977AED7B413A8CC48FB590
Malicious:	false
Preview:	Cr24..............0.."0....H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L\|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.\|1..n.<Fb..f..Q1.....s..2..{.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-eu...b.........6W..>Nuw9..R{c...Nq.H.K..A!....`v.k+..?.5.>v.....;.._~....tp....x.q.V...7.m.O.~.{!.o/q.'..BK..4./?'.....L..fH&.._<..&.p.k^..\s...:1y..F.N.+...X.PO@Mo....X.G1:..Y.@;..j..........=ae...0.......DU....n...n.;.Ipr..Q....:... <.....a.Y....{ei........0..0....H............0.......Mbh=.[O}.+..U.KHF(n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;\|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$......l-m.............m....ni...`..W.....R.p.b.+...+.\k.R$e~.J\.&c%.d...M..j..V.%...+1F....D....X\.1ct.<........E.B.+.i@...8..^...&YR...I.o...,.....[0Y0....H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. D.'.N@.(..GK....m...A.0.."

C:\Users\user\AppData\Local\Temp\3c6fa991-d7a6-41ac-9001-cbc844aa6839.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Google Chrome extension, version 3
Category:	dropped
Size (bytes):	248531
Entropy (8bit):	7.963657412635355
Encrypted:	false
SSDEEP:	3072:r+nmRykNgoldZ8GjJCiUXZSk+QSVh85PxEalRVHmcld9R6yYfEp4ABUGDcaKklrv:k3oF4Z4h45P99Fld9RBQYBVcaxlnfL
MD5:	541F52E24FE1EF9F8E12377A6CCAE0C0
SHA1:	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
SHA-256:	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
SHA-512:	D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
Malicious:	false
Preview:	Cr24..............0.."0....H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L\|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.\|1..n.<Fb..f..Q1.....s..2..{.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f\|.~.c.4.E.......0..0....H............0.......).'..b.$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.\|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$\|..\|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0....H.=.....H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...\|!..A..L.+.=...kP.!.1..

C:\Users\user\AppData\Local\Temp\5228_446992993\manifest.fingerprint Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	66
Entropy (8bit):	3.928261499316817
Encrypted:	false
SSDEEP:	3:STDLGswXEVBcVdBiTDt3zLsW:SPLGLErcVdBiDtf3
MD5:	C00BCE97F21B1AD61EB9B8CD001795EE
SHA1:	8E0392FF3DB267D847711C3F4E0D7468060E1535
SHA-256:	59F06F04230E32E8BC839F45B984D31D611930427B631C963D09E7064A602363
SHA-512:	9930E44A6ECC62505DBADCEED5E05645909FF09816FB12AAC0414E6D2830AC09758366C3B7D4EDD7839C87EB16DFA4C66D8981AE6237D408B37135C3506F4CD2
Malicious:	false
Preview:	1.6f6bc93dcd62dc251850d2ff458fda96083ceb7fbe8eeb11248b8485ef2aea23

C:\Users\user\AppData\Local\Temp\923f43e7-861f-4e92-ac5f-a968c660770a.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:L:L
MD5:	5058F1AF8388633F609CADB75A75DC9D
SHA1:	3A52CE780950D4D969792A2559CD519D7EE8C727
SHA-256:	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
SHA-512:	0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
Malicious:	false
Preview:	.

C:\Users\user\AppData\Local\Temp\ba28ffcc-4894-4f95-8d42-d92d2bdb72de.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:L:L
MD5:	5058F1AF8388633F609CADB75A75DC9D
SHA1:	3A52CE780950D4D969792A2559CD519D7EE8C727
SHA-256:	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
SHA-512:	0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
Malicious:	false
Preview:	.

C:\Users\user\AppData\Local\Temp\ff7891e6-ecda-46c9-8a54-2bf2450ba0fb.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Google Chrome extension, version 3
Category:	dropped
Size (bytes):	248531
Entropy (8bit):	7.963657412635355
Encrypted:	false
SSDEEP:	3072:r+nmRykNgoldZ8GjJCiUXZSk+QSVh85PxEalRVHmcld9R6yYfEp4ABUGDcaKklrv:k3oF4Z4h45P99Fld9RBQYBVcaxlnfL
MD5:	541F52E24FE1EF9F8E12377A6CCAE0C0
SHA1:	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
SHA-256:	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
SHA-512:	D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
Malicious:	false
Preview:	Cr24..............0.."0....H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L\|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.\|1..n.<Fb..f..Q1.....s..2..{.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f\|.~.c.4.E.......0..0....H............0.......).'..b.$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.\|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$\|..\|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0....H.=.....H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...\|!..A..L.+.=...kP.!.1..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\31ee3490-1c20-4cae-a68c-fc3026a84dba.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Google Chrome extension, version 3
Category:	dropped
Size (bytes):	768843
Entropy (8bit):	7.992932603402907
Encrypted:	true
SSDEEP:	12288:cK2ED9wjXNC1Gse83ru82/u0eKhgxuPFrDXgtbPz54Pm1D0fBmfH1sBrJ9mTiDga:cK2ED9I48seur0/uZKCuPNbgtbz6m1ob
MD5:	A11D5CAF6BF849AEB84B0C95B1C3B7CF
SHA1:	27F410CCBD75852C01C7464A1FD7EF8C29BE3916
SHA-256:	D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
SHA-512:	086C124DE3A01BE467647F3BCB4EA05105F690AB45417A0E3D38935ABA9E2381DF59AF98D0FFF7823CEFD5390B48807352E135AC70977AED7B413A8CC48FB590
Malicious:	false
Preview:	Cr24..............0.."0....H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L\|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.\|1..n.<Fb..f..Q1.....s..2..{.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-eu...b.........6W..>Nuw9..R{c...Nq.H.K..A!....`v.k+..?.5.>v.....;.._~....tp....x.q.V...7.m.O.~.{!.o/q.'..BK..4./?'.....L..fH&.._<..&.p.k^..\s...:1y..F.N.+...X.PO@Mo....X.G1:..Y.@;..j..........=ae...0.......DU....n...n.;.Ipr..Q....:... <.....a.Y....{ei........0..0....H............0.......Mbh=.[O}.+..U.KHF(n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;\|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$......l-m.............m....ni...`..W.....R.p.b.+...+.\k.R$e~.J\.&c%.d...M..j..V.%...+1F....D....X\.1ct.<........E.B.+.i@...8..^...&YR...I.o...,.....[0Y0....H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. D.'.N@.(..GK....m...A.0.."

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\am\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17307
Entropy (8bit):	5.461848619761356
Encrypted:	false
SSDEEP:	384:arfbEVrFvMP4rMhuDopC3vUuFBYZV6uml:aHEVrFvMP4KuFvr6D6uml
MD5:	26330929DF0ED4E86F06C00C03F07CE3
SHA1:	478F3B7E7A7E007BEE182B89C2EF6FFE6045E92C
SHA-256:	621B5139ED199022BB6529AF18ED4DC312AE9F3E90ECAF3B2C9E1D12114F5B22
SHA-512:	0BE6183A1BF12575C0F99960705D4249E79CDB8528C55FF132BE99A111F09494231AD6A36CD61B090A3B34C6971D68A29373BA346888E852C52E05DC14380682
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "...... ... ..... .. ...... .... ... .... ......?".. },.. "128276876460319075": {.. "message": "..... ...".. },.. "1428448869078126731": {.. "message": ".... ......".. },.. "1522140683318860351": {.. "message": "..... ....... .... ..... .....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": "... ...".. },.. "1802762746589457177": {.. "message": "...".. },.. "1850397500312020388": {.. "message": ".$START_LINK$Google Home .......$END_LINK$ ... ...... Chromecast ..... .....? $START_SPAN$*$END_SPAN$",.. "placeholde

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\ar\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	16809
Entropy (8bit):	5.458147730761559
Encrypted:	false
SSDEEP:	192:0IprKC78JmUjk8RkeryFOYPATxLZ8fsbE3/IFV6c8TEKdl:Jrp8JjA8RkerK0lc3wFV6uml
MD5:	44325A88063573A4C77F6EF943B0FC3E
SHA1:	78908D766F3E7A0E4545E7BD823C8ED47C7164EB
SHA-256:	67A439A08804EF4BEF261BDBADD8F0FEFD51729167D01EDCA99DD4AF57D6108B
SHA-512:	889C02BC986794C58C76022E78F57F867DD1D5217687F12D679A33A2DB9E5A18F3A37CF94D8FE4585E747C78E4662EAB93361FF7D945990774C7CFCACCFB79D1
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": ".. .. ........ ....... .... .... ... .......".. },.. "128276876460319075": {.. "message": "...... .......".. },.. "1428448869078126731": {.. "message": "..... .......".. },.. "1522140683318860351": {.. "message": "..... ........ .... ........ ... .....".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": "..... .....".. },.. "1850397500312020388": {.. "message": "... ....... .. .... Chromecast .. $START_LINK$..... Google Home$END_LINK$. $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\bg\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	18086
Entropy (8bit):	5.408731329060678
Encrypted:	false
SSDEEP:	192:4jjpr342SIwPIasR9VhMkACVmrv8evj+3eXivOMbb2vVzCkwRV6V6c8TEKdl:4ZrYo+rxT+qOV6V6uml
MD5:	6911CE87E8C47223F33BEF9488272E40
SHA1:	980398F076BB7D451B18D7FDE2DE09041B1F55AD
SHA-256:	273DEF0F67F0FA080802B85EF6F334DE50A19408F46BDF41F0F099B1F5501EEA
SHA-512:	CDB69405BB553E46DCF02F71B1A394307D0051E7FA662DFFEBA7888F30DD933F13C7FD6E32F1D7AEAEE8746316873B6E1D92029724ABDC75E49DCC092172EA22
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": ".......".. },.. "1213957982723875920": {.. "message": "... .. ........ ......... ...... ...-..... ....... ..?".. },.. "128276876460319075": {.. "message": "......... .. ..........".. },.. "1428448869078126731": {.. "message": "........ .. .........".. },.. "1522140683318860351": {.. "message": "........... .. .. ........ ...., ........ .......".. },.. "1550904064710828958": {.. "message": "......".. },.. "1636686747687494376": {.. "message": ".......".. },.. "1802762746589457177": {.. "message": ".... .. .....".. },.. "1850397500312020388": {.. "message": "....... .. ............ .. Chromecast . $START_LINK$............ Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "p

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\bn\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	19695
Entropy (8bit):	5.315564774032776
Encrypted:	false
SSDEEP:	384:PrUCrcTIOeswIW/Vre/sZn8TFfzheV6uml:lPswIWtoK8xfG6uml
MD5:	F9DDF525C07251282A3BFFCEE9A09ABB
SHA1:	A343A078E804AF400A8F3E1891E3390DA754A5CD
SHA-256:	C69C6C90F7EB8F10685CD815AF1F6F1B87CF30C4E8D95DF1D577DE1105AAD227
SHA-512:	EBD339C37162984672513019D470B92DF8B743DD69D4430361EF12D42FD1C208DBDE818A7BFE20BE8A7D63CD6E02B3F4344DEA1C4AEDB8719D789981A49DA44C
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": ".... ...".. },.. "1213957982723875920": {.. "message": "..... ....... ..... ........... ...... ....... ...... ...?".. },.. "128276876460319075": {.. "message": "...... ........".. },.. "1428448869078126731": {.. "message": "...... ......... ...".. },.. "1522140683318860351": {.. "message": "..... .... ...... ....... ... ... .... ...... .....".. },.. "1550904064710828958": {.. "message": ".........".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": ".....".. },.. "1850397500312020388": {.. "message": "$START_LINK$ Google

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\ca\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15518
Entropy (8bit):	5.242542310885
Encrypted:	false
SSDEEP:	384:drGUBKxMF2ayv8FrIccUVFmwf+7d9VKS3V6uml:dCUBKxMFBy0FE3UzmQ+zkSl6uml
MD5:	A90CF7930E7C3BEC61EE252DEFAD574A
SHA1:	F630CA01114A7BDD39607CB84B8280CCE218A5C6
SHA-256:	A533740E17559E2ADF40B4555C60F21EEC84E92C09CDBC19EED033A0B4DD2474
SHA-512:	598F991B344FA6724617D6CE57BB0D6D64EF86B4F5317BF6AD5EDF43E6B0A385094E7885F7A8FA2B107405B31C3D9F76E92315BC1D9BB52ACD4ECAD342917DE1
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Es congela".. },.. "1213957982723875920": {.. "message": "Quina de les opcions.seg.ents descriu millor la vostra xarxa?".. },.. "128276876460319075": {.. "message": "Detecci. de dispositius".. },.. "1428448869078126731": {.. "message": "Flu.desa del v.deo".. },.. "1522140683318860351": {.. "message": "S'ha produ.t un error en la connexi.. Torneu-ho a provar.".. },.. "1550904064710828958": {.. "message": "Correcta".. },.. "1636686747687494376": {.. "message": "Perfecta".. },.. "1802762746589457177": {.. "message": "Volum".. },.. "1850397500312020388": {.. "message": "Pots veure el Chromecast a l'$START_LINK$aplicaci. Google.Home$END_LINK$?$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\cs\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15552
Entropy (8bit):	5.406413558584244
Encrypted:	false
SSDEEP:	192:eVdprJrG5efiTk93ebrxZR1fdc8VDCwT9fTV6c8TEKdl:2rMqiQerxQ88W7V6uml
MD5:	17E753EE877FDED25886D5F7925CA652
SHA1:	8E4EC969777CC0CEB7C12D0C1B9D87EBBB9C4678
SHA-256:	C562FCCFCE374D446BFAC30AC9B18FF17E7A3EF101C919FF857104917F300382
SHA-512:	33D61F6327FC81D7A45AA2CC97922DC527F5F43E54AA1A1638DA6EE407024A2F10CFD82CC5C3C581C2E7B216276987CB26C3FA95198572E139ACF29CC5B7ADCB
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Video zamrz.".. },.. "1213957982723875920": {.. "message": "Kter. popis nejl.pe vystihuje va.i s..?".. },.. "128276876460319075": {.. "message": "Zji..ov.n. za..zen.".. },.. "1428448869078126731": {.. "message": "Plynulost videa".. },.. "1522140683318860351": {.. "message": "P.ipojen. se nezda.ilo. Zkuste to pros.m znovu.".. },.. "1550904064710828958": {.. "message": "Plynul.".. },.. "1636686747687494376": {.. "message": "Perfektn.".. },.. "1802762746589457177": {.. "message": "Hlasitost".. },.. "1850397500312020388": {.. "message": "Vid.te sv.j Chromecast v.$START_LINK$aplikaci Google Home $END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\da\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15340
Entropy (8bit):	5.2479291792849105
Encrypted:	false
SSDEEP:	192:+Upr8XnI1MY2kPuir8j7Rd3kbTWc4QtV6c8TEKdl:FrJ1H9br8h6eZCV6uml
MD5:	F08A313C78454109B629B37521959B33
SHA1:	3D585D52EC8B4399F66D4BE88CED10F4A034FCCC
SHA-256:	23BF7E5EDF70291CA6D8F4A64788C5B86379EECB628E3DFA7DD83344612F7564
SHA-512:	9F2868AEBBF7F6167A7EA120FE65E752F9A65D1DC51072AA2413B2FDE374DA2D169D455A4788E341717F694179E6F1FA80413C080D9CD8CB397C3E84668CBFEC
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Fryser".. },.. "1213957982723875920": {.. "message": "Hvilket af f.lgende udsagn beskriver bedst dit netv.rk?".. },.. "128276876460319075": {.. "message": "Enhedsregistrering".. },.. "1428448869078126731": {.. "message": "Videostabilitet".. },.. "1522140683318860351": {.. "message": "Forbindelsen blev afbrudt. Pr.v igen.".. },.. "1550904064710828958": {.. "message": "Problemfri".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Lydstyrke".. },.. "1850397500312020388": {.. "message": "Kan du se din Chromecast i $START_LINK$ Google Home-appen$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "STAR

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\de\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15555
Entropy (8bit):	5.258022363187752
Encrypted:	false
SSDEEP:	192:AJprM71A4qyJSwlk5KR5rtXsmvL0xhVw921YV6c8TEKdl:2re3jJS5A5rt8msA2KV6uml
MD5:	980FB419ED6ED94AD75686AFFB4E4C2E
SHA1:	871BFBCA6BCBA9197811883A93C50C0716562D57
SHA-256:	585C7814AFD2453232BC940252D4AE821D6E6CBCFD74A793F78E5DB8BA5342F1
SHA-512:	1681FA9C3BA882250A5005FB807D759EB8A634F1AA011725B1C865C0028BE7AB7BC16DC821A7F5BBFBA84C91E7D663ADE715284798E7E84E8FFF2D254488882D
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "H.ngenbleiben".. },.. "1213957982723875920": {.. "message": "Welche dieser Aussagen beschreibt dein Netzwerk am besten?".. },.. "128276876460319075": {.. "message": "Ger.teerkennung".. },.. "1428448869078126731": {.. "message": "Videowiedergabequalit.t".. },.. "1522140683318860351": {.. "message": "Fehler beim Herstellen der Verbindung. Bitte versuche es noch einmal.".. },.. "1550904064710828958": {.. "message": "St.rungsfrei".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Lautst.rke".. },.. "1850397500312020388": {.. "message": "Siehst du deinen Chromecast in der $START_LINK$Google Home App$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\el\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17941
Entropy (8bit):	5.465343004010711
Encrypted:	false
SSDEEP:	384:S0rDuhLh41cZrP3TzDBknbpgo6djIV6uml:S0fuBh46ZD3TzDinbpgoUK6uml
MD5:	40EB778339005A24FF9DA775D56E02B7
SHA1:	B00561CC7020F7FE717B5F692884253C689A7C61
SHA-256:	F56BF7C171AA20038EE30B754478B69A98F3014C89362779B0A8788C7B9BEEE1
SHA-512:	8BED281A33EC1E4E88A9F9D62BB13FE0266C0FAF8856D1DC2A843D26DD3CE5E7D1400FD3325ABD783B0364EC4FB1188AD941D56AEB9073BC365BE0D12DE6C013
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": ".......".. },.. "1213957982723875920": {.. "message": ".... ... .. ........ .......... ........ .. ...... ...;".. },.. "128276876460319075": {.. "message": ".......... ........".. },.. "1428448869078126731": {.. "message": "......... ......".. },.. "1522140683318860351": {.. "message": "........ ......... ......... .....".. },.. "1550904064710828958": {.. "message": ".....".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": "...... ....".. },.. "1850397500312020388": {.. "message": "........ .. ..... .. Chromecast .... $START_LINK$........ Google Home$END_LINK$; $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\en\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	14897
Entropy (8bit):	5.197356586852831
Encrypted:	false
SSDEEP:	96:2MKUOp5N7GTNMRuv6M0bIt3FXGkW6/5NkkQ9NJKJhnH3t9F410sUA+ISN6cGDSyR:VKzprogudTGkWqrKcJhdIR+V6c8TEKdl
MD5:	8351AF4EA9BDD9C09019BC85D25B0016
SHA1:	F6EC1FFD291C8632758E01C9EE837B1AD18D4DCF
SHA-256:	F41C82D8A4F0E9B645656D630C882BE94A0FB7F8CEC0FE864B57298F0312B212
SHA-512:	75672B57F21F38F97341AD76A199AD764E9FBAB2384D701BF6EB06CEFDE6C4F20F047F9051A4E30D99621E5C1FBBDB9E38E8D2B47470806704B38DA130A146CF
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Freezes".. },.. "1213957982723875920": {.. "message": "Which of the following best describes your network?".. },.. "128276876460319075": {.. "message": "Device Discovery".. },.. "1428448869078126731": {.. "message": "Video Smoothness".. },.. "1522140683318860351": {.. "message": "Connection failed. Please try again.".. },.. "1550904064710828958": {.. "message": "Smooth".. },.. "1636686747687494376": {.. "message": "Perfect".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Are you able to see your Chromecast in the $START_LINK$ Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "START

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\es\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15560
Entropy (8bit):	5.236752363299121
Encrypted:	false
SSDEEP:	192:NAgprfy1pTCukFr+1DIyDRoanvV6c8TEKdl:KMrq6FrmvV6uml
MD5:	8A70C18BB1090AA4D500DE9E8E4A00EF
SHA1:	8AFC097FA956C1317DB0835348B2DA19F0789669
SHA-256:	FF173D1CEF665B1234E02F11070ABD2B65230318150734579A03C7F31B4AE3F4
SHA-512:	140BAF40A4ABE9B8AF0855B0EBB7DFDF17869EDFC4EE1037C5EA7FDD8EDEBD4850E055B6A4D7B8782657618BCE1517813779BA01BA993CC838BB43E0BE71EEEE
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Congelaci.n de im.genes".. },.. "1213957982723875920": {.. "message": ".Cu.l de las siguientes respuestas describe mejor tu red?".. },.. "128276876460319075": {.. "message": "Detecci.n de dispositivo".. },.. "1428448869078126731": {.. "message": "Fluidez del v.deo".. },.. "1522140683318860351": {.. "message": "Error en la conexi.n. Vuelve a intentarlo.".. },.. "1550904064710828958": {.. "message": "V.deo fluido".. },.. "1636686747687494376": {.. "message": "Perfecta".. },.. "1802762746589457177": {.. "message": "Volumen".. },.. "1850397500312020388": {.. "message": ".Puedes ver tu Chromecast en la $START_LINK$aplicaci.n Google.Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\et\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15139
Entropy (8bit):	5.228213017029721
Encrypted:	false
SSDEEP:	96:Z48bxhWYp5Ny5M63niwAKD4rrJSJ2RkPXh9P5NFP2+NBMU01jewUEVez3QOiSevy:ikxprot3lYkf/rHBc0KsUV6c8TEKdl
MD5:	A62F12BCBA6D2C579212CA2FF90F8266
SHA1:	F7E964A2D9BBDA364252BCE5CFBA3FD34FDD825E
SHA-256:	3EB3EB0B3B4A8E5A477D1B3C3A3891CCC7DC6B8879ECE243A7BD7C478068273D
SHA-512:	E300201245C00ADEC8F39D586875F8FA4607AB203572BF3CE353C1CA7CDCA05B8786810CA0CEE27E4EA54A5EFD53690F1EA7AA4148CFF472A66BB11202723566
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Hangub".. },.. "1213957982723875920": {.. "message": "Milline j.rgmistest v.idetest kirjeldab k.ige paremini teie v.rku?".. },.. "128276876460319075": {.. "message": "Seadme tuvastamine".. },.. "1428448869078126731": {.. "message": "Video sujuvus".. },.. "1522140683318860351": {.. "message": ".hendamine eba.nnestus. Proovige uuesti.".. },.. "1550904064710828958": {.. "message": ".htlane".. },.. "1636686747687494376": {.. "message": "T.iuslik".. },.. "1802762746589457177": {.. "message": "Helitugevus".. },.. "1850397500312020388": {.. "message": "Kas n.ete oma Chromecasti $START_LINK$rakenduses Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\fa\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17004
Entropy (8bit):	5.485874780010479
Encrypted:	false
SSDEEP:	192:rngaIprIX/t9wkjTJrs3hqaXxRQdiIMDnD+LhfHdoltV6c8TEKdl:4rin5rU1X7Qd0M9CtV6uml
MD5:	852BD3CFF960F1BC3A2AAB3CB3874EF9
SHA1:	C9F6F3C776542889FE3B67971D65ACFE048A3A0A
SHA-256:	D87597B6C10364501B98AA42524843F109009CCEF022D8E0170440D7F144F4C6
SHA-512:	2A7AE4D70E33E53EE31831CE2E61DD8DF103C4170EC483BDA14B8788E5DD536EEE84DBA340CACBDF16889C7E6465B48D82C4714E746E8A7B372D12CBDF371C95
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": ".... ... .......".. },.. "1213957982723875920": {.. "message": ".... .. .. ..... ... .... ... .. .. ...... ... ..... .......".. },.. "128276876460319075": {.. "message": "..... ......".. },.. "1428448869078126731": {.. "message": "..... .....".. },.. "1522140683318860351": {.. "message": "..... ...... .... ..... ...... ...... .....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": "..... ...".. },.. "1850397500312020388": {.. "message": ".... ......... Chromecast ... .. .. $START_LINK$ ...... Google Home$END_LINK$ ....... $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\fi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15268
Entropy (8bit):	5.268402902466895
Encrypted:	false
SSDEEP:	192:efMprYXiYUNpj5Coik1tXxrUhvUzSPWV6c8TEKdl:eIrjbjosdrU5WV6uml
MD5:	3902581B6170D0CEA9B1ECF6CC82D669
SHA1:	C8208AC2B1DD6D4F8BDAAE01C8BD71FFFA5A732B
SHA-256:	D2A8180225A83A423BB6E17343DFA8F636D517154944002ED9240411B8C0C5E1
SHA-512:	612FDD8A3C5051F0A4F1E11E50B5D124B337C77D62D987D35C2AF9E08AFC6AFCEBAEE8D40FDFBCD1E1889F39758B96FAECBF6C6D1CF146C741A5261952050221
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Pys.htyy".. },.. "1213957982723875920": {.. "message": "Mik. seuraavista kuvaa parhaiten verkkoasi?".. },.. "128276876460319075": {.. "message": "Laitteiden tunnistaminen".. },.. "1428448869078126731": {.. "message": "Videon tasaisuus".. },.. "1522140683318860351": {.. "message": "Yhteys ep.onnistui. Yrit. uudelleen.".. },.. "1550904064710828958": {.. "message": "Tasainen".. },.. "1636686747687494376": {.. "message": "T.ydellinen".. },.. "1802762746589457177": {.. "message": "..nenvoimakkuus".. },.. "1850397500312020388": {.. "message": "N.etk. Chromecastisi $START_LINK$Google Home .sovelluksessa$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\fil\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15570
Entropy (8bit):	5.1924418176212646
Encrypted:	false
SSDEEP:	192:+esprzAsQp68wIJYkMyr2k0jR1/7Rr1uV6c8TEKdl:Gr78JDMyrR0tJuV6uml
MD5:	59483AD798347B291363327D446FA107
SHA1:	C069F29BB68FA7BA2631B0BF5BBF313346AC6736
SHA-256:	DD47530EAE96346CD4DC3267A0BB1091BB17B704803A93CDA2E3E81551B94F12
SHA-512:	091595CA135E965ED3DE376873541117F0E7A8EBDEB4714833EFDD6C820234373891BE5DEC437BA85CCB79CCCA053D407E6ADA17EBDAE7D313324A48775C0010
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Hindi gumagalaw".. },.. "1213957982723875920": {.. "message": "Alin sa sumusunod ang pinakamahusay na naglalarawan sa iyong network?".. },.. "128276876460319075": {.. "message": "Pagtuklas ng Device".. },.. "1428448869078126731": {.. "message": "Pagka-smooth ng Video".. },.. "1522140683318860351": {.. "message": "Hindi nakakonekta. Pakisubukang muli.".. },.. "1550904064710828958": {.. "message": "Smooth".. },.. "1636686747687494376": {.. "message": "Perpekto".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Nakikita mo ba ang iyong Chromecast sa $START_LINK$ Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\fr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15826
Entropy (8bit):	5.277877116547859
Encrypted:	false
SSDEEP:	192:nLZprAZg3EkV3sjrICe8L/1Va7lt1rlxLAkoYHHavV6c8TEKdl:vrW+2jrI7TdLAk3MV6uml
MD5:	9B416146FE4F1403C2AACAC4DCF1A5C3
SHA1:	616F055C9FAD4CE972DF82EC8A9B2F4EDA3E7FAD
SHA-256:	7C7F5758F54008190ACCDDBD1761CBD980FB5FE0847E992874498228D2571DBC
SHA-512:	6E8E70380A8C6E2C0587ADFF6AE36963EC76694904841CE1DFE4EEE215B917AD3E8AF727555627FBDF6B8BA6A4A0674D2B90AC4E9331B6628A32F4C4348FB51B
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Se fige".. },.. "1213957982723875920": {.. "message": "Parmi les propositions suivantes, laquelle d.crit le mieux votre r.seau.?".. },.. "128276876460319075": {.. "message": "D.tection d'appareils".. },.. "1428448869078126731": {.. "message": "Fluidit. de la vid.o".. },.. "1522140683318860351": {.. "message": ".chec de la connexion. Veuillez r.essayer.".. },.. "1550904064710828958": {.. "message": "Fluide".. },.. "1636686747687494376": {.. "message": "Parfaite".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Votre Chromecast est-il visible dans l'$START_LINK$application Google.Home$END_LINK$.? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\gu\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	19255
Entropy (8bit):	5.32628732852814
Encrypted:	false
SSDEEP:	384:Hq2Mr+qPlJKYMdzKgXr3dGsGF+yAK37Wf7Cy/V6uml:KxzTVgX7ykj6uml
MD5:	68B03519786F71A426BAC24DECA2DD52
SHA1:	B8E6608932EC5CEC4BC3C5475BFC3E312D2E2E7D
SHA-256:	C77A4D27E9E6CA25B9290056D93A656E3EBE975957E4C2EE9F0FB11B133D5CD4
SHA-512:	5FFE06A10774877AF25E05BA07F3032CC52F874896D67E320F4EF9D524A22E40B462CC6206700E9557EB354FA2730172DC6912EBCA49C671FB0EF155B17F9EFF
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "........... .... ..... .......... ....... ..... ... ..?".. },.. "128276876460319075": {.. "message": "..... ...".. },.. "1428448869078126731": {.. "message": "........ ......".. },.. "1522140683318860351": {.. "message": "....... ...... ..... .... ..... ..... ...... ....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": ".......".. },.. "1850397500312020388": {.. "message": "... ... $START_LINK$ Google Home ..$END_LINK$... Chromecast..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\hi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	19381
Entropy (8bit):	5.328912995891658
Encrypted:	false
SSDEEP:	384:zrGrSmhKy7KyY+bNEDqlQdrMEPxtShJV6uml:zBqG6QdwEPrW6uml
MD5:	20C86E04B1833EA7F21C07361061420A
SHA1:	617C0D70E162CF380005E9780B61F650B7A39F9B
SHA-256:	C2C27CA242DBDE600BA3AA7782156BC2B190A64D8A1B51EDC8007BDECA139553
SHA-512:	9FB91AA8E0226519E298B1136E8A1A3C1879DB7F0E6052AF1BFD55921CD698346278D04602510680A9695A76DD5C96D9665380580044C50D81392BB2CB3E8E95
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "..... ... .. ... .... ....... .. .... ..... ..... .... ..?".. },.. "128276876460319075": {.. "message": "...... ...".. },.. "1428448869078126731": {.. "message": "...... .........".. },.. "1522140683318860351": {.. "message": "....... ..... ..... .... ...... .....".. },.. "1550904064710828958": {.. "message": ".......".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": ".....".. },.. "1850397500312020388": {.. "message": ".... .. $START_LINK$ Google Home .........$END_LINK$ ... .... Ch

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\hr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15507
Entropy (8bit):	5.290847699527565
Encrypted:	false
SSDEEP:	192:Pdapr6h85tRwVQgkvJryLkla5Kfndg/V6c8TEKdl:Arwot2Q7BryVce/V6uml
MD5:	3ED90E66789927D80B42346BB431431E
SHA1:	2B061E3271DF4255B1FFC47BDB207CDEC0D9724F
SHA-256:	0B41E3C42414F72C9A12C05F8772597F9685115366A774C66018467AD4B71A74
SHA-512:	92BE43F1FFC8EFBF5BBC50573AC4C65F6104416A5B6CD04404C3A9854CA3DCF2A43A4044C168590CDF83887D234495843572331ADCD5B020D2E48A3956F3C164
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Zamrzavanje".. },.. "1213957982723875920": {.. "message": "Koje od sljede.eg najbolje opisuje va.u mre.u?".. },.. "128276876460319075": {.. "message": "Otkrivanje ure.aja".. },.. "1428448869078126731": {.. "message": "Ujedna.enost videoreprodukcije".. },.. "1522140683318860351": {.. "message": "Povezivanje nije uspjelo. Poku.ajte ponovo.".. },.. "1550904064710828958": {.. "message": "Glatko".. },.. "1636686747687494376": {.. "message": "Savr.ena".. },.. "1802762746589457177": {.. "message": "Glasno.a".. },.. "1850397500312020388": {.. "message": "Vidite li svoj Chromecast u $START_LINK$aplikaciji Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\hu\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15682
Entropy (8bit):	5.354505633120392
Encrypted:	false
SSDEEP:	192:CCEAproS9fZv+JwkDMrC2NSxoSgbV6c8TEKdl:5r5VZv+RDMrazoV6uml
MD5:	8E9FF7E49473C5734A2F6F0812E12EB3
SHA1:	A4F10DDD1580582533D5EB59EDF6D8048F887C81
SHA-256:	6CDD2FB39ADECE00E88B989E464B05ED1414092D0492F6D0AE58D549BFD1A46A
SHA-512:	E9A4AF31B1A276F395599BB620A3164CABF3459F3C102DD3F57DFEA734510BD985DE65CB409E1975559ACCC615075439A08E1DEBE22C90A0ABCAA3CAFEE79AC7
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Lefagy".. },.. "1213957982723875920": {.. "message": "Az al.bbiak k.z.l melyik jellemzi legjobban h.l.zat.t?".. },.. "128276876460319075": {.. "message": "Eszk.zfelfedez.s".. },.. "1428448869078126731": {.. "message": "Vide. folyamatoss.ga".. },.. "1522140683318860351": {.. "message": "Sikertelen kapcsol.d.s. K.rj.k, pr.b.lja .jra.".. },.. "1550904064710828958": {.. "message": "Folyamatos".. },.. "1636686747687494376": {.. "message": "T.k.letes".. },.. "1802762746589457177": {.. "message": "Hanger.".. },.. "1850397500312020388": {.. "message": "L.tja a Chromecastot a $START_LINK$Google Home alkalmaz.sban$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content":

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\id\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15070
Entropy (8bit):	5.190057470347349
Encrypted:	false
SSDEEP:	192:GsprMtChjkWfrEWL0KRCnEOWV6c8TEKdl:9rtAEr3LTRuWV6uml
MD5:	7ADF9F2048944821F93879336EB61A78
SHA1:	C3DA74FB544684D5B250767BB0CB66FFB7C58963
SHA-256:	3630947E1075E3663AD3E4824D0BE42CB47C0D615D8053E83B9595047C8BA9BE
SHA-512:	1F28BB80E1839C5581106BEA3AE2501C7618249D7E3115819F5A9A87771D59F5DE346C1B9C87F7FFC390604D5B9888CE738E25F2F04A094002A0FB3B22CBEC95
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Membeku".. },.. "1213957982723875920": {.. "message": "Dari berikut ini, manakah yang paling mendeskripsikan jaringan Anda?".. },.. "128276876460319075": {.. "message": "Penemuan Perangkat".. },.. "1428448869078126731": {.. "message": "Kelancaran Video".. },.. "1522140683318860351": {.. "message": "Sambungan gagal. Coba lagi.".. },.. "1550904064710828958": {.. "message": "Lancar".. },.. "1636686747687494376": {.. "message": "Sempurna".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Bisakah Anda melihat Chromecast di $START_LINK$aplikasi Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\it\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15256
Entropy (8bit):	5.210663765771143
Encrypted:	false
SSDEEP:	192:lYprk52dAaykVza8rE0QWBKD9+vq0hKEV6c8TEKdl:qrlA8r6DalV6uml
MD5:	BB3041A2B485B900F623E57459AE698A
SHA1:	502F5EA89F9FB0287E864B240EA39889D72053A4
SHA-256:	025737EF8FA06706B3F26D0F52B4844244A6D33DAE1D82FEF2931A14C003D57E
SHA-512:	BA51784073BEF82F3A116B33DA406FDB10EC823B9EE74375C46036DAD8BDCB4141F60845DE141ABE42CEEF9251572F6AB287CA5FC7669C60E4F68071D5AB8C2D
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Si blocca".. },.. "1213957982723875920": {.. "message": "Quale delle seguenti definizioni descrive meglio la tua rete?".. },.. "128276876460319075": {.. "message": "Rilevamento dispositivi".. },.. "1428448869078126731": {.. "message": "Uniformit. video".. },.. "1522140683318860351": {.. "message": "Connessione non riuscita. Riprova.".. },.. "1550904064710828958": {.. "message": "Fluido".. },.. "1636686747687494376": {.. "message": "Perfetta".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Riesci a vedere il tuo dispositivo Chromecast nell'$START_LINK$app Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\ja\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	16519
Entropy (8bit):	5.675556017051063
Encrypted:	false
SSDEEP:	192:nkprPhQdxkRWrZe1wYpMR5wnAV6c8TEKdl:YrLRWri65wAV6uml
MD5:	6F2CC1A6B258DF45F519BA24149FABDC
SHA1:	8A58C7880C6D22765DCBB6BCE22A192C1B109AE1
SHA-256:	42ECFEE727CFC4F2845FEFDACE5EDC2E0A40AFAD69973A3B950CE653A7633342
SHA-512:	F7454F0E14301C59CC54361ACC0A1C6D072EF9BDF5DEA60646FB90B1CE47612785938C784A4CF1DE3E62648A14420374933B5F5DA43907BC00D3799FF163A3D0
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "...".. },.. "1213957982723875920": {.. "message": "................................".. },.. "128276876460319075": {.. "message": "......".. },.. "1428448869078126731": {.. "message": ".......".. },.. "1522140683318860351": {.. "message": ".......................".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": "$START_LINK$Google Home ...$END_LINK$. Chromecast .........$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\kn\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	20406
Entropy (8bit):	5.312117131662377
Encrypted:	false
SSDEEP:	384:a6C5rBSzvrZreGnla9ZBHRUDYr9yRwEcAa4rSeD5BSz0hJz8qbbM3gbr//Hkr44c:a6C5rBSzvFreGnla9ZBHRUDYr9yRwEcC
MD5:	2E3239FC277287810BC88D93A6691B09
SHA1:	FC5D585DA00ADC90BF79109C7377BD55E6653569
SHA-256:	5FC705AD19761204D8604EA069936A23731B055D51E7836CAAF16AC7719FBEEA
SHA-512:	DF8BC9E577D3ECB0E6C303E1D2C9E9A4A8317CAE810A9DFC88D91B373A4B665722C5A9AB5A589BB947FDA4C7CD9A6DF39DDD13EA47FE9EFF7E0AC43E49FF3479
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "....... .........".. },.. "1213957982723875920": {.. "message": "...... ...... ..... ........... ..... ......... ............?".. },.. "128276876460319075": {.. "message": "..... ........".. },.. "1428448869078126731": {.. "message": "........ .......".. },.. "1522140683318860351": {.. "message": "...... ........... ........ ..... ...........".. },.. "1550904064710828958": {.. "message": ".....".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": "........".. },.. "1850397500312020388": {.. "message": ".... $

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\ko\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	15480
Entropy (8bit):	5.617756574352461
Encrypted:	false
SSDEEP:	192:kWprGvSQtkxWffrnl5JuFBWVZV6c8TEKdl:TrkuxKfrlT4YVZV6uml
MD5:	E303CD63AD00EB3154431DED78E871C4
SHA1:	3B1E5B8E2CF5EBDF5D33656EF80A46563F751783
SHA-256:	FDE602BFDB1AFD282682DA5338C4F91D8A2F6CB5411DB8F62F4583D629CE67A6
SHA-512:	18BA1D5A25FBC1829AD957A531B0CC490AFCBD20AC22181021363AA3CFB916270B8732E824463C9B0897220E8AE86EB1BE561D6540E6C625F08F228F61DDFFA3
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "...".. },.. "1213957982723875920": {.. "message": ".. . .. .. ..... .. . .... ... .....?".. },.. "128276876460319075": {.. "message": ".. ..".. },.. "1428448869078126731": {.. "message": "... ..".. },.. "1522140683318860351": {.. "message": ".... ...... .. ... ....".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "...".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": "$START_LINK$Google Home .$END_LINK$. Chromecast. .....? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\lt\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15802
Entropy (8bit):	5.354550839818046
Encrypted:	false
SSDEEP:	192:lGxSprfkiRR+2zJckS1khrnPI85+80p3DWReV6c8TEKdl:lG4rlq0OkSmhrwbpIeV6uml
MD5:	93BBBE82F024FBCB7FB18E203F253429
SHA1:	83F4D80F64FA2ADCE6C515C5F663BD38A76C51DB
SHA-256:	E7A8570922CCC4F2CA3721C4E61F426158C4E7BC90274FBC8BE4040FF8B6CA9B
SHA-512:	B7E7878106B466CE95069141DF1DE387E847348B62E9C4D548006452F3E164B3AD842E9673A56DC011A5ECC3346B5863E2034EE477A9D1F3E0ABD76B2D0F640A
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Stringa".. },.. "1213957982723875920": {.. "message": "Kuris i. toliau pateikt. teigini. geriausiai apib.dina j.s. tinkl.?".. },.. "128276876460319075": {.. "message": ".renginio suradimas".. },.. "1428448869078126731": {.. "message": "Vaizdo .ra.o sklandumas".. },.. "1522140683318860351": {.. "message": ".vyko ry.io klaida. Bandykite dar kart..".. },.. "1550904064710828958": {.. "message": "Leid.iama skland.iai".. },.. "1636686747687494376": {.. "message": "Puiki".. },.. "1802762746589457177": {.. "message": "Garsumas".. },.. "1850397500312020388": {.. "message": "Ar .Chromecast. rodomas $START_LINK$programoje .Google Home.$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\lv\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15891
Entropy (8bit):	5.36794040601742
Encrypted:	false
SSDEEP:	192:y18prUkm15wkLDG2raqhnZDuvyI762V6c8TEKdl:RrAL7rte62V6uml
MD5:	388590CE5E144AE5467FD6585073BD11
SHA1:	61228673A400A98D5834389C06127589F19D3A30
SHA-256:	05CA14196CA5D90B228C0F03684E03EBE403A3E7B513AE0A059244AE12B51164
SHA-512:	BF83AC90BC56CEB1CA12DCB47BCE542FB8CFE0BC14E34DE4FE1A84F7CDB4B54E36C125CEA7EE06EA6244F7795A0957A8A20DB30CA4C60FC6E96EF2A735448521
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": ".Iesald.ts. att.ls".. },.. "1213957982723875920": {.. "message": "Kur. no t.l.k min.tajiem apgalvojumiem vislab.k raksturo j.su t.klu?".. },.. "128276876460319075": {.. "message": "Ier.ces atra.ana".. },.. "1428448869078126731": {.. "message": "Video vienm.r.ba".. },.. "1522140683318860351": {.. "message": "Neizdev.s izveidot savienojumu. L.dzu, m..iniet v.lreiz.".. },.. "1550904064710828958": {.. "message": "Vienm.r.gs att.ls".. },.. "1636686747687494376": {.. "message": "Nevainojama".. },.. "1802762746589457177": {.. "message": "Ska.ums".. },.. "1850397500312020388": {.. "message": "Vai j.su Chromecast ier.ce ir redzama $START_LINK$lietotn. Google.Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2"..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\ml\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	20986
Entropy (8bit):	5.347122984404251
Encrypted:	false
SSDEEP:	384:6pQrdbhWHZ3wOn1HbxytQdroExFVRnTPV6uml:X5hUtz6uml
MD5:	2AF93901DE80CA49DA869188BCDA9495
SHA1:	E60DF4F2FB12BD3F1CA869DAD9F6BDE0C17CEB11
SHA-256:	329E80AEE1212F634E180DEF7E16D6E38D9C9FDA9AC9DB1D99B8AE1626EF304E
SHA-512:	DD1711B017DC65E1272972A1BEBD7A1B1769E1F22B37B20582573392CD432725D19DCE134145B3C031428BC0B5948B02A9AA93C8A651BEAA189B686B7BC2AD46
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "...........".. },.. "1213957982723875920": {.. "message": "................ ..... ....... ...... ....... ......... ............. .................?".. },.. "128276876460319075": {.. "message": "...... .........".. },.. "1428448869078126731": {.. "message": "...... ...............".. },.. "1522140683318860351": {.. "message": "...... .............. ....... ...........".. },.. "1550904064710828958": {.. "message": ".........".. },.. "1636686747687494376": {.. "message": "........".. },.. "1802762746589457177": {.. "message"

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\mr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	19628
Entropy (8bit):	5.311054092888986
Encrypted:	false
SSDEEP:	192:PbrpprGy+RmIosTmidpzlF1Akk03LQYOkQrjNjP8hZYiEQ5z+excV6c8TEKdl:PbfrGUIos7dpzxbP7KrjNjaBEYuV6uml
MD5:	659F5B4ACA112D3ECBB6EC1613DDE824
SHA1:	5DEE35FCD260554999F8DDEC489FBA9F81FA8EEE
SHA-256:	C8B765E7A07578BC078A952E151E3B866506959E15E79E9E5E1DBB98F9C4008F
SHA-512:	F74B36C1B6160E444F4969D13788A9C60637BDC11DC5065B2518B668E8D638384E00557ACDC88B3EA225D9231B6BED4B227BFB2E12C92773073B256F62ADDE63
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "......".. },.. "1213957982723875920": {.. "message": "......... ..... ...... ......... ............ ..... ....?".. },.. "128276876460319075": {.. "message": "........ ...".. },.. "1428448869078126731": {.. "message": "....... .......".. },.. "1522140683318860351": {.. "message": "....... ....... ..... ..... ...... ....... ....".. },.. "1550904064710828958": {.. "message": ".... ..... .....".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": ".........".. },.. "1850397500312020388": {.. "message": "...... $START_LINK$ Goo

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\ms\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15330
Entropy (8bit):	5.193447909498091
Encrypted:	false
SSDEEP:	192:rCprBbx+Fkc4kYPr/pEt4EpXlIoV6c8TEKdl:CrYjer/mOE4oV6uml
MD5:	09D75141E0D80FBD3E9E92CE843DA986
SHA1:	B24EAB4B1242C31B69514D77BC1DB36A3F648F40
SHA-256:	8F1DBDEFD910AD88BEEC7956619CDB34391D6E69254C3A7497E8F87134AE8B5C
SHA-512:	935C69481F1555787FCB9A5490B3188B348284B600359239742A7D802ADD5CC8A30CC1F0942D52E620DFB388787FCD69B548BBAC590110245DF5763367A2DD5A
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Tidak bergerak".. },.. "1213957982723875920": {.. "message": "Antara yang berikut, manakah yang terbaik menggambarkan rangkaian anda?".. },.. "128276876460319075": {.. "message": "Penemuan Peranti".. },.. "1428448869078126731": {.. "message": "Kelancaran Video".. },.. "1522140683318860351": {.. "message": "Sambungan gagal. Sila cuba lagi.".. },.. "1550904064710828958": {.. "message": "Lancar".. },.. "1636686747687494376": {.. "message": "Sempurna".. },.. "1802762746589457177": {.. "message": "Kelantangan".. },.. "1850397500312020388": {.. "message": "Adakah anda dapat melihat Chromecast anda dalam $START_LINK$ apl Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content":

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\nb\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15155
Entropy (8bit):	5.2408655429422515
Encrypted:	false
SSDEEP:	192:5Pvl9prfckKJ+3kEUroBsL78Z4XyfhV6c8TEKdl:9vhrkDJ+UEUroE78OCJV6uml
MD5:	ED99169537909291BCC1ED1EA7BB63F0
SHA1:	5F72D51B6DBE8C622EF33D2B2AEBD7E9E20DAFB3
SHA-256:	65B6598225ADA1E14EE9CB76CA863708E8F9EE0724B4EDC8F9508532BD631BAB
SHA-512:	452704BFC109EEBDE7C9D83CFC9EADA7471989CA7D30F5C8754B6C2B026100A87C8D9ED49A09E398CEBA8B837829E2D9C6772EEEAF1AFA506F35BDDF25C20C23
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Fryser".. },.. "1213957982723875920": {.. "message": "Hvilket av f.lgende eksempler beskriver nettverket ditt best?".. },.. "128276876460319075": {.. "message": "Enhetsgjenkjenning".. },.. "1428448869078126731": {.. "message": "Videojevnhet".. },.. "1522140683318860351": {.. "message": "Tilkoblingen mislyktes. Pr.v p. nytt.".. },.. "1550904064710828958": {.. "message": "Jevn".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Volum".. },.. "1850397500312020388": {.. "message": "Ser du Chromecasten din i $START_LINK$Google Home-appen$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "START_SPAN":

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\nl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15327
Entropy (8bit):	5.221212691380602
Encrypted:	false
SSDEEP:	192:0Yiepr1oh/Kd1sko8MrIpL72Izq8pXL2vVRmdKV6c8TEKdl:04r60Xo8MrIpLpRXL0G0V6uml
MD5:	E9236F0B36764D22EEC86B717602241E
SHA1:	DE82B804B18933907095DEF3F2EF164C1BB5F9B6
SHA-256:	300F4F7C45EBE39EAAF40776C28D0A399A710699AAB58E9A8D43A6FD2DD00376
SHA-512:	BB8A81D5D1C3FB3CA05149137852CAC213DEECB0437DA85472D5C03DAEFFE28D73007D7921740E56FE8B79544F529670600D47B86C4F27BF45C090B4D55F23F7
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Loopt vast".. },.. "1213957982723875920": {.. "message": "Welke beschrijving past het beste bij je netwerk?".. },.. "128276876460319075": {.. "message": "Apparaatdetectie".. },.. "1428448869078126731": {.. "message": "Vloeiendheid van de video".. },.. "1522140683318860351": {.. "message": "Kan geen verbinding maken. Probeer het opnieuw.".. },.. "1550904064710828958": {.. "message": "Vloeiend".. },.. "1636686747687494376": {.. "message": "Perfect".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Zie je je Chromecast in de $START_LINK$Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\pl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15418
Entropy (8bit):	5.346020722930065
Encrypted:	false
SSDEEP:	192:PBUprktnFwP5GkzF0r2Q3SdIucDGGmPlTV6c8TEKdl:ur2CDur2kT9aGydV6uml
MD5:	8254020C39A5F6C1716639CC530BB0D6
SHA1:	A97A70427581ADA902CA73C898825F7B4B4FAC8F
SHA-256:	2F4E4FC6AEB4A8E7F0E0DCE220D66E763F4EBF1FA79985834D636C6692FEA3E8
SHA-512:	9A2CD0F061A943CE04789FF259ECE5B3CCA11EBB6C1DF16C703F70394A5F89415E8EFB79CFB4646FC07FD261170A74602644FFF02ABD38548895CDF7DAB68EB6
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Zatrzymuje si.".. },.. "1213957982723875920": {.. "message": "Kt.ra z tych opcji najlepiej opisuje Twoj. sie.?".. },.. "128276876460319075": {.. "message": "Wykrywanie urz.dze.".. },.. "1428448869078126731": {.. "message": "P.ynno.. obrazu".. },.. "1522140683318860351": {.. "message": "Nie uda.o si. nawi.za. po..czenia. Spr.buj ponownie.".. },.. "1550904064710828958": {.. "message": "P.ynna".. },.. "1636686747687494376": {.. "message": "Idealna".. },.. "1802762746589457177": {.. "message": "G.o.no..".. },.. "1850397500312020388": {.. "message": "Czy Chromecasta wida. w.$START_LINK$aplikacji Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\pt\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15475
Entropy (8bit):	5.239856689212255
Encrypted:	false
SSDEEP:	192:L9PpriI0RYHf8kfrvvI/99T+BEsV6c8TEKdl:LrkYPfrgsV6uml
MD5:	FABD5D64267F0E6D7BE6983AB8704F8C
SHA1:	D4DAAD0FF5C461C51E6C1FD22B86AFC5B13E123F
SHA-256:	D82DCA262FF005668B252B478DEDAAC4A5C1E417AF9DE57C22F169A6680183AE
SHA-512:	AD8B2129DCB4F232AEDD7A2B90AF2EFA43497F9118C27AB843D279F7B0EDF70AF95251B46C8098AA831FEC0B2AF6AB0308D3DCFD9AE87BEA8AD9E0D1032E0F8B
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Congela".. },.. "1213957982723875920": {.. "message": "Qual das seguintes alternativas melhor descreve sua rede?".. },.. "128276876460319075": {.. "message": "Detec..o de dispositivos".. },.. "1428448869078126731": {.. "message": "Suavidade da reprodu..o do v.deo".. },.. "1522140683318860351": {.. "message": "Falha na conex.o. Tente novamente.".. },.. "1550904064710828958": {.. "message": "Suave".. },.. "1636686747687494376": {.. "message": "Perfeita".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": ". poss.vel encontrar seu Chromecast no $START_LINK$app Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\ro\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15655
Entropy (8bit):	5.288239072087021
Encrypted:	false
SSDEEP:	192:rpzpr34BALdvonekYFJr2RlYh7YU95cep3AnjYCV6c8TEKdl:HrIqLdv0VYFJrT95c8VCV6uml
MD5:	75E16A8FB75A9A168CFF86388F190C99
SHA1:	C27CE4C1DB3DF2D232925C73DC9AC1FA24DAD396
SHA-256:	9C4716FF42A730F1E7725F0D9E703F311E79FDA31F85B4BB0B8863FC3C27AB9D
SHA-512:	9E0BF56560B1D73F9706FF6AA2D5628CBE58EFCE197899A7EE686B2395D0FA2F9927538DD9B7B152CE2DED4708A210DA3DD6F5350E62AF853E809782997B1922
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Redare cu bloc.ri".. },.. "1213957982723875920": {.. "message": "Care dintre urm.toarele descrie cel mai bine re.eaua ta?".. },.. "128276876460319075": {.. "message": "Descoperirea dispozitivelor".. },.. "1428448869078126731": {.. "message": "Calitatea red.rii videoclipului".. },.. "1522140683318860351": {.. "message": "Conexiunea nu s-a stabilit. .ncerca.i din nou.".. },.. "1550904064710828958": {.. "message": "Redare lin.".. },.. "1636686747687494376": {.. "message": "Redare perfect.".. },.. "1802762746589457177": {.. "message": "Volum".. },.. "1850397500312020388": {.. "message": "Chromecastul dvs. apare .n $START_LINK$ aplica.ia Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\ru\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17686
Entropy (8bit):	5.471928545648783
Encrypted:	false
SSDEEP:	192:Pu6PQpr19XtZkmVpFQkeVBSr/7Nq5k8TyIeBcrvV6c8TEKdl:ir7Q+LASrWk8CirvV6uml
MD5:	8EF94823972EA8D2FC9BB7EC09AB1846
SHA1:	4171DC9CE9D82FDA5A280517A1FE58C907D75CE3
SHA-256:	1009DB9FFA64E411B31E0780EBA43B9C9F8B05B5AC8CCA9A38514650261ABB0A
SHA-512:	83CEC6CF43F4A5A998B987DA6B6F236B36078C560F1CD79366AEBF2950ECD881F0B3ECC1C0769D911381B4A1D5901121E3620CA1AC2401BDE12642BE64EFD67A
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": ".........".. },.. "1213957982723875920": {.. "message": "..... .. ......... .... ........ ............. ..... ....?".. },.. "128276876460319075": {.. "message": "........ . ............ .........".. },.. "1428448869078126731": {.. "message": "............... .....".. },.. "1522140683318860351": {.. "message": ".. ....... .......... ........... ......... ........".. },.. "1550904064710828958": {.. "message": "....... ...............".. },.. "1636686747687494376": {.. "message": "........".. },.. "1802762746589457177": {.. "message": ".........".. },.. "1850397500312020388": {.. "message": ".. ...... .... .......... Chromecast . $START_LINK$........

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\sk\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15740
Entropy (8bit):	5.409596551150113
Encrypted:	false
SSDEEP:	192:PIwprzrAXVZdrkF9PMZq6rTxnfKVSk7bVV6c8TEKdl:jrojd4F94q6rRsdVV6uml
MD5:	C314FAC15AFF6A2EE9C732C64AB5A66D
SHA1:	D51F3362B5FDD2F3756DE42D7D6227DC818C6344
SHA-256:	8EE2A25A09D6D0F89063FAA34BA2BC4DB505DD31FE6D5064C5D6E1E153721484
SHA-512:	C0387992BFD6D5EA7781A6A8112DDAF9759A3FCE0B0D954F024B4368EBAE132EB5FB6D59DE69F7C015E049339F6A170F1B41236E222D09FF41020F912E9DCD3C
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Zam.za".. },.. "1213957982723875920": {.. "message": "Ktor. z nasleduj.cich skuto.nost. najlep.ie popisuj. va.u sie.?".. },.. "128276876460319075": {.. "message": "Vyh.ad.vanie zariaden.".. },.. "1428448869078126731": {.. "message": "Plynulos. videa".. },.. "1522140683318860351": {.. "message": "Pripojenie zlyhalo. Sk.ste to znova.".. },.. "1550904064710828958": {.. "message": "Plynul.".. },.. "1636686747687494376": {.. "message": "V.born.".. },.. "1802762746589457177": {.. "message": "Hlasitos.".. },.. "1850397500312020388": {.. "message": "Vid.te svoj Chromecast v.$START_LINK$aplik.cii Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\sl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15628
Entropy (8bit):	5.292871661441512
Encrypted:	false
SSDEEP:	192:Ppp0prwFOhNkcUw4kjkNOD7r31RdeYqakV6c8TEKdl:0rXjYwy4Xr34AkV6uml
MD5:	F60AB4E9A79FD6F32909AFAC226446B3
SHA1:	07C9E383D4488BEBE316CA86966FC728F55A2E32
SHA-256:	CDE581E6E7CF0136B003B45549E3BBEE7B67B74ADD786A8D5607BFDAD1DE7B87
SHA-512:	F6A7673A8EFDB7FF74D7B83DD4BCB3683031DB7FBFE6654F6311CBA53EC42F3E45CE2B42A6E385F868271BBDD348272ACF9CE304E2DB52A10B36D24C7B03114F
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Zamrzne".. },.. "1213957982723875920": {.. "message": "Kaj od tega najbolje opi.e va.e omre.je?".. },.. "128276876460319075": {.. "message": "Odkrivanje naprav".. },.. "1428448869078126731": {.. "message": "Teko.e predvajanje videoposnetka".. },.. "1522140683318860351": {.. "message": "Vzpostavitev povezave ni uspela. Poskusite znova.".. },.. "1550904064710828958": {.. "message": "Teko.e".. },.. "1636686747687494376": {.. "message": "Odli.no".. },.. "1802762746589457177": {.. "message": "Glasnost".. },.. "1850397500312020388": {.. "message": "Ali je Chromecast viden v $START_LINK$aplikaciji Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\sr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17769
Entropy (8bit):	5.433657867664831
Encrypted:	false
SSDEEP:	192:AtUpr9riVEviVutkeV74ErILfWloyWR5Roxj2V6c8TEKdl:AGr1pvtuWDrS9Sj2V6uml
MD5:	4E233461D805CA7E54B0B394FFF42CAB
SHA1:	77F30833FC73A4C02C652C9E5A6EAFE9C3988A30
SHA-256:	E1E1C64213EBF2CFEB7BA83E51B697CEA449B3A8B279B1024B859228DE869879
SHA-512:	7288B11E9F46CF8138E0F8305E5E43CCCCCAD75F2D37EB2515C6BD54064FDC511A5872F0A940FA44A0B1B2355D2E0AED12A0D53267AC501B4E5CB6DDE43B000D
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "......... ..".. },.. "1213957982723875920": {.. "message": ".... .. ........ ...... ....... ....... .....?".. },.. "128276876460319075": {.. "message": "......... .......".. },.. "1428448869078126731": {.. "message": "........ ............ ..... ......".. },.. "1522140683318860351": {.. "message": ".......... .... ....... ........ .......".. },.. "1550904064710828958": {.. "message": "... .......".. },.. "1636686747687494376": {.. "message": ".......".. },.. "1802762746589457177": {.. "message": "...... .....".. },.. "1850397500312020388": {.. "message": "...... .. .. ...... Chromecast . $START_LINK$.......... Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\sv\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15135
Entropy (8bit):	5.258962752997426
Encrypted:	false
SSDEEP:	192:LY5pr2y3Lm3kONgMr6nxJNuyF5JTpg2NOV6c8TEKdl:Yr5DMrAfpOV6uml
MD5:	897DAE6B0CF0FDE42648F0B47CB26E06
SHA1:	E1F5F5F65AF34FF9484AB2B01E571EAF19BA23D0
SHA-256:	52656C24F6F6D0F3B3FC01E9504C4D5CEB85624F1B22E974CA675DD0E94EB82D
SHA-512:	399DEACFE61F4AF9B24AAA0357D30149CC49DA7825295933D3AE006714B5DE7AC5FCB9EC5340B0E3AB4ABF25641032BBBB5B7D578CD204F4EDEAFE6E08C55663
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Fastnar tillf.lligt".. },.. "1213957982723875920": {.. "message": "Vilket av f.ljande beskriver ditt n.tverk b.st?".. },.. "128276876460319075": {.. "message": "Enhetsidentifiering".. },.. "1428448869078126731": {.. "message": "J.mn videouppspelning".. },.. "1522140683318860351": {.. "message": "Det gick inte att ansluta. F.rs.k igen.".. },.. "1550904064710828958": {.. "message": "Flyter p.".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Volym".. },.. "1850397500312020388": {.. "message": "Visas din Chromecast i $START_LINK$ Google Home-appen$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\sw\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15156
Entropy (8bit):	5.216902945207334
Encrypted:	false
SSDEEP:	192:6GprWbq4takN4kbvrwJAV5HeY9NVUpnV6c8TEKdl:nrol7rRkpnV6uml
MD5:	EC233129047C1202D87DC140F7BA266D
SHA1:	537E4C887428081365D028F32C53E3C92F29AAA6
SHA-256:	28EDBC5C4858217811D45CAA215710E452C8926E4DE99F810001AD664D08BE0D
SHA-512:	2E3F9BA1EA9EEF921E76B46B5EF2404B3B77B61F18CF67CC78C23C62202227F678A3DBE9C730E42A310800914DC53F25E8B2FBF461839DE33D3501B0BCB4EC8D
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Inasita kucheza".. },.. "1213957982723875920": {.. "message": "Ni gani kati ya zifuatazo inaelezea mtandao wako vizuri?".. },.. "128276876460319075": {.. "message": "Kupata Kifaa".. },.. "1428448869078126731": {.. "message": "Ulaini wa Kutiririsha Video".. },.. "1522140683318860351": {.. "message": "Imeshindwa kuunganisha. Tafadhali jaribu tena.".. },.. "1550904064710828958": {.. "message": "Laini".. },.. "1636686747687494376": {.. "message": "Bora".. },.. "1802762746589457177": {.. "message": "Sauti".. },.. "1850397500312020388": {.. "message": "Je, unaweza kuona Chromecast yako katika $START_LINK$ programu ya Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\ta\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	20531
Entropy (8bit):	5.2537196877590056
Encrypted:	false
SSDEEP:	192:I0N4prlczmbWIO0KISBZdMx4kLQ7rgEsZatRoFkJL+KJtjV6c8TEKdl:0r/TUrRVjV6uml
MD5:	C50C5D2EDFC79DBDCBD5A58A027A3231
SHA1:	14314D760A18C39F06CD072CF5843832AFB86689
SHA-256:	EEB0E89D5AD92B80FF08F88533A111DB3416D7C3860C64227D1CC8B7C2B58298
SHA-512:	A241084C44260C239CB8E6736AB7F7D1988142DDA6CAAD9F907FB42970BE56EC8DA6956BFBE97F926C6EFA32B750F1F57815980494BC31D27DF609C04421AD42
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "....... .........".. },.. "1213957982723875920": {.. "message": "................ ... ...... .............. ...... ........ ...........?".. },.. "128276876460319075": {.. "message": "...... .............".. },.. "1428448869078126731": {.. "message": ".......... ..... .....".. },.. "1522140683318860351": {.. "message": "...... ............ ........ .........".. },.. "1550904064710828958": {.. "message": "..... ......".. },.. "1636686747687494376": {.. "message": "........".. },.. "1802762746589457177": {.. "message": "......."

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\te\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	20495
Entropy (8bit):	5.301590673598541
Encrypted:	false
SSDEEP:	384:hcFQcIrxhljbwSb4V6Icdbf1crfrCk0ODzB+relGZqsItV6uml:KcNbw4b2reSob26uml
MD5:	F740F25488BE253FCF5355D5A7022CEE
SHA1:	203A8DF19BA5A602A43DE18E99A6615D950C450E
SHA-256:	5B9C96CB5D62510836B321EB9CEEF23865BB9D4DC4DE7716E90A858E00701FDF
SHA-512:	3FB6E32D26EEAADB94D594A5B61930B003B4DA09C282A2ABF063A4502AA725FB88E4801F8A2443CD46137BEDAE5DFD2359DCA3506EE416713D08DF6430065725
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "........".. },.. "1213957982723875920": {.. "message": "..... .......... ... .. ........... ....... ........ ............?".. },.. "128276876460319075": {.. "message": "..... ..... ....".. },.. "1428448869078126731": {.. "message": "...... ...... ......".. },.. "1522140683318860351": {.. "message": "........ .......... ...... ..... ..............".. },.. "1550904064710828958": {.. "message": ".......".. },.. "1636686747687494376": {.. "message": "......... ....".. },.. "1802762746589457177": {.. "message": "........".. },.. "185039750031202038

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\th\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	18849
Entropy (8bit):	5.3815746250038305
Encrypted:	false
SSDEEP:	384:GhjwMfr4c/ey18Ym7ZepIfa1hea0KEr2ucpYxcixh8V6uml:GhjwMfccGy18Ym7ZiIfa1hea0KEKucp2
MD5:	9F926FCB8BAEA23453B99EA162CCDEA1
SHA1:	04D1E45591C0435A39DCA00A81E83E68585E8B64
SHA-256:	100463C587F549C964A4EB21EA38EA1B4ADEF11E927FAC8FF884623B77202C02
SHA-512:	F226278DDF2D1995961690895361AB7B5D221C5E36D7767BBA71F36716C27B28210F85DC7DB4D2FC61B048FE2D058EE76EFBF2AD2A9714375149C4D09E18BE2B
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "....".. },.. "1213957982723875920": {.. "message": ".............................................".. },.. "128276876460319075": {.. "message": "...............".. },.. "1428448869078126731": {.. "message": "....................".. },.. "1522140683318860351": {.. "message": "................... ...............".. },.. "1550904064710828958": {.. "message": ".......".. },.. "1636686747687494376": {.. "message": "..........".. },.. "1802762746589457177": {.. "message": "..........".. },.. "1850397500312020388": {.. "message": ".......... Chromecast ..... $

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\tr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15542
Entropy (8bit):	5.336342457334077
Encrypted:	false
SSDEEP:	192:OGNSbprOWklwIc3uk+zwr5a+qF6LtP2nFjYqcV6c8TEKdl:wrfNV9r5avYqcV6uml
MD5:	B0420F071E7C6C2DE11715A0BF026C63
SHA1:	F41CC696786B18805DB8DC9E1E476146C0D6BE90
SHA-256:	309F946F753DF6AF5C255D772EA0D429462152F78ABA4A96A2E369707A2C6B67
SHA-512:	67B42FC962AB70FFF86777E5057047EF4CFFDA4BED040F9D45BB5DB0275C3B5F21B17924AE5C51C71E8B078AB88AE3001C70CDB4E1994D4C8A20DEFC3A1D34FA
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "Donuyor".. },.. "1213957982723875920": {.. "message": "A..n.z. a.a..dakilerden hangisi en iyi .ekilde tan.mlar?".. },.. "128276876460319075": {.. "message": "Cihaz Bulma".. },.. "1428448869078126731": {.. "message": "Videonun D.zg.n Oynat.lmas.".. },.. "1522140683318860351": {.. "message": "Ba.lant. ba.ar.s.z oldu. L.tfen tekrar deneyin.".. },.. "1550904064710828958": {.. "message": "D.zg.n".. },.. "1636686747687494376": {.. "message": "M.kemmel".. },.. "1802762746589457177": {.. "message": "Ses d.zeyi".. },.. "1850397500312020388": {.. "message": "Chromecast'inizi $START_LINK$Google Home uygulamas.nda$END_LINK$ g.rebiliyor musunuz? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\uk\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17539
Entropy (8bit):	5.492873573147444
Encrypted:	false
SSDEEP:	384:vDBprzaoaqEv390hrTr6hlRU62cdV6uml:/BaFNe76GYX6uml
MD5:	FF06E78C06E8DFF4A422EA24F0AB3760
SHA1:	A434D1CE22DE0D2FD1842E94F5815F7B1972D1EE
SHA-256:	E209FDEF12CCEC03B4E0D5B9464F90D527E62C5BC4DD565C680661D7F282AB02
SHA-512:	8EADCC918F51A946A68AAF4D9DD7F3894BE470FD0A0550E4160D609F30C78BD55508B3DF4D62A28C0813D83C5C10F9A7BFE656A4CF519E4CC814FFB07F1E9F3B
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": ".......".. },.. "1213957982723875920": {.. "message": ".. . ............ ..... ........ ...... .... ......?".. },.. "128276876460319075": {.. "message": "......... ........".. },.. "1428448869078126731": {.. "message": "......... ........... .....".. },.. "1522140683318860351": {.. "message": ".. ....... ............. ......... ........".. },.. "1550904064710828958": {.. "message": "...... ...........".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": "........".. },.. "1850397500312020388": {.. "message": ".. ...... .. .... ........ Chromecast . $START_LINK$....... Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeho

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\vi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	16001
Entropy (8bit):	5.46630477806648
Encrypted:	false
SSDEEP:	192:8xyKyprnBTF0cEW5xk0rdBrQBiaiNiw+3KrV6c8TEKdl:8ULrB5yW5C0rHrOiZ5gKrV6uml
MD5:	C3A40E8433D96D7E766C011D9EC7502B
SHA1:	EAB7BFAE48B1D29B95A8AE040DE94D3500824EE3
SHA-256:	BD3D0F8CF100C96415B224011F550082D4516593CBD3631347748B7D6AD5B85A
SHA-512:	ADAD26422DCA2728BB77760C508C37888013EA4E3B980D9133FE12737B02589ACD302B4096B2BF1B772A28A2103B2E1F7210F4900468B4590B84C7BBC950F1C1
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "D.ng h.nh".. },.. "1213957982723875920": {.. "message": "Tr..ng h.p n.o sau ..y m. t. ..ng nh.t m.ng c.a b.n?".. },.. "128276876460319075": {.. "message": "Kh.m ph. thi.t b.".. },.. "1428448869078126731": {.. "message": ".. m..t c.a video".. },.. "1522140683318860351": {.. "message": "K.t n.i kh.ng th.nh c.ng. Vui l.ng th. l.i.".. },.. "1550904064710828958": {.. "message": "M..t m.".. },.. "1636686747687494376": {.. "message": "Ho.n h.o".. },.. "1802762746589457177": {.. "message": ".m l..ng".. },.. "1850397500312020388": {.. "message": "B.n c. th. nh.n th.y Chromecast c.a m.nh trong $START_LINK$.ng d.ng Google Home$END_LINK$ kh.ng? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "conte

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\zh\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	14773
Entropy (8bit):	5.670562029027517
Encrypted:	false
SSDEEP:	192:hppr6VVD8/LkiQKrTV2U00jT25kNV6c8TEKdl:hr88/YOrTjF2GV6uml
MD5:	D4513639FFC58664556B4607BF8A3F19
SHA1:	65629BC4CBBACA498F4082DD5884C8D3D7DDDC8A
SHA-256:	C6D49997A9B4FF7FE701EC3644B1A523679A27778FB4BD39B7DBCA9F1ACCE595
SHA-512:	16260FAC30D57EBFD577833F45D52FEA446ABE877D0D4015EF47C5C9072B81DDA71ED4E5E7DAFDEBE82B26556A4477EA4BFCDEC227058E381B9812DAB1F4379B
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "..".. },.. "1213957982723875920": {.. "message": "..................".. },.. "128276876460319075": {.. "message": "....".. },.. "1428448869078126731": {.. "message": ".....".. },.. "1522140683318860351": {.. "message": ".........".. },.. "1550904064710828958": {.. "message": "..".. },.. "1636686747687494376": {.. "message": "..".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": "... $START_LINK$Google Home ..$END_LINK$...... Chromecast ..$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "START_SPAN": {.

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\_locales\zh_TW\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	14981
Entropy (8bit):	5.7019494203747865
Encrypted:	false
SSDEEP:	192:d2XprmNaHYkOkAFzrlR/jTcGIEaXV6c8TEKdl:WrT4uozrl/sXV6uml
MD5:	494CE2ACB21A426E051C146E600E7564
SHA1:	D045ECC2A69C963D5D34A148FE4A7939DE6A1322
SHA-256:	A1053F9496ED7FA3C625C94347F07A5E760F514FD8EE142EC9EE64E86B9C063D
SHA-512:	DE2C8498B55749B4D35CF2627E55271F7F09E4560FA16D7094EFB4085CF1E5FAE36F067AAC01AE120548C00DC8AA530EE96079B5CC3E322DF9FF8592799AEB3F
Malicious:	false
Preview:	{.. "1018984561488520517": {.. "message": "....".. },.. "1213957982723875920": {.. "message": "................".. },.. "128276876460319075": {.. "message": "....".. },.. "1428448869078126731": {.. "message": ".....".. },.. "1522140683318860351": {.. "message": "...........".. },.. "1550904064710828958": {.. "message": "..".. },.. "1636686747687494376": {.. "message": "..".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": ".... $START_LINK$Google Home ....$END_LINK$...... Chromecast ..$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1755141670\CRX_INSTALL\manifest.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	2284
Entropy (8bit):	5.29272048694412
Encrypted:	false
SSDEEP:	48:QWaLGou01ghZ7CsbCypwQdmv7pee3hZq/1C/ao1XJN8U3:DaLrgCWrdmTplZNx
MD5:	F76238944C3D189174DD74989CF1C0C6
SHA1:	85CE141EC8867B699668A5F5A48F404C84FCEB04
SHA-256:	2EF48A1CF322DE356E8844DD2FD3431E8E7ACD04770649B6507EACA5ABDB53A7
SHA-512:	330EC2ADC42A8AE653051694954795664EEECDB1A0E0F7A6BC03349C4FD1568BCC81FF2C4A6D826B07BEA7BED26CC27157A1BFAE4B6FC34B3E121DCE0A5CB26D
Malicious:	false
Preview:	{.. "background": {.. "persistent": false,.. "scripts": [ "common.js", "mirroring_common.js", "background_script.js" ].. },.. "content_security_policy": "default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src 'self' https://apis.google.com https://feedback.googleusercontent.com https://www.google.com https://www.gstatic.com; child-src https://accounts.google.com https://content.googleapis.com https://www.google.com; connect-src 'self' http://: https://:; font-src https://fonts.gstatic.com; object-src 'self';",.. "default_locale": "en",.. "description": "Provider for discovery and services for mirroring of Chrome Media Router",.. "externally_connectable": {.. "ids": [ "idmofbkcelhplfjnmmdolenpigiiiecc", "ggedfkijiiammpnbdadhllnehapomdge", "njjegkblellcjnakomndbaloifhcoccg" ].. },.. "key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNTWJoPZ9bT32yKxuuVa9LSEYobjPoXCLX3dgsZ9djDrWKNikTECjdRe3/AFXb+v8jkmmtYQPnOgSYn06J/QodDl

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\bg\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	796
Entropy (8bit):	4.864931792423268
Encrypted:	false
SSDEEP:	12:1HEJMLkSlwZGGMLkSlwZ+WYpU34f145Gb+dgoxTyO8ZpU34f1L0frhmJ03OyZnLt:1HE7n4gn8WYpYrbhz8ZpotHOGAOf6aD
MD5:	6F8E288A9AD5B1ED8633B430E2B4D4CA
SHA1:	F671D3D4BEFA431D1946D706F4192D44E29B6F08
SHA-256:	A114E2783D0E9B12155017323BA70838F0F82A71C7EE8DC1F115AE36991241F8
SHA-512:	0F87F3F0D115B872288949E59ACD3CD41B1FBC64A622D8FDA6D71FAFC5A900D92ADFBB0E7EB926F2A8759BBAA0896D48728FB719BBF5EF54AC21027328F7700C
Malicious:	false
Preview:	{.. "app_description": {.. "message": "........ . ... ........ .. Chrome".. },.. "app_name": {.. "message": "........ . ... ........ .. Chrome".. },.. "craw_app_unavailable": {.. "message": "........... .... ...... .. .............".. },.. "craw_connect_to_network": {.. "message": "...., ........ .. . ......".. },.. "iap_unavailable": {.. "message": "........... .... ...... .. .......... ....... .. .........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "...., ...... . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\ca\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	675
Entropy (8bit):	4.536753193530313
Encrypted:	false
SSDEEP:	12:1HEJ0gbbGG0gbb+WYpU34g3YbiLO+dgyGFoO8ZpU34+puiPmb03OyZnLAOfTYABk:1HE5baib6WYpm31Lt0Z8Zp8pxOGAOfKD
MD5:	1FDAFC926391BD580B655FBAF46ED260
SHA1:	C95743C3F43B2B099FEBEBC5BD850F0C20E820AC
SHA-256:	C67898B67F9C9209EAFDA6532B62D5789863CFB855998DD6A70E7775316CEC20
SHA-512:	39D95D45C5746DA3BAA7AE6A3344EA17D7A7C3569C2A56959FF119261DA08C747A320FCF701AC72B8DBDBF8BF06FD8B239017A282CDDA444F3826D4EC672CBB4
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Sistema de pagaments de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagaments de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Ara mateix aquesta aplicaci. no est. disponible.".. },.. "craw_connect_to_network": {.. "message": "Connecteu-vos a una xarxa.".. },.. "iap_unavailable": {.. "message": "La funci. Pagaments a l'aplicaci. no est. disponible actualment.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Inicieu la sessi. a Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\cs\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	641
Entropy (8bit):	4.698608127109193
Encrypted:	false
SSDEEP:	12:1HEJfZGGfZ+WYpU34OBh+dgN/O8ZpU34j05U03OyZnLAOfTYWc:1HEl4G8WYpdt8Zpq5TOGAOfW
MD5:	76DEC64ED1556180B452A13C83171883
SHA1:	CFB1E56FD587BCDC459C1D9A683B71F9849058F9
SHA-256:	32290D69A90E6BAAC428B10382C99221B12773BB9A184F3B93DFB48A4F6D7A40
SHA-512:	5230A217968D5DC463E2E92D704544311A721E5CEF65C3125CBD8DEB9C0293D3BFB5C820A6011ABF77095FDEE7DAF67D541DC202B0C9CDB0908CBB85D84885CB
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "app_name": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplikace v sou.asn. dob. nen. dostupn..".. },.. "craw_connect_to_network": {.. "message": "P.ipojte se pros.m k s.ti.".. },.. "iap_unavailable": {.. "message": "Platby v aplikaci aktu.ln. nejsou k dispozici.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "P.ihlaste se do Chromu.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\da\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	624
Entropy (8bit):	4.5289746475384565
Encrypted:	false
SSDEEP:	12:1HEJJMKKFZGGJMKKFZ+WYpU34OHu+dgxlCZO8ZpU34J4Wu03OyZnLAOfTYzD:1HErMKfqMKVWYpM6lL8ZpDNOGAOfiD
MD5:	238B97A36E411E42FF37CEFAF2927ED1
SHA1:	4E47AC90BA24C8F4724D9293FA40CFD4ADA66FE0
SHA-256:	4977D4A053542FF66967FAED6B06585DD70E68E20BFEB533B66FE3287F9655D9
SHA-512:	FD0742D47B5F5AB9AAD9B4C3D57F63CB693E060EECE123A72036C6E92156D099495C7E9E9CC6DC83EEBCDDCC4B4C81FB47E4C9559DA3EBA024780FFF10C53E0A
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Betalinger i Chrome Webshop".. },.. "app_name": {.. "message": "Betalinger i Chrome Webshop".. },.. "craw_app_unavailable": {.. "message": "Appen er ikke tilg.ngelig i .jeblikket.".. },.. "craw_connect_to_network": {.. "message": "Opret forbindelse til et netv.rk.".. },.. "iap_unavailable": {.. "message": "Betaling i appen er ikke tilg.ngelig i .jeblikket.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Log ind p. Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\de\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	651
Entropy (8bit):	4.583694000020627
Encrypted:	false
SSDEEP:	12:1HEJQ1ZGGQ1Z+WYpU34pCEMT+dgJMlCTO8ZpU34p6FK603OyZnLAOfTYJ6K:1HEzWWYp3Bewv8Zp7k4OGAOfQj
MD5:	6B3E916E8C1991AA0453CBA00FEDCAAA
SHA1:	D6366D15912E40CA107FD42BFE9579C3336A51F9
SHA-256:	A62FFAB910E31531758EEE48B2CC71A8857BEC3021DEAD50B668CBA3C8667053
SHA-512:	87EA4311B61F29543B13F3E17DFA919D0C320B4FE370CC152E0B1514BCA79B0ABB526DDCF08621D6EBFA48923EE8FB4C667EFB120A72BD9583EEBEE7BFB80552
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome Web Store-Zahlungen".. },.. "app_name": {.. "message": "Chrome Web Store-Zahlungen".. },.. "craw_app_unavailable": {.. "message": "Die App ist momentan nicht verf.gbar.".. },.. "craw_connect_to_network": {.. "message": "Bitte stellen Sie eine Verbindung zu einem Netzwerk her.".. },.. "iap_unavailable": {.. "message": "In-App-Zahlungen sind momentan nicht m.glich.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Bitte melden Sie sich in Chrome an.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\el\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	787
Entropy (8bit):	4.973349962793468
Encrypted:	false
SSDEEP:	24:1HEw+aZ+6WYpbWZe80A08ZpCGyDVWlOGAOf+XD:WguYpCZnpEZbGoD
MD5:	05C437A322C1148B5F78B2F341339147
SHA1:	AB53003A678E44A170E73711FBD9949833BBF3AA
SHA-256:	A052C32B4FCAC61152EB0ADB2C260FB6A8256AD104AA0013DB93E9798D41A070
SHA-512:	C36CB9202A34356DD06D377E2A088F428D0B8EBE7D2E54F8380485E9D94A0598D7F651C1E7A2FD55BE481D49C02B0812F2BA335E08611EC85EE0BD60784A6B40
Malicious:	false
Preview:	{.. "app_description": {.. "message": "........ ... Chrome Web Store".. },.. "app_name": {.. "message": "........ ... Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": ". ........ .... .. ..... ... ..... ..........".. },.. "craw_connect_to_network": {.. "message": ".......... .. ... .......".. },.. "iap_unavailable": {.. "message": ".. ........ ..... ......... ... ..... ..... .. ...... ...........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": ".......... ... Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\en\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	593
Entropy (8bit):	4.483686991119526
Encrypted:	false
SSDEEP:	12:1HEJ6GG6+WYpU34OuFpR+dgGfFZO8ZpU34aEGFpR03OyZnLAOfTYdD:1HEVSWYpVp0JS8Zp5KpaOGAOfuD
MD5:	91F5BC87FD478A007EC68C4E8ADF11AC
SHA1:	D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6
SHA-256:	92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
SHA-512:	FDC2A29B04E67DDBBD8FB6E8D2443E46BADCB2B2FB3A850BBD6198CDCCC32EE0BD8A9769D929FEEFE84D1015145E6664AB5FEA114DF5A864CF963BF98A65FFD9
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome Web Store Payments".. },.. "app_name": {.. "message": "Chrome Web Store Payments".. },.. "craw_app_unavailable": {.. "message": "App currently unavailable.".. },.. "craw_connect_to_network": {.. "message": "Please connect to a network.".. },.. "iap_unavailable": {.. "message": "In-App Payments is currently unavailable.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Please sign into Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\en_GB\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	593
Entropy (8bit):	4.483686991119526
Encrypted:	false
SSDEEP:	12:1HEJ6GG6+WYpU34OuFpR+dgGfFZO8ZpU34aEGFpR03OyZnLAOfTYdD:1HEVSWYpVp0JS8Zp5KpaOGAOfuD
MD5:	91F5BC87FD478A007EC68C4E8ADF11AC
SHA1:	D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6
SHA-256:	92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
SHA-512:	FDC2A29B04E67DDBBD8FB6E8D2443E46BADCB2B2FB3A850BBD6198CDCCC32EE0BD8A9769D929FEEFE84D1015145E6664AB5FEA114DF5A864CF963BF98A65FFD9
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome Web Store Payments".. },.. "app_name": {.. "message": "Chrome Web Store Payments".. },.. "craw_app_unavailable": {.. "message": "App currently unavailable.".. },.. "craw_connect_to_network": {.. "message": "Please connect to a network.".. },.. "iap_unavailable": {.. "message": "In-App Payments is currently unavailable.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Please sign into Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\es\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	661
Entropy (8bit):	4.450938335136508
Encrypted:	false
SSDEEP:	12:1HEJHlbGGHlb+WYpU34ubdDH+dgxbFxTO8ZpU34lPbdlVo03OyZnLAOfTY6xjD:1HEvaC6WYpcDeEFxq8ZpNl5OGAOffD
MD5:	82719BD3999AD66193A9B0BB525F97CD
SHA1:	41194D511F1ACC16C1CA828AC81C18C8C6B47287
SHA-256:	4DB9B2721E625C18B9E05C04B31AF5D9694712F1CAAF6219ABE34BB08E5DB1C7
SHA-512:	D4C49B43427799B6292CEED11CACB1D76F7CE43EBF402B43B638A6EB2B414ED0981E386CB8CDF0B51D1BD9552934FE25B2F6392266BB73D8C9A691F65BCE0128
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Esta aplicaci.n no est. disponible en este momento.".. },.. "craw_connect_to_network": {.. "message": "Con.ctate a una red.".. },.. "iap_unavailable": {.. "message": "Los pagos en la aplicaci.n no est.n disponibles en este momento.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Inicia sesi.n en Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\es_419\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	637
Entropy (8bit):	4.47253983486615
Encrypted:	false
SSDEEP:	12:1HEJHlbGGHlb+WYpU34ubdDH+dgxbFxTO8ZpU34GLO03OyZnLAOfTYiJD:1HEvaC6WYpcDeEFxq8Zp4LlOGAOfvD
MD5:	6B2583D8D1C147E36A69A88009CBEBC7
SHA1:	4D4DEEB4BE6AA0181825F3371A761ABC5B4D5937
SHA-256:	6659BC3705311D7641A73995DCFEA80C7734F2F4EBBC3787B3892A240348324F
SHA-512:	37F0DBFCC1B5A2B8E4C92C49D2D9DEEF25616421350324F57E0149A45A6CCB437F5E3CBE97412C4B5DBBF2593783C7DF71E9C25A851AEAE6E4764C545723FA53
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Esta aplicaci.n no est. disponible en este momento.".. },.. "craw_connect_to_network": {.. "message": "Con.ctate a una red.".. },.. "iap_unavailable": {.. "message": "En este momento, Pagos En-Apps no est. disponible.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Accede a Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\et\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	595
Entropy (8bit):	4.467205425399467
Encrypted:	false
SSDEEP:	12:1HEJfPGGGfPG+WYpU34Ze7z+dgrW9O8ZpU34ZwZz03OyZnLAOfTYgoLIR:1HEdvqlWYpTeObk8ZpT/OGAOfuLIR
MD5:	CFF6CB76EC724B17C1BC920726CB35A7
SHA1:	14ED068251D65A840F00C05409D705259D329FFC
SHA-256:	C85800BF45942FCC7FD6B1DF929C25F9CC2A977A6678966BD03D4B6B69889AFD
SHA-512:	53D7D01BB30C0306DE65A79FD9551D2E8C1F71F4F45F71906B009071CB3E0F231E6A50FDD78773E9B4DE94085BC7B97F829842FA21A89A2080D33458B745C46F
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome'i veebipoe maksed".. },.. "app_name": {.. "message": "Chrome'i veebipoe maksed".. },.. "craw_app_unavailable": {.. "message": "Rakendus pole praegu saadaval.".. },.. "craw_connect_to_network": {.. "message": "Looge .hendus v.rguga.".. },.. "iap_unavailable": {.. "message": "Rakendusesisesed maksed ei ole praegu saadaval.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Logige Chrome'i sisse.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\fi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	647
Entropy (8bit):	4.595421267152647
Encrypted:	false
SSDEEP:	12:1HEJRuzGGRuz+WYpU34ujSBu+dgYO8ZpU34J+Bu03OyZnLAOfTY5HN:1HEFcWYpPNa8ZpD+FOGAOfEHN
MD5:	3A01FEE829445C482D1721FF63153D16
SHA1:	F3EAAADDC03F943FC88B30B67F534AA13E3336DD
SHA-256:	0BDE54B20845124113383B6EB81E43A0F05E4EB0C44BEE3C1DFAC4CC5FEC2836
SHA-512:	3B92B6C86D30FD36AA3CEFF8773BA60C3FC5CC19C693540137044C5838A5503895C770C0336A4D0A3DB5E42F3FB36274D8D3F85B9DCA2F3EC0E974FDDB0BEAD8
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome Web Storen maksut".. },.. "app_name": {.. "message": "Chrome Web Storen maksut".. },.. "craw_app_unavailable": {.. "message": "Sovellus ei ole t.ll. hetkell. k.ytett.viss..".. },.. "craw_connect_to_network": {.. "message": "Muodosta verkkoyhteys.".. },.. "iap_unavailable": {.. "message": "Sovelluksen sis.iset maksut eiv.t ole t.ll. hetkell. k.ytett.viss..".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Kirjaudu sis..n Chromeen.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\fil\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	658
Entropy (8bit):	4.5231229502550745
Encrypted:	false
SSDEEP:	12:1HEJADlbGGADlb+WYpU34hTUT+dgHfZAFFZO8ZpU34hTjzeT03OyZnLAOfTYHfvF:1HEYah6WYp7TUSoxOS8Zp7TOsOGAOfqV
MD5:	57AF5B654270A945BDA8053A83353A06
SHA1:	EEEF7A4F869F97CF471A05D345E74F982D15E167
SHA-256:	EC002ED92359F67818B49455DFC579E140368E6A004080AF022FD4F57F6B03F2
SHA-512:	5F0AE839FCF3F4EA48FF41A76655AE0F3821564AFD5D42FBB9FBB9A38E8D8F7BB5E9B6F71064588CD441261F644095A44A755C134CE546D506D9A21E488BAF52
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Mga Pagbabayad sa Chrome Web Store".. },.. "app_name": {.. "message": "Mga Pagbabayad sa Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Kasalukuyang hindi available ang app.".. },.. "craw_connect_to_network": {.. "message": "Mangyaring kumonekta sa isang network.".. },.. "iap_unavailable": {.. "message": "Kasalukuyang hindi available ang Mga Pagbabayad na In-App.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Mangyaring mag-sign in sa Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\fr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	677
Entropy (8bit):	4.552569602149629
Encrypted:	false
SSDEEP:	12:1HEJALf/nbGGALf/nb+WYpU34Owdgbyb+dgdQjO8ZpU34ITQpGnbyb03OyZnLAO8:1HE4Hna1Hn6WYpNdgpY8ZpSTQwnBOGAh
MD5:	8D11C90F44A6585B57B933AB38D1FFF8
SHA1:	3F9D44EA8807069A32AACA2AAAD02FD892E6CC90
SHA-256:	599491F8C52B945C16C441ADF45BFD45AFAE046DA07757D97C56AF4DE75ED3B5
SHA-512:	D7EF7F5AD7EF1A1595825D79B69E2B1E988AD3CF1F3881496FCCD30F241E4E9C6E457F9F5D0F855DE3536DB7A40C3E1C55946B50D3F556F4A35285066A0CD6F7
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Paiements via le Chrome.Web.Store".. },.. "app_name": {.. "message": "Paiements via le Chrome.Web.Store".. },.. "craw_app_unavailable": {.. "message": "Application indisponible pour le moment.".. },.. "craw_connect_to_network": {.. "message": "Veuillez vous connecter . un r.seau.".. },.. "iap_unavailable": {.. "message": "Les paiements via l'application ne sont pas disponibles pour le moment.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Veuillez vous connecter . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\hi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	835
Entropy (8bit):	4.791154467711985
Encrypted:	false
SSDEEP:	24:1HEs07J0JWYp9vnCSVLP8Zp6CsOGAOf8SLm:Wh7qgYp1CMLUph1GiSLm
MD5:	E376D757C8FD66AC70A7D2D49760B94E
SHA1:	1525C5B1312D409604F097768503298EC440CC4D
SHA-256:	8106D98C4F8DA16DB698444409558E29CC96735E188BFA303C333A5D99231C1D
SHA-512:	673F3F259AF2946E4F49BBED14A2A70D44BF9FDA9D7A71DC9172BA9B7B3C7F7062B16D29682B638D485B0520ED6F99E7A735F28C7C719B539559005B69FA7555
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome ... ..... ......".. },.. "app_name": {.. "message": "Chrome ... ..... ......".. },.. "craw_app_unavailable": {.. "message": "......... .. ... ...... .... ...".. },.. "craw_connect_to_network": {.. "message": "..... ....... .. ...... .....".. },.. "iap_unavailable": {.. "message": "..-.. ...... ... ...... .... ...".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "..... Chrome ... .... .. .....".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\hr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	618
Entropy (8bit):	4.56999230891419
Encrypted:	false
SSDEEP:	12:1HEJGiimxmbZGGGiimxmbZ+WYpU34OBOEuhopIO+dgcapZO8ZpU34GiiZrMrQphK:1HE4H4TH8WYpNjTta28ZpQVLP0SOGAOK
MD5:	8185D0490C86363602A137F9A261CC50
SHA1:	5BD933B874441CEACB9201CCC941FF67BAED6DC0
SHA-256:	A2B2EC359A9DD9DCCCE02859CE1E738BD30FAA4A05F1DC522893FFDF722BBC15
SHA-512:	D7629978FC031EA5F716F9C1065FB2FEAB48C15F10CD68830DC966FA1002C03DDC7ACDE314C7D075F9F3A0A68552A6ACBCCDEE24CF20B6C3DD1BCE6562D0396E
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Pla.anja u web-trgovini Chrome".. },.. "app_name": {.. "message": "Pla.anja u web-trgovini Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplikacija trenuta.no nije dostupna.".. },.. "craw_connect_to_network": {.. "message": "Pove.ite se s mre.om.".. },.. "iap_unavailable": {.. "message": "Pla.anje u aplikaciji trenuta.no nije dostupno.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prijavite se na Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\hu\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	683
Entropy (8bit):	4.675370843321512
Encrypted:	false
SSDEEP:	12:1HEJVJiGGVJi+WYpU34Hpo9O+dgMmfgijO8ZpU34Huo9O03OyZnLAOfTYBIAYm:1HEVrk5WYpQzTUg/8ZpwoXOGAOfYIAd
MD5:	85609CF8623582A8376C206556ED2131
SHA1:	1E16EB70DB5E59BB684866FF3E3925C2DEF25A12
SHA-256:	32A249749F12ADB6A220BF9ADC272C7E5D9AD5497A38B0086D961E3ABA17FBC6
SHA-512:	27883430865D3CFA6EDFE8C6CE1442BD96150B5CE520CCF7D556A330CAA6392C712B47BD86F7350E174876BC681F6DEC94D1312402655B0AF90883A2899EC78B
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome Internetes .ruh.z Fizet.si rendszere".. },.. "app_name": {.. "message": "Chrome Internetes .ruh.z Fizet.si rendszere".. },.. "craw_app_unavailable": {.. "message": "Az alkalmaz.s jelenleg nem .rhet. el.".. },.. "craw_connect_to_network": {.. "message": "K.rj.k, csatlakozzon egy h.l.zathoz.".. },.. "iap_unavailable": {.. "message": "Az alkalmaz.son bel.li fizet.s jelenleg nem .rhet. el.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Jelentkezzen be a Chrome-ba.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\id\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	604
Entropy (8bit):	4.465685261172395
Encrypted:	false
SSDEEP:	12:1HEJs25bGGs25b+WYpU34ORBHAeSJ+dgkmO8ZpU34s22C/SzFAs03OyZnLAOfTYR:1HEBaA6WYpaHFH8ZptOYOGAOf2D
MD5:	EAB2B946D1232AB98137E760954003AA
SHA1:	60BDC2937905B311D2C9844DF2D639D7AC9F7F67
SHA-256:	C6E8800450602DE0F39FE9F6854472383813FB454B08ABAE7E25A9167CE004C3
SHA-512:	970FEC9A9EF0BAF7F693C4C5977F3B47914579C5B5414FCE9DBB5E4574659A5BB9AD2DE0CC886B368F49C019785AF7D2D7FE82F71341F039EADC399ED776CA12
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Pembayaran Chrome Webstore".. },.. "app_name": {.. "message": "Pembayaran Chrome Webstore".. },.. "craw_app_unavailable": {.. "message": "Aplikasi tidak tersedia saat ini.".. },.. "craw_connect_to_network": {.. "message": "Sambungkan ke jaringan.".. },.. "iap_unavailable": {.. "message": "Pembayaran Dalam Aplikasi saat ini tidak tersedia.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Harap masuk ke Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\it\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	603
Entropy (8bit):	4.479418964635223
Encrypted:	false
SSDEEP:	12:1HEJsqd/bGGsqd/b+WYpU34OcX4+dgUvIO8ZpU34vq703OyZnLAOfTYsD:1HEXd/aKd/6WYpZrv58ZpskOGAOfzD
MD5:	A328EEF5E841E0C72D3CD7366899C5C8
SHA1:	2851ED658385804E87911643F5A4200B1FB26E13
SHA-256:	CD891C45F7586FB4A2514205A11F260E4A6D4482FA03D901909DD9F57BE0536D
SHA-512:	E47297896E981774EC3B59D41B89D6BA9333F6B4435EB9727D8645A46B10C7D408ADE06844871FA757382FBE7E645276449DB7B1B23BC59C9A71A5CB5A5ECC57
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Pagamenti Chrome Web Store".. },.. "app_name": {.. "message": "Pagamenti Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "App al momento non disponibile.".. },.. "craw_connect_to_network": {.. "message": "Collegati a una rete.".. },.. "iap_unavailable": {.. "message": "La funzione Pagamenti In-App non . al momento disponibile.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Accedi a Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\ja\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	697
Entropy (8bit):	5.20469020877498
Encrypted:	false
SSDEEP:	12:1HEJ07uGG07u+WYpU34DB+dgnsVztO8ZpU34MwiB03OyZnLAOfTYmSH:1HEcnDNWYp1kxU8Zp2wiqOGAOfpSH
MD5:	9B3A5D473C3F2BBFAEECE94A07A940B8
SHA1:	61BACA342CF766BBA15C7B4D892A0E7DAC9405AA
SHA-256:	706312A4A2AEF3317223F141EB2B82685345B7EED444F16BB4DF3A272716DA1F
SHA-512:	94F6FEE9A11BD890AB8211C98D1CC142348961EBCF756F66477A3E3A76519804B70BE0AE4E551739F8AFE32D7ADE6EDE04EF6B9B9EED03E3A857E6058EEDD4C6
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome ........".. },.. "app_name": {.. "message": "Chrome ........".. },.. "craw_app_unavailable": {.. "message": ".................".. },.. "craw_connect_to_network": {.. "message": "................".. },.. "iap_unavailable": {.. "message": ".......................".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Chrome ............".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\ko\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	631
Entropy (8bit):	5.160315577642469
Encrypted:	false
SSDEEP:	12:1HEJ1GG1+WYpU34K3aT+dgh8d0HTO8ZpU34KaNkaT03OyZnLAOfTY/YeHx:1HEajWYpc3aSl0Hq8Zpc6kasOGAOfyYA
MD5:	9F6B4D82A70C74CA751E2EAE70FAB5CF
SHA1:	0534F125FFCE8222277CF2BE3401C59DAF9217F8
SHA-256:	D1467B8D037114403E8F4EFC52E88C4A7FEB96126BE4CFF883FEFF1084EF7E68
SHA-512:	ED9319830314385D09C06F62EE34186E8CA576C857981205E4468A28B3ACD2AB03384E77B866032C324ABDD97A56EFD08E2D6E0C79D563578B3EC52517819BD8
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome . ... ..".. },.. "app_name": {.. "message": "Chrome . ... ..".. },.. "craw_app_unavailable": {.. "message": ".. .. ... . .....".. },.. "craw_connect_to_network": {.. "message": "..... ......".. },.. "iap_unavailable": {.. "message": ".. .. ... ... . .....".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Chrome. .......".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\lt\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	665
Entropy (8bit):	4.66839186029557
Encrypted:	false
SSDEEP:	12:1HEJpqHnkGGpqHnk+WYpU346M+dgV6O8ZpU34WzSWz03OyZnLAOfTYx:1HELqHtKqHPWYpM3A8ZpwGzOGAOfg
MD5:	4CA644F875606986A9898D04BDAE3EA5
SHA1:	722A10569E93975129D67FBDB75B537D9D622AD1
SHA-256:	7C311AB751D840D750C11553C083785813E079C1D464FE568A98C9E3EF3DB96C
SHA-512:	E575E3D0622F5BD4B6C0EE79128A1B1F1882195670139D1983F4377D847141B8FB8EBB8BCED82AF3A220ED07D3577AFBE085BADC0E9C7678292B80E3EC5D3444
Malicious:	false
Preview:	{.. "app_description": {.. "message": ".Chrome. internetin.s parduotuv.s mok.jimo sistema".. },.. "app_name": {.. "message": ".Chrome. internetin.s parduotuv.s mok.jimo sistema".. },.. "craw_app_unavailable": {.. "message": "Programa .iuo metu negalima.".. },.. "craw_connect_to_network": {.. "message": "Prisijunkite prie tinklo.".. },.. "iap_unavailable": {.. "message": "Mok.jimai programoje .iuo metu negalimi.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prisijunkite prie .Chrome..".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\lv\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	671
Entropy (8bit):	4.631774066483956
Encrypted:	false
SSDEEP:	12:1HEJFhVbGGFhVb+WYpU34wDoz+dgGedBO8ZpU34wF03OyZnLAOfTYGYID:1HENQKkWYp2Doy/em8Zp2WOGAOfRYID
MD5:	C5CE2C51391EAFD3DA9E4C71549A3C28
SHA1:	1F67FF6EF6E90C0CE3AAF56ED543A3EFD381574D
SHA-256:	1FA1DF2CA8516DEF490FB8484E9AA498ACFF80EEF5C9258FFE42D3678E6C7DED
SHA-512:	C85F6281E682F52BC2147DEA7E2F3BB4DC48D98BADA8687B05C6C7271C78EA7F5431CD51671A4184C9AE004FC53C016E3C594697F483195CCBA08A93821EEF70
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome interneta veikala maks.jumu sist.ma".. },.. "app_name": {.. "message": "Chrome interneta veikala maks.jumu sist.ma".. },.. "craw_app_unavailable": {.. "message": "Lietotne pagaid.m nav pieejama.".. },.. "craw_connect_to_network": {.. "message": "L.dzu, izveidojiet savienojumu ar t.klu.".. },.. "iap_unavailable": {.. "message": "Maks.jumi lietotn.s pa.laik nav pieejami.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "L.dzu, pierakstieties p.rl.k. Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\nb\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	624
Entropy (8bit):	4.555032032637389
Encrypted:	false
SSDEEP:	12:1HEJhiOGGhiO+WYpU34OHSN+dgFjdGFZO8ZpU34JgdN03OyZnLAOfTYiD:1HEDiHIitWYpCYJ8ZpD1OGAOfRD
MD5:	93C459A23BC6953FF744C35920CD2AF9
SHA1:	162F884972103A08ADB616A7EB3598431A2924C5
SHA-256:	2CD700AEB57D89C2E73333D0702556EE3FF3863516170F85669BC680FCBDC4E0
SHA-512:	F76E6E8D8499306883C3EC1E774F7E8BB6B601096DA5A14D17D3E7D5732829542041E42B7350466589291ADCC83FB065FD591B4E20CFCF8EDC586E128ECBFCB5
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome Nettmarked-betalinger".. },.. "app_name": {.. "message": "Chrome Nettmarked-betalinger".. },.. "craw_app_unavailable": {.. "message": "Appen er utilgjengelig for .yeblikket.".. },.. "craw_connect_to_network": {.. "message": "Du m. koble til et nettverk.".. },.. "iap_unavailable": {.. "message": "Betaling i app er ikke tilgjengelig for .yeblikket.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Du m. logge p. Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\nl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	615
Entropy (8bit):	4.4715318546237315
Encrypted:	false
SSDEEP:	12:1HEJJQGkbGGJQGkb+WYpU34OQKJT+dgiXUmvFZO8ZpU34g7JT03OyZnLAOfTYMD:1HErxkaqxk6WYptndXI8ZpTOGAOfbD
MD5:	7A8F9D0249C680F64DEC7650A432BD57
SHA1:	53477198AEE389F6580921B4876719B400A23CA1
SHA-256:	92BE7C2DC9CFBE5A65E9CE6488D364C8D7EC19E7B67A31E4D43C1CB2B169671C
SHA-512:	969AB979546A741C0F3EDBEEB21BABA375FA8870D4FB9248CDD4C305736E332E10CAB7B64C5C078E60EC0CD73848101B390BE8F44B89C310058AF4C1CA3C8AA7
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Betalingen via Chrome Web Store".. },.. "app_name": {.. "message": "Betalingen via Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "App momenteel niet beschikbaar.".. },.. "craw_connect_to_network": {.. "message": "Maak verbinding met een netwerk.".. },.. "iap_unavailable": {.. "message": "In-app-betalingen is momenteel niet beschikbaar.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Log in bij Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\pl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	636
Entropy (8bit):	4.646901997539488
Encrypted:	false
SSDEEP:	12:1HEJbiVbGGbiVb+WYpU34OBHlBi9+dgQUg6O8ZpU34bdbfiIu03OyZnLAOfTYR5k:1HE5iVauiV6WYpIAYr8ZpxFiaOGAOfIC
MD5:	0E6194126AFCCD1E3098D276A7400175
SHA1:	E8127B905A640B1C46362FA6E1127BE172F4A40F
SHA-256:	E2699F98C511B18A2AFB82EAE9A4804B646C4FF1077D80E77C17A3943A6373C2
SHA-512:	A71F7C7BFBBF1E37E699601AF2E095C56CBA91F90CB7556477DF31D01B83ADFB1271E1775C9BA299FF6875BBFC2B6AB47488CC88E33DEF2F6F2E0E5AC687B777
Malicious:	false
Preview:	{.. "app_description": {.. "message": "P.atno.ci w sklepie Chrome Web Store".. },.. "app_name": {.. "message": "P.atno.ci w sklepie Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Aplikacja jest obecnie niedost.pna.".. },.. "craw_connect_to_network": {.. "message": "Po..cz si. z sieci..".. },.. "iap_unavailable": {.. "message": "P.atno.ci w ramach aplikacji s. teraz niedost.pne.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Zaloguj si. w Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\pt_BR\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	636
Entropy (8bit):	4.515158874306633
Encrypted:	false
SSDEEP:	12:1HEJsc/bGGsc/b+WYpU34OLw+dgn/KzO8ZpU34FjIBMwGRO03OyZnLAOfTYN+KcY:1HEb/a8/6WYp4mZ8Zp7cKlOGAOf2tD
MD5:	86A2B91FA18B867209024C522ED665D5
SHA1:	63DEC245637818C76655E01FCB6D59784BC7184E
SHA-256:	6374880FDD1F8AF1EE8AEA6A06B73BE0AB265AFCEB4FE6F08BDE3B3989264B21
SHA-512:	DA6DBDE5028756421C2904F605632EE98831A25A1247E6238A931629B94CE8A00FD76F4235F118D2167304BD60F2C06B2AD78E54FF6CE53F8C38DF8C7B5AFCE4
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Pagamentos da Chrome Web Store".. },.. "app_name": {.. "message": "Pagamentos da Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Aplicativo indispon.vel no momento.".. },.. "craw_connect_to_network": {.. "message": "Conecte-se a uma rede.".. },.. "iap_unavailable": {.. "message": "No momento, os Pagamentos no aplicativo n.o est.o dispon.veis.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Fa.a login no Google Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\pt_PT\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	622
Entropy (8bit):	4.526171498622949
Encrypted:	false
SSDEEP:	12:1HEJsZUkbGGsZUkb+WYpU34OAE+dgqxKzO8ZpU34rEpBfvPO03OyZnLAOfTYLD:1HEmUka5Uk6WYpFvdxZ8ZpSTnPlOGAOS
MD5:	750A4800EDB93FBE56495963F9FB3B94
SHA1:	8BFB915488A4EB3CB33D68E2E59F1F8447DB7D61
SHA-256:	C1C94F65FABAF17DEF98A8587711A56D61B1E5607500E9B01F2824DB109F9E83
SHA-512:	2AEDEF5793406221BE76AF22031CE8C30AB5FAEAED09BB394C153E2EBE990C89C1A2A73B40D8A92842641AFCA8C77FFD808A2058602D3646FD8DAE2844406F24
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Pagamentos via Chrome Web Store".. },.. "app_name": {.. "message": "Pagamentos via Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Aplica..o atualmente indispon.vel.".. },.. "craw_connect_to_network": {.. "message": "Ligue-se a uma rede.".. },.. "iap_unavailable": {.. "message": "Os Pagamentos na app est.o atualmente indispon.veis.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Inicie sess.o no Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\ro\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	641
Entropy (8bit):	4.61125938671415
Encrypted:	false
SSDEEP:	12:1HEJqJrJZGGqJrJZ+WYpU344HIx2Z+dgrVPlZO8ZpU34qT7hI3O03OyZnLAOfTYU:1HEC4D8WYpKow8WV68ZpKhoOGAOfoVGD
MD5:	98D43E4B1054A65DF3FA3CC40AB6FB6D
SHA1:	46E0A21C4DA2BB5D4D8F837AE211C1B6FA26E7E2
SHA-256:	113A13900CBA62FE8AED06751971C23A80A99B47F9BE219CF884D57DB19611D9
SHA-512:	A76DC53912A4F46714926B9EA2B22E909540E447F61F6DD72607AB7B3BB5D4A9B39E525B04C33AEC53BA813D14AC1FB5827275B2524E52B693E83171E1CD1466
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Pl..i prin Magazinul web Chrome".. },.. "app_name": {.. "message": "Pl..i prin Magazinul web Chrome".. },.. "craw_app_unavailable": {.. "message": ".n prezent, aplica.ia nu este disponibil..".. },.. "craw_connect_to_network": {.. "message": "Conecteaz.-te la o re.ea.".. },.. "iap_unavailable": {.. "message": "Pl..ile .n aplica.ie nu sunt disponibile momentan.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Conecteaz.-te la Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\ru\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	744
Entropy (8bit):	4.918620852166656
Encrypted:	false
SSDEEP:	12:1HEJ7OJHZMSl3ZGG7OJHZMSl3Z+WYpU34zWJ2F+dgVtLSv/TO8ZpU347NWjT03On:1HElOJHZMq4uOJHZMq8WYpdWJ/YGHq8m
MD5:	DB2EDF1465946C06BD95C71A1E13AE64
SHA1:	FB4F3ECE9ECECEBBC6CA2A592A15FB9C1FDFB811
SHA-256:	FBAF22CE6E16DE174CED8CB5EA3098CCA1C3426A2111FF33BD3E64DA64ED67AB
SHA-512:	4E0CF00BAEF1757548DEB17BBE1AF55770A0A0F7351779EF55C7DEFA6D112D0227B8865C2C22E0EC62E6E2F1C8E1632A2D0CE6828D25C5ABBF143C990116F632
Malicious:	false
Preview:	{.. "app_description": {.. "message": "......... ....... ........-........ Chrome".. },.. "app_name": {.. "message": "......... ....... ........-........ Chrome".. },.. "craw_app_unavailable": {.. "message": ".......... ...........".. },.. "craw_connect_to_network": {.. "message": "............ . .....".. },.. "iap_unavailable": {.. "message": "....... ..... .......... ...........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "....... . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\sk\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	647
Entropy (8bit):	4.640777810668463
Encrypted:	false
SSDEEP:	12:1HEJfZGGfZ+WYpU34ORO+dgmmCO8ZpU34yH7u2Z03OyZnLAOfTYCUAi0D:1HEl4G8WYpetPmD8ZpcH7aOGAOfzUeD
MD5:	8DF215D1EFBDABB175CCDD68ED8DCB0A
SHA1:	2B374462137A38589A73FDD00A84CBDC7E50F9F4
SHA-256:	7FA16AF97E6CFC52EC6008EB679D3F30E7E0C24F9EF2D18A9228EAF4DED9D63B
SHA-512:	C0E623343BDAEB4731800D183B59F2FCFE285F0C7153EC99641FD84F2F2DCFE47D21E73F3D28B1240340453C5668EB0AFFBE087AAB62F1C88CD2A40CC44E599D
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "app_name": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplik.cia moment.lne nie je dostupn..".. },.. "craw_connect_to_network": {.. "message": "Pripojte sa k sieti.".. },.. "iap_unavailable": {.. "message": "Platby v aplik.cii moment.lne nie s. k dispoz.cii.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prihl.ste sa do prehliada.a Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\sl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	617
Entropy (8bit):	4.5101656584816885
Encrypted:	false
SSDEEP:	12:1HEJGcyvmbZGGGcyvmbZ+WYpU34OBOEtf+dgca1ZO8ZpU34GcQArERff03OyZnLh:1HE4cyY4TcyY8WYpNoWa1w8ZpQcQ6AfK
MD5:	3943FA2A647AECEDFD685408B27139EE
SHA1:	0129DD19D28373359530B3B477FE8A9279DABB7D
SHA-256:	18AFF072EE0DF7C3495045435C752A805606E6D5D462EF2321C443F1773F4B3A
SHA-512:	42E62B3855611FF2E1D39C11404CB1A09825EE4CA6A8ACB3FF538B4574388F549E3BD79137DD4DC128A8DC44DD270D7D878E4AAD20DA8250A5C25297B0DEC09D
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Pla.ila v spletni trgovini Chrome".. },.. "app_name": {.. "message": "Pla.ila v spletni trgovini Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplikacija trenutno ni na voljo.".. },.. "craw_connect_to_network": {.. "message": "Pove.ite se z omre.jem.".. },.. "iap_unavailable": {.. "message": "Pla.ila v aplikacijah trenutno niso na voljo.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prijavite se v Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\sr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	743
Entropy (8bit):	4.913927107235852
Encrypted:	false
SSDEEP:	12:1HEJssbdOGGssbdO+WYpU347xBP+dgcucO8ZpU34s1muP03OyZnLAOfTYzDYD:1HEKsb59sbTWYplx4Xud8Zpy1mNOGAOv
MD5:	D485DF17F085B6A37125694F85646FD0
SHA1:	24D51D8642CDC6EFD5D8D7A4430232D8CDE25108
SHA-256:	7FFDE34C58E7C376C042DE64DEF6481DAE32BE8B70F0B18EDF536290CBE0C818
SHA-512:	0DDECFD860E99290B6C3AAA04F510272AE081CF2D93ED5832D9D6378EC9D36177FFBE213471247FB94721EA34A83E7665669200047091D0FDE134E3D763217E7
Malicious:	false
Preview:	{.. "app_description": {.. "message": "....... . Chrome ...-..........".. },.. "app_name": {.. "message": "....... . Chrome ...-..........".. },.. "craw_app_unavailable": {.. "message": ".......... .. ........ ...........".. },.. "craw_connect_to_network": {.. "message": "........ .. .......".. },.. "iap_unavailable": {.. "message": "....... . .......... .. ........ ...........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "......... .. . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\sv\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	630
Entropy (8bit):	4.52964089437422
Encrypted:	false
SSDEEP:	12:1HEJJMkbGGJMkb+WYpU34OACwz+dgNPGFZO8ZpU34JgpXLSb03OyZnLAOfTYLdID:1HErMkaqMk6WYpTOcb8ZpDgdZOGAOf8Y
MD5:	D372B8204EB743E16F45C7CBD3CAAF37
SHA1:	C96C57219D292B01016B37DCF82E7C79AD0DD1E8
SHA-256:	B8BA77E0089B0676545EC16D32468B727812B444F90B33A7A5B748E6C36C4388
SHA-512:	33640529E0D5DCC5CA4BDB0615A2818E8D26C6FCB7B3474C08AC3EB67B9DB40E1F0A79954ED20728CD47A686D2533DCBC76ABCBDB917F8530C8DE8BBA687352E
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Betalning via Chrome Web Store".. },.. "app_name": {.. "message": "Betalning via Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Appen .r inte tillg.nglig f.r tillf.llet.".. },.. "craw_connect_to_network": {.. "message": "Anslut till ett n.tverk.".. },.. "iap_unavailable": {.. "message": "Betalning i appen .r inte tillg.ngligt f.r n.rvarande.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Logga in i Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\th\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	945
Entropy (8bit):	4.801079428724355
Encrypted:	false
SSDEEP:	24:1HEKa1dDa1/WYp6UFi72SmlG8ZpyactrW2SAOGAOfvSLD:WK2DNYp6U4y3bpyLxwGFW
MD5:	83E2D1E97791A4B2C5C69926EFB629C9
SHA1:	429600425CB0F196DDD717F940E94DBD8BFF2837
SHA-256:	2FECA577F43D97BAEEA464741D585892103585208FD0A935B810A03BDCE83C88
SHA-512:	60A5928DAA8CB4341487F477C56B5A98B83EDE50E5F4F55A802E01FDDAB86F3E795D391953D3D9214552D14D3F58C5A183693C613720FC12FC387D7B8F9B9AB6
Malicious:	false
Preview:	{.. "app_description": {.. "message": "............... Chrome .........".. },.. "app_name": {.. "message": "............... Chrome .........".. },.. "craw_app_unavailable": {.. "message": ".............................".. },.. "craw_connect_to_network": {.. "message": ".........................".. },.. "iap_unavailable": {.. "message": "...............................................".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "................. Chrome".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\tr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	631
Entropy (8bit):	4.710869622361971
Encrypted:	false
SSDEEP:	12:1HEJ9Y8GG9Y8+WYpU34wWT+dgGb0GO8ZpU34wryd7T03OyZnLAOfTYGbPKG:1HE0jWYpyRnG8Zpyr/OGAOfFPn
MD5:	2CEAE0567B6BB1D240BBAD690A98CA3B
SHA1:	5944346FBD4A0797B13223895995CAB58E9ECD23
SHA-256:	A7CB86F30C9C31FE5540282C308BA96ADB4EC16EF98C87129EB88105E5BEF5FC
SHA-512:	108A07C6D03D7178E8D0FFEF5349E0249A898D864964FED8757BD8A08BC1C6D9613F2A6C01AA34A6606127D1C6CE14C229FA02586677DBB060B85E3E845950E1
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome Web Ma.azas. .demeleri".. },.. "app_name": {.. "message": "Chrome Web Ma.azas. .demeleri".. },.. "craw_app_unavailable": {.. "message": "Uygulama .u anda kullan.lam.yor.".. },.. "craw_connect_to_network": {.. "message": "L.tfen bir a.a ba.lan.n.".. },.. "iap_unavailable": {.. "message": "Uygulama ..i .demeler .u anda kullan.lamaz.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "L.tfen Chrome'da oturum a..n.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\uk\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	720
Entropy (8bit):	4.977397623063544
Encrypted:	false
SSDEEP:	12:1HEJ7wILkSlXZGG7wILkSlXZ+WYpU34zb1Oy2P+dgSV1EjiTO8ZpU347qtfP2CTW:1HElwEkK4uwEkK8WYpd/dTV1e8Zptq5S
MD5:	AB0B56120E6B38C42CC3612BE948EF50
SHA1:	8B3F520E5713D9F116D68E71DAEED1F6E8D74629
SHA-256:	68ABA284751EB9C856032062EF9B1651E2A1E5CE5FDA0977FFC97D63BA7BED9E
SHA-512:	CD852A58217F739C1CD58567FF432D31A7AD3F68C884ABBA1DA95799BCD1545C6A5D3B06F319681C12B78AD0A709828DE4B22736316F148D21F5DB76A5BCCBEF
Malicious:	false
Preview:	{.. "app_description": {.. "message": "....... ...-........ Chrome".. },.. "app_name": {.. "message": "....... ...-........ Chrome".. },.. "craw_app_unavailable": {.. "message": "........ ......... ...........".. },.. "craw_connect_to_network": {.. "message": "............. .. .......".. },.. "iap_unavailable": {.. "message": "....... ..... ........ ..... .. .........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "........ . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\vi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	695
Entropy (8bit):	4.855375139026009
Encrypted:	false
SSDEEP:	12:1HEJMAZrSFZGGMAZrSFZ+WYpU34WFHoz+dgdklzoO8ZpU34NFHoz03OyZnLAOfTU:1HEI4B8WYpAKytFZ8ZpXKMOGAOfd6D
MD5:	7EBB677FEAD8557D3676505225A7249A
SHA1:	F161B4B6001AEAEAB246FF8987F4D992B48D47BE
SHA-256:	051F96ED874C11C4A13589B5F68964E4F5B03B52DDA223D56524F2CA23760C04
SHA-512:	74FD267CF7E299FB8E7054605C3F651F057F676FF865082FA24F4916755456768DB0DA62DBC515D829B48AB1F9CFC8AD3E841DCBF1F194D5CB14C5335A192A0D
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Thanh to.n tr.n c.a h.ng Chrome tr.c tuy.n".. },.. "app_name": {.. "message": "Thanh to.n tr.n c.a h.ng Chrome tr.c tuy.n".. },.. "craw_app_unavailable": {.. "message": ".ng d.ng hi.n kh.ng kh. d.ng.".. },.. "craw_connect_to_network": {.. "message": "Vui l.ng k.t n.i v.i m.ng.".. },.. "iap_unavailable": {.. "message": "Thanh to.n trong .ng d.ng hi.n kh.ng kh. d.ng.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Vui l.ng ..ng nh.p v.o Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\zh_CN\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	595
Entropy (8bit):	5.210259193489374
Encrypted:	false
SSDEEP:	12:1HEJ01GG01+WYpU34zeHz+dgfO8ZpU34YKiO03OyZnLAOfTYB6U:1HEpIWYpISv8Zp+JOGAOfa6U
MD5:	BB73BF561BB79F89D9BF7C67C5AE5C65
SHA1:	2FADD3A1959B29C44830033A35C637D0311A8C9C
SHA-256:	D804F2A040D21D7511EFD5213D8E1721D64964A1A0DBB48E21622CEEDC9D967E
SHA-512:	627D44CEF1FE5C5ABD598BD47FF5E22B9EFC1CF98DDE3868FA9E5896C134A0C9C055AC34EDDADAE56B6690E51AEA89965D38F770552A85C732CC796795DC68D2
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome .........".. },.. "app_name": {.. "message": "Chrome .........".. },.. "craw_app_unavailable": {.. "message": ".........".. },.. "craw_connect_to_network": {.. "message": ".......".. },.. "iap_unavailable": {.. "message": "............".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "... Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\_locales\zh_TW\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	634
Entropy (8bit):	5.386215984611281
Encrypted:	false
SSDEEP:	12:1HEJ2j62GG2j62+WYpU34m7T+dgc8nOO8ZpU34mvIO03OyZnLAOfTYAuH:1HEuSZCWYpsStwP8ZpROGAOfCH
MD5:	5FF50C673CC0C661D615F0CFD0E6DCA0
SHA1:	60DFF98DEAB9C4746B288BDD9C94B3BCAE5EAA85
SHA-256:	C6F8C640F3353A7B9B1432A0C139C1AEEC40133800E6C9B467B63991AD660308
SHA-512:	361D62D91F4931C5F34092C9F2C6A5323D5EEB82A24E7ABE11F7817D8D66341C0ECAD4DCB4B10873920C8D6A3CC9F5704889E178EB2549001A9F62BEDF6C8019
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome ............".. },.. "app_name": {.. "message": "Chrome ............".. },.. "craw_app_unavailable": {.. "message": ".............".. },.. "craw_connect_to_network": {.. "message": "......".. },.. "iap_unavailable": {.. "message": "................".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "... Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\images\icon_128.png Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	4364
Entropy (8bit):	7.915848007375225
Encrypted:	false
SSDEEP:	96:YjlLDJjTvXUtNvX8dgb9HT6y8nviyHG5iCRYtIP:YtNTfUzvX8KM+MGRsIP
MD5:	4DBC9F9E6F5A08D299BAC9E54DF07694
SHA1:	BB38F5DE34B1E0BE1109220BA55271087A4D9EA5
SHA-256:	91C2718DD23B4356D71F88F6146868369033291086DF327534546DFA459BEB0E
SHA-512:	A5F2B1F47502836130D8083F757B7773C1E1CB36B76AD298CC29AB2B428C8002D2F15BD839838FC326DAC3681C2F48AB25A3E7631D33726C4B25E8EC14170912
Malicious:	false
Preview:	.PNG........IHDR..............>a.....IDATx..yp.....gF#.:,[H.l.l..8...`/.k....,!a7Km...E...Te..T.....J...p....%.(....+...3....eY.e...L.o...5....h4...\....{?....~.u.`0.....`0.....`0.....`.Y......[(.......).4....ai..w38.+....Bf././..]...{......8...3.....3W~OJ.. /...u6V.C..U.0.+._=.c..9.X.?....L....S@.L...m.0..>.C...L\|TF.p5..f4M.,.V....8..a.<...RP..@)E,..E"...h.....!...-....,I..T..........m..._[[{w{{....{.^......M.x..h4.h.....\.R.E....j).7.....h4.A.E....,. ...iii.Vj?2...=/.B.FK9P..@)=Rj..D".Y...2.B..x.}0...&J...2.......f.O..e.H.....!.J)'I..R....B............QJ;K..L...L.l".L~mhh.R.@).FFF~.L&...~.B.......u.........}.....~.....f..yUU...........^M...6......].,w.e..~.!$.C.R.....E(%e9.,....k..@...W8.........@...........O..@%.~..@.S..P.....`Tp...."...?ME..c......s...`..S1...7.b..aNE..k...3.yP.}.Ch.}......B..........IPE..C.<....T....k......Z..o_......g........P..A=y.J.)h..@.q.-.].AU.4...F.M.....y%B]+ .\.~..9......:..=...r.....E].o...F..P........i...\|....

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\images\icon_16.png Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	558
Entropy (8bit):	7.505638146035601
Encrypted:	false
SSDEEP:	12:6v/7vyVgSKYsfFzXxXsrPfA+b0YX+5IOUWCQKznuow7:6yVnKYsfFzhXsrIq0YXmgQGn6
MD5:	FB9C46EA81AD3E456D90D58697C12C06
SHA1:	5FC450F7D73CCFAC8F0D818CB3392BA4D91B69DE
SHA-256:	016CA659BA080E194FBFC0929602B16506ED60AA6019FAA51410C4FD93B583E8
SHA-512:	ADD810EE9EB7CAEC505B5FD90A1F184CE39D8F8C689DCC240F188FE353B9575489492E07D572A3B1C11A1555CE66AFCA5134903E4C1AA3D54BC7C5ED3E65B50C
Malicious:	false
Preview:	.PNG........IHDR................a....IDAT8...Mk.Q...;... .....F..QW.....F....J.?.w..7~......'.Q..B]... .QS...M&_w..b&.\|`......p...f.?.D$.y^..........y...\..Z..t6..oRj.@&.u..G.qN).t.-V.>(.N.Ep]wFk.60o.]0.`Y..cT..Y.Tb.`DF.d..s.Z..E..9.4._C.._...%..*.^....4.l...Y..X..R..../...Wj+w0[.].._B.k.${.\.>.%...........lz .w.ALxo.2;..a...".p..S..&..uXS...<..6..[..zD.._.N+w.WbM7ye6X<...'(,=.r}........$f..5..P....k..."..8.s.<zgSm@.....).Y.....:e..\|.....F...I..A$.....T?.....m....8.........N...z.....V..vd.h'....C.?.....H.;]..C.M.....9.b......IEND.B`.

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\CRX_INSTALL\manifest.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	1322
Entropy (8bit):	5.449026004350873
Encrypted:	false
SSDEEP:	24:1HEis7ViC/yox/fiqeUoLFlmF1s80FKrGfd0d3NZNZx1Fq7eY7nfj1B:WL7V2opiV1mvs8rxTZRczhB
MD5:	01334FB9D092AF2AA46C4185E405C627
SHA1:	47AD3C0E82362FFE5B881DF8D71D6F79AB7F5796
SHA-256:	F52714812D68C577A445169D11E84DF6751C2D6886BC429643072BB5D61C6C27
SHA-512:	888D96ADB7A847ABE472145258C8C46950EB2FA3BA7D596C2E90A17C8FB06FD0155C56CC8ABA5D076D89368417464BCB2D236F9E40E53241950A01F9F8ED548F
Malicious:	false
Preview:	{.. "app": {.. "background": {.. "scripts": [ "craw_background.js" ].. }.. },.. "default_locale": "en",.. "description": "__MSG_APP_DESCRIPTION__",.. "display_in_launcher": false,.. "display_in_new_tab_page": false,.. "icons": {.. "128": "images/icon_128.png",.. "16": "images/icon_16.png".. },.. "key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrKfMnLqViEyokd1wk57FxJtW2XXpGXzIHBzv9vQI/01UsuP0IV5/lj0wx7zJ/xcibUgDeIxobvv9XD+zO1MdjMWuqJFcKuSS4Suqkje6u+pMrTSGOSHq1bmBVh0kpToN8YoJs/P/yrRd7FEtAXTaFTGxQL4C385MeXSjaQfiRiQIDAQAB",.. "manifest_version": 2,.. "minimum_chrome_version": "29",.. "name": "__MSG_APP_NAME__",.. "oauth2": {.. "auto_approve": true,.. "client_id": "203784468217.apps.googleusercontent.com",.. "scopes": [ "https://www.googleapis.com/auth/sierra", "https://www.googleapis.com/auth/sierrasandbox", "https://www.googleapis.com/auth/chromewebstore", "https://www.googleapis.com/auth/chromewebstore.readonly" ].. },.

C:\Users\user\AppData\Local\Temp\scoped_dir5228_1943755729\ff7891e6-ecda-46c9-8a54-2bf2450ba0fb.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Google Chrome extension, version 3
Category:	dropped
Size (bytes):	248531
Entropy (8bit):	7.963657412635355
Encrypted:	false
SSDEEP:	3072:r+nmRykNgoldZ8GjJCiUXZSk+QSVh85PxEalRVHmcld9R6yYfEp4ABUGDcaKklrv:k3oF4Z4h45P99Fld9RBQYBVcaxlnfL
MD5:	541F52E24FE1EF9F8E12377A6CCAE0C0
SHA1:	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
SHA-256:	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
SHA-512:	D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
Malicious:	false
Preview:	Cr24..............0.."0....H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L\|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.\|1..n.<Fb..f..Q1.....s..2..{.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f\|.~.c.4.E.......0..0....H............0.......).'..b.$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.\|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$\|..\|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0....H.=.....H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...\|!..A..L.+.=...kP.!.1..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\3c6fa991-d7a6-41ac-9001-cbc844aa6839.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Google Chrome extension, version 3
Category:	dropped
Size (bytes):	248531
Entropy (8bit):	7.963657412635355
Encrypted:	false
SSDEEP:	3072:r+nmRykNgoldZ8GjJCiUXZSk+QSVh85PxEalRVHmcld9R6yYfEp4ABUGDcaKklrv:k3oF4Z4h45P99Fld9RBQYBVcaxlnfL
MD5:	541F52E24FE1EF9F8E12377A6CCAE0C0
SHA1:	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
SHA-256:	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
SHA-512:	D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
Malicious:	false
Preview:	Cr24..............0.."0....H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L\|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.\|1..n.<Fb..f..Q1.....s..2..{.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f\|.~.c.4.E.......0..0....H............0.......).'..b.$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.\|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$\|..\|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0....H.=.....H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...\|!..A..L.+.=...kP.!.1..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\bg\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	796
Entropy (8bit):	4.864931792423268
Encrypted:	false
SSDEEP:	12:1HEJMLkSlwZGGMLkSlwZ+WYpU34f145Gb+dgoxTyO8ZpU34f1L0frhmJ03OyZnLt:1HE7n4gn8WYpYrbhz8ZpotHOGAOf6aD
MD5:	6F8E288A9AD5B1ED8633B430E2B4D4CA
SHA1:	F671D3D4BEFA431D1946D706F4192D44E29B6F08
SHA-256:	A114E2783D0E9B12155017323BA70838F0F82A71C7EE8DC1F115AE36991241F8
SHA-512:	0F87F3F0D115B872288949E59ACD3CD41B1FBC64A622D8FDA6D71FAFC5A900D92ADFBB0E7EB926F2A8759BBAA0896D48728FB719BBF5EF54AC21027328F7700C
Malicious:	false
Preview:	{.. "app_description": {.. "message": "........ . ... ........ .. Chrome".. },.. "app_name": {.. "message": "........ . ... ........ .. Chrome".. },.. "craw_app_unavailable": {.. "message": "........... .... ...... .. .............".. },.. "craw_connect_to_network": {.. "message": "...., ........ .. . ......".. },.. "iap_unavailable": {.. "message": "........... .... ...... .. .......... ....... .. .........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "...., ...... . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\ca\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	675
Entropy (8bit):	4.536753193530313
Encrypted:	false
SSDEEP:	12:1HEJ0gbbGG0gbb+WYpU34g3YbiLO+dgyGFoO8ZpU34+puiPmb03OyZnLAOfTYABk:1HE5baib6WYpm31Lt0Z8Zp8pxOGAOfKD
MD5:	1FDAFC926391BD580B655FBAF46ED260
SHA1:	C95743C3F43B2B099FEBEBC5BD850F0C20E820AC
SHA-256:	C67898B67F9C9209EAFDA6532B62D5789863CFB855998DD6A70E7775316CEC20
SHA-512:	39D95D45C5746DA3BAA7AE6A3344EA17D7A7C3569C2A56959FF119261DA08C747A320FCF701AC72B8DBDBF8BF06FD8B239017A282CDDA444F3826D4EC672CBB4
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Sistema de pagaments de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagaments de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Ara mateix aquesta aplicaci. no est. disponible.".. },.. "craw_connect_to_network": {.. "message": "Connecteu-vos a una xarxa.".. },.. "iap_unavailable": {.. "message": "La funci. Pagaments a l'aplicaci. no est. disponible actualment.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Inicieu la sessi. a Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\cs\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	641
Entropy (8bit):	4.698608127109193
Encrypted:	false
SSDEEP:	12:1HEJfZGGfZ+WYpU34OBh+dgN/O8ZpU34j05U03OyZnLAOfTYWc:1HEl4G8WYpdt8Zpq5TOGAOfW
MD5:	76DEC64ED1556180B452A13C83171883
SHA1:	CFB1E56FD587BCDC459C1D9A683B71F9849058F9
SHA-256:	32290D69A90E6BAAC428B10382C99221B12773BB9A184F3B93DFB48A4F6D7A40
SHA-512:	5230A217968D5DC463E2E92D704544311A721E5CEF65C3125CBD8DEB9C0293D3BFB5C820A6011ABF77095FDEE7DAF67D541DC202B0C9CDB0908CBB85D84885CB
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "app_name": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplikace v sou.asn. dob. nen. dostupn..".. },.. "craw_connect_to_network": {.. "message": "P.ipojte se pros.m k s.ti.".. },.. "iap_unavailable": {.. "message": "Platby v aplikaci aktu.ln. nejsou k dispozici.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "P.ihlaste se do Chromu.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\da\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	624
Entropy (8bit):	4.5289746475384565
Encrypted:	false
SSDEEP:	12:1HEJJMKKFZGGJMKKFZ+WYpU34OHu+dgxlCZO8ZpU34J4Wu03OyZnLAOfTYzD:1HErMKfqMKVWYpM6lL8ZpDNOGAOfiD
MD5:	238B97A36E411E42FF37CEFAF2927ED1
SHA1:	4E47AC90BA24C8F4724D9293FA40CFD4ADA66FE0
SHA-256:	4977D4A053542FF66967FAED6B06585DD70E68E20BFEB533B66FE3287F9655D9
SHA-512:	FD0742D47B5F5AB9AAD9B4C3D57F63CB693E060EECE123A72036C6E92156D099495C7E9E9CC6DC83EEBCDDCC4B4C81FB47E4C9559DA3EBA024780FFF10C53E0A
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Betalinger i Chrome Webshop".. },.. "app_name": {.. "message": "Betalinger i Chrome Webshop".. },.. "craw_app_unavailable": {.. "message": "Appen er ikke tilg.ngelig i .jeblikket.".. },.. "craw_connect_to_network": {.. "message": "Opret forbindelse til et netv.rk.".. },.. "iap_unavailable": {.. "message": "Betaling i appen er ikke tilg.ngelig i .jeblikket.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Log ind p. Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\de\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	651
Entropy (8bit):	4.583694000020627
Encrypted:	false
SSDEEP:	12:1HEJQ1ZGGQ1Z+WYpU34pCEMT+dgJMlCTO8ZpU34p6FK603OyZnLAOfTYJ6K:1HEzWWYp3Bewv8Zp7k4OGAOfQj
MD5:	6B3E916E8C1991AA0453CBA00FEDCAAA
SHA1:	D6366D15912E40CA107FD42BFE9579C3336A51F9
SHA-256:	A62FFAB910E31531758EEE48B2CC71A8857BEC3021DEAD50B668CBA3C8667053
SHA-512:	87EA4311B61F29543B13F3E17DFA919D0C320B4FE370CC152E0B1514BCA79B0ABB526DDCF08621D6EBFA48923EE8FB4C667EFB120A72BD9583EEBEE7BFB80552
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome Web Store-Zahlungen".. },.. "app_name": {.. "message": "Chrome Web Store-Zahlungen".. },.. "craw_app_unavailable": {.. "message": "Die App ist momentan nicht verf.gbar.".. },.. "craw_connect_to_network": {.. "message": "Bitte stellen Sie eine Verbindung zu einem Netzwerk her.".. },.. "iap_unavailable": {.. "message": "In-App-Zahlungen sind momentan nicht m.glich.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Bitte melden Sie sich in Chrome an.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\el\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	787
Entropy (8bit):	4.973349962793468
Encrypted:	false
SSDEEP:	24:1HEw+aZ+6WYpbWZe80A08ZpCGyDVWlOGAOf+XD:WguYpCZnpEZbGoD
MD5:	05C437A322C1148B5F78B2F341339147
SHA1:	AB53003A678E44A170E73711FBD9949833BBF3AA
SHA-256:	A052C32B4FCAC61152EB0ADB2C260FB6A8256AD104AA0013DB93E9798D41A070
SHA-512:	C36CB9202A34356DD06D377E2A088F428D0B8EBE7D2E54F8380485E9D94A0598D7F651C1E7A2FD55BE481D49C02B0812F2BA335E08611EC85EE0BD60784A6B40
Malicious:	false
Preview:	{.. "app_description": {.. "message": "........ ... Chrome Web Store".. },.. "app_name": {.. "message": "........ ... Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": ". ........ .... .. ..... ... ..... ..........".. },.. "craw_connect_to_network": {.. "message": ".......... .. ... .......".. },.. "iap_unavailable": {.. "message": ".. ........ ..... ......... ... ..... ..... .. ...... ...........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": ".......... ... Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\en\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	593
Entropy (8bit):	4.483686991119526
Encrypted:	false
SSDEEP:	12:1HEJ6GG6+WYpU34OuFpR+dgGfFZO8ZpU34aEGFpR03OyZnLAOfTYdD:1HEVSWYpVp0JS8Zp5KpaOGAOfuD
MD5:	91F5BC87FD478A007EC68C4E8ADF11AC
SHA1:	D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6
SHA-256:	92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
SHA-512:	FDC2A29B04E67DDBBD8FB6E8D2443E46BADCB2B2FB3A850BBD6198CDCCC32EE0BD8A9769D929FEEFE84D1015145E6664AB5FEA114DF5A864CF963BF98A65FFD9
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome Web Store Payments".. },.. "app_name": {.. "message": "Chrome Web Store Payments".. },.. "craw_app_unavailable": {.. "message": "App currently unavailable.".. },.. "craw_connect_to_network": {.. "message": "Please connect to a network.".. },.. "iap_unavailable": {.. "message": "In-App Payments is currently unavailable.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Please sign into Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\en_GB\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	593
Entropy (8bit):	4.483686991119526
Encrypted:	false
SSDEEP:	12:1HEJ6GG6+WYpU34OuFpR+dgGfFZO8ZpU34aEGFpR03OyZnLAOfTYdD:1HEVSWYpVp0JS8Zp5KpaOGAOfuD
MD5:	91F5BC87FD478A007EC68C4E8ADF11AC
SHA1:	D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6
SHA-256:	92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
SHA-512:	FDC2A29B04E67DDBBD8FB6E8D2443E46BADCB2B2FB3A850BBD6198CDCCC32EE0BD8A9769D929FEEFE84D1015145E6664AB5FEA114DF5A864CF963BF98A65FFD9
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome Web Store Payments".. },.. "app_name": {.. "message": "Chrome Web Store Payments".. },.. "craw_app_unavailable": {.. "message": "App currently unavailable.".. },.. "craw_connect_to_network": {.. "message": "Please connect to a network.".. },.. "iap_unavailable": {.. "message": "In-App Payments is currently unavailable.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Please sign into Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\es\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	661
Entropy (8bit):	4.450938335136508
Encrypted:	false
SSDEEP:	12:1HEJHlbGGHlb+WYpU34ubdDH+dgxbFxTO8ZpU34lPbdlVo03OyZnLAOfTY6xjD:1HEvaC6WYpcDeEFxq8ZpNl5OGAOffD
MD5:	82719BD3999AD66193A9B0BB525F97CD
SHA1:	41194D511F1ACC16C1CA828AC81C18C8C6B47287
SHA-256:	4DB9B2721E625C18B9E05C04B31AF5D9694712F1CAAF6219ABE34BB08E5DB1C7
SHA-512:	D4C49B43427799B6292CEED11CACB1D76F7CE43EBF402B43B638A6EB2B414ED0981E386CB8CDF0B51D1BD9552934FE25B2F6392266BB73D8C9A691F65BCE0128
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Esta aplicaci.n no est. disponible en este momento.".. },.. "craw_connect_to_network": {.. "message": "Con.ctate a una red.".. },.. "iap_unavailable": {.. "message": "Los pagos en la aplicaci.n no est.n disponibles en este momento.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Inicia sesi.n en Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\es_419\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	637
Entropy (8bit):	4.47253983486615
Encrypted:	false
SSDEEP:	12:1HEJHlbGGHlb+WYpU34ubdDH+dgxbFxTO8ZpU34GLO03OyZnLAOfTYiJD:1HEvaC6WYpcDeEFxq8Zp4LlOGAOfvD
MD5:	6B2583D8D1C147E36A69A88009CBEBC7
SHA1:	4D4DEEB4BE6AA0181825F3371A761ABC5B4D5937
SHA-256:	6659BC3705311D7641A73995DCFEA80C7734F2F4EBBC3787B3892A240348324F
SHA-512:	37F0DBFCC1B5A2B8E4C92C49D2D9DEEF25616421350324F57E0149A45A6CCB437F5E3CBE97412C4B5DBBF2593783C7DF71E9C25A851AEAE6E4764C545723FA53
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Esta aplicaci.n no est. disponible en este momento.".. },.. "craw_connect_to_network": {.. "message": "Con.ctate a una red.".. },.. "iap_unavailable": {.. "message": "En este momento, Pagos En-Apps no est. disponible.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Accede a Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\et\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	595
Entropy (8bit):	4.467205425399467
Encrypted:	false
SSDEEP:	12:1HEJfPGGGfPG+WYpU34Ze7z+dgrW9O8ZpU34ZwZz03OyZnLAOfTYgoLIR:1HEdvqlWYpTeObk8ZpT/OGAOfuLIR
MD5:	CFF6CB76EC724B17C1BC920726CB35A7
SHA1:	14ED068251D65A840F00C05409D705259D329FFC
SHA-256:	C85800BF45942FCC7FD6B1DF929C25F9CC2A977A6678966BD03D4B6B69889AFD
SHA-512:	53D7D01BB30C0306DE65A79FD9551D2E8C1F71F4F45F71906B009071CB3E0F231E6A50FDD78773E9B4DE94085BC7B97F829842FA21A89A2080D33458B745C46F
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome'i veebipoe maksed".. },.. "app_name": {.. "message": "Chrome'i veebipoe maksed".. },.. "craw_app_unavailable": {.. "message": "Rakendus pole praegu saadaval.".. },.. "craw_connect_to_network": {.. "message": "Looge .hendus v.rguga.".. },.. "iap_unavailable": {.. "message": "Rakendusesisesed maksed ei ole praegu saadaval.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Logige Chrome'i sisse.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\fi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	647
Entropy (8bit):	4.595421267152647
Encrypted:	false
SSDEEP:	12:1HEJRuzGGRuz+WYpU34ujSBu+dgYO8ZpU34J+Bu03OyZnLAOfTY5HN:1HEFcWYpPNa8ZpD+FOGAOfEHN
MD5:	3A01FEE829445C482D1721FF63153D16
SHA1:	F3EAAADDC03F943FC88B30B67F534AA13E3336DD
SHA-256:	0BDE54B20845124113383B6EB81E43A0F05E4EB0C44BEE3C1DFAC4CC5FEC2836
SHA-512:	3B92B6C86D30FD36AA3CEFF8773BA60C3FC5CC19C693540137044C5838A5503895C770C0336A4D0A3DB5E42F3FB36274D8D3F85B9DCA2F3EC0E974FDDB0BEAD8
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome Web Storen maksut".. },.. "app_name": {.. "message": "Chrome Web Storen maksut".. },.. "craw_app_unavailable": {.. "message": "Sovellus ei ole t.ll. hetkell. k.ytett.viss..".. },.. "craw_connect_to_network": {.. "message": "Muodosta verkkoyhteys.".. },.. "iap_unavailable": {.. "message": "Sovelluksen sis.iset maksut eiv.t ole t.ll. hetkell. k.ytett.viss..".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Kirjaudu sis..n Chromeen.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\fil\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	658
Entropy (8bit):	4.5231229502550745
Encrypted:	false
SSDEEP:	12:1HEJADlbGGADlb+WYpU34hTUT+dgHfZAFFZO8ZpU34hTjzeT03OyZnLAOfTYHfvF:1HEYah6WYp7TUSoxOS8Zp7TOsOGAOfqV
MD5:	57AF5B654270A945BDA8053A83353A06
SHA1:	EEEF7A4F869F97CF471A05D345E74F982D15E167
SHA-256:	EC002ED92359F67818B49455DFC579E140368E6A004080AF022FD4F57F6B03F2
SHA-512:	5F0AE839FCF3F4EA48FF41A76655AE0F3821564AFD5D42FBB9FBB9A38E8D8F7BB5E9B6F71064588CD441261F644095A44A755C134CE546D506D9A21E488BAF52
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Mga Pagbabayad sa Chrome Web Store".. },.. "app_name": {.. "message": "Mga Pagbabayad sa Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Kasalukuyang hindi available ang app.".. },.. "craw_connect_to_network": {.. "message": "Mangyaring kumonekta sa isang network.".. },.. "iap_unavailable": {.. "message": "Kasalukuyang hindi available ang Mga Pagbabayad na In-App.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Mangyaring mag-sign in sa Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\fr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	677
Entropy (8bit):	4.552569602149629
Encrypted:	false
SSDEEP:	12:1HEJALf/nbGGALf/nb+WYpU34Owdgbyb+dgdQjO8ZpU34ITQpGnbyb03OyZnLAO8:1HE4Hna1Hn6WYpNdgpY8ZpSTQwnBOGAh
MD5:	8D11C90F44A6585B57B933AB38D1FFF8
SHA1:	3F9D44EA8807069A32AACA2AAAD02FD892E6CC90
SHA-256:	599491F8C52B945C16C441ADF45BFD45AFAE046DA07757D97C56AF4DE75ED3B5
SHA-512:	D7EF7F5AD7EF1A1595825D79B69E2B1E988AD3CF1F3881496FCCD30F241E4E9C6E457F9F5D0F855DE3536DB7A40C3E1C55946B50D3F556F4A35285066A0CD6F7
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Paiements via le Chrome.Web.Store".. },.. "app_name": {.. "message": "Paiements via le Chrome.Web.Store".. },.. "craw_app_unavailable": {.. "message": "Application indisponible pour le moment.".. },.. "craw_connect_to_network": {.. "message": "Veuillez vous connecter . un r.seau.".. },.. "iap_unavailable": {.. "message": "Les paiements via l'application ne sont pas disponibles pour le moment.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Veuillez vous connecter . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\hi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	835
Entropy (8bit):	4.791154467711985
Encrypted:	false
SSDEEP:	24:1HEs07J0JWYp9vnCSVLP8Zp6CsOGAOf8SLm:Wh7qgYp1CMLUph1GiSLm
MD5:	E376D757C8FD66AC70A7D2D49760B94E
SHA1:	1525C5B1312D409604F097768503298EC440CC4D
SHA-256:	8106D98C4F8DA16DB698444409558E29CC96735E188BFA303C333A5D99231C1D
SHA-512:	673F3F259AF2946E4F49BBED14A2A70D44BF9FDA9D7A71DC9172BA9B7B3C7F7062B16D29682B638D485B0520ED6F99E7A735F28C7C719B539559005B69FA7555
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome ... ..... ......".. },.. "app_name": {.. "message": "Chrome ... ..... ......".. },.. "craw_app_unavailable": {.. "message": "......... .. ... ...... .... ...".. },.. "craw_connect_to_network": {.. "message": "..... ....... .. ...... .....".. },.. "iap_unavailable": {.. "message": "..-.. ...... ... ...... .... ...".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "..... Chrome ... .... .. .....".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\hr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	618
Entropy (8bit):	4.56999230891419
Encrypted:	false
SSDEEP:	12:1HEJGiimxmbZGGGiimxmbZ+WYpU34OBOEuhopIO+dgcapZO8ZpU34GiiZrMrQphK:1HE4H4TH8WYpNjTta28ZpQVLP0SOGAOK
MD5:	8185D0490C86363602A137F9A261CC50
SHA1:	5BD933B874441CEACB9201CCC941FF67BAED6DC0
SHA-256:	A2B2EC359A9DD9DCCCE02859CE1E738BD30FAA4A05F1DC522893FFDF722BBC15
SHA-512:	D7629978FC031EA5F716F9C1065FB2FEAB48C15F10CD68830DC966FA1002C03DDC7ACDE314C7D075F9F3A0A68552A6ACBCCDEE24CF20B6C3DD1BCE6562D0396E
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Pla.anja u web-trgovini Chrome".. },.. "app_name": {.. "message": "Pla.anja u web-trgovini Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplikacija trenuta.no nije dostupna.".. },.. "craw_connect_to_network": {.. "message": "Pove.ite se s mre.om.".. },.. "iap_unavailable": {.. "message": "Pla.anje u aplikaciji trenuta.no nije dostupno.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prijavite se na Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\hu\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	683
Entropy (8bit):	4.675370843321512
Encrypted:	false
SSDEEP:	12:1HEJVJiGGVJi+WYpU34Hpo9O+dgMmfgijO8ZpU34Huo9O03OyZnLAOfTYBIAYm:1HEVrk5WYpQzTUg/8ZpwoXOGAOfYIAd
MD5:	85609CF8623582A8376C206556ED2131
SHA1:	1E16EB70DB5E59BB684866FF3E3925C2DEF25A12
SHA-256:	32A249749F12ADB6A220BF9ADC272C7E5D9AD5497A38B0086D961E3ABA17FBC6
SHA-512:	27883430865D3CFA6EDFE8C6CE1442BD96150B5CE520CCF7D556A330CAA6392C712B47BD86F7350E174876BC681F6DEC94D1312402655B0AF90883A2899EC78B
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome Internetes .ruh.z Fizet.si rendszere".. },.. "app_name": {.. "message": "Chrome Internetes .ruh.z Fizet.si rendszere".. },.. "craw_app_unavailable": {.. "message": "Az alkalmaz.s jelenleg nem .rhet. el.".. },.. "craw_connect_to_network": {.. "message": "K.rj.k, csatlakozzon egy h.l.zathoz.".. },.. "iap_unavailable": {.. "message": "Az alkalmaz.son bel.li fizet.s jelenleg nem .rhet. el.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Jelentkezzen be a Chrome-ba.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\id\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	604
Entropy (8bit):	4.465685261172395
Encrypted:	false
SSDEEP:	12:1HEJs25bGGs25b+WYpU34ORBHAeSJ+dgkmO8ZpU34s22C/SzFAs03OyZnLAOfTYR:1HEBaA6WYpaHFH8ZptOYOGAOf2D
MD5:	EAB2B946D1232AB98137E760954003AA
SHA1:	60BDC2937905B311D2C9844DF2D639D7AC9F7F67
SHA-256:	C6E8800450602DE0F39FE9F6854472383813FB454B08ABAE7E25A9167CE004C3
SHA-512:	970FEC9A9EF0BAF7F693C4C5977F3B47914579C5B5414FCE9DBB5E4574659A5BB9AD2DE0CC886B368F49C019785AF7D2D7FE82F71341F039EADC399ED776CA12
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Pembayaran Chrome Webstore".. },.. "app_name": {.. "message": "Pembayaran Chrome Webstore".. },.. "craw_app_unavailable": {.. "message": "Aplikasi tidak tersedia saat ini.".. },.. "craw_connect_to_network": {.. "message": "Sambungkan ke jaringan.".. },.. "iap_unavailable": {.. "message": "Pembayaran Dalam Aplikasi saat ini tidak tersedia.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Harap masuk ke Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\it\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	603
Entropy (8bit):	4.479418964635223
Encrypted:	false
SSDEEP:	12:1HEJsqd/bGGsqd/b+WYpU34OcX4+dgUvIO8ZpU34vq703OyZnLAOfTYsD:1HEXd/aKd/6WYpZrv58ZpskOGAOfzD
MD5:	A328EEF5E841E0C72D3CD7366899C5C8
SHA1:	2851ED658385804E87911643F5A4200B1FB26E13
SHA-256:	CD891C45F7586FB4A2514205A11F260E4A6D4482FA03D901909DD9F57BE0536D
SHA-512:	E47297896E981774EC3B59D41B89D6BA9333F6B4435EB9727D8645A46B10C7D408ADE06844871FA757382FBE7E645276449DB7B1B23BC59C9A71A5CB5A5ECC57
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Pagamenti Chrome Web Store".. },.. "app_name": {.. "message": "Pagamenti Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "App al momento non disponibile.".. },.. "craw_connect_to_network": {.. "message": "Collegati a una rete.".. },.. "iap_unavailable": {.. "message": "La funzione Pagamenti In-App non . al momento disponibile.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Accedi a Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\ja\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	697
Entropy (8bit):	5.20469020877498
Encrypted:	false
SSDEEP:	12:1HEJ07uGG07u+WYpU34DB+dgnsVztO8ZpU34MwiB03OyZnLAOfTYmSH:1HEcnDNWYp1kxU8Zp2wiqOGAOfpSH
MD5:	9B3A5D473C3F2BBFAEECE94A07A940B8
SHA1:	61BACA342CF766BBA15C7B4D892A0E7DAC9405AA
SHA-256:	706312A4A2AEF3317223F141EB2B82685345B7EED444F16BB4DF3A272716DA1F
SHA-512:	94F6FEE9A11BD890AB8211C98D1CC142348961EBCF756F66477A3E3A76519804B70BE0AE4E551739F8AFE32D7ADE6EDE04EF6B9B9EED03E3A857E6058EEDD4C6
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome ........".. },.. "app_name": {.. "message": "Chrome ........".. },.. "craw_app_unavailable": {.. "message": ".................".. },.. "craw_connect_to_network": {.. "message": "................".. },.. "iap_unavailable": {.. "message": ".......................".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Chrome ............".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\ko\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	631
Entropy (8bit):	5.160315577642469
Encrypted:	false
SSDEEP:	12:1HEJ1GG1+WYpU34K3aT+dgh8d0HTO8ZpU34KaNkaT03OyZnLAOfTY/YeHx:1HEajWYpc3aSl0Hq8Zpc6kasOGAOfyYA
MD5:	9F6B4D82A70C74CA751E2EAE70FAB5CF
SHA1:	0534F125FFCE8222277CF2BE3401C59DAF9217F8
SHA-256:	D1467B8D037114403E8F4EFC52E88C4A7FEB96126BE4CFF883FEFF1084EF7E68
SHA-512:	ED9319830314385D09C06F62EE34186E8CA576C857981205E4468A28B3ACD2AB03384E77B866032C324ABDD97A56EFD08E2D6E0C79D563578B3EC52517819BD8
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome . ... ..".. },.. "app_name": {.. "message": "Chrome . ... ..".. },.. "craw_app_unavailable": {.. "message": ".. .. ... . .....".. },.. "craw_connect_to_network": {.. "message": "..... ......".. },.. "iap_unavailable": {.. "message": ".. .. ... ... . .....".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Chrome. .......".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\lt\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	665
Entropy (8bit):	4.66839186029557
Encrypted:	false
SSDEEP:	12:1HEJpqHnkGGpqHnk+WYpU346M+dgV6O8ZpU34WzSWz03OyZnLAOfTYx:1HELqHtKqHPWYpM3A8ZpwGzOGAOfg
MD5:	4CA644F875606986A9898D04BDAE3EA5
SHA1:	722A10569E93975129D67FBDB75B537D9D622AD1
SHA-256:	7C311AB751D840D750C11553C083785813E079C1D464FE568A98C9E3EF3DB96C
SHA-512:	E575E3D0622F5BD4B6C0EE79128A1B1F1882195670139D1983F4377D847141B8FB8EBB8BCED82AF3A220ED07D3577AFBE085BADC0E9C7678292B80E3EC5D3444
Malicious:	false
Preview:	{.. "app_description": {.. "message": ".Chrome. internetin.s parduotuv.s mok.jimo sistema".. },.. "app_name": {.. "message": ".Chrome. internetin.s parduotuv.s mok.jimo sistema".. },.. "craw_app_unavailable": {.. "message": "Programa .iuo metu negalima.".. },.. "craw_connect_to_network": {.. "message": "Prisijunkite prie tinklo.".. },.. "iap_unavailable": {.. "message": "Mok.jimai programoje .iuo metu negalimi.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prisijunkite prie .Chrome..".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\lv\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	671
Entropy (8bit):	4.631774066483956
Encrypted:	false
SSDEEP:	12:1HEJFhVbGGFhVb+WYpU34wDoz+dgGedBO8ZpU34wF03OyZnLAOfTYGYID:1HENQKkWYp2Doy/em8Zp2WOGAOfRYID
MD5:	C5CE2C51391EAFD3DA9E4C71549A3C28
SHA1:	1F67FF6EF6E90C0CE3AAF56ED543A3EFD381574D
SHA-256:	1FA1DF2CA8516DEF490FB8484E9AA498ACFF80EEF5C9258FFE42D3678E6C7DED
SHA-512:	C85F6281E682F52BC2147DEA7E2F3BB4DC48D98BADA8687B05C6C7271C78EA7F5431CD51671A4184C9AE004FC53C016E3C594697F483195CCBA08A93821EEF70
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome interneta veikala maks.jumu sist.ma".. },.. "app_name": {.. "message": "Chrome interneta veikala maks.jumu sist.ma".. },.. "craw_app_unavailable": {.. "message": "Lietotne pagaid.m nav pieejama.".. },.. "craw_connect_to_network": {.. "message": "L.dzu, izveidojiet savienojumu ar t.klu.".. },.. "iap_unavailable": {.. "message": "Maks.jumi lietotn.s pa.laik nav pieejami.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "L.dzu, pierakstieties p.rl.k. Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\nb\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	624
Entropy (8bit):	4.555032032637389
Encrypted:	false
SSDEEP:	12:1HEJhiOGGhiO+WYpU34OHSN+dgFjdGFZO8ZpU34JgdN03OyZnLAOfTYiD:1HEDiHIitWYpCYJ8ZpD1OGAOfRD
MD5:	93C459A23BC6953FF744C35920CD2AF9
SHA1:	162F884972103A08ADB616A7EB3598431A2924C5
SHA-256:	2CD700AEB57D89C2E73333D0702556EE3FF3863516170F85669BC680FCBDC4E0
SHA-512:	F76E6E8D8499306883C3EC1E774F7E8BB6B601096DA5A14D17D3E7D5732829542041E42B7350466589291ADCC83FB065FD591B4E20CFCF8EDC586E128ECBFCB5
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome Nettmarked-betalinger".. },.. "app_name": {.. "message": "Chrome Nettmarked-betalinger".. },.. "craw_app_unavailable": {.. "message": "Appen er utilgjengelig for .yeblikket.".. },.. "craw_connect_to_network": {.. "message": "Du m. koble til et nettverk.".. },.. "iap_unavailable": {.. "message": "Betaling i app er ikke tilgjengelig for .yeblikket.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Du m. logge p. Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\nl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	615
Entropy (8bit):	4.4715318546237315
Encrypted:	false
SSDEEP:	12:1HEJJQGkbGGJQGkb+WYpU34OQKJT+dgiXUmvFZO8ZpU34g7JT03OyZnLAOfTYMD:1HErxkaqxk6WYptndXI8ZpTOGAOfbD
MD5:	7A8F9D0249C680F64DEC7650A432BD57
SHA1:	53477198AEE389F6580921B4876719B400A23CA1
SHA-256:	92BE7C2DC9CFBE5A65E9CE6488D364C8D7EC19E7B67A31E4D43C1CB2B169671C
SHA-512:	969AB979546A741C0F3EDBEEB21BABA375FA8870D4FB9248CDD4C305736E332E10CAB7B64C5C078E60EC0CD73848101B390BE8F44B89C310058AF4C1CA3C8AA7
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Betalingen via Chrome Web Store".. },.. "app_name": {.. "message": "Betalingen via Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "App momenteel niet beschikbaar.".. },.. "craw_connect_to_network": {.. "message": "Maak verbinding met een netwerk.".. },.. "iap_unavailable": {.. "message": "In-app-betalingen is momenteel niet beschikbaar.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Log in bij Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\pl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	636
Entropy (8bit):	4.646901997539488
Encrypted:	false
SSDEEP:	12:1HEJbiVbGGbiVb+WYpU34OBHlBi9+dgQUg6O8ZpU34bdbfiIu03OyZnLAOfTYR5k:1HE5iVauiV6WYpIAYr8ZpxFiaOGAOfIC
MD5:	0E6194126AFCCD1E3098D276A7400175
SHA1:	E8127B905A640B1C46362FA6E1127BE172F4A40F
SHA-256:	E2699F98C511B18A2AFB82EAE9A4804B646C4FF1077D80E77C17A3943A6373C2
SHA-512:	A71F7C7BFBBF1E37E699601AF2E095C56CBA91F90CB7556477DF31D01B83ADFB1271E1775C9BA299FF6875BBFC2B6AB47488CC88E33DEF2F6F2E0E5AC687B777
Malicious:	false
Preview:	{.. "app_description": {.. "message": "P.atno.ci w sklepie Chrome Web Store".. },.. "app_name": {.. "message": "P.atno.ci w sklepie Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Aplikacja jest obecnie niedost.pna.".. },.. "craw_connect_to_network": {.. "message": "Po..cz si. z sieci..".. },.. "iap_unavailable": {.. "message": "P.atno.ci w ramach aplikacji s. teraz niedost.pne.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Zaloguj si. w Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\pt_BR\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	636
Entropy (8bit):	4.515158874306633
Encrypted:	false
SSDEEP:	12:1HEJsc/bGGsc/b+WYpU34OLw+dgn/KzO8ZpU34FjIBMwGRO03OyZnLAOfTYN+KcY:1HEb/a8/6WYp4mZ8Zp7cKlOGAOf2tD
MD5:	86A2B91FA18B867209024C522ED665D5
SHA1:	63DEC245637818C76655E01FCB6D59784BC7184E
SHA-256:	6374880FDD1F8AF1EE8AEA6A06B73BE0AB265AFCEB4FE6F08BDE3B3989264B21
SHA-512:	DA6DBDE5028756421C2904F605632EE98831A25A1247E6238A931629B94CE8A00FD76F4235F118D2167304BD60F2C06B2AD78E54FF6CE53F8C38DF8C7B5AFCE4
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Pagamentos da Chrome Web Store".. },.. "app_name": {.. "message": "Pagamentos da Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Aplicativo indispon.vel no momento.".. },.. "craw_connect_to_network": {.. "message": "Conecte-se a uma rede.".. },.. "iap_unavailable": {.. "message": "No momento, os Pagamentos no aplicativo n.o est.o dispon.veis.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Fa.a login no Google Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\pt_PT\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	622
Entropy (8bit):	4.526171498622949
Encrypted:	false
SSDEEP:	12:1HEJsZUkbGGsZUkb+WYpU34OAE+dgqxKzO8ZpU34rEpBfvPO03OyZnLAOfTYLD:1HEmUka5Uk6WYpFvdxZ8ZpSTnPlOGAOS
MD5:	750A4800EDB93FBE56495963F9FB3B94
SHA1:	8BFB915488A4EB3CB33D68E2E59F1F8447DB7D61
SHA-256:	C1C94F65FABAF17DEF98A8587711A56D61B1E5607500E9B01F2824DB109F9E83
SHA-512:	2AEDEF5793406221BE76AF22031CE8C30AB5FAEAED09BB394C153E2EBE990C89C1A2A73B40D8A92842641AFCA8C77FFD808A2058602D3646FD8DAE2844406F24
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Pagamentos via Chrome Web Store".. },.. "app_name": {.. "message": "Pagamentos via Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Aplica..o atualmente indispon.vel.".. },.. "craw_connect_to_network": {.. "message": "Ligue-se a uma rede.".. },.. "iap_unavailable": {.. "message": "Os Pagamentos na app est.o atualmente indispon.veis.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Inicie sess.o no Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\ro\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	641
Entropy (8bit):	4.61125938671415
Encrypted:	false
SSDEEP:	12:1HEJqJrJZGGqJrJZ+WYpU344HIx2Z+dgrVPlZO8ZpU34qT7hI3O03OyZnLAOfTYU:1HEC4D8WYpKow8WV68ZpKhoOGAOfoVGD
MD5:	98D43E4B1054A65DF3FA3CC40AB6FB6D
SHA1:	46E0A21C4DA2BB5D4D8F837AE211C1B6FA26E7E2
SHA-256:	113A13900CBA62FE8AED06751971C23A80A99B47F9BE219CF884D57DB19611D9
SHA-512:	A76DC53912A4F46714926B9EA2B22E909540E447F61F6DD72607AB7B3BB5D4A9B39E525B04C33AEC53BA813D14AC1FB5827275B2524E52B693E83171E1CD1466
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Pl..i prin Magazinul web Chrome".. },.. "app_name": {.. "message": "Pl..i prin Magazinul web Chrome".. },.. "craw_app_unavailable": {.. "message": ".n prezent, aplica.ia nu este disponibil..".. },.. "craw_connect_to_network": {.. "message": "Conecteaz.-te la o re.ea.".. },.. "iap_unavailable": {.. "message": "Pl..ile .n aplica.ie nu sunt disponibile momentan.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Conecteaz.-te la Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\ru\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	744
Entropy (8bit):	4.918620852166656
Encrypted:	false
SSDEEP:	12:1HEJ7OJHZMSl3ZGG7OJHZMSl3Z+WYpU34zWJ2F+dgVtLSv/TO8ZpU347NWjT03On:1HElOJHZMq4uOJHZMq8WYpdWJ/YGHq8m
MD5:	DB2EDF1465946C06BD95C71A1E13AE64
SHA1:	FB4F3ECE9ECECEBBC6CA2A592A15FB9C1FDFB811
SHA-256:	FBAF22CE6E16DE174CED8CB5EA3098CCA1C3426A2111FF33BD3E64DA64ED67AB
SHA-512:	4E0CF00BAEF1757548DEB17BBE1AF55770A0A0F7351779EF55C7DEFA6D112D0227B8865C2C22E0EC62E6E2F1C8E1632A2D0CE6828D25C5ABBF143C990116F632
Malicious:	false
Preview:	{.. "app_description": {.. "message": "......... ....... ........-........ Chrome".. },.. "app_name": {.. "message": "......... ....... ........-........ Chrome".. },.. "craw_app_unavailable": {.. "message": ".......... ...........".. },.. "craw_connect_to_network": {.. "message": "............ . .....".. },.. "iap_unavailable": {.. "message": "....... ..... .......... ...........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "....... . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\sk\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	647
Entropy (8bit):	4.640777810668463
Encrypted:	false
SSDEEP:	12:1HEJfZGGfZ+WYpU34ORO+dgmmCO8ZpU34yH7u2Z03OyZnLAOfTYCUAi0D:1HEl4G8WYpetPmD8ZpcH7aOGAOfzUeD
MD5:	8DF215D1EFBDABB175CCDD68ED8DCB0A
SHA1:	2B374462137A38589A73FDD00A84CBDC7E50F9F4
SHA-256:	7FA16AF97E6CFC52EC6008EB679D3F30E7E0C24F9EF2D18A9228EAF4DED9D63B
SHA-512:	C0E623343BDAEB4731800D183B59F2FCFE285F0C7153EC99641FD84F2F2DCFE47D21E73F3D28B1240340453C5668EB0AFFBE087AAB62F1C88CD2A40CC44E599D
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "app_name": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplik.cia moment.lne nie je dostupn..".. },.. "craw_connect_to_network": {.. "message": "Pripojte sa k sieti.".. },.. "iap_unavailable": {.. "message": "Platby v aplik.cii moment.lne nie s. k dispoz.cii.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prihl.ste sa do prehliada.a Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\sl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	617
Entropy (8bit):	4.5101656584816885
Encrypted:	false
SSDEEP:	12:1HEJGcyvmbZGGGcyvmbZ+WYpU34OBOEtf+dgca1ZO8ZpU34GcQArERff03OyZnLh:1HE4cyY4TcyY8WYpNoWa1w8ZpQcQ6AfK
MD5:	3943FA2A647AECEDFD685408B27139EE
SHA1:	0129DD19D28373359530B3B477FE8A9279DABB7D
SHA-256:	18AFF072EE0DF7C3495045435C752A805606E6D5D462EF2321C443F1773F4B3A
SHA-512:	42E62B3855611FF2E1D39C11404CB1A09825EE4CA6A8ACB3FF538B4574388F549E3BD79137DD4DC128A8DC44DD270D7D878E4AAD20DA8250A5C25297B0DEC09D
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Pla.ila v spletni trgovini Chrome".. },.. "app_name": {.. "message": "Pla.ila v spletni trgovini Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplikacija trenutno ni na voljo.".. },.. "craw_connect_to_network": {.. "message": "Pove.ite se z omre.jem.".. },.. "iap_unavailable": {.. "message": "Pla.ila v aplikacijah trenutno niso na voljo.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prijavite se v Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\sr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	743
Entropy (8bit):	4.913927107235852
Encrypted:	false
SSDEEP:	12:1HEJssbdOGGssbdO+WYpU347xBP+dgcucO8ZpU34s1muP03OyZnLAOfTYzDYD:1HEKsb59sbTWYplx4Xud8Zpy1mNOGAOv
MD5:	D485DF17F085B6A37125694F85646FD0
SHA1:	24D51D8642CDC6EFD5D8D7A4430232D8CDE25108
SHA-256:	7FFDE34C58E7C376C042DE64DEF6481DAE32BE8B70F0B18EDF536290CBE0C818
SHA-512:	0DDECFD860E99290B6C3AAA04F510272AE081CF2D93ED5832D9D6378EC9D36177FFBE213471247FB94721EA34A83E7665669200047091D0FDE134E3D763217E7
Malicious:	false
Preview:	{.. "app_description": {.. "message": "....... . Chrome ...-..........".. },.. "app_name": {.. "message": "....... . Chrome ...-..........".. },.. "craw_app_unavailable": {.. "message": ".......... .. ........ ...........".. },.. "craw_connect_to_network": {.. "message": "........ .. .......".. },.. "iap_unavailable": {.. "message": "....... . .......... .. ........ ...........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "......... .. . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\sv\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	630
Entropy (8bit):	4.52964089437422
Encrypted:	false
SSDEEP:	12:1HEJJMkbGGJMkb+WYpU34OACwz+dgNPGFZO8ZpU34JgpXLSb03OyZnLAOfTYLdID:1HErMkaqMk6WYpTOcb8ZpDgdZOGAOf8Y
MD5:	D372B8204EB743E16F45C7CBD3CAAF37
SHA1:	C96C57219D292B01016B37DCF82E7C79AD0DD1E8
SHA-256:	B8BA77E0089B0676545EC16D32468B727812B444F90B33A7A5B748E6C36C4388
SHA-512:	33640529E0D5DCC5CA4BDB0615A2818E8D26C6FCB7B3474C08AC3EB67B9DB40E1F0A79954ED20728CD47A686D2533DCBC76ABCBDB917F8530C8DE8BBA687352E
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Betalning via Chrome Web Store".. },.. "app_name": {.. "message": "Betalning via Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Appen .r inte tillg.nglig f.r tillf.llet.".. },.. "craw_connect_to_network": {.. "message": "Anslut till ett n.tverk.".. },.. "iap_unavailable": {.. "message": "Betalning i appen .r inte tillg.ngligt f.r n.rvarande.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Logga in i Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\th\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	945
Entropy (8bit):	4.801079428724355
Encrypted:	false
SSDEEP:	24:1HEKa1dDa1/WYp6UFi72SmlG8ZpyactrW2SAOGAOfvSLD:WK2DNYp6U4y3bpyLxwGFW
MD5:	83E2D1E97791A4B2C5C69926EFB629C9
SHA1:	429600425CB0F196DDD717F940E94DBD8BFF2837
SHA-256:	2FECA577F43D97BAEEA464741D585892103585208FD0A935B810A03BDCE83C88
SHA-512:	60A5928DAA8CB4341487F477C56B5A98B83EDE50E5F4F55A802E01FDDAB86F3E795D391953D3D9214552D14D3F58C5A183693C613720FC12FC387D7B8F9B9AB6
Malicious:	false
Preview:	{.. "app_description": {.. "message": "............... Chrome .........".. },.. "app_name": {.. "message": "............... Chrome .........".. },.. "craw_app_unavailable": {.. "message": ".............................".. },.. "craw_connect_to_network": {.. "message": ".........................".. },.. "iap_unavailable": {.. "message": "...............................................".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "................. Chrome".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\tr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	631
Entropy (8bit):	4.710869622361971
Encrypted:	false
SSDEEP:	12:1HEJ9Y8GG9Y8+WYpU34wWT+dgGb0GO8ZpU34wryd7T03OyZnLAOfTYGbPKG:1HE0jWYpyRnG8Zpyr/OGAOfFPn
MD5:	2CEAE0567B6BB1D240BBAD690A98CA3B
SHA1:	5944346FBD4A0797B13223895995CAB58E9ECD23
SHA-256:	A7CB86F30C9C31FE5540282C308BA96ADB4EC16EF98C87129EB88105E5BEF5FC
SHA-512:	108A07C6D03D7178E8D0FFEF5349E0249A898D864964FED8757BD8A08BC1C6D9613F2A6C01AA34A6606127D1C6CE14C229FA02586677DBB060B85E3E845950E1
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome Web Ma.azas. .demeleri".. },.. "app_name": {.. "message": "Chrome Web Ma.azas. .demeleri".. },.. "craw_app_unavailable": {.. "message": "Uygulama .u anda kullan.lam.yor.".. },.. "craw_connect_to_network": {.. "message": "L.tfen bir a.a ba.lan.n.".. },.. "iap_unavailable": {.. "message": "Uygulama ..i .demeler .u anda kullan.lamaz.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "L.tfen Chrome'da oturum a..n.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\uk\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	720
Entropy (8bit):	4.977397623063544
Encrypted:	false
SSDEEP:	12:1HEJ7wILkSlXZGG7wILkSlXZ+WYpU34zb1Oy2P+dgSV1EjiTO8ZpU347qtfP2CTW:1HElwEkK4uwEkK8WYpd/dTV1e8Zptq5S
MD5:	AB0B56120E6B38C42CC3612BE948EF50
SHA1:	8B3F520E5713D9F116D68E71DAEED1F6E8D74629
SHA-256:	68ABA284751EB9C856032062EF9B1651E2A1E5CE5FDA0977FFC97D63BA7BED9E
SHA-512:	CD852A58217F739C1CD58567FF432D31A7AD3F68C884ABBA1DA95799BCD1545C6A5D3B06F319681C12B78AD0A709828DE4B22736316F148D21F5DB76A5BCCBEF
Malicious:	false
Preview:	{.. "app_description": {.. "message": "....... ...-........ Chrome".. },.. "app_name": {.. "message": "....... ...-........ Chrome".. },.. "craw_app_unavailable": {.. "message": "........ ......... ...........".. },.. "craw_connect_to_network": {.. "message": "............. .. .......".. },.. "iap_unavailable": {.. "message": "....... ..... ........ ..... .. .........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "........ . Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\vi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	695
Entropy (8bit):	4.855375139026009
Encrypted:	false
SSDEEP:	12:1HEJMAZrSFZGGMAZrSFZ+WYpU34WFHoz+dgdklzoO8ZpU34NFHoz03OyZnLAOfTU:1HEI4B8WYpAKytFZ8ZpXKMOGAOfd6D
MD5:	7EBB677FEAD8557D3676505225A7249A
SHA1:	F161B4B6001AEAEAB246FF8987F4D992B48D47BE
SHA-256:	051F96ED874C11C4A13589B5F68964E4F5B03B52DDA223D56524F2CA23760C04
SHA-512:	74FD267CF7E299FB8E7054605C3F651F057F676FF865082FA24F4916755456768DB0DA62DBC515D829B48AB1F9CFC8AD3E841DCBF1F194D5CB14C5335A192A0D
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Thanh to.n tr.n c.a h.ng Chrome tr.c tuy.n".. },.. "app_name": {.. "message": "Thanh to.n tr.n c.a h.ng Chrome tr.c tuy.n".. },.. "craw_app_unavailable": {.. "message": ".ng d.ng hi.n kh.ng kh. d.ng.".. },.. "craw_connect_to_network": {.. "message": "Vui l.ng k.t n.i v.i m.ng.".. },.. "iap_unavailable": {.. "message": "Thanh to.n trong .ng d.ng hi.n kh.ng kh. d.ng.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Vui l.ng ..ng nh.p v.o Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\zh_CN\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	595
Entropy (8bit):	5.210259193489374
Encrypted:	false
SSDEEP:	12:1HEJ01GG01+WYpU34zeHz+dgfO8ZpU34YKiO03OyZnLAOfTYB6U:1HEpIWYpISv8Zp+JOGAOfa6U
MD5:	BB73BF561BB79F89D9BF7C67C5AE5C65
SHA1:	2FADD3A1959B29C44830033A35C637D0311A8C9C
SHA-256:	D804F2A040D21D7511EFD5213D8E1721D64964A1A0DBB48E21622CEEDC9D967E
SHA-512:	627D44CEF1FE5C5ABD598BD47FF5E22B9EFC1CF98DDE3868FA9E5896C134A0C9C055AC34EDDADAE56B6690E51AEA89965D38F770552A85C732CC796795DC68D2
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome .........".. },.. "app_name": {.. "message": "Chrome .........".. },.. "craw_app_unavailable": {.. "message": ".........".. },.. "craw_connect_to_network": {.. "message": ".......".. },.. "iap_unavailable": {.. "message": "............".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "... Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\_locales\zh_TW\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	634
Entropy (8bit):	5.386215984611281
Encrypted:	false
SSDEEP:	12:1HEJ2j62GG2j62+WYpU34m7T+dgc8nOO8ZpU34mvIO03OyZnLAOfTYAuH:1HEuSZCWYpsStwP8ZpROGAOfCH
MD5:	5FF50C673CC0C661D615F0CFD0E6DCA0
SHA1:	60DFF98DEAB9C4746B288BDD9C94B3BCAE5EAA85
SHA-256:	C6F8C640F3353A7B9B1432A0C139C1AEEC40133800E6C9B467B63991AD660308
SHA-512:	361D62D91F4931C5F34092C9F2C6A5323D5EEB82A24E7ABE11F7817D8D66341C0ECAD4DCB4B10873920C8D6A3CC9F5704889E178EB2549001A9F62BEDF6C8019
Malicious:	false
Preview:	{.. "app_description": {.. "message": "Chrome ............".. },.. "app_name": {.. "message": "Chrome ............".. },.. "craw_app_unavailable": {.. "message": ".............".. },.. "craw_connect_to_network": {.. "message": "......".. },.. "iap_unavailable": {.. "message": "................".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "... Chrome.".. }..}..

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\images\icon_128.png Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	4364
Entropy (8bit):	7.915848007375225
Encrypted:	false
SSDEEP:	96:YjlLDJjTvXUtNvX8dgb9HT6y8nviyHG5iCRYtIP:YtNTfUzvX8KM+MGRsIP
MD5:	4DBC9F9E6F5A08D299BAC9E54DF07694
SHA1:	BB38F5DE34B1E0BE1109220BA55271087A4D9EA5
SHA-256:	91C2718DD23B4356D71F88F6146868369033291086DF327534546DFA459BEB0E
SHA-512:	A5F2B1F47502836130D8083F757B7773C1E1CB36B76AD298CC29AB2B428C8002D2F15BD839838FC326DAC3681C2F48AB25A3E7631D33726C4B25E8EC14170912
Malicious:	false
Preview:	.PNG........IHDR..............>a.....IDATx..yp.....gF#.:,[H.l.l..8...`/.k....,!a7Km...E...Te..T.....J...p....%.(....+...3....eY.e...L.o...5....h4...\....{?....~.u.`0.....`0.....`0.....`.Y......[(.......).4....ai..w38.+....Bf././..]...{......8...3.....3W~OJ.. /...u6V.C..U.0.+._=.c..9.X.?....L....S@.L...m.0..>.C...L\|TF.p5..f4M.,.V....8..a.<...RP..@)E,..E"...h.....!...-....,I..T..........m..._[[{w{{....{.^......M.x..h4.h.....\.R.E....j).7.....h4.A.E....,. ...iii.Vj?2...=/.B.FK9P..@)=Rj..D".Y...2.B..x.}0...&J...2.......f.O..e.H.....!.J)'I..R....B............QJ;K..L...L.l".L~mhh.R.@).FFF~.L&...~.B.......u.........}.....~.....f..yUU...........^M...6......].,w.e..~.!$.C.R.....E(%e9.,....k..@...W8.........@...........O..@%.~..@.S..P.....`Tp...."...?ME..c......s...`..S1...7.b..aNE..k...3.yP.}.Ch.}......B..........IPE..C.<....T....k......Z..o_......g........P..A=y.J.)h..@.q.-.].AU.4...F.M.....y%B]+ .\.~..9......:..=...r.....E].o...F..P........i...\|....

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\images\icon_16.png Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	558
Entropy (8bit):	7.505638146035601
Encrypted:	false
SSDEEP:	12:6v/7vyVgSKYsfFzXxXsrPfA+b0YX+5IOUWCQKznuow7:6yVnKYsfFzhXsrIq0YXmgQGn6
MD5:	FB9C46EA81AD3E456D90D58697C12C06
SHA1:	5FC450F7D73CCFAC8F0D818CB3392BA4D91B69DE
SHA-256:	016CA659BA080E194FBFC0929602B16506ED60AA6019FAA51410C4FD93B583E8
SHA-512:	ADD810EE9EB7CAEC505B5FD90A1F184CE39D8F8C689DCC240F188FE353B9575489492E07D572A3B1C11A1555CE66AFCA5134903E4C1AA3D54BC7C5ED3E65B50C
Malicious:	false
Preview:	.PNG........IHDR................a....IDAT8...Mk.Q...;... .....F..QW.....F....J.?.w..7~......'.Q..B]... .QS...M&_w..b&.\|`......p...f.?.D$.y^..........y...\..Z..t6..oRj.@&.u..G.qN).t.-V.>(.N.Ep]wFk.60o.]0.`Y..cT..Y.Tb.`DF.d..s.Z..E..9.4._C.._...%..*.^....4.l...Y..X..R..../...Wj+w0[.].._B.k.${.\.>.%...........lz .w.ALxo.2;..a...".p..S..&..uXS...<..6..[..zD.._.N+w.WbM7ye6X<...'(,=.r}........$f..5..P....k..."..8.s.<zgSm@.....).Y.....:e..\|.....F...I..A$.....T?.....m....8.........N...z.....V..vd.h'....C.?.....H.;]..C.M.....9.b......IEND.B`.

C:\Users\user\AppData\Local\Temp\scoped_dir5228_603165550\CRX_INSTALL\manifest.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	1322
Entropy (8bit):	5.449026004350873
Encrypted:	false
SSDEEP:	24:1HEis7ViC/yox/fiqeUoLFlmF1s80FKrGfd0d3NZNZx1Fq7eY7nfj1B:WL7V2opiV1mvs8rxTZRczhB
MD5:	01334FB9D092AF2AA46C4185E405C627
SHA1:	47AD3C0E82362FFE5B881DF8D71D6F79AB7F5796
SHA-256:	F52714812D68C577A445169D11E84DF6751C2D6886BC429643072BB5D61C6C27
SHA-512:	888D96ADB7A847ABE472145258C8C46950EB2FA3BA7D596C2E90A17C8FB06FD0155C56CC8ABA5D076D89368417464BCB2D236F9E40E53241950A01F9F8ED548F
Malicious:	false
Preview:	{.. "app": {.. "background": {.. "scripts": [ "craw_background.js" ].. }.. },.. "default_locale": "en",.. "description": "__MSG_APP_DESCRIPTION__",.. "display_in_launcher": false,.. "display_in_new_tab_page": false,.. "icons": {.. "128": "images/icon_128.png",.. "16": "images/icon_16.png".. },.. "key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrKfMnLqViEyokd1wk57FxJtW2XXpGXzIHBzv9vQI/01UsuP0IV5/lj0wx7zJ/xcibUgDeIxobvv9XD+zO1MdjMWuqJFcKuSS4Suqkje6u+pMrTSGOSHq1bmBVh0kpToN8YoJs/P/yrRd7FEtAXTaFTGxQL4C385MeXSjaQfiRiQIDAQAB",.. "manifest_version": 2,.. "minimum_chrome_version": "29",.. "name": "__MSG_APP_NAME__",.. "oauth2": {.. "auto_approve": true,.. "client_id": "203784468217.apps.googleusercontent.com",.. "scopes": [ "https://www.googleapis.com/auth/sierra", "https://www.googleapis.com/auth/sierrasandbox", "https://www.googleapis.com/auth/chromewebstore", "https://www.googleapis.com/auth/chromewebstore.readonly" ].. },.

Static File Info

General
File type:	PDF document, version 1.4
Entropy (8bit):	7.8555115777710185
TrID:	Adobe Portable Document Format (5005/1) 100.00%
File name:	reflective_practice_template_nhs[1].pdf
File size:	77482
MD5:	bd93c6b39cf6fbfb5f2009a320f70ab2
SHA1:	bc2b60452dbe4994d0d1d8ab2a769b278a5cd58d
SHA256:	834c0a2229054d27ad6ce7ff422a332cd18694bd828c4a4b3a4745b0086fe144
SHA512:	6ffd02d1814d431e47e35380d8486d83581c7ddbea3d8c41cc6f945cd9f729b268db10b8430a9522a68d88be8078c0ef1887548645ed3d052ab8ba4ffeea5446
SSDEEP:	1536:aBIr7KJz2GYsWHJC6Ii6llkX7631diMy1qDmHg686/3OdoB4aKr2:aIqJRYDVdSlauaMyfHW6vOdoD
File Content Preview:	%PDF-1.4.1 0 obj.<<./Title (...R.e.f.l.e.c.t.i.v.e. .p.r.a.c.t.i.c.e. .t.e.m.p.l.a.t.e. .n.h.s)./Creator (...w.k.h.t.m.l.t.o.p.d.f. .0...1.2...5)./Producer (...Q.t. .4...8...7)./CreationDate (D:20201226070235+02'00').>>.endobj.3 0 obj.<<./Type /ExtGState.

File Icon


Icon Hash:	74ecccdcd4ccccf0

Static PDF Info

General
Header:	%PDF-1.4
Total Entropy:	7.855512
Total Bytes:	77482
Stream Entropy:	7.962804
Stream Bytes:	67016
Entropy outside Streams:	0.000000
Bytes outside Streams:	10466
Number of EOF found:	2
Bytes after EOF:

Keywords Statistics

Name	Count
obj	59
endobj	59
stream	9
endstream	9
xref	2
trailer	2
startxref	2
/Page	3
/Encrypt	0
/ObjStm	0
/URI	36
/JS	0
/JavaScript	0
/AA	0
/OpenAction	0
/AcroForm	0
/JBIG2Decode	0
/RichMedia	0
/Launch	0
/EmbeddedFile	0

Image Streams

ID	DHASH	MD5	Preview
6	a384748d4c708482	daa2c2339df02c1e53080c829697ba54

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
May 4, 2021 21:38:26.499306917 CEST	49720	443	192.168.2.5	172.67.171.190
May 4, 2021 21:38:26.500466108 CEST	49721	443	192.168.2.5	172.67.171.190
May 4, 2021 21:38:26.546581984 CEST	443	49720	172.67.171.190	192.168.2.5
May 4, 2021 21:38:26.546673059 CEST	49720	443	192.168.2.5	172.67.171.190
May 4, 2021 21:38:26.548687935 CEST	49720	443	192.168.2.5	172.67.171.190
May 4, 2021 21:38:26.553060055 CEST	443	49721	172.67.171.190	192.168.2.5
May 4, 2021 21:38:26.553150892 CEST	49721	443	192.168.2.5	172.67.171.190
May 4, 2021 21:38:26.553466082 CEST	49721	443	192.168.2.5	172.67.171.190
May 4, 2021 21:38:26.598124981 CEST	443	49720	172.67.171.190	192.168.2.5
May 4, 2021 21:38:26.602190018 CEST	443	49720	172.67.171.190	192.168.2.5
May 4, 2021 21:38:26.602209091 CEST	443	49720	172.67.171.190	192.168.2.5
May 4, 2021 21:38:26.602276087 CEST	49720	443	192.168.2.5	172.67.171.190
May 4, 2021 21:38:26.607814074 CEST	443	49721	172.67.171.190	192.168.2.5
May 4, 2021 21:38:26.630072117 CEST	443	49721	172.67.171.190	192.168.2.5
May 4, 2021 21:38:26.630100012 CEST	443	49721	172.67.171.190	192.168.2.5
May 4, 2021 21:38:26.630148888 CEST	49721	443	192.168.2.5	172.67.171.190
May 4, 2021 21:38:26.896550894 CEST	49720	443	192.168.2.5	172.67.171.190
May 4, 2021 21:38:26.897952080 CEST	49721	443	192.168.2.5	172.67.171.190
May 4, 2021 21:38:26.898128986 CEST	49721	443	192.168.2.5	172.67.171.190
May 4, 2021 21:38:26.898354053 CEST	49720	443	192.168.2.5	172.67.171.190
May 4, 2021 21:38:26.899033070 CEST	49720	443	192.168.2.5	172.67.171.190
May 4, 2021 21:38:26.943882942 CEST	443	49720	172.67.171.190	192.168.2.5
May 4, 2021 21:38:26.944109917 CEST	443	49720	172.67.171.190	192.168.2.5
May 4, 2021 21:38:26.945487022 CEST	443	49720	172.67.171.190	192.168.2.5
May 4, 2021 21:38:26.945506096 CEST	443	49720	172.67.171.190	192.168.2.5
May 4, 2021 21:38:26.945570946 CEST	49720	443	192.168.2.5	172.67.171.190
May 4, 2021 21:38:26.950594902 CEST	443	49721	172.67.171.190	192.168.2.5
May 4, 2021 21:38:26.951157093 CEST	49720	443	192.168.2.5	172.67.171.190
May 4, 2021 21:38:26.951237917 CEST	443	49721	172.67.171.190	192.168.2.5
May 4, 2021 21:38:26.951297998 CEST	49721	443	192.168.2.5	172.67.171.190
May 4, 2021 21:38:26.988168955 CEST	443	49720	172.67.171.190	192.168.2.5
May 4, 2021 21:38:26.998384953 CEST	443	49720	172.67.171.190	192.168.2.5
May 4, 2021 21:38:27.365039110 CEST	443	49720	172.67.171.190	192.168.2.5
May 4, 2021 21:38:27.365052938 CEST	443	49720	172.67.171.190	192.168.2.5
May 4, 2021 21:38:27.365113974 CEST	49720	443	192.168.2.5	172.67.171.190
May 4, 2021 21:38:27.482130051 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:38:27.526329994 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:38:27.526408911 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:38:27.526627064 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:38:27.567907095 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:38:27.569292068 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:38:27.569314003 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:38:27.569322109 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:38:27.569498062 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:38:27.581140041 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:38:27.581270933 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:38:27.581398964 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:38:27.623140097 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:38:27.623433113 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:38:27.623440981 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:38:27.663750887 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:38:27.670895100 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:38:27.728943110 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:38:27.729798079 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:38:27.729832888 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:38:27.729990959 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:38:27.730025053 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:38:27.770852089 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:38:27.772176027 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:38:27.772202015 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:38:27.772216082 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:38:27.879060984 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:38:27.879678965 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:38:27.879744053 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:38:27.922131062 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:38:27.922154903 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:38:35.825896978 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:35.866630077 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:35.866763115 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:35.867098093 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:35.907686949 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:35.914891005 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:35.914917946 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:35.914930105 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:35.914947033 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:35.914963007 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:35.914975882 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:35.915021896 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:35.915153980 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:35.956248045 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:35.956290007 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:35.956568003 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:35.998790026 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:35.999592066 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:35.999854088 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.001430035 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.001724958 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.001769066 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.002005100 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.003222942 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.003273964 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.003361940 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.006061077 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.006102085 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.006180048 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.006253958 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.008982897 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.009037018 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.009109020 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.009233952 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.011787891 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.011857033 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.013674021 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.014609098 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.014653921 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.014703035 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.014826059 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.017524004 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.017566919 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.017680883 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.040617943 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.040716887 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.040770054 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.041934967 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.042018890 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.042069912 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.042141914 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.044835091 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.044929028 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.045100927 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.047768116 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.047854900 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.048026085 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.051412106 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.051474094 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.051601887 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.053361893 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.053440094 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.053514957 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.056334972 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.056377888 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.056703091 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.059195042 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.059250116 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.059359074 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.061989069 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.062043905 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.062633038 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.064829111 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.064876080 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.064980984 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.067414045 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.067456961 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.067768097 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.070031881 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.070071936 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.070183992 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.072571993 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.072601080 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.072860956 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.075167894 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.075195074 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.075357914 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.078104973 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.078125000 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.078305960 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.080518007 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.080535889 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.081374884 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.082948923 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.082968950 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.083189011 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.084897995 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.084918976 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.085123062 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.086718082 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.086750031 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.086857080 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.088356972 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.088380098 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.088804007 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.089999914 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.090023994 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.090142965 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.091756105 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.091806889 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.093467951 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.093518972 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.093614101 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.093677044 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.094974041 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.095026970 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.095190048 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.096554041 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.097124100 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.098239899 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.098279953 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.098413944 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.098433971 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.099874020 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.099936962 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.100127935 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.101418972 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.101459980 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.101581097 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.102998018 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.103033066 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.103219986 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.104629993 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.104665995 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.104788065 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.106237888 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.106275082 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.106481075 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.107844114 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.107882977 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.108053923 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.109483004 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.109524012 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.109694004 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.111049891 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.111098051 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.111177921 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.112695932 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.112754107 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.112859011 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.114299059 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.114373922 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.114609003 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.115932941 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.115994930 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.116390944 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.117291927 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.117435932 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.117574930 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.120726109 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.120796919 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.120893955 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.122927904 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.122994900 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.123739004 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.124721050 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.124794960 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.124958038 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.127890110 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.127912998 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.128009081 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.129518986 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.129786015 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.129905939 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.131088972 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.131122112 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.131231070 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.133850098 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.133888960 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.134082079 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.135519028 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.135550976 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.135668039 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.135818005 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.135850906 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.137017965 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.137044907 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.137120962 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.137142897 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.139734030 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.139769077 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.139946938 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.139990091 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.140057087 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.140963078 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.141014099 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.141061068 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.141136885 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.142175913 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.142200947 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.142680883 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.145284891 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.145324945 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.145353079 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.145373106 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.145591974 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.147121906 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.147150993 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.147253990 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.150455952 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.150485039 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.150509119 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.150532007 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.150662899 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.151778936 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.151812077 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.152365923 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.155678034 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.155720949 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.155750990 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.155782938 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.155822039 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.155847073 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.155895948 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.157012939 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.157038927 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.157177925 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.162136078 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.162168026 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.162218094 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.162298918 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.162317991 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.164350033 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.164376020 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.164402008 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.164505005 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.168605089 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.168750048 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.168777943 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.168802977 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.168957949 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.170474052 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.170491934 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.170504093 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.170881987 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.174693108 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.174722910 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.174746037 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.174858093 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.174884081 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.174978971 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.176464081 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.176481962 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.176517010 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.176601887 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.176659107 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.177674055 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.177696943 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.177721977 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.177917004 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.180509090 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.180531979 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.180551052 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.180780888 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.181644917 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.181670904 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.181691885 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.181921005 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.183361053 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.183389902 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.183418036 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.183486938 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.183629036 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.186623096 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.186657906 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.186682940 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.186841965 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.187890053 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.187933922 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.187968969 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.188010931 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.188369989 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.191203117 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.191232920 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.191257954 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.191664934 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.191730022 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.192198038 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.193021059 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.193049908 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.193079948 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.194389105 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.196504116 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.196537971 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.196795940 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.197793007 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.197828054 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.197868109 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.197901011 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.199317932 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.202922106 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.202959061 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.202990055 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.203115940 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.205132961 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.205169916 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.205202103 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.205286980 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.205674887 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.210814953 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.210865021 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.210901976 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.211034060 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.211457968 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.211499929 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.211536884 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.212133884 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.216090918 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.216123104 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.216145039 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.216161966 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.216175079 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.216257095 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.216300011 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.217216015 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.217235088 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.217328072 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.217379093 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.217479944 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.218470097 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.218491077 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.218506098 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.219170094 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.221450090 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.221476078 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.221492052 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.221581936 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.221632004 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.221862078 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.221880913 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.221895933 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.222708941 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.222728014 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.222745895 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.222769976 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.222842932 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.222863913 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.223459005 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.223504066 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.223521948 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.223722935 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.224303961 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.224324942 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.224343061 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.224431992 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.224474907 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.225195885 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.225214005 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.225229979 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.225327015 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.226078033 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.226100922 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.226119995 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.226138115 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.226206064 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.226241112 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.227499008 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.227524996 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.227545023 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.227602959 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.227915049 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.227936983 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.227955103 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.228058100 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.228708982 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.228729963 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.228748083 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.228776932 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.229521036 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.229542017 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.229552031 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.229562044 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.229700089 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.230359077 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.230403900 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.230427027 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.230441093 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.230514050 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.231635094 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.231656075 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.231677055 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.232074976 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.232141972 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.232180119 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.232213020 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.232309103 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.232945919 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.232985973 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.233021975 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.233470917 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.235001087 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.235136032 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.235829115 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.235867977 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.236357927 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.237494946 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.237617970 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.237693071 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.239912033 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.239975929 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.240001917 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.240209103 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.243762970 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.243799925 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.243823051 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.243912935 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.245959044 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.246026039 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.246202946 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.251770020 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.251895905 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.251956940 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.252033949 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.252731085 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.252769947 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.252814054 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.253009081 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.256952047 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.256989956 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.257026911 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.257136106 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.257177114 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.257213116 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.257247925 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.257288933 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.257373095 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.259774923 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.259829044 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.259871960 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.260154009 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.260193110 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.260195971 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.260237932 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.260242939 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.262331963 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.262382030 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.262383938 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.262631893 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.263400078 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.263446093 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.263485909 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.263530016 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.263737917 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.263778925 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.263827085 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.263865948 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.263889074 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.264626026 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.264686108 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.264729977 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.264771938 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.265431881 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.265474081 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.265522003 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.265809059 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.265834093 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.266067982 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.266109943 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.266226053 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.267065048 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.267116070 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.267159939 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.267384052 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.268168926 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.268212080 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.268345118 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.268383026 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.268625021 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.268672943 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.268714905 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.268724918 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.268758059 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.268840075 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.270226955 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.270281076 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.270323992 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.270360947 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.270404100 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.271096945 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.271853924 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.271894932 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.271925926 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.271954060 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.272217989 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.272965908 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.273037910 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.273083925 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.273106098 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.273189068 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.273303032 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.273359060 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.273441076 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.274019003 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.274064064 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.274100065 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.274147987 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.274190903 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.274202108 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.274234056 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.277205944 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.277254105 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.277292967 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.277333021 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.277386904 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.277415991 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.277466059 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.277587891 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.277652979 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.277695894 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.277731895 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.277780056 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.277808905 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.277823925 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.277920008 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.278589964 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.278634071 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.278672934 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.278712034 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.278723001 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.278759003 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.278768063 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.279573917 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.279618025 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.279668093 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.279670000 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.279711962 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.279759884 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.280392885 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.280437946 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.280477047 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.280515909 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.280538082 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.280555010 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.281330109 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.281373024 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.281440973 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.281482935 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.281534910 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.281574011 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.281620979 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.282202959 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.282260895 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.282300949 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.282331944 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.282371044 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.282953978 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.282993078 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.283068895 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.283107996 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.283154964 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.283196926 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.283235073 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.283385992 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.284018040 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.284059048 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.284068108 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.284097910 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.284137011 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.284205914 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.284271002 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.284749031 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.284790039 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.284837008 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.284878016 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.284915924 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.284934998 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.284974098 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.285789013 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.285830975 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.285871029 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.285909891 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.285908937 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.285950899 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.285953045 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.286011934 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.286644936 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.286684036 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.286722898 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.286758900 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.286767960 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.286807060 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.286843061 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.287648916 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.287702084 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.287739038 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.287786007 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.287827969 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.287915945 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.287981033 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.288557053 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.288599968 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.288638115 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.288676023 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.289254904 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.289298058 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.289299011 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.289338112 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.289367914 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.289418936 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.290102959 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.290143013 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.290179968 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.290225983 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.290267944 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.290518045 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.290551901 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.290558100 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.290563107 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.291049004 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.291093111 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.291131973 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.291168928 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.291207075 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.291210890 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.291975021 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.292015076 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.292064905 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.292072058 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.292104006 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.292150974 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.292190075 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.292383909 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.292920113 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.292963028 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.292999983 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.293037891 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.293076038 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.293195963 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.295753002 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.295793056 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.295831919 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.295871019 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.295907021 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.296004057 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.299638033 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.299690962 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.299727917 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.299731970 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.299767971 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.299803019 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.299804926 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.299951077 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.302894115 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.302939892 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.302978992 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.303016901 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.303064108 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.303066969 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.304702044 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.305109024 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.305160999 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.305202961 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.305241108 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.305249929 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.305315018 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.306277037 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.306319952 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.306356907 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.306372881 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.306406021 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.306437969 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.306451082 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.306606054 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.308454037 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.308495045 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.308511972 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.308537006 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.308576107 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.308603048 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.308614016 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.308618069 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.308929920 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.310019970 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.310065985 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.310102940 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.310149908 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.310151100 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.310194016 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.310726881 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.311166048 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.311209917 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.311247110 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.311285019 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.311285973 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.311317921 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.311322927 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.311686993 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.312762976 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.312803030 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.312840939 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.312877893 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.312885046 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.312927008 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.313894987 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.313936949 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.313952923 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.313976049 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.314013004 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.314014912 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.316087961 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.316102982 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.316144943 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.316194057 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.316236019 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.316274881 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.316282988 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.316312075 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.316623926 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.316667080 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.316704988 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.316709042 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.316744089 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.316745043 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.316785097 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.318095922 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.320069075 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.320111036 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.320149899 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.320192099 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.320194960 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.320230007 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.320238113 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.320348978 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.320516109 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.320566893 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.320609093 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.320646048 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.320647955 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.320686102 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.320792913 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.321468115 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.321516037 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.321554899 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.321593046 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.321686029 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.322278023 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.322321892 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.322357893 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.322403908 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.322448969 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.322451115 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.322580099 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.323105097 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.323148966 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.323185921 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.323234081 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.323245049 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.323277950 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.323337078 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.323910952 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.323955059 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.323992014 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.324029922 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.324049950 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.324069977 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.324079990 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.324182034 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.325525999 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.325570107 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.325608015 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.325647116 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.325685978 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.325694084 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.325730085 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.325735092 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.325958014 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.326000929 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.326040030 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.326076984 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.326425076 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.326472044 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.326497078 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.326510906 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.326549053 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.326559067 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.326601982 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.326639891 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.326699018 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.328488111 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.328541994 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.328603029 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.328645945 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.328684092 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.328722000 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.328759909 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.328790903 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.328797102 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.328835964 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.328872919 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.328875065 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.328882933 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.328908920 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.328938961 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.329261065 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.329319954 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.329358101 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.329442978 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.329504013 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.329545975 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.329993963 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.330034971 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.330039024 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.330085993 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.330123901 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.330136061 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.330162048 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.330190897 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.330197096 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.330229044 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.330231905 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.330269098 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.330302954 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.330883980 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.330924034 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.330960035 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.330996037 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.331054926 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.331089973 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.331090927 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.331129074 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.331162930 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.331831932 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.331876040 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.331909895 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.331934929 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.331943035 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.331945896 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.331983089 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.332026005 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.332065105 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.332292080 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.332803011 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.332843065 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.332876921 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.332904100 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.332920074 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.332954884 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.333256960 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.333306074 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.333345890 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.333396912 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.333399057 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.333441973 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.333447933 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.333486080 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.333519936 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.333699942 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.334180117 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.334220886 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.334254980 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.334290981 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.334326029 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.334326982 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.334357023 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.334369898 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.334409952 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.334445953 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.334954977 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.334990978 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.335026026 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.335061073 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.335074902 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.335094929 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.335097075 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.335134029 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.335169077 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.335170031 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.335211992 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.335921049 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.335961103 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.335978031 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.336124897 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.336158991 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:38:36.336431980 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.338385105 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:38:36.384671926 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:39:12.375106096 CEST	49720	443	192.168.2.5	172.67.171.190
May 4, 2021 21:39:12.422496080 CEST	443	49720	172.67.171.190	192.168.2.5
May 4, 2021 21:39:12.937624931 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:39:12.980689049 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:39:21.391519070 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:39:21.432180882 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:39:57.437422037 CEST	49720	443	192.168.2.5	172.67.171.190
May 4, 2021 21:39:57.486532927 CEST	443	49720	172.67.171.190	192.168.2.5
May 4, 2021 21:39:57.984311104 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:39:58.025279999 CEST	443	49731	35.190.80.1	192.168.2.5
May 4, 2021 21:40:06.438230038 CEST	49742	443	192.168.2.5	216.58.212.129
May 4, 2021 21:40:06.478890896 CEST	443	49742	216.58.212.129	192.168.2.5
May 4, 2021 21:40:42.501061916 CEST	49720	443	192.168.2.5	172.67.171.190
May 4, 2021 21:40:42.550102949 CEST	443	49720	172.67.171.190	192.168.2.5
May 4, 2021 21:40:43.047976017 CEST	49731	443	192.168.2.5	35.190.80.1
May 4, 2021 21:40:43.089164019 CEST	443	49731	35.190.80.1	192.168.2.5

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
May 4, 2021 21:37:08.559087038 CEST	54302	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:08.610784054 CEST	53	54302	8.8.8.8	192.168.2.5
May 4, 2021 21:37:09.684544086 CEST	53784	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:09.736143112 CEST	53	53784	8.8.8.8	192.168.2.5
May 4, 2021 21:37:10.733546972 CEST	65307	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:10.782202959 CEST	53	65307	8.8.8.8	192.168.2.5
May 4, 2021 21:37:11.574794054 CEST	64344	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:11.604474068 CEST	62060	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:11.623424053 CEST	53	64344	8.8.8.8	192.168.2.5
May 4, 2021 21:37:11.661849976 CEST	53	62060	8.8.8.8	192.168.2.5
May 4, 2021 21:37:11.970403910 CEST	61805	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:12.023178101 CEST	53	61805	8.8.8.8	192.168.2.5
May 4, 2021 21:37:12.251667976 CEST	54795	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:12.300272942 CEST	53	54795	8.8.8.8	192.168.2.5
May 4, 2021 21:37:12.804617882 CEST	49557	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:12.853354931 CEST	53	49557	8.8.8.8	192.168.2.5
May 4, 2021 21:37:14.100409031 CEST	61733	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:14.151990891 CEST	53	61733	8.8.8.8	192.168.2.5
May 4, 2021 21:37:14.999650002 CEST	65447	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:15.061435938 CEST	53	65447	8.8.8.8	192.168.2.5
May 4, 2021 21:37:15.845446110 CEST	52441	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:15.910669088 CEST	53	52441	8.8.8.8	192.168.2.5
May 4, 2021 21:37:16.822905064 CEST	62176	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:16.874618053 CEST	53	62176	8.8.8.8	192.168.2.5
May 4, 2021 21:37:18.192969084 CEST	59596	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:18.241823912 CEST	53	59596	8.8.8.8	192.168.2.5
May 4, 2021 21:37:19.781933069 CEST	65296	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:19.833367109 CEST	53	65296	8.8.8.8	192.168.2.5
May 4, 2021 21:37:27.594858885 CEST	63183	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:27.655883074 CEST	53	63183	8.8.8.8	192.168.2.5
May 4, 2021 21:37:33.514880896 CEST	56969	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:33.525307894 CEST	60151	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:33.578533888 CEST	53	56969	8.8.8.8	192.168.2.5
May 4, 2021 21:37:33.584152937 CEST	53	60151	8.8.8.8	192.168.2.5
May 4, 2021 21:37:34.509531975 CEST	56969	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:34.556298971 CEST	60151	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:34.572967052 CEST	53	56969	8.8.8.8	192.168.2.5
May 4, 2021 21:37:34.614694118 CEST	53	60151	8.8.8.8	192.168.2.5
May 4, 2021 21:37:34.791640997 CEST	55161	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:34.840599060 CEST	53	55161	8.8.8.8	192.168.2.5
May 4, 2021 21:37:35.525068998 CEST	56969	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:35.525130987 CEST	60151	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:35.577987909 CEST	53	56969	8.8.8.8	192.168.2.5
May 4, 2021 21:37:35.583508968 CEST	53	60151	8.8.8.8	192.168.2.5
May 4, 2021 21:37:37.574147940 CEST	60151	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:37.574263096 CEST	56969	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:37.631937981 CEST	53	60151	8.8.8.8	192.168.2.5
May 4, 2021 21:37:37.634584904 CEST	53	56969	8.8.8.8	192.168.2.5
May 4, 2021 21:37:41.585550070 CEST	56969	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:41.585697889 CEST	60151	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:41.645651102 CEST	53	60151	8.8.8.8	192.168.2.5
May 4, 2021 21:37:41.645669937 CEST	53	56969	8.8.8.8	192.168.2.5
May 4, 2021 21:37:47.127182007 CEST	54757	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:47.189827919 CEST	53	54757	8.8.8.8	192.168.2.5
May 4, 2021 21:37:53.462018967 CEST	49992	53	192.168.2.5	8.8.8.8
May 4, 2021 21:37:53.510936975 CEST	53	49992	8.8.8.8	192.168.2.5
May 4, 2021 21:38:01.786271095 CEST	60075	53	192.168.2.5	8.8.8.8
May 4, 2021 21:38:01.852391005 CEST	53	60075	8.8.8.8	192.168.2.5
May 4, 2021 21:38:03.014508963 CEST	55016	53	192.168.2.5	8.8.8.8
May 4, 2021 21:38:03.155760050 CEST	53	55016	8.8.8.8	192.168.2.5
May 4, 2021 21:38:10.064364910 CEST	64345	53	192.168.2.5	8.8.8.8
May 4, 2021 21:38:10.127238035 CEST	53	64345	8.8.8.8	192.168.2.5
May 4, 2021 21:38:26.434644938 CEST	50394	53	192.168.2.5	8.8.8.8
May 4, 2021 21:38:26.443581104 CEST	58530	53	192.168.2.5	8.8.8.8
May 4, 2021 21:38:26.444751024 CEST	53813	53	192.168.2.5	8.8.8.8
May 4, 2021 21:38:26.444777966 CEST	63732	53	192.168.2.5	8.8.8.8
May 4, 2021 21:38:26.445281982 CEST	57344	53	192.168.2.5	8.8.8.8
May 4, 2021 21:38:26.491827011 CEST	53	50394	8.8.8.8	192.168.2.5
May 4, 2021 21:38:26.501107931 CEST	53	58530	8.8.8.8	192.168.2.5
May 4, 2021 21:38:26.501903057 CEST	53	53813	8.8.8.8	192.168.2.5
May 4, 2021 21:38:26.510008097 CEST	53	57344	8.8.8.8	192.168.2.5
May 4, 2021 21:38:26.522717953 CEST	53	63732	8.8.8.8	192.168.2.5
May 4, 2021 21:38:27.103092909 CEST	54450	53	192.168.2.5	8.8.8.8
May 4, 2021 21:38:27.127974987 CEST	59261	53	192.168.2.5	8.8.8.8
May 4, 2021 21:38:27.151566029 CEST	53	54450	8.8.8.8	192.168.2.5
May 4, 2021 21:38:27.187886953 CEST	53	59261	8.8.8.8	192.168.2.5
May 4, 2021 21:38:27.379429102 CEST	57151	53	192.168.2.5	8.8.8.8
May 4, 2021 21:38:27.437839031 CEST	53	57151	8.8.8.8	192.168.2.5
May 4, 2021 21:38:31.917692900 CEST	65086	53	192.168.2.5	8.8.8.8
May 4, 2021 21:38:31.969430923 CEST	53	65086	8.8.8.8	192.168.2.5
May 4, 2021 21:38:35.767182112 CEST	61004	53	192.168.2.5	8.8.8.8
May 4, 2021 21:38:35.823765039 CEST	53	61004	8.8.8.8	192.168.2.5
May 4, 2021 21:38:36.484782934 CEST	56895	53	192.168.2.5	8.8.8.8
May 4, 2021 21:38:36.541830063 CEST	53	56895	8.8.8.8	192.168.2.5
May 4, 2021 21:38:38.394484997 CEST	62372	53	192.168.2.5	8.8.8.8
May 4, 2021 21:38:38.453613997 CEST	53	62372	8.8.8.8	192.168.2.5
May 4, 2021 21:38:45.240171909 CEST	61515	53	192.168.2.5	8.8.8.8
May 4, 2021 21:38:45.300102949 CEST	53	61515	8.8.8.8	192.168.2.5
May 4, 2021 21:39:04.474723101 CEST	56675	53	192.168.2.5	8.8.8.8
May 4, 2021 21:39:04.532016039 CEST	53	56675	8.8.8.8	192.168.2.5
May 4, 2021 21:39:05.087537050 CEST	57172	53	192.168.2.5	8.8.8.8
May 4, 2021 21:39:05.145929098 CEST	53	57172	8.8.8.8	192.168.2.5
May 4, 2021 21:39:22.280915022 CEST	55267	53	192.168.2.5	8.8.8.8
May 4, 2021 21:39:22.341516018 CEST	53	55267	8.8.8.8	192.168.2.5
May 4, 2021 21:39:22.713802099 CEST	64362	53	192.168.2.5	8.8.8.8
May 4, 2021 21:39:22.776351929 CEST	53	64362	8.8.8.8	192.168.2.5
May 4, 2021 21:39:22.915477991 CEST	54766	53	192.168.2.5	8.8.8.8
May 4, 2021 21:39:22.972810030 CEST	53	54766	8.8.8.8	192.168.2.5
May 4, 2021 21:39:23.426322937 CEST	61446	53	192.168.2.5	8.8.8.8
May 4, 2021 21:39:23.483385086 CEST	53	61446	8.8.8.8	192.168.2.5
May 4, 2021 21:39:49.120502949 CEST	57515	53	192.168.2.5	8.8.8.8
May 4, 2021 21:39:49.271924019 CEST	53	57515	8.8.8.8	192.168.2.5
May 4, 2021 21:39:50.290090084 CEST	58199	53	192.168.2.5	8.8.8.8
May 4, 2021 21:39:50.427409887 CEST	53	58199	8.8.8.8	192.168.2.5
May 4, 2021 21:39:51.934153080 CEST	65221	53	192.168.2.5	8.8.8.8
May 4, 2021 21:39:51.996319056 CEST	53	65221	8.8.8.8	192.168.2.5
May 4, 2021 21:39:52.731506109 CEST	61573	53	192.168.2.5	8.8.8.8
May 4, 2021 21:39:52.792057037 CEST	53	61573	8.8.8.8	192.168.2.5
May 4, 2021 21:39:53.431478977 CEST	56562	53	192.168.2.5	8.8.8.8
May 4, 2021 21:39:53.495619059 CEST	53	56562	8.8.8.8	192.168.2.5
May 4, 2021 21:39:54.963440895 CEST	53591	53	192.168.2.5	8.8.8.8
May 4, 2021 21:39:55.022805929 CEST	53	53591	8.8.8.8	192.168.2.5
May 4, 2021 21:39:55.978914022 CEST	59688	53	192.168.2.5	8.8.8.8
May 4, 2021 21:39:56.040400982 CEST	53	59688	8.8.8.8	192.168.2.5
May 4, 2021 21:39:57.449687004 CEST	56032	53	192.168.2.5	8.8.8.8
May 4, 2021 21:39:57.508286953 CEST	53	56032	8.8.8.8	192.168.2.5
May 4, 2021 21:39:59.670135975 CEST	61150	53	192.168.2.5	8.8.8.8
May 4, 2021 21:39:59.729918957 CEST	53	61150	8.8.8.8	192.168.2.5
May 4, 2021 21:40:00.479609966 CEST	63458	53	192.168.2.5	8.8.8.8
May 4, 2021 21:40:00.537863970 CEST	53	63458	8.8.8.8	192.168.2.5
May 4, 2021 21:40:28.229605913 CEST	50422	53	192.168.2.5	8.8.8.8
May 4, 2021 21:40:28.288954973 CEST	53	50422	8.8.8.8	192.168.2.5

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
May 4, 2021 21:38:10.064364910 CEST	192.168.2.5	8.8.8.8	0xecd	Standard query (0)	traffking.ru	A (IP address)	IN (0x0001)
May 4, 2021 21:38:26.434644938 CEST	192.168.2.5	8.8.8.8	0x110	Standard query (0)	traffking.ru	A (IP address)	IN (0x0001)
May 4, 2021 21:38:27.379429102 CEST	192.168.2.5	8.8.8.8	0x6733	Standard query (0)	a.nel.cloudflare.com	A (IP address)	IN (0x0001)
May 4, 2021 21:38:35.767182112 CEST	192.168.2.5	8.8.8.8	0xf3d7	Standard query (0)	clients2.googleusercontent.com	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
May 4, 2021 21:38:10.127238035 CEST	8.8.8.8	192.168.2.5	0xecd	No error (0)	traffking.ru		172.67.171.190	A (IP address)	IN (0x0001)
May 4, 2021 21:38:10.127238035 CEST	8.8.8.8	192.168.2.5	0xecd	No error (0)	traffking.ru		104.21.71.213	A (IP address)	IN (0x0001)
May 4, 2021 21:38:26.491827011 CEST	8.8.8.8	192.168.2.5	0x110	No error (0)	traffking.ru		172.67.171.190	A (IP address)	IN (0x0001)
May 4, 2021 21:38:26.491827011 CEST	8.8.8.8	192.168.2.5	0x110	No error (0)	traffking.ru		104.21.71.213	A (IP address)	IN (0x0001)
May 4, 2021 21:38:27.437839031 CEST	8.8.8.8	192.168.2.5	0x6733	No error (0)	a.nel.cloudflare.com		35.190.80.1	A (IP address)	IN (0x0001)
May 4, 2021 21:38:35.823765039 CEST	8.8.8.8	192.168.2.5	0xf3d7	No error (0)	clients2.googleusercontent.com	googlehosted.l.googleusercontent.com		CNAME (Canonical name)	IN (0x0001)
May 4, 2021 21:38:35.823765039 CEST	8.8.8.8	192.168.2.5	0xf3d7	No error (0)	googlehosted.l.googleusercontent.com		216.58.212.129	A (IP address)	IN (0x0001)

Code Manipulations

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

High Level Behavior Distribution

Click to dive into process behavior distribution

Behavior

Click to jump to process

System Behavior

Analysis Process: AcroRd32.exe PID: 6180 Parent PID: 5692

General

Start time:	21:37:14
Start date:	04/05/2021
Path:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' 'C:\Users\user\Desktop\reflective_practice_template_nhs[1].pdf'
Imagebase:	0x990000
File size:	2571312 bytes
MD5 hash:	B969CF0C7B2C443A99034881E8C8740A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	moderate

Chronological Activities

Analysis Process: AcroRd32.exe PID: 6268 Parent PID: 6180

General

Start time:	21:37:15
Start date:	04/05/2021
Path:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\Desktop\reflective_practice_template_nhs[1].pdf'
Imagebase:	0x990000
File size:	2571312 bytes
MD5 hash:	B969CF0C7B2C443A99034881E8C8740A
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate

Chronological Activities

Analysis Process: RdrCEF.exe PID: 6488 Parent PID: 6180

General

Start time:	21:37:23
Start date:	04/05/2021
Path:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043
Imagebase:	0x9b0000
File size:	9475120 bytes
MD5 hash:	9AEBA3BACD721484391D15478A4080C7
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	moderate

Chronological Activities

Analysis Process: RdrCEF.exe PID: 6784 Parent PID: 6488

General

Start time:	21:37:26
Start date:	04/05/2021
Path:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1588,5207695692286208694,13668873235774985554,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=4477307787754487931 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4477307787754487931 --renderer-client-id=2 --mojo-platform-channel-handle=1716 --allow-no-sandbox-job /prefetch:1
Imagebase:	0x9b0000
File size:	9475120 bytes
MD5 hash:	9AEBA3BACD721484391D15478A4080C7
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate

Chronological Activities

Analysis Process: RdrCEF.exe PID: 6832 Parent PID: 6488

General

Start time:	21:37:27
Start date:	04/05/2021
Path:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1588,5207695692286208694,13668873235774985554,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=5528301929327232026 --mojo-platform-channel-handle=1728 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2
Imagebase:	0x9b0000
File size:	9475120 bytes
MD5 hash:	9AEBA3BACD721484391D15478A4080C7
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate

Chronological Activities

Analysis Process: RdrCEF.exe PID: 6912 Parent PID: 6488

General

Start time:	21:37:32
Start date:	04/05/2021
Path:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1588,5207695692286208694,13668873235774985554,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=9756364306558423637 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9756364306558423637 --renderer-client-id=4 --mojo-platform-channel-handle=1824 --allow-no-sandbox-job /prefetch:1
Imagebase:	0x7ff797770000
File size:	9475120 bytes
MD5 hash:	9AEBA3BACD721484391D15478A4080C7
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate

Chronological Activities

Analysis Process: RdrCEF.exe PID: 5984 Parent PID: 6488

General

Start time:	21:37:39
Start date:	04/05/2021
Path:	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1588,5207695692286208694,13668873235774985554,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=7523555841818072242 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7523555841818072242 --renderer-client-id=5 --mojo-platform-channel-handle=2224 --allow-no-sandbox-job /prefetch:1
Imagebase:	0x9b0000
File size:	9475120 bytes
MD5 hash:	9AEBA3BACD721484391D15478A4080C7
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate

Chronological Activities

Analysis Process: chrome.exe PID: 5228 Parent PID: 6180

General

Start time:	21:38:19
Start date:	04/05/2021
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation -- 'https://traffking.ru/square?utm_term=reflective+practice+template+nhs'
Imagebase:	0x7ff75a8c0000
File size:	2150896 bytes
MD5 hash:	C139654B5C1438A95B321BB01AD63EF6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	moderate

Chronological Activities

Analysis Process: chrome.exe PID: 5564 Parent PID: 5228

General

Start time:	21:38:21
Start date:	04/05/2021
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1560,17001144406219017590,14380291932932443674,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1824 /prefetch:8
Imagebase:	0x7ff75a8c0000
File size:	2150896 bytes
MD5 hash:	C139654B5C1438A95B321BB01AD63EF6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	moderate

Chronological Activities

Disassembly

Code Analysis

Reset < >

Analysis Process: AcroRd32.exe PID: 6268 Parent PID: 6180 AcroRd32.exeCOMMON

Execution Graph

Execution Coverage:	13.5%
Dynamic/Decrypted Code Coverage:	0%
Signature Coverage:	100%
Total number of Nodes:	1
Total number of Limit Nodes:	0

Callgraph

Executed
Not Executed
Opacity -> Relevance
Disassembly available

Executed Functions

Function 05016003, Relevance: 1.5, APIs: 1, Instructions: 11
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0501601A

Memory Dump Source

Source File: 00000002.00000002.404142629.0000000005016000.00000020.00000001.sdmp, Offset: 05016000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_5016000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 3060d0b23953566843c1fe8603c13d430662f6438bb4eac3e2d870c68259fb31
Instruction ID: a914b7996af536dd6e5af092b046d8e83abbb4c1564785a07dad8580a8936239
Opcode Fuzzy Hash: 3060d0b23953566843c1fe8603c13d430662f6438bb4eac3e2d870c68259fb31
Instruction Fuzzy Hash: B6C04C9509E7D15FD30353701C759E32F645A9311275E81D7D4848B09BC548067BA373

Uniqueness

Uniqueness Score: -1.00%

Function 05016790, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0501679A

Memory Dump Source

Source File: 00000002.00000002.404142629.0000000005016000.00000020.00000001.sdmp, Offset: 05016000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_5016000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 830751f9295ba8d8e3f2846285c0597b33f778ba4aa3655328f092153696a56c
Instruction ID: a5a4795d5e336d8df0b0ae678f2bb8f2fd2bd21ef4f962b97079a63480925be2
Opcode Fuzzy Hash: 830751f9295ba8d8e3f2846285c0597b33f778ba4aa3655328f092153696a56c
Instruction Fuzzy Hash: 999002B135100053E140756954186064105A7E1342FA5D011E0544554CDD55887663A2

Uniqueness

Uniqueness Score: -1.00%

Function 05016490, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0501649A

Memory Dump Source

Source File: 00000002.00000002.404142629.0000000005016000.00000020.00000001.sdmp, Offset: 05016000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_5016000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: f644434e7269a43c68c33cd4216a2883c9673e2288d63bccd5d0993a1e817e5c
Instruction ID: 6b21b83d22079670bc6c61082edbff717d2dc574e0c5646c1ff11f91602ceec8
Opcode Fuzzy Hash: f644434e7269a43c68c33cd4216a2883c9673e2288d63bccd5d0993a1e817e5c
Instruction Fuzzy Hash: 2B9002B125100452E10065A94404706010557D0242FA5C412E0654558DCA95887176B1

Uniqueness

Uniqueness Score: -1.00%

Function 05016310, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0501631A

Memory Dump Source

Source File: 00000002.00000002.404142629.0000000005016000.00000020.00000001.sdmp, Offset: 05016000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_5016000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 93d55c506c8ea46e4e961099afc070b00c86208e6514f807ff4510efbc6c306c
Instruction ID: 35b328700a35bffed059b0bc9c5db0d516edd8256cf454e8407034f0143453b0
Opcode Fuzzy Hash: 93d55c506c8ea46e4e961099afc070b00c86208e6514f807ff4510efbc6c306c
Instruction Fuzzy Hash: 2C9002F139100492E10065694414B06010597E1342FA5C015E1194554DCA59CC7272A6

Uniqueness

Uniqueness Score: -1.00%

Function 05016110, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0501611A

Memory Dump Source

Source File: 00000002.00000002.404142629.0000000005016000.00000020.00000001.sdmp, Offset: 05016000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_5016000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 2c3c4861bcc2abf3c618c035478f110f928102aa16c50d1df385042a92c515ed
Instruction ID: 0d59ff3f939beb192e9835ddfe4cf25e4f30eb6c00148d19004f612f24dc5623
Opcode Fuzzy Hash: 2c3c4861bcc2abf3c618c035478f110f928102aa16c50d1df385042a92c515ed
Instruction Fuzzy Hash: 919002B125504492E10069695408A06010557D0246FA5D011A1194595DCA758871B2B1

Uniqueness

Uniqueness Score: -1.00%

Function 05016750, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0501675A

Memory Dump Source

Source File: 00000002.00000002.404142629.0000000005016000.00000020.00000001.sdmp, Offset: 05016000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_5016000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 01339d89859445b5dcfe8a74bc0fd4f0ebaf1e59a309d18d7b26184674c51d52
Instruction ID: 56a74e7ee1e757f028ed8b7ccb80493c86332e389ad7f786d1a91bd785c836df
Opcode Fuzzy Hash: 01339d89859445b5dcfe8a74bc0fd4f0ebaf1e59a309d18d7b26184674c51d52
Instruction Fuzzy Hash: DA9002B926300052E1807569540860A010557D1243FE5D415A0145558CCD55887963A1

Uniqueness

Uniqueness Score: -1.00%

Function 05016350, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0501635A

Memory Dump Source

Source File: 00000002.00000002.404142629.0000000005016000.00000020.00000001.sdmp, Offset: 05016000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_5016000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 4ca5657fecf71ec533c091e76a84b64cf5cd5823b424e2a675ab05ee896e04e7
Instruction ID: a3cb76758bf85279f6e09bf04aec96412f94050d0379032fe22de5c42c9d0144
Opcode Fuzzy Hash: 4ca5657fecf71ec533c091e76a84b64cf5cd5823b424e2a675ab05ee896e04e7
Instruction Fuzzy Hash: D89002F1255040D2E11166694404F0A420957E0286FE5C016A0184594CC9658972E2A1

Uniqueness

Uniqueness Score: -1.00%

Function 05016050, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 0501605A

Memory Dump Source

Source File: 00000002.00000002.404142629.0000000005016000.00000020.00000001.sdmp, Offset: 05016000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_5016000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 60c4eea08dc9b3396f52fb7f072ebabd791c5fea85ecd0ae8db6a70723588e68
Instruction ID: 1f088c47e12878d265940b5571550c608e3360751325ba3d02bd9d61573c5fa8
Opcode Fuzzy Hash: 60c4eea08dc9b3396f52fb7f072ebabd791c5fea85ecd0ae8db6a70723588e68
Instruction Fuzzy Hash: 3D9002B165500452E14175694454706011957D0282FE5C012A0154554DCA958B76B7E1

Uniqueness

Uniqueness Score: -1.00%

Function 050161D0, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 050161DA

Memory Dump Source

Source File: 00000002.00000002.404142629.0000000005016000.00000020.00000001.sdmp, Offset: 05016000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_5016000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: e3a77c6ac00c9e187e25df3ba38124539010e40d92bac3335d620d7a4c1422eb
Instruction ID: 8f6d6603a92dcdd9e8435c2f67672cfd5333d817e8420a848a1abcc9a12af4b7
Opcode Fuzzy Hash: e3a77c6ac00c9e187e25df3ba38124539010e40d92bac3335d620d7a4c1422eb
Instruction Fuzzy Hash: DF9002B125100892E10065694404B46010557E0342FA5C016A0254654DCA55C87176A1

Uniqueness

Uniqueness Score: -1.00%

Function 050162D0, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 050162DA

Memory Dump Source

Source File: 00000002.00000002.404142629.0000000005016000.00000020.00000001.sdmp, Offset: 05016000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_5016000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: c2ed597fe0944b5d67d3fd9f5e7fdda6251694389c1ad3645975f6e77e24f5b5
Instruction ID: a5651a7379f0af776839050508a23cc693f0c3cac7c16a5a23078c553d222495
Opcode Fuzzy Hash: c2ed597fe0944b5d67d3fd9f5e7fdda6251694389c1ad3645975f6e77e24f5b5
Instruction Fuzzy Hash: 949002B136114452E11065698404706010557D1242FA5C411A0954558DCAD588B172A2

Uniqueness

Uniqueness Score: -1.00%

Function 050166D0, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrInitializeThunk.NTDLL ref: 050166DA

Memory Dump Source

Source File: 00000002.00000002.404142629.0000000005016000.00000020.00000001.sdmp, Offset: 05016000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_5016000_AcroRd32.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 2a8e80ff786fc952b457d42417e8306c2fdb97097e599296c35c92d9a2a4115a
Instruction ID: 3c5ee0896adc3ba9cc629711913a33be071d1619d23670552358693bb78ef190
Opcode Fuzzy Hash: 2a8e80ff786fc952b457d42417e8306c2fdb97097e599296c35c92d9a2a4115a
Instruction Fuzzy Hash: 889002B125100452E10069A95408646010557E0342FA5D011A5154555ECAA588B172B1

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Description:	Adversaries may send spearphishing emails with a malicious link in an attempt to elicit sensitive information and/or gain access to victim systems. Spearphishing with a link is a specific variant of spearphishing. It is different from other forms of spearphishing in that it employs the use of links to download malware contained in email, instead of attaching malicious files to the email itself, to avoid defenses that may inspect email attachments.
Tactics:	Initial Access
Data Sources:	DNS records, Detonation chamber, Email gateway, Mail server, Packet capture, SSL/TLS inspection, Web proxy
Platforms:	Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may exploit software vulnerabilities in client applications to execute code. Vulnerabilities can exist in software due to unsecure coding practices that can lead to unanticipated behavior. Adversaries can take advantage of certain vulnerabilities through targeted exploitation for the purpose of arbitrary code execution. Oftentimes the most valuable exploits to an offensive toolkit are those that can be used to obtain code execution on a remote system because they can be used to gain access to that system. Users will expect to see files related to the applications they commonly used to do work, so they are a useful target for exploit research and development because of their high utility.
Tactics:	Execution
Data Sources:	Anti-virus, Process monitoring, System calls
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on a system or in a cloud environment. This may include things such as firewall rules and anti-virus. Adversaries may use the information from Security Software Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, File monitoring, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, Azure AD, GCP, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	API monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report reflective_practice_template_nhs[1].pdf

Overview

General Information

Detection

Signatures

Classification

Analysis Advice

Startup

Malware Configuration

Yara Overview

Sigma Overview

Signature Overview

AV Detection:

Compliance:

Software Vulnerabilities:

Networking:

System Summary:

Hooking and other Techniques for Hiding and Protection:

Malware Analysis System Evasion:

Anti Debugging:

HIPS / PFW / Operating System Protection Evasion:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

URLs from Memory and Binaries

Contacted IPs

Public

Private

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

General

File Icon

Static PDF Info

General

Keywords Statistics

Image Streams

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

Code Manipulations

Statistics

CPU Usage

Memory Usage

High Level Behavior Distribution

back

Behavior

System Behavior

Analysis Process: AcroRd32.exe PID: 6180 Parent PID: 5692

General

Analysis Process: AcroRd32.exe PID: 6268 Parent PID: 6180

General

Analysis Process: RdrCEF.exe PID: 6488 Parent PID: 6180

Function 05016003, Relevance: 1.5, APIs: 1, Instructions: 11
libraryCOMMON

Function 05016790, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 05016490, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 05016310, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 05016110, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 05016750, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 05016350, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 05016050, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 050161D0, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 050162D0, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON

Function 050166D0, Relevance: 1.5, APIs: 1, Instructions: 4
libraryCOMMON