Loading ...

Play interactive tourEdit tour

Analysis Report https://5topbars.com/103c/Wp-images/?i=i&0=name@example.com

Overview

General Information

Sample URL:https://5topbars.com/103c/Wp-images/?i=i&0=name@example.com
Analysis ID:432819
Infos:

Most interesting Screenshot:

Detection

HTMLPhisher
Score:64
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Yara detected HtmlPhish10
Found iframes
HTML body contains low number of good links
HTML title does not match URL
No HTML title found
Suspicious form URL found
URL contains potential PII (phishing indication)

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 6064 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://5topbars.com/103c/Wp-images/?i=i&0=name@example.com' MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 5760 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1536,13694168875092988026,1129730578068911464,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1836 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

barindex
Antivirus / Scanner detection for submitted sampleShow sources
Source: https://5topbars.com/103c/Wp-images/?i=i&0=name@example.comSlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering
Antivirus detection for URL or domainShow sources
Source: https://5topbars.com/103c/Wp-images/src.php?0=bmFtZUBleGFtcGxlLmNvbQ==&a=0SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

barindex
Yara detected HtmlPhish10Show sources
Source: Yara matchFile source: 56203.pages.csv, type: HTML
Source: https://5topbars.com/103c/Wp-images/5jipqyx9xgxb4abozyhw2t0bro.php?0=bmFtZUBleGFtcGxlLmNvbQ==&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_HTTP Parser: Iframe src: src.php?0=bmFtZUBleGFtcGxlLmNvbQ==&a=0
Source: https://5topbars.com/103c/Wp-images/5jipqyx9xgxb4abozyhw2t0bro.php?0=bmFtZUBleGFtcGxlLmNvbQ==&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_HTTP Parser: Iframe src: src.php?0=bmFtZUBleGFtcGxlLmNvbQ==&a=0
Source: https://5topbars.com/103c/Wp-images/5jipqyx9xgxb4abozyhw2t0bro.php?0=bmFtZUBleGFtcGxlLmNvbQ==&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_HTTP Parser: Number of links: 0
Source: https://5topbars.com/103c/Wp-images/5jipqyx9xgxb4abozyhw2t0bro.php?0=bmFtZUBleGFtcGxlLmNvbQ==&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_HTTP Parser: Number of links: 0
Source: https://5topbars.com/103c/Wp-images/src.php?0=bmFtZUBleGFtcGxlLmNvbQ==&a=0HTTP Parser: Number of links: 0
Source: https://5topbars.com/103c/Wp-images/src.php?0=bmFtZUBleGFtcGxlLmNvbQ==&a=0HTTP Parser: Number of links: 0
Source: https://5topbars.com/103c/Wp-images/5jipqyx9xgxb4abozyhw2t0bro.php?0=bmFtZUBleGFtcGxlLmNvbQ==&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_HTTP Parser: Title: Sign In to Update does not match URL
Source: https://5topbars.com/103c/Wp-images/5jipqyx9xgxb4abozyhw2t0bro.php?0=bmFtZUBleGFtcGxlLmNvbQ==&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_HTTP Parser: Title: Sign In to Update does not match URL
Source: https://5topbars.com/103c/Wp-images/src.php?0=bmFtZUBleGFtcGxlLmNvbQ==&a=0HTTP Parser: HTML title missing
Source: https://5topbars.com/103c/Wp-images/src.php?0=bmFtZUBleGFtcGxlLmNvbQ==&a=0HTTP Parser: HTML title missing
Source: https://5topbars.com/103c/Wp-images/src.php?0=bmFtZUBleGFtcGxlLmNvbQ==&a=0HTTP Parser: Form action: snd.php?c=
Source: https://5topbars.com/103c/Wp-images/src.php?0=bmFtZUBleGFtcGxlLmNvbQ==&a=0HTTP Parser: Form action: snd.php?c=
Source: https://5topbars.com/103c/Wp-images/?i=i&0=name@example.comSample URL: PII: name@example.com
Source: https://5topbars.com/103c/Wp-images/5jipqyx9xgxb4abozyhw2t0bro.php?0=bmFtZUBleGFtcGxlLmNvbQ==&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_HTTP Parser: No <meta name="author".. found
Source: https://5topbars.com/103c/Wp-images/5jipqyx9xgxb4abozyhw2t0bro.php?0=bmFtZUBleGFtcGxlLmNvbQ==&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_HTTP Parser: No <meta name="author".. found
Source: https://5topbars.com/103c/Wp-images/src.php?0=bmFtZUBleGFtcGxlLmNvbQ==&a=0HTTP Parser: No <meta name="author".. found
Source: https://5topbars.com/103c/Wp-images/src.php?0=bmFtZUBleGFtcGxlLmNvbQ==&a=0HTTP Parser: No <meta name="author".. found
Source: https://5topbars.com/103c/Wp-images/5jipqyx9xgxb4abozyhw2t0bro.php?0=bmFtZUBleGFtcGxlLmNvbQ==&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_HTTP Parser: No <meta name="copyright".. found
Source: https://5topbars.com/103c/Wp-images/5jipqyx9xgxb4abozyhw2t0bro.php?0=bmFtZUBleGFtcGxlLmNvbQ==&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_HTTP Parser: No <meta name="copyright".. found
Source: https://5topbars.com/103c/Wp-images/src.php?0=bmFtZUBleGFtcGxlLmNvbQ==&a=0HTTP Parser: No <meta name="copyright".. found
Source: https://5topbars.com/103c/Wp-images/src.php?0=bmFtZUBleGFtcGxlLmNvbQ==&a=0HTTP Parser: No <meta name="copyright".. found
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdicJump to behavior
Source: unknownHTTPS traffic detected: 66.206.8.98:443 -> 192.168.2.3:49753 version: TLS 1.2
Source: unknownDNS traffic detected: queries for: 5topbars.com
Source: Current Session.0.drString found in binary or memory: https://5topbars.com
Source: History.0.drString found in binary or memory: https://5topbars.com/103c/Wp-images/5jipqyx9xgxb4abozyhw2t0bro.php?0=bmFtZUBleGFtcGxlLmNvbQ==&.verif
Source: History.0.drString found in binary or memory: https://5topbars.com/103c/Wp-images/?i=i&0=name
Source: History.0.drString found in binary or memory: https://5topbars.com/103c/Wp-images/load.php?0=bmFtZUBleGFtcGxlLmNvbQ==&guce_referrer=aHR0cHM6Ly9sb2
Source: Favicons.0.drString found in binary or memory: https://5topbars.com/103c/Wp-images/serv/main.ico
Source: Current Session.0.drString found in binary or memory: https://5topbars.com/103c/Wp-images/snd.php
Source: Current Session.0.drString found in binary or memory: https://5topbars.com/103c/Wp-images/src.php?0=bmFtZUBleGFtcGxlLmNvbQ==&a=0
Source: History.0.drString found in binary or memory: https://5topbars.com/103c/Wp-images/tpuvnccwvfdqltxwj5po0dwuzt.php?0=bmFtZUBleGFtcGxlLmNvbQ==&.verif
Source: manifest.json0.0.dr, 6764b63f-2565-4cda-9548-7584881ffa8f.tmp.1.drString found in binary or memory: https://accounts.google.com
Source: manifest.json0.0.dr, 6764b63f-2565-4cda-9548-7584881ffa8f.tmp.1.drString found in binary or memory: https://apis.google.com
Source: 6764b63f-2565-4cda-9548-7584881ffa8f.tmp.1.drString found in binary or memory: https://clients2.google.com
Source: manifest.json1.0.drString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 6764b63f-2565-4cda-9548-7584881ffa8f.tmp.1.drString found in binary or memory: https://clients2.googleusercontent.com
Source: manifest.json0.0.drString found in binary or memory: https://content.googleapis.com
Source: Reporting and NEL.1.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
Source: 24f65308-ded2-46b5-b3bb-73231a3c1bb2.tmp.1.dr, 6764b63f-2565-4cda-9548-7584881ffa8f.tmp.1.dr, 3f5118dc-f1a5-477a-9e96-07347bc2ece4.tmp.1.drString found in binary or memory: https://dns.google
Source: manifest.json0.0.drString found in binary or memory: https://feedback.googleusercontent.com
Source: 6764b63f-2565-4cda-9548-7584881ffa8f.tmp.1.drString found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.googleapis.com;
Source: 6764b63f-2565-4cda-9548-7584881ffa8f.tmp.1.drString found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.gstatic.com;
Source: manifest.json0.0.drString found in binary or memory: https://hangouts.google.com/
Source: 6764b63f-2565-4cda-9548-7584881ffa8f.tmp.1.drString found in binary or memory: https://ogs.google.com
Source: manifest.json1.0.drString found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: 6764b63f-2565-4cda-9548-7584881ffa8f.tmp.1.drString found in binary or memory: https://play.google.com
Source: manifest.json1.0.drString found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: 6764b63f-2565-4cda-9548-7584881ffa8f.tmp.1.drString found in binary or memory: https://ssl.gstatic.com
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: manifest.json0.0.dr, 6764b63f-2565-4cda-9548-7584881ffa8f.tmp.1.drString found in binary or memory: https://www.google.com
Source: manifest.json1.0.drString found in binary or memory: https://www.google.com/
Source: manifest.json0.0.drString found in binary or memory: https://www.google.com;
Source: 6764b63f-2565-4cda-9548-7584881ffa8f.tmp.1.drString found in binary or memory: https://www.googleapis.com
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json1.0.drString found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: 6764b63f-2565-4cda-9548-7584881ffa8f.tmp.1.drString found in binary or memory: https://www.gstatic.com
Source: manifest.json0.0.drString found in binary or memory: https://www.gstatic.com;
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownHTTPS traffic detected: 66.206.8.98:443 -> 192.168.2.3:49753 version: TLS 1.2
Source: classification engineClassification label: mal64.phis.win@33/214@5/5
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-60C2CD1D-17B0.pmaJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Temp\43a4eead-9d03-4ce2-b6b8-8cfd3c93f9a2.tmpJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://5topbars.com/103c/Wp-images/?i=i&0=name@example.com'
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1536,13694168875092988026,1129730578068911464,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1836 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1536,13694168875092988026,1129730578068911464,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1836 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdicJump to behavior

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Drive-by Compromise1Windows Management InstrumentationPath InterceptionProcess Injection1Masquerading3OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network MediumEncrypted Channel2Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsProcess Injection1LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothNon-Application Layer Protocol1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or Information1Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationApplication Layer Protocol2Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://5topbars.com/103c/Wp-images/?i=i&0=name@example.com0%Avira URL Cloudsafe
https://5topbars.com/103c/Wp-images/?i=i&0=name@example.com100%SlashNextFake Login Page type: Phishing & Social Engineering

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://5topbars.com/103c/Wp-images/src.php?0=bmFtZUBleGFtcGxlLmNvbQ==&a=0100%SlashNextFake Login Page type: Phishing & Social Engineering
https://5topbars.com/103c/Wp-images/snd.php0%Avira URL Cloudsafe
https://5topbars.com/103c/Wp-images/5jipqyx9xgxb4abozyhw2t0bro.php?0=bmFtZUBleGFtcGxlLmNvbQ==&.verif0%Avira URL Cloudsafe
https://dns.google0%URL Reputationsafe
https://dns.google0%URL Reputationsafe
https://dns.google0%URL Reputationsafe
https://5topbars.com/103c/Wp-images/?i=i&0=name0%Avira URL Cloudsafe
https://5topbars.com0%Avira URL Cloudsafe
https://5topbars.com/103c/Wp-images/load.php?0=bmFtZUBleGFtcGxlLmNvbQ==&guce_referrer=aHR0cHM6Ly9sb20%Avira URL Cloudsafe
https://5topbars.com/103c/Wp-images/tpuvnccwvfdqltxwj5po0dwuzt.php?0=bmFtZUBleGFtcGxlLmNvbQ==&.verif0%Avira URL Cloudsafe
https://5topbars.com/103c/Wp-images/serv/main.ico0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
5topbars.com
66.206.8.98
truefalse
    unknown
    googlehosted.l.googleusercontent.com
    142.250.180.225
    truefalse
      high
      clients2.googleusercontent.com
      unknown
      unknownfalse
        high
        favicon.ico
        unknown
        unknownfalse
          unknown

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          https://5topbars.com/103c/Wp-images/src.php?0=bmFtZUBleGFtcGxlLmNvbQ==&a=0true
          • SlashNext: Fake Login Page type: Phishing & Social Engineering
          unknown

          URLs from Memory and Binaries

          NameSourceMaliciousAntivirus DetectionReputation
          https://5topbars.com/103c/Wp-images/snd.phpCurrent Session.0.drfalse
          • Avira URL Cloud: safe
          unknown
          https://5topbars.com/103c/Wp-images/5jipqyx9xgxb4abozyhw2t0bro.php?0=bmFtZUBleGFtcGxlLmNvbQ==&.verifHistory.0.drfalse
          • Avira URL Cloud: safe
          unknown
          https://dns.google24f65308-ded2-46b5-b3bb-73231a3c1bb2.tmp.1.dr, 6764b63f-2565-4cda-9548-7584881ffa8f.tmp.1.dr, 3f5118dc-f1a5-477a-9e96-07347bc2ece4.tmp.1.drfalse
          • URL Reputation: safe
          • URL Reputation: safe
          • URL Reputation: safe
          unknown
          https://5topbars.com/103c/Wp-images/?i=i&0=nameHistory.0.drfalse
          • Avira URL Cloud: safe
          unknown
          https://clients2.googleusercontent.com6764b63f-2565-4cda-9548-7584881ffa8f.tmp.1.drfalse
            high
            https://5topbars.comCurrent Session.0.drfalse
            • Avira URL Cloud: safe
            unknown
            https://5topbars.com/103c/Wp-images/src.php?0=bmFtZUBleGFtcGxlLmNvbQ==&a=0Current Session.0.drtrue
            • SlashNext: Fake Login Page type: Phishing & Social Engineering
            unknown
            https://5topbars.com/103c/Wp-images/load.php?0=bmFtZUBleGFtcGxlLmNvbQ==&guce_referrer=aHR0cHM6Ly9sb2History.0.drfalse
            • Avira URL Cloud: safe
            unknown
            https://feedback.googleusercontent.commanifest.json0.0.drfalse
              high
              https://5topbars.com/103c/Wp-images/tpuvnccwvfdqltxwj5po0dwuzt.php?0=bmFtZUBleGFtcGxlLmNvbQ==&.verifHistory.0.drfalse
              • Avira URL Cloud: safe
              unknown
              https://5topbars.com/103c/Wp-images/serv/main.icoFavicons.0.drfalse
              • Avira URL Cloud: safe
              unknown

              Contacted IPs

              • No. of IPs < 25%
              • 25% < No. of IPs < 50%
              • 50% < No. of IPs < 75%
              • 75% < No. of IPs

              Public

              IPDomainCountryFlagASNASN NameMalicious
              142.250.180.225
              googlehosted.l.googleusercontent.comUnited States
              15169GOOGLEUSfalse
              66.206.8.98
              5topbars.comUnited States
              29802HVC-ASUSfalse
              239.255.255.250
              unknownReserved
              unknownunknownfalse

              Private

              IP
              192.168.2.1
              127.0.0.1

              General Information

              Joe Sandbox Version:32.0.0 Black Diamond
              Analysis ID:432819
              Start date:10.06.2021
              Start time:19:39:42
              Joe Sandbox Product:CloudBasic
              Overall analysis duration:0h 3m 28s
              Hypervisor based Inspection enabled:false
              Report type:light
              Cookbook file name:browseurl.jbs
              Sample URL:https://5topbars.com/103c/Wp-images/?i=i&0=name@example.com
              Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
              Number of analysed new started processes analysed:13
              Number of new started drivers analysed:0
              Number of existing processes analysed:0
              Number of existing drivers analysed:0
              Number of injected processes analysed:0
              Technologies:
              • HCA enabled
              • EGA enabled
              • AMSI enabled
              Analysis Mode:default
              Analysis stop reason:Timeout
              Detection:MAL
              Classification:mal64.phis.win@33/214@5/5
              Cookbook Comments:
              • Adjust boot time
              • Enable AMSI
              Warnings:
              Show All
              • Exclude process from analysis (whitelisted): taskhostw.exe, backgroundTaskHost.exe, SgrmBroker.exe, svchost.exe
              • TCP Packets have been reduced to 100
              • Created / dropped Files have been reduced to 100
              • Excluded IPs from analysis (whitelisted): 168.61.161.212, 104.43.139.144, 216.58.214.238, 142.250.180.238, 172.217.19.109, 95.168.222.83, 95.168.222.145, 142.250.180.202, 172.217.18.67, 142.250.180.195, 52.147.198.201, 34.104.35.123, 216.58.214.202, 216.58.214.234, 172.217.16.106, 172.217.18.74, 172.217.19.106, 172.217.20.10, 142.250.180.234, 142.250.201.202, 20.50.102.62, 184.30.24.56, 51.103.5.186, 2.20.142.210, 2.20.142.209
              • Excluded domains from analysis (whitelisted): gstaticadssl.l.google.com, au.download.windowsupdate.com.edgesuite.net, clientservices.googleapis.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, arc.msn.com, r8.sn-n02xgoxufvg3-2gbl.gvt1.com, wns.notify.trafficmanager.net, clients2.google.com, r6---sn-n02xgoxufvg3-2gbs.gvt1.com, redirector.gvt1.com, audownload.windowsupdate.nsatc.net, arc.trafficmanager.net, watson.telemetry.microsoft.com, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, r6.sn-n02xgoxufvg3-2gbs.gvt1.com, fonts.googleapis.com, client.wns.windows.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, fonts.gstatic.com, skypedataprdcolcus17.cloudapp.net, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, skypedataprdcolcus16.cloudapp.net, a767.dscg3.akamai.net, www.googleapis.com, iris-de-prod-azsc-uks.uksouth.cloudapp.azure.com, skypedataprdcoleus16.cloudapp.net, edgedl.me.gvt1.com, blobcollector.events.data.trafficmanager.net, r8---sn-n02xgoxufvg3-2gbl.gvt1.com, clients.l.google.com
              • Not all processes where analyzed, report is missing behavior information
              • Report size getting too big, too many NtCreateFile calls found.
              • Report size getting too big, too many NtOpenFile calls found.
              • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
              • Report size getting too big, too many NtWriteVirtualMemory calls found.
              • VT rate limit hit for: https://5topbars.com/103c/Wp-images/?i=i&0=name@example.com

              Simulations

              Behavior and APIs

              No simulations

              Joe Sandbox View / Context

              IPs

              No context

              Domains

              No context

              ASN

              No context

              JA3 Fingerprints

              No context

              Dropped Files

              No context

              Created / dropped Files

              C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):451603
              Entropy (8bit):5.009711072558331
              Encrypted:false
              SSDEEP:12288:ZHfRTyGZ6lup8Cfrvq4JBPKh+FBlESBw4p6:NfOCzvRKhGvwJ
              MD5:A78AD14E77147E7DE3647E61964C0335
              SHA1:CECC3DD41F4CEA0192B24300C71E1911BD4FCE45
              SHA-256:0D6803758FF8F87081FAFD62E90F0950DFB2DD7991E9607FE76A8F92D0E893FA
              SHA-512:DDE24D5AD50D68FC91E9E325D31E66EF8F624B6BB3A07D14FFED1104D3AB5F4EF1D7969A5CDE0DFBB19CB31C506F7DE97AF67C2F244F7E7E8E10648EA8321101
              Malicious:false
              Reputation:low
              Preview: BDic.... ....6...."..Z..4g....6.2...{/...3...5....AF 1363.AF nm.AF pt.AF n1.AF p.AF tc.AF SM.AF M.AF S.AF MS.AF MNR.AF GDS.AF MNT.AF MH.AF MR.AF SZMR.AF MJ.AF MT.AF MY.AF MRZ.AF MN.AF MG.AF RM.AF N.AF MV.AF XM.AF DSM.AF SD.AF G.AF R.AF MNX.AF MRS.AF MD.AF MNRB.AF B.AF ZSMR.AF PM.AF SMNGJ.AF SMN.AF ZMR.AF SMGB.AF MZR.AF GM.AF SMR.AF SMDG.AF RMZ.AF ZM.AF MDG.AF MDT.AF SMNXT.AF SDY.AF LSDG.AF LGDS.AF GLDS.AF UY.AF U.AF DSGNX.AF GNDSX.AF DSG.AF Y.AF GS.AF IEMS.AF YP.AF ZGDRS.AF XGNVDS.AF UT.AF GNDS.AF GVDS.AF MYPS.AF XGNDS.AF TPRY.AF MDSG.AF ZGSDR.AF DYSG.AF PMYTNS.AF AGDS.AF DRZGS.AF PY.AF GSPMDY.AF EGVDS.AF SL.AF GNXDS.AF DSBG.AF IM.AF I.AF MDGS.AF SMY.AF DSGN.AF DSLG.AF GMDS.AF MDSBG.AF SGD.AF IY.AF P.AF DSMG.AF BLZGDRS.AF TR.AF AGSD.AF ZGBDRSL.AF PTRY.AF ASDGV.AF ASM.AF ICANGSD.AF ICAM.AF IKY.AF AMS.AF PMYTRS.AF BZGVDRS.AF SDRBZG.AF GVMDS.AF PSM.AF DGLS.AF GNVXDS.AF AGDSL.AF DGS.AF XDSGNV.AF BZGDRS.AF AM.AF AS.AF A.AF LDSG.AF AGVDS.AF SDG.AF LDSMG.AF EDSMG.AF EY.AF DRSMZG.AF PRYT.AF LZ
              C:\Users\user\AppData\Local\Google\Chrome\User Data\3fda505d-8aef-40c1-a5cb-eb1f4bd9aa17.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):92068
              Entropy (8bit):3.7521587909779495
              Encrypted:false
              SSDEEP:384:jL/WZJ38yvjcl4NNrevR73Sl3KHLKGORrcfpBxCbv/ursNmsPcb1xlmOfP5Nc1NC:XySdNGreSYebFnrkP7qfKNjZGC
              MD5:01086939422EFAB6F420BDC80ABA31F9
              SHA1:CDE8973AEA4A0890BE6CD66E8BBD763D309B753B
              SHA-256:8E6CCB27E30699B938F8E7074EB7FB9AE3417E51B575E751FD6F06788BE69EE7
              SHA-512:AE4AA6AAC6DC929C8462A77C843D16464E04EE41F30F83B9027CC671C6EDCC1132DE7997F2B7B7D0EF30C8086C2C7FBB7943584633965FEF644EDA845DA0E247
              Malicious:false
              Reputation:low
              Preview: .g..............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....<8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
              C:\Users\user\AppData\Local\Google\Chrome\User Data\9b10e9a4-c8d8-4e20-8196-f1ca2692da60.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines, with no line terminators
              Category:dropped
              Size (bytes):172318
              Entropy (8bit):6.079159732227497
              Encrypted:false
              SSDEEP:3072:LPRM+6uBid07edCpsWFD8/k2Dsl8YGhRFcbXafIB0u1GOJmA3iuRb:7RM9uBid4edRW6s2Dk6haqfIlUOoSiuV
              MD5:C28E0C9C4855B38F4A843D95E562D9A2
              SHA1:5870800912B98F6C896DDE8156EB603EFE51B071
              SHA-256:A0187EABF624C552D4765D7C9650F3F7198136525A636CA3EE0A5B588AF368E8
              SHA-512:07BF892FC91A55D90F70EA29948C553F89C87DCB15656D56FE08DCD8CEBC230C25ACC64D375520A3DDE645883F0DDF213D1CFE953ACCE1CB240E12A50C54A2B3
              Malicious:false
              Reputation:low
              Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.623379232956503e+12,"network":1.623346834e+12,"ticks":95964503.0,"uncertainty":4554237.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016607996"},"plugins":{"metadata":{"adobe-flash-player":{"displ
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):120
              Entropy (8bit):3.254162526001658
              Encrypted:false
              SSDEEP:3:FkXft0xE1G1mstft0xE1G1mstft0xE1n:+ftIE1G1mkftIE1G1mkftIE1n
              MD5:E9224A19341F2979669144B01332DF59
              SHA1:F7F760C7104457DF463306A7F7BAE0142EFCEB5B
              SHA-256:47DD519C226D23F203ACAE0EC44DF9BB6208828E24F726E1602EA52F63C3E2BE
              SHA-512:4184302DEB5009D767FECFC150F580DD57D5CF9CF3BFEB7E52C9F3340E5E6499251B9F0DFF37F0454411FED9046880E0A9204312D021294256372C916B8155AC
              Malicious:false
              Reputation:low
              Preview: sdPC....................s}.....M..2.!..%sdPC....................s}.....M..2.!..%sdPC....................s}.....M..2.!..%
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1656375b-487e-4726-a6a1-2e71629bad44.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines, with no line terminators
              Category:dropped
              Size (bytes):1040
              Entropy (8bit):5.56760891198673
              Encrypted:false
              SSDEEP:24:YI6H0UhpzG1KUYkq/HeUeXby2qUeXvi7wUfRUenHQ:YI6UUhp+KUJqPeUer2UefMwUJUenw
              MD5:E8D6284A9FEF853BC537A1CEFC1AC840
              SHA1:2355FDA0D2669D434D4A2005F0822C45062CB2B9
              SHA-256:F6001C5869CEE7CFDDE5635B9683BB1467058A9881005CCC86F49A161B87EC7A
              SHA-512:DCC9FB18D1F93E80BBAA903257E9415FB9BA474F8CD1D25B0C33597118A3554A38E144394A1C2AC50D963B110206E0E9F1DAD5F7278D5A763AE50C492AACEAD5
              Malicious:false
              Reputation:low
              Preview: {"expect_ct":[],"sts":[{"expiry":1633014077.350499,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601478077.350503},{"expiry":1654915234.138143,"host":"nAuqgR4iEWti7SOdT3UHPl6rmZU/DeaIm38P2O2OkgA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1623379234.138147},{"expiry":1633014092.4175,"host":"0J7rAWV0ouCFYJ9XrkDiKnAO1SshXJmLJE1SS3V8kDM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478092.417504},{"expiry":1633014091.91938,"host":"5EdUoB7YUY9zZV+2DkgVXgho8WUvp+D+6KpeUOhNQIM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478091.919383},{"expiry":1654915233.049529,"host":"8/RrMmQlCD2Gsp14wUCE1P8r7B2C5+yE0+g79IPyRsc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1623379233.049534},{"expiry":1633014077.462534,"host":"+ccWXqaoHJ9hfuXbleKV6FQUrBlyXAJ31BdqjNQJpHs=","mode":"force-https","sts_include_subdomains":false,"sts_ob
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4041ec35-d659-45ba-9727-be19778ae8f4.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with no line terminators
              Category:dropped
              Size (bytes):24055
              Entropy (8bit):5.53393779510412
              Encrypted:false
              SSDEEP:384:OlptDLlsyXy1kXqKf/pUZNCgVLH2HfD6rU0HGkHGAnTPqhYd4w:GLlVy1kXqKf/pUZNCgVLH2Hf+rU4GoGQ
              MD5:7CCC70FFB2CBE7068ED37EA26780D252
              SHA1:C44B24164B58AAF0C65B0C9AC9B566DB4A1B8FF1
              SHA-256:93FD8F60EE53F2941D72183758CCF028E63475DAC614EB6F3D2473126B75B1EA
              SHA-512:C308280E59FF3B41544C49BDA55FB95EAE0FB7392F7A2D0C5A503EA69AA266BE4F79FB11A03C2B7F4558A02250B9B843B747D88CD4DBD3DB58EE912AF94AEC71
              Malicious:false
              Reputation:low
              Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13267852829970909","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\492986c7-247a-40d3-a362-d90bd1ce8400.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with no line terminators
              Category:dropped
              Size (bytes):16745
              Entropy (8bit):5.577479010937486
              Encrypted:false
              SSDEEP:384:OlpteLlsyXy1kXqKf/pUZNCgVLH2HfD6rUCqDd4zV:xLlVy1kXqKf/pUZNCgVLH2Hf+rUzdOV
              MD5:4584243997FF23F52673B7B6F8FBE4F8
              SHA1:810506A70A7AFFE502DEBF613A9E75AD2FB591B7
              SHA-256:E5C0F8E8B4764B7768B4B44C322CF1DF57BBE6BE859A4A2F8632C76EF804EFBD
              SHA-512:620B3FB277071147C88819645A3DA8DED8BEA62D0111FBFC5BEAC5B596D6423CC98ED489CF7F1044CFDC833A47EC36F963679202D1DCEE9CAC4D199BB90FFDFD
              Malicious:false
              Reputation:low
              Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13267852829970909","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\565d3957-acd7-47b5-91eb-215319d7d6d2.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines, with no line terminators
              Category:dropped
              Size (bytes):5116
              Entropy (8bit):4.985456688903902
              Encrypted:false
              SSDEEP:96:nzC/oX2pcVXok0JCKL823kkp13bOTQVuwn:nzCm2pcg4Kfkkpt
              MD5:2F0E5F815649E36FF8CBA7206FCBB796
              SHA1:57331FC9516F7902CCE5DEF48423C52ADC3403B4
              SHA-256:CD00616F7FE3C7505D1C8129A13F288839395E993DCAFF4A00D19EF4D946237A
              SHA-512:90DA411CC15B4B5DCC06175B94736D80150C81688F3097894A0E1D1E55B61FFE19678BEBEA863EDF449B16BF2C41CB5FC64B29B3AEBE6F378FE648F6ABD8FD3C
              Malicious:false
              Reputation:low
              Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13267852830187583","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245951692116406","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6764b63f-2565-4cda-9548-7584881ffa8f.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines, with no line terminators
              Category:dropped
              Size (bytes):4219
              Entropy (8bit):4.871684703914691
              Encrypted:false
              SSDEEP:48:YXsJjMH+5s7YMHBKsvxMHVzspxMHbsIHt/soBDysKqnsllzMHpDCLsWJMHLsNuMg:RG+ZGJG+GTTD7IGpD+G7Gp2GnG4GVhH
              MD5:EDC4A4E22003A711AEF67FAED28DB603
              SHA1:977E551B9ED5F60D018C030B0B4AA2E33B954556
              SHA-256:DD2C9F43F622F801FCC213CDE8E3E90EF1D0D26665AE675449A94CEC7EB1D453
              SHA-512:84D3930579FD73C7D86144D5CDC636436955BA79759273C740D2D72BC4847F2F7F165BBCA3EB2E4DFB01777D6A5F141623278C1BF74615C5A491092CE3FD1602
              Malicious:false
              Reputation:low
              Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248543677350473","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543677350474","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31344},"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248543501474403","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543501474403","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31656},"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248543501454993","port":443,"protocol_str":"quic"},{"advertised_versions":[],"expiration":"13248543501454994","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":39369},"server":"https://www.googleapis.com","supports_spdy":true},
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6a795c02-6f56-42d6-8f59-c3bf73942ff1.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:very short file (no magic)
              Category:dropped
              Size (bytes):1
              Entropy (8bit):0.0
              Encrypted:false
              SSDEEP:3:L:L
              MD5:5058F1AF8388633F609CADB75A75DC9D
              SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
              SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
              SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
              Malicious:false
              Reputation:low
              Preview: .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6b60a697-bdd4-4918-804b-f88c903920dd.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with no line terminators
              Category:dropped
              Size (bytes):22595
              Entropy (8bit):5.536210877720659
              Encrypted:false
              SSDEEP:384:OlptDLlsyXy1kXqKf/pUZNCgVLH2HfD6rUpHGnnTPqRd4U:GLlVy1kXqKf/pUZNCgVLH2Hf+rUNGnnM
              MD5:A3B214F1ECBC2FC54AF3ABECF3DA74D5
              SHA1:E46EAFB6169D2F42D81A4860B0978101E34495C6
              SHA-256:F5CCA62FD14C795C35FD320499915F3D8E66D87D53BB3080237830F1864A4157
              SHA-512:44AE6A494EDBAD5B3B5A3E7D02BDCB9E0C7F5A7250A79C1A640EB3C84999B3DCEC022791C7A0D19E9ECD682F3709CCC308E8E14A5F2157648A6AA0B7C31FC478
              Malicious:false
              Reputation:low
              Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13267852829970909","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):334
              Entropy (8bit):5.220558008358796
              Encrypted:false
              SSDEEP:6:mwsoVu4q2PWXp+N23iKKdK9RXXTZIFUtpDsoTJZmwPDsojuDkwOWXp+N23iKKdKT:Qow4va5Kk7XT2FUtpAoTJ/PAojuD5f51
              MD5:DC50CD73220CE730930374F9E962678D
              SHA1:16A87771E06C8DA7F519F5F8ADE08FC9FC796FF0
              SHA-256:8D5FB106660F5D7681CD5E3F0129CF7FADF09EB6694920281CCDB56F76B88D54
              SHA-512:69D489FC0FB45421FED9DBFC5A6332D5A412DCFE7AE7D59A5DBE4DBCC94B2A0089D4BFA490966D4BB2056E637092FDC1AA6903977BB385BC2398EA8B67F9D2C5
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:41.842 16f4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2021/06/10-19:40:41.843 16f4 Recovering log #3.2021/06/10-19:40:41.844 16f4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):318
              Entropy (8bit):5.2515967410752555
              Encrypted:false
              SSDEEP:6:mwsd4q2PWXp+N23iKKdKyDZIFUtpDsLFYLJZmwPDsDLDkwOWXp+N23iKKdKyJLJ:Qd4va5Kk02FUtpAxYLJ/PADLD5f5KkWJ
              MD5:88742FC0A70AF626895E2291566626C2
              SHA1:A2D6B4F2DBFD42B123A049BDF4DF8058393F1156
              SHA-256:F288AE95018ED67CCB0FEEF7062D1E3AF458C9F0D3615585BE7CEF6645FA5D04
              SHA-512:481F4393C9ACC413BEDC5BC56FF14000A467669E5332C6DDAA7879686E3568231C4ACCDD448CF88343C1C375941201129703AB1709269A1D1CC1AC572D15D9B4
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:41.835 16f4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2021/06/10-19:40:41.836 16f4 Recovering log #3.2021/06/10-19:40:41.837 16f4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:SQLite 3.x database, last written using SQLite version 3032001
              Category:dropped
              Size (bytes):12288
              Entropy (8bit):0.825100060417208
              Encrypted:false
              SSDEEP:24:TLyqJLbXaFpEO5bNmISHn06UwuaEcQup+RAxn:TekLLOpEO5J/Kn7UjhI
              MD5:1FAA7C4FB6111DEA01CA61331F171545
              SHA1:8C7DEA7B7C5A87FE00FAC5F16E92C25C31EBA548
              SHA-256:3DF6D40C85F29E3D01078DCCE4A7078D44B1332523D97157A7527AABF5D8CBAA
              SHA-512:D3E75159B376E5EA3C683B77D8928D7AAE62193334EDC3210DD4CF7F993C69D97175CEF175AFB6847901AA62CA4E568525BEE9EF683AE8EBABD3B21591F8EF73
              Malicious:false
              Reputation:low
              Preview: SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):12836
              Entropy (8bit):0.9669006631667443
              Encrypted:false
              SSDEEP:24:QcLgAZOZD/lqLbJLbXaFpEO5bNmISHn06Uw6t8:Q8NOZlq5LLOpEO5J/Kn7UVt8
              MD5:9BC9BD21E0CA9F2B65DDEDD1D8D50A59
              SHA1:12A121E80155333766A2C054D2E6C2816A1C3DB2
              SHA-256:0B276B53654068EAADA642D64DE438EE16F79F2987838D04F1F16E54ED65A6FE
              SHA-512:A66BB213095678F59BC387575351FFDE461F9072C23D7D33C28C40560F7FCFD1452BFE7C7C5B5F50EC1B91D33FCA329340B5D1BA52E4B920DC119931847A2401
              Malicious:false
              Reputation:low
              Preview: ..............e^........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):8136
              Entropy (8bit):4.390533767581204
              Encrypted:false
              SSDEEP:192:39ja2fqvw+Za2fqvwvaVfqvwwa2fqvwB0agcaVfqvwmar:tjr6w+Zr6wv46wwr6wB0lc46wm0
              MD5:14432C323654301D7000AE09544D6B78
              SHA1:124FF646CD8988846973D8D28715F8C39942D059
              SHA-256:BC24B6DB60D488B648F5CA21B4B78F118A9CCE021CC651F0AF8F7388E570F7FA
              SHA-512:BBF4E5835CD32CBDA7D0F351921DBF8F065C85641796CCD14DB9BDC30F29009B4031C08A0D9D3041C9E8298D2774D24C5BF263C33B1517437F89C54F8DF34BA1
              Malicious:false
              Reputation:low
              Preview: SNSS....................................................!.............................................1..,.......$...4db21575_377c_416b_beec_d4c2753e531c..........................................................................................................5..0.......&...{524A03AB-861D-4591-9B4E-BDD69F9D425A}.......................................................X...https://5topbars.com/103c/Wp-images/tpuvnccwvfdqltxwj5po0dwuzt.php?0=bmFtZUBleGFtcGxlLmNvbQ==&.verify??guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAABA99NmGR9iNQOyU5mI3ASjQfYjcPATD_A8modgjxpNXYNmo8n5zxdi8EZV7GFYPzoSc_RpMz0hYfdCk0OLmxnMB6tpfZnd5ENcxTcI3e56K0Vz3pSL6PoIoDveE6VV6vAiBzqdjcYAbAHdiaf7gx2w9XRGmCh4orbe2VcZO9aN_....................................................h.......`............................... .......................eS.nt...fS.nt...X.......p...................................X...h.t.t.p.s.:././.5.t.o.p.b.a.r.s...c.o.m./.1.0.3.c./.W.p.-.i.m.a.g.e.s./.t.p.u.v.n.c.c.w.v.f.d.q.l.t.x.w.j
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):8
              Entropy (8bit):1.8112781244591325
              Encrypted:false
              SSDEEP:3:3Dtn:3h
              MD5:0686D6159557E1162D04C44240103333
              SHA1:053E9DB58E20A67D1E158E407094359BF61D0639
              SHA-256:3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
              SHA-512:884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
              Malicious:false
              Reputation:low
              Preview: SNSS....
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):183
              Entropy (8bit):4.267376444120917
              Encrypted:false
              SSDEEP:3:FQxlXayz/t2Hmwg0EOZL7Ao4uhFkEuRLKyC5Ei5+GgGg:qT5z/t2qoEwhXeLKBt
              MD5:7FA0F874EABF1EED31988230680AD210
              SHA1:E71B360F1E8D5C278A051AD03DFB9027ACCF38C3
              SHA-256:09E15F8939364145E710C314EBD93FD19BF60C2B6B20BF8023315D617B6B141B
              SHA-512:AF4C2E595AA0B1FD96474A0E73530B38BE5F2906B10BE1DEFC0A9221129A3E5BB8D0816777550863AD426C5C836ECA1F0C384986C2A1108E2E4CA20EF10A7824
              Malicious:false
              Reputation:low
              Preview: .f.5................i.Wd...............Sgdaefkejpgkiemlaofpalmlakkmbjdnl.declarative_rules.declarativeContent.onPageChanged.[]..F..................F..................F................
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):320
              Entropy (8bit):5.192848495897604
              Encrypted:false
              SSDEEP:6:mwseyq2PWXp+N23iKKdK8aPrqIFUtpDs1x1ZmwPDs1nRkwOWXp+N23iKKdK8amLJ:QTva5KkL3FUtpA1x1/PA1R5f5KkQJ
              MD5:F520FC0A74127030CC94A4323B9B2C8D
              SHA1:267D0DE9BC4F2FA7468C694884DC266A31632320
              SHA-256:BA462A9AD1F644922ED08B9FEF89B64398F4349A25B81BFBC98DF9FCE504DCE1
              SHA-512:9EDE5996FBC9BC49E266D2825D17FDBB64F97F5891B0B05364F921FAC00D1592F38072F31066DA7F81E287203DA61E7F22B6BFF2CA30BD32D716C4C8D56FABD5
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:30.196 14c0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/06/10-19:40:30.197 14c0 Recovering log #3.2021/06/10-19:40:30.197 14c0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):627
              Entropy (8bit):1.8784775129881184
              Encrypted:false
              SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW:
              MD5:9D7435EA49A80FDD66E4915F513017F9
              SHA1:469F6C6E4B19B85CC1BE497812B2F20864F4FF2C
              SHA-256:409D4C47E940688527D730B996E8991E010988C7671565467ED69D640D0947F3
              SHA-512:0561CD632D4219AEF4686DE40EC092921384CA89755D354801E0EAEC8645A8630A180807AF518AC8FCF01F71EB3D10FAA9CE1E62C7A7226A274975BDCB7EEB4C
              Malicious:false
              Reputation:low
              Preview: .f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):320
              Entropy (8bit):5.210450845038448
              Encrypted:false
              SSDEEP:6:mwskzOq2PWXp+N23iKKdK8NIFUtpDskeZmwPDskSkwOWXp+N23iKKdK8+eLJ:Qk6va5KkpFUtpAke/PAkS5f5KkqJ
              MD5:F0BD9CA149228F8B8601DA3DD93CCD06
              SHA1:3F73C179FE1C47A44F7199D362083737B8C2E02C
              SHA-256:F4AB1A75E9316D113BC97CC15DD5AF903328605ADE03895F652C20F3B2A4C055
              SHA-512:372FEB405C0A50C4D7FE06C6250CB6DCBE0319327B8ABF148A793C70987406E4CC1BB5B4D96874739A898CD02D309854386FF49F43B9FA6F3FC3A0F2CB46C2AB
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:32.273 1670 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/06/10-19:40:32.274 1670 Recovering log #3.2021/06/10-19:40:32.274 1670 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines, with no line terminators
              Category:dropped
              Size (bytes):11217
              Entropy (8bit):6.069602775336632
              Encrypted:false
              SSDEEP:192:GbylJnlTwGB7V9Hne4qasKxXItmLG48gcLg/PkI:Gb+nldByaFx4toj8VEPT
              MD5:90F880064A42B29CCFF51FE5425BF1A3
              SHA1:6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF
              SHA-256:965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
              SHA-512:D9CBFCD865356F19A57954F8FD952CAF3D31B354112766C41892D1EF40BD2533682D4EC3F4DA0E59A5397364F67A484B45091BA94E6C69ED18AB681403DFD3F3
              Malicious:false
              Reputation:low
              Preview: {"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAFMms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines, with no line terminators
              Category:dropped
              Size (bytes):11217
              Entropy (8bit):6.069602775336632
              Encrypted:false
              SSDEEP:192:GbylJnlTwGB7V9Hne4qasKxXItmLG48gcLg/PkI:Gb+nldByaFx4toj8VEPT
              MD5:90F880064A42B29CCFF51FE5425BF1A3
              SHA1:6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF
              SHA-256:965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
              SHA-512:D9CBFCD865356F19A57954F8FD952CAF3D31B354112766C41892D1EF40BD2533682D4EC3F4DA0E59A5397364F67A484B45091BA94E6C69ED18AB681403DFD3F3
              Malicious:false
              Reputation:low
              Preview: {"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAFMms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines, with no line terminators
              Category:dropped
              Size (bytes):23474
              Entropy (8bit):6.059847580419268
              Encrypted:false
              SSDEEP:384:7dNc1NC6IcafusK4H1IIGRlhKlkIALQWdynQh2RX4K6M1tVztzr7XSNyzH:7dOscSRKc1nGRSkIhEw6M1tf7SNyb
              MD5:6AE2135EA4583C2F06CDEBEA4AE70FA4
              SHA1:DCEB26C7F02D53B5F214305F4C75B4A33A79CDC2
              SHA-256:03AA1944CB3C4F39E20B6361571BC45DFBEBD3FFDA3D8F148CC6ECB29958F903
              SHA-512:B5945E67D9F73DD1982D687E5C6D9B5D6B3886C8050363A259755C76AC0F93651F3425FA7C21AA6A13977AC1C8C9322F998F131648CB8909096058D4F0D23312
              Malicious:false
              Reputation:low
              Preview: {"file_hashes":[{"block_hashes":["DOZdV3jFvk12AM2JNDYKo3KZrIVRprmJ+sVGWkqqE4Q=","rVElW3Hu3T52SzDDUqGT5YiJTBGUv2h3pNuBKFlhZ1U=","X/3fg4KZxgQ1jBr5QGq0F5JnflgE27UErd88mrxTcxs=","VibLbpy0ig+5INMOU71fTYN76iaka2XVpmm1qAKYsX8=","EChCwCbQHbHQ7oDdGT2qNyiRJ0yck2YC2emNGq4whtE="],"block_size":4096,"path":"_locales/iw/messages.json"},{"block_hashes":["xklkoZ7iSU1+7cd6DAtEmUC5lPFd+EgcbnzxkOiFwlk=","3KbsvoxKY/3AwqgF2aAdVQRpMhsNVRkQ3rx2A6Z2Z+Y=","o9+tsohquaCMj+70zeinRG/hBhA2uLoDl/WoC1uokME=","xV/K8xucyWJELVT8Cqn+ugFjobBVmg8pnmACF+2PP4Y=","p/mvJm2wuCl32Rx3it654MljKAsMe3S9IDEabc1A8mE=","j8mPrTb5oOsBTj2Fer78JE6xG6+kR64Cvu2SW8d3j/k=","nqSRpGQ3USU2bZJsZ+AzBmFOyann8omwJrhEWFZDTXc=","eTcQyJUuNuF9yCga/fXGyFCj/pysSceanhBzksdx23s=","Wj7faqnspelXKMvnduxHn1XUBG8TEOqyns7/oUihekM=","VtBwXoadI3EP336rAiL33Gz19KGqtN+RYdKnMKAXoLw=","iDgLXQqXJp8nCZxgLuC9LXM45DGfufvGnXvmHsn18wc=","g+RfdDfrWTUK0Pkcsbot7NJ4SC9wVRV/dVVMuHAtEj8=","2oC4HcCuXu3VjFf6wnKlznt9uqQNaebcuWpm/mWj69U=","aMUIpuFqPMiieSaWhIktCK62v2P3OZQAWupWsYzCnvk=","L
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:SQLite 3.x database, last written using SQLite version 3032001
              Category:dropped
              Size (bytes):20480
              Entropy (8bit):2.3327267171128017
              Encrypted:false
              SSDEEP:48:0Bmw6fUYfiF1t9GyyfiF1tuR74FTg+VFshI0QmBPIwWuEFkg1MdTyNx4MQ1Ot0pp:0BCeyuTgE226PIwWjkg1LP43iat
              MD5:0AC8F5C56584E87CED7EB90A54643087
              SHA1:59F53F13A64934DBF3D3433E85E9567C51E1BC07
              SHA-256:C44DEC32BB0DB65320329EDBF62617B25538863E706EEAE6F84A826E70C30F63
              SHA-512:3854590A69A932767F4F088AB09CC8AE60BBF694305BCF4E0BA00CACE95E3A585FEECF54491D90F59B8612AD0C1DEABA645FA80011422EC97DAE9778724868B2
              Malicious:false
              Reputation:low
              Preview: SQLite format 3......@ ..........................................................................C..........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):16972
              Entropy (8bit):0.7769549576251688
              Encrypted:false
              SSDEEP:24:qJIyLiXxh0GY/l1rWR1PmCx9fZjsBX+T6UwVJ3n:UIdBmw6fUEJ3n
              MD5:ACD329BD3D4A3CA81EC7B48AE5974945
              SHA1:745A9BDCAEDC5B18E5830B71947EC0CC70B4C1CA
              SHA-256:D4A05E7BA6C67FF1FC393F4177C395C90FF8B732AE9A0D73AC3716B989DA9FA0
              SHA-512:8BE5B38EA8C5C86A0C3FDF7C5F6BC91703737C5DED4D4CF2CACD4EFD7E27210695C7D66A85D8F3E1B5212C78572078A7C7CC32A020A48D8F473A7D5E015AB365
              Malicious:false
              Reputation:low
              Preview: ...............u........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):19
              Entropy (8bit):1.8784775129881184
              Encrypted:false
              SSDEEP:3:FQxlX:qT
              MD5:0407B455F23E3655661BA46A574CFCA4
              SHA1:855CB7CC8EAC30458B4207614D046CB09EE3A591
              SHA-256:AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
              SHA-512:3020F7C87DC5201589FA43E03B1591ED8BEB64523B37EB3736557F3AB7D654980FB42284115A69D91DE44204CEFAB751B60466C0EF677608467DE43D41BFB939
              Malicious:false
              Reputation:low
              Preview: .f.5...............
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):372
              Entropy (8bit):5.263802954613273
              Encrypted:false
              SSDEEP:6:mwssopN4q2PWXp+N23iKKdK25+Xqx8chI+IFUtpDss8JZmwPDssfDkwOWXp+N23U:QswN4va5KkTXfchI3FUtpAs8J/PAsfD6
              MD5:B6E8A9B8A465C80211E72CCCD6794C90
              SHA1:35758934D450D9BB73D3300F89209F4415713B3E
              SHA-256:0E80382A259329409A4631458797F886D802CE04C9D84E1161A5E147D5366EC1
              SHA-512:1DD9A0A0A6DE1CB34A832445C076E8B1AEF452943B670D988AE1CF4C30F47F9BFCBFF71A56BA1C1B70045E73F530DCDAED89707ABC8310223D0920D6A9754B82
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:41.804 16f4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2021/06/10-19:40:41.806 16f4 Recovering log #3.2021/06/10-19:40:41.807 16f4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):358
              Entropy (8bit):5.247091242146689
              Encrypted:false
              SSDEEP:6:mwsuN4q2PWXp+N23iKKdK25+XuoIFUtpDsPJZmwPDs4CNDkwOWXp+N23iKKdK25y:QuN4va5KkTXYFUtpAPJ/PA4gD5f5KkTZ
              MD5:27CA022DEE2CFABE61DC78F68F83BE08
              SHA1:CD4596A7ACA2E9C58783677957D71399D7BB5B62
              SHA-256:444C152BE7C50D0487516FADC557A3D1758C91ED5D6E07EE0A13303C36B96069
              SHA-512:D4F0A8BF6218E8E9B687673372E2696469C88B0D4533F0064875947CCD5D38A9BA151F8868BCEA1390F2930E06E85FCAA2AAA5270996757232EBB0BD4A2C1F39
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:41.788 16f4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2021/06/10-19:40:41.789 16f4 Recovering log #3.2021/06/10-19:40:41.790 16f4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):330
              Entropy (8bit):5.272741890382313
              Encrypted:false
              SSDEEP:6:mwsag4q2PWXp+N23iKKdKWT5g1IdqIFUtpDsQnJZmwPDsQnDkwOWXp+N23iKKdKn:QX4va5Kkg5gSRFUtpAQnJ/PAQnD5f5Kg
              MD5:D99BD2B1194540AD3DA89D09751B3033
              SHA1:8D7D7F7E2FC0E46134B96C839F1ABEA120CB3AD1
              SHA-256:F2F91FD0308EE7AC04DFE3D227B78B4FABFE266DCA161CFCB337F23E8445EBA2
              SHA-512:FC60211DC2A065A81B086EE924E6BD4D2B73865979DA0FC2453B69F9FF4D2B58162281E6CD6F12DFEF12F2942211AC44118C2744CE3B2AA377F7BFFCEED3DC64
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:41.778 16f4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2021/06/10-19:40:41.779 16f4 Recovering log #3.2021/06/10-19:40:41.779 16f4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:SQLite 3.x database, last written using SQLite version 3032001
              Category:dropped
              Size (bytes):32768
              Entropy (8bit):0.8549462695030605
              Encrypted:false
              SSDEEP:48:T+tF1thqiF1tVbefiF1tRqgp2YRGqiF1tBtF1tXfiF1tuR7w:sBqgp2YkU
              MD5:CFE460221EF3E3E9205E164D7EAD52A3
              SHA1:8DB9BBEFAC251D9DAE86423A8BAE2AB1B755C61C
              SHA-256:599F5D036134E07A3D0678A288B77D05BDE685AF28D092D605E360963C485841
              SHA-512:D972CED8379FFB5D7CB94A20ADF5B9B119F74A7DE072C7D275B7AA34BAADFB68D476EF753D794C9410A22D9ED728594C8C0688CF95DD8EDFE8CD6AA79BB19B53
              Malicious:false
              Reputation:low
              Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):3369
              Entropy (8bit):6.343497097966647
              Encrypted:false
              SSDEEP:48:r2Oq1lSqNgAPl1mS8PF+cuky4PyYQuFsqiEHadZDUjG5fHybey7tF1tHqiF1tMei:r2XLuhhNikfyruFsqH6gjGxHyblGn
              MD5:C7C40F6ACA5895BA4D514D0AAB06F0AF
              SHA1:F49BC75C741D70EB1D2DF4FDF0A13D25E52B7CAC
              SHA-256:51695B0C1F0B9F382E84822BD93A168E314D9ABEB01F8961AC50872A87EFBDD4
              SHA-512:99C0DB8DE885C9B07A4645CE7A6DC948DBD7A3C9DDE7F47A6048F0268D30F70EF98AEA5E7F89CE28B949F246BBF434D64741222FAC553428FAB1E09A1A5E47D7
              Malicious:false
              Reputation:low
              Preview: ............."... ..0..103c..5topbars.#a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc. ahr0chm6ly9sb2dpbi55ywhvby5jb20v.$aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd..bmftzublegftcgxllmnvbq..com..guce..https..images..in..load..php..referrer..rpmz0hyfdck0olmxnmb6tpfznd5enc..sig..sign..to..update..wp..5jipqyx9xgxb4abozyhw2t0bro.._.frpmz0hyfdck0olmxnmb6tpfznd5encxtci3e56k0vz3psl6poiodvee6vv6vaibzqdjcyabahdiaf7gx2w9xrgmch4orbe2vczo9an..verify..detecting..example..i..mail..name..server..tpuvnccwvfdqltxwj5po0dwuzt*... ....0......103c......5jipqyx9xgxb4abozyhw2t0bro......5topbars......_...'.#a8modgjxpnxynmo8n5zxdi8ezv7gfypzosc...$. ahr0chm6ly9sb2dpbi55ywhvby5jb20v...(.$aqaaaba99nmgr9inqoyu5mi3asjqfyjcpatd......bmftzublegftcgxllmnvbq......com......detecting......example......guce......https......i......images......in......load......mail......name......php......referrer..."..rpmz0hyfdck0olmxnmb6tpfznd5enc...j.frpmz0hyfdck0olmxnmb6tpfznd5encxtci3e56k0vz3psl6poiodvee6vv6vaibzqdjcyabahdiaf7gx2w9xrgmch4orbe2vczo9an..
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):33356
              Entropy (8bit):0.04761656801783401
              Encrypted:false
              SSDEEP:3:X4n3llu/fll3uNll3X/fll3PNll3uFll3n/fll3UFll38pMRgSWbNFl/l/4ltNl+:6b/Ykg9bNFlWCj/l4l+/l3n
              MD5:842511E21142A5C1DCE7BE12740B09D5
              SHA1:A78C79103D24C04D9595C8BAB5F88C33FB1B66A0
              SHA-256:AED18729E173CC3C86C67A06EAB2F24CA4E2DBEC45D3212EBFD0E91E6F539AFD
              SHA-512:903D4CE8D2CB6CCD6D00272FFFB62C26995A6EE53B2EF7281989AD53A6E0809790B0EA8296DFBCAAEA2453F39115D797103B754A3A1C27917CB475AFF690139F
              Malicious:false
              Reputation:low
              Preview: ............(..`........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):2955
              Entropy (8bit):5.475815953765329
              Encrypted:false
              SSDEEP:48:hejaGjEcCpHAa7mAMS38dbqyC3pyy5qSbQSefgGbcNrS0U9RdiN9AEB:AjLkHAa7mAMSMdbqyC3pyy5qSbQ5fgGa
              MD5:BDF203F1516A5ACE0E660F562A9A4A8B
              SHA1:6B00D8D88F9CBF95B5855B590516FDDD8BE9C098
              SHA-256:E9EA44262321A3E87BA99A506D0343FCC93F2407CCC072B39E934DB5D237DAAD
              SHA-512:B687E9BEBEFEE80C67B004D247A57A394BC33D3E1B7D44A498CA0F5ECA2CDD7D4EB7CE0FA3568A4A37BBCDD180D1C856BFCB1E515745DF0DD97989458415F28D
              Malicious:false
              Reputation:low
              Preview: ...|...*............8META:chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm.............Y_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.HangoutSinkDiscoveryService;.{"cache":{"sinks":{},"g":{},"h":null},"manualHangouts":{}}.a_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.IdGenerator.cast.RequestIdGenerator..747024000.H_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.LogManager...["[2021-06-10 19:40:45.75][INFO][mr.Init] MR instance ID: fc240acf-e1f3-44ff-8ff0-67d3d866143c\n","[2021-06-10 19:40:45.75][INFO][mr.Init] Native Cast MRP is disabled.\n","[2021-06-10 19:40:45.75][INFO][mr.Init] Native Mirroring Service is enabled.\n","[2021-06-10 19:40:45.76][INFO][mr.PersistentDataManager] removeTemporary_: 163 chars used\n","[2021-06-10 19:40:45.76][INFO][mr.PersistentDataManager] initialize: 163 chars used, 67 other chars\n","[2021-06-10 19:40:45.76][INFO][mr.CastProvider] Query enabled: true\n","[2021-06-10 19:40:45.76][INFO][mr.CloudProvider]
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):332
              Entropy (8bit):5.139287342593401
              Encrypted:false
              SSDEEP:6:mwsQS9+q2PWXp+N23iKKdK8a2jMGIFUtpDs6JZmwPDsCS39VkwOWXp+N23iKKdKw:QQS9+va5Kk8EFUtpA6J/PA/39V5f5Kkw
              MD5:1D55DF5A25F345CD01955AA83793A401
              SHA1:AB0B17907BC58C04A18C28AE256E0201EEF8E51A
              SHA-256:F3FC24356FE3893E17FCE17CC7BA3D7504CD8E9E881714D39138B63C2C0E755C
              SHA-512:B319E6DB7BEFAA782676EED34D3A9C2AB03C62201815FD7E633A6C4F439F732E3CD77364D074E8BC91BFD7F76766C29E3D205F77E42896252C5F8F34D3E96DE9
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:30.032 124c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/06/10-19:40:30.033 124c Recovering log #3.2021/06/10-19:40:30.034 124c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):334
              Entropy (8bit):5.166874646529691
              Encrypted:false
              SSDEEP:6:mwsSqyq2PWXp+N23iKKdKgXz4rRIFUtpDsax1ZmwPDsanRkwOWXp+N23iKKdKgXS:QSvva5KkgXiuFUtpA21/PAY5f5KkgX2J
              MD5:5A2DE68BE1A582B6DDC3FD07DB466CF7
              SHA1:F3052814EA6E0BFA564836FB20B4702970AD4E7F
              SHA-256:BE0F5F7FCF888E0BAA8C6F23F492BCCC2ED2DF8866BB5C9515BCCAE24A7075DB
              SHA-512:047FAFAD555DB715192A5F38B5B90A80B16CB0B40238859FD1B72FD1A6214BDB1D1EBB1C1639DC25BD6C930AE822F86CC4FE14E4BA6E536AC9F34032EAB481BB
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:30.212 14c0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/06/10-19:40:30.213 14c0 Recovering log #3.2021/06/10-19:40:30.213 14c0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:SQLite 3.x database, last written using SQLite version 3032001
              Category:modified
              Size (bytes):20480
              Entropy (8bit):1.0108612662910776
              Encrypted:false
              SSDEEP:48:TUIopK2rJNVr1GJmm8pF82phrJNVrdHX/cjrJN2yJ1n4n1GmhGUOoTRs2oTRsAos:wIElwQF8mpcSJ2YS1
              MD5:ACDD80AA6CEF535B1D451EB8E01BD63D
              SHA1:780E256D6064CD3DBCFC4BBC935C3E28610D4599
              SHA-256:7A0534E82CCD82494DBE074E8E4B087562D3EDE947CBB0B245B6495F2902743E
              SHA-512:7D6B464DE196B2D679CC08568503DDF25CB18EF6E589485F3CEED2DB87880DDA1069FCB017D0CF56C9FBE947C70BE2BE83B3D57343F8A583CF27A4447B4E7A9C
              Malicious:false
              Reputation:low
              Preview: SQLite format 3......@ ..........................................................................C..........g...^.........j............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):21044
              Entropy (8bit):0.8256091911342598
              Encrypted:false
              SSDEEP:48:FIvqkIopK2rJNVr1GJmm8pF82phrJNVrdHX/cjrJN2yJ1n4n1GmhGUm6:FQhIElwQF8mpcS3
              MD5:52AA5B0C4815A6A662F505C1D4BDF3AF
              SHA1:B7E591926924219B10274153248D2496C84E1257
              SHA-256:85EA0C22F9497D13E63D62E56B04DCAD2D457C0BE7F061D065ECC922E693F061
              SHA-512:AAEECC0FBAF321D5D3C6351920A734DACF28AD57977D8C913A1342E578428664A22B9F258F8BC5D221093C84FF84983D219D56D2BF3E951C4FE9C17A366A1AB8
              Malicious:false
              Reputation:low
              Preview: ..............u........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):114
              Entropy (8bit):1.9837406708828553
              Encrypted:false
              SSDEEP:3:5ljljljljljl:5ljljljljljl
              MD5:1B4FA89099996CE3C9E5A0A9768230E8
              SHA1:9026E1E0906E3B3FE0E414EE814CC5A042807A04
              SHA-256:537818AAFD0902A8B2D58B483674391E33E762B5E1E8CD226D873098CCE9C8F9
              SHA-512:4279C9380ACC5AB329EC6BCDA10CCF0A7437CEF63845B63E741CE517042CFE83340D2D362DD6B9E039BF55E61F484CCF72B8FD8477D1D0292E0B879CB949461B
              Malicious:false
              Reputation:low
              Preview: ..&f.................&f.................&f.................&f.................&f.................&f...............
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):320
              Entropy (8bit):5.16901293906259
              Encrypted:false
              SSDEEP:6:mwsCyq2PWXp+N23iKKdKrQMxIFUtpDs5eC11ZmwPDs5eCjRkwOWXp+N23iKKdKrb:Qnva5KkCFUtpA5x1/PA5R5f5KktJ
              MD5:4E0EBC7589D6F2903A65493039049042
              SHA1:DFF093A85222F41624054DF242C2569A9A34260D
              SHA-256:2E9C6B4D6D8E33E9E110ADE821B4E110CA1C971ABA68838245F9847302330E8C
              SHA-512:C0373A0C79F349F80FA4661893768829D1D186DAC8DF2FABFAADC76299370F44BAD37431A978629666F502D04595F235C43483A7561F7A01B12D1528BFB1BB2B
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:30.156 14c0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/06/10-19:40:30.157 14c0 Recovering log #3.2021/06/10-19:40:30.157 14c0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):348
              Entropy (8bit):5.182445032266819
              Encrypted:false
              SSDEEP:6:mwsuhQ+q2PWXp+N23iKKdK7Uh2ghZIFUtpDsuhlZmwPDsuh2VkwOWXp+N23iKKdb:Quhhva5KkIhHh2FUtpAuhl/PAuh2V5fI
              MD5:F4D925DA45C38CB80DEFF78909A41B4D
              SHA1:61B876E6C05F324FE7FB60E037119787AA892FFA
              SHA-256:E1F80E4A8340DD40C872234A735A5E844910C5CFA12CADD6492A7D6DD47DEBB3
              SHA-512:3F2DC09450D9557282F1317F56DE4A439FC12060EA076C61D0D17E283484556EFBFA66D89F849C7E8C7F45B8346D63CEB549467BCBA6BDA19BF18F8401A47221
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:29.955 1054 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/06/10-19:40:29.956 1054 Recovering log #3.2021/06/10-19:40:29.957 1054 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\24f65308-ded2-46b5-b3bb-73231a3c1bb2.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines, with no line terminators
              Category:dropped
              Size (bytes):420
              Entropy (8bit):4.985305467053914
              Encrypted:false
              SSDEEP:6:YHpoNXR8+eq7JdV5qQlsDHF4xj70PpqQEsDHF4R8HLJ2AVQBR70S7PMVKJw1K3Ky:YHO8sdBsB6MAsBdLJlyH7E4f3K33y
              MD5:C401B619D9D8E0ADABC25A47EE49CFBA
              SHA1:C9D3B816DD3FBCD98E9C0A32CEC7B501EFC0BBDA
              SHA-256:8F5D75F5EF9876E8D30CE477509F735B50C4D87DBEDB433BE8EDBE6D4B3CB82F
              SHA-512:BC12F16CB95CB0AD708C6BBD005EF863A8552613E612F1084086E0F8262752E1B5144D044F0D141CE8462CC33343C36B517A5CC778751680485D8F88FB51B862
              Malicious:false
              Reputation:low
              Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248543490879170","port":443,"protocol_str":"quic"},{"advertised_versions":[73],"expiration":"13248543490879171","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):296
              Entropy (8bit):0.19535324365485862
              Encrypted:false
              SSDEEP:3:8E:8
              MD5:C4DF0FB10C4332150B2C336396CE1B66
              SHA1:780A76E101DE3DE2E68D23E64AB1A44D47A73207
              SHA-256:18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
              SHA-512:51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
              Malicious:false
              Reputation:low
              Preview: .'..(...................................................................................................................................................................................................................................................................................................
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):430
              Entropy (8bit):5.259846093070487
              Encrypted:false
              SSDEEP:6:mws3Cq2PWXp+N23iKKdKusNpV/2jMGIFUtpDskZmwPDsx3kwOWXp+N23iKKdKusO:Q3Cva5KkFFUtpAk/PAx35f5KkOJ
              MD5:FF65D07623B2926AB056AB094AC565CF
              SHA1:0B19B804B1CE280CDFB60FAB299221C6B465BC11
              SHA-256:E89730673453919F111867E499A679D99A6530CC8294DE7EEBC4287B423FC0A0
              SHA-512:2EB3E96A5EE3B2FD8C5D2C43AB92D51C4977D8296C86A745967FA59C9B8617F42A27519BDA0E51BCBB1994F63C2A05A16699F277E9269AD483C993AE99367144
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:30.188 1670 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/06/10-19:40:30.192 1670 Recovering log #3.2021/06/10-19:40:30.193 1670 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):432
              Entropy (8bit):5.257026132703622
              Encrypted:false
              SSDEEP:6:mwsuFN+q2PWXp+N23iKKdKusNpqz4rRIFUtpDsJXWZmwPDsJ3VkwOWXp+N23iKKi:Q6+va5KkmiuFUtpA5W/PAJ3V5f5Kkm2J
              MD5:0037C322083EF679EF5BACB2B6E85AA2
              SHA1:79DEE6E2E93665F7FB48A5C78911B41A089D4208
              SHA-256:EF144A9E4120D2F10A3FC1A60C34EBD7F2E29501585331AFC3BDBFF0EA48ADAC
              SHA-512:FF7B9A4AA5CAD9A88FF2D3CF8341E14C84940FE7C6CCCC77EB966B57507AA4042C13A7453BE1430B57B55C0C66765CC4FA552AF2AEC571281F69E139EE853DDA
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:30.216 163c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/06/10-19:40:30.221 163c Recovering log #3.2021/06/10-19:40:30.222 163c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):19
              Entropy (8bit):1.9837406708828553
              Encrypted:false
              SSDEEP:3:5l:5l
              MD5:E556F26DF3E95C19DBAECA8F5DF0C341
              SHA1:247A89F0557FC3666B5173833DB198B188F3AA2E
              SHA-256:B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
              SHA-512:055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
              Malicious:false
              Reputation:low
              Preview: ..&f...............
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):418
              Entropy (8bit):5.25275733262253
              Encrypted:false
              SSDEEP:6:mwsI3TSVOq2PWXp+N23iKKdKusNpZQMxIFUtpDsIMlZmwPDsILFkwOWXp+N23iKX:QeTva5KkMFUtpA7l/PA2F5f5KkTJ
              MD5:12E127E9E902AE589081E13DC7B62265
              SHA1:001ABD9472DE1F9411B96BE8471B1BD9DB02DD32
              SHA-256:AECDA4984C29B6CB7141B7A378661D4AC30182A97ACE0C52FDAC603209F0146F
              SHA-512:5F3BF9667180657CE639E40C2A2FCAAD553C889AFDBF444952B4988193400FFE64B2D9D9B0A4D14B2D51F654C3D599C05A83ED131E8BA4B7C1D2CE849E5623C4
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:46.709 1670 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/MANIFEST-000001.2021/06/10-19:40:46.710 1670 Recovering log #3.2021/06/10-19:40:46.711 1670 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\3f5118dc-f1a5-477a-9e96-07347bc2ece4.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines, with no line terminators
              Category:dropped
              Size (bytes):420
              Entropy (8bit):4.954960881489904
              Encrypted:false
              SSDEEP:12:YHO8sdvBVSsB6M/BVSsBdLJlyH7E4f3K33y:YXsdvjX6gjXdL3yH7n/iy
              MD5:F4FEFEEEC722772F9DC0FCE1B52D79B5
              SHA1:00EECFA3B37113D30E7D43BE4383C540F3D93D4D
              SHA-256:D33E13C12004A700F246D8C73709114A881609D658E045D54DE36874728D07F0
              SHA-512:41E61EC89366800FD5F4DD704E53B47DE29411B9088B46349A0A350758D08569C14DCC70CF8D6A6FE6D049CB6D32F2B091153E8148A1B5857BD7AF13492071BE
              Malicious:false
              Reputation:low
              Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248543498399332","port":443,"protocol_str":"quic"},{"advertised_versions":[73],"expiration":"13248543498399332","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):296
              Entropy (8bit):0.19535324365485862
              Encrypted:false
              SSDEEP:3:8E:8
              MD5:C4DF0FB10C4332150B2C336396CE1B66
              SHA1:780A76E101DE3DE2E68D23E64AB1A44D47A73207
              SHA-256:18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
              SHA-512:51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
              Malicious:false
              Reputation:low
              Preview: .'..(...................................................................................................................................................................................................................................................................................................
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):427
              Entropy (8bit):5.206811078160027
              Encrypted:false
              SSDEEP:12:QMva5KkkGHArBFUtpAH/PAb5f5KkkGHAryJ:Xa5KkkGgPgXf5KkkGga
              MD5:3D770060AF2A73003D66FE16ED88A63F
              SHA1:78C97ABE37B9719A6FF74F8FD13F39EEAC1AF87B
              SHA-256:604E394F1E503346F53C0CD07545ADAB04097635AC241EF07DC11BD71889539D
              SHA-512:81C71A7E2D2DC4F7BB2EBC8D7DC799F55202DE5297812ABBD80411ABF563EBF4D9FA6A29BA76C0721C68B6C8BE1F2EDAAACBDDCE4366053F73C35381D55248C8
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:42.165 7a4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/MANIFEST-000001.2021/06/10-19:40:42.167 7a4 Recovering log #3.2021/06/10-19:40:42.169 7a4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):432
              Entropy (8bit):5.232816755840258
              Encrypted:false
              SSDEEP:12:QAva5KkkGHArqiuFUtpA+/PA45f5KkkGHArq2J:Na5KkkGgCgff5KkkGg7
              MD5:2000B3D6533F11428EE0433217500059
              SHA1:2D1C109651D67740D5A470542CFB000339753B70
              SHA-256:D5C5212F873870CDF54E6E5AD0126F37558A25FC94772AA2B534DDC42398FB9F
              SHA-512:228C0097C5536381584B49D1107B4B0ED2E0296E924733BF0C1A44469664C1456DDA0D9EE73F48E619A9E25891A554C686FA4E71753ADB6EBCF263F9AECC8627
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:42.167 1708 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/MANIFEST-000001.2021/06/10-19:40:42.171 1708 Recovering log #3.2021/06/10-19:40:42.173 1708 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):19
              Entropy (8bit):1.9837406708828553
              Encrypted:false
              SSDEEP:3:5l:5l
              MD5:E556F26DF3E95C19DBAECA8F5DF0C341
              SHA1:247A89F0557FC3666B5173833DB198B188F3AA2E
              SHA-256:B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
              SHA-512:055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
              Malicious:false
              Reputation:low
              Preview: ..&f...............
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):418
              Entropy (8bit):5.220221211690297
              Encrypted:false
              SSDEEP:12:Qova5KkkGHArAFUtpAO/PAm75f5KkkGHArfJ:5a5KkkGgkgXtf5KkkGgV
              MD5:DE8072819C217E63C28165BF6DA45D5D
              SHA1:A1F09BB669D8B97ED964301E7684CBD88715A075
              SHA-256:88EB1C13A065F08251D6CCD8A0E940C37F2F73E5D45A58817789865197A5BF35
              SHA-512:17B31C19201FF223E80F072E05B160D104AC0F09ED0E617E66F50470D8A0A521E749DDB887CB42920FC3AF7E4A384B13F5D3D2C6AF7D9D5A2E80650B24BA2FF1
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:57.518 1670 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/MANIFEST-000001.2021/06/10-19:40:57.519 1670 Recovering log #3.2021/06/10-19:40:57.520 1670 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):38
              Entropy (8bit):1.9837406708828553
              Encrypted:false
              SSDEEP:3:sgGg:st
              MD5:45A8ECA4E5C4A6B1395080C1B728B6C9
              SHA1:8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E
              SHA-256:DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
              SHA-512:8EE91A3A1E77459273553F6A776C423A8EE95DB9DCFA897771814B7AD13FD84F06BB2B859F22B6DDA384B39EAA91F1819F170BABED6DA16BDBCF5BCB06CF2124
              Malicious:false
              Reputation:low
              Preview: ..F..................F................
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):324
              Entropy (8bit):5.262311224237646
              Encrypted:false
              SSDEEP:6:mwsujLq2PWXp+N23iKKdKpIFUtpDsu4ZmwPDsuxbkwOWXp+N23iKKdKa/WLJ:Qu/va5KkmFUtpAu4/PAuxb5f5KkaUJ
              MD5:00C11DA5600947F3F742F137BB7439F2
              SHA1:B4F98D306ED9C18CF4557FE12016E9635471E34F
              SHA-256:6D694720023E1A3CBCDDDD144BE22876951169BBCBE36AB2D9B3DAEC58C03A52
              SHA-512:69BA9DBC0AAC9E52726E898EB01E8A19B1A552FBD1EE1E33CCAC494A34076DBACD265D22A824E8A799CCC22DD31C127C0B413643D886FDA899F7F1DDE2A1B611
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:29.977 1054 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/06/10-19:40:29.980 1054 Recovering log #3.2021/06/10-19:40:29.985 1054 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):402
              Entropy (8bit):5.3501569261684425
              Encrypted:false
              SSDEEP:12:QnHAva5KkkOrsFUtpAnr/PAnh5f5KkkOrzJ:Aya5Kk+g7f5Kkn
              MD5:51F9270C0306FFEE47F48A5AC8E2CE91
              SHA1:E52F978579A8D895FB837ECE52238575247FCC43
              SHA-256:39BCABB31A8FBE7B654AA09BD69324539A71B4788CEED2BDE9F0545A6EFDBDDF
              SHA-512:084298DD4C2985C402E6BF4F895CE276748A9EE7CEDAC88CE1B489085CD3E9CE00E93141E526AC92C35444C62400AD9ABF107BB760046D99426528D70500DD4C
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:45.762 1670 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/MANIFEST-000001.2021/06/10-19:40:45.764 1670 Recovering log #3.2021/06/10-19:40:45.764 1670 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):48
              Entropy (8bit):4.647055208874201
              Encrypted:false
              SSDEEP:3:y8AszO/lLjVZWZOCYZl81gVZ:xO5PWZO1l81m
              MD5:BC6BC19129982028F60D68D9F7401D90
              SHA1:CFF834AD1344F57E9B566B4FC5633E1F21382682
              SHA-256:E0727B81793F74A3CDCE6692F886D5AB6A94DDA3AB9C2A18EA18CB468F35DC57
              SHA-512:3E0F2D08449C1226BEEC7810B1E18ED18231DA9203FC6A57B4005099F0E6B5354B077EBE8C7E835AE73C050F979CE1F1269A4DF0C0E2BD0F580B4BF19152DD68
              Malicious:false
              Reputation:low
              Preview: ......IE..-......pA".^........g.........7.K.0..
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\347729e5-7d10-402e-b938-765a58068f30.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
              Category:dropped
              Size (bytes):175509
              Entropy (8bit):5.489440694064333
              Encrypted:false
              SSDEEP:1536:rKbsLAR2A4VBQV1111111111111Nr366R6faFR+up0y0y2im1OsFcgYzQNL9X:rKbsLAR2fe/FZntrslfX
              MD5:33EABC19FDF40F3D36B6870EF5861957
              SHA1:CF3EF59C3940B58C314E9F6A1616751553F2D9A2
              SHA-256:647D07F37554672865902B2CEE80864B5A5283C372C7263BB1497D5582054E57
              SHA-512:47CFEDB1FDBC9BC09905C70F69A5114C64A8FC791BCA480D24972275276F00CEB230C579B4217337F9C69ECB2AB3221A3B549F06E8074D76BCE2F31773FB69F5
              Malicious:false
              Reputation:low
              Preview: ............ .H............. ............... .p............. .h...n......... ............... ......... .... .....n...((.... .h.......00.... ..%..~H..@@.... .(B..&n..``.... .....N......... .(....D........ .w`...M..(............. ..............................+.O-8&]P>/^Q?-^&:?I.1;<....qye.f.%.......X...E.....I...k}....{.m.t.CP..........E...\...............=H..,A..,J..;P......................................................................................nnp}nnp}........~~~........!...!---2---2... ........................................(............. ................................!...7.#.:3,";3,!<.&'/............NPLYt.F.K.%.....L..C.....1...`...KOPVutz}..A.BxX.......P...Q.....1...x...tqpyxuux...0D..DP..........G...........uojuppnw....t|..9F..-=..+:..5:..rr......llkrkkmw................................ggitllkv................................hhgssss~............YY\eYY[e............nnnzXXXa.............................RRR\..........................................................
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\Chrome Web Store Payments.ico.md5
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):16
              Entropy (8bit):4.0
              Encrypted:false
              SSDEEP:3:SeFcn:Sec
              MD5:61B979ECA159ECAC9C7F8F1D6FD43E9D
              SHA1:0373696351FC2172E811DA8393DEC84036FA34A0
              SHA-256:AB05E0A6FF7E8FFF89F924B279D93AFC72ACCE817C4D250C60BB8059CC534303
              SHA-512:C95825DA33CBDDFA627D9FF9A5B8371BC5F4E643A09573B6E1E839A83B619F53D878C344030B9701DCBC24D4CECCC016CF4D298D10EE8C37D1B5FEC1A51682B6
              Malicious:false
              Reputation:low
              Preview: F......r...(R..
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b12e0699-e914-4105-a32c-151ee8555c01.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines, with no line terminators
              Category:dropped
              Size (bytes):5726
              Entropy (8bit):5.197125664686192
              Encrypted:false
              SSDEEP:96:nzC/G42Rlr7yb7cVXok0JCKL823kkp13bOTQVuwn:nzCP2Rkb7cg4Kfkkpt
              MD5:59146D62EF95662611953E0FCCF7411C
              SHA1:CBF463F3B8AD34C73B043536466811F19B16C2B2
              SHA-256:5FEC7AF6A2442A71DF23A9EAA2647A09FECD6C44A145E4F40A2CCEAD6E729C14
              SHA-512:00C94898A8E52346BB03FF03DA0938C7F793470EDB600FDF9C1FBE0A9C0339B32AA623B97DA801F1A19D773615EF6A8ED5A1966CD154B7343A94FEEA47E56313
              Malicious:false
              Reputation:low
              Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13267852830187583","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245951485614034","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245951692116406","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355378"],"daily_received_length":["0","0","0","0","0","0","0","
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):16
              Entropy (8bit):3.2743974703476995
              Encrypted:false
              SSDEEP:3:1sjgWIV//Rv:1qIFJ
              MD5:6752A1D65B201C13B62EA44016EB221F
              SHA1:58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B
              SHA-256:0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
              SHA-512:9CFD838D3FB570B44FC3461623AB2296123404C6C8F576B0DE0AABD9A6020840D4C9125EB679ED384170DBCAAC2FA30DC7FA9EE5B77D6DF7C344A0AA030E0389
              Malicious:false
              Reputation:low
              Preview: MANIFEST-000004.
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):139
              Entropy (8bit):4.451755776866395
              Encrypted:false
              SSDEEP:3:tUKUUiFLin0yZmwv3GUiFLCdhASV8sGUiFLCJKxASWGv:mwsqJZmwPDs+jASVvDs+JKxAStv
              MD5:3BC4744CF92D9FCC9E3AEF9720C8648F
              SHA1:C231545DED9B464D3AEFAF49E3F5B886166B66DC
              SHA-256:E3E7BC8C053A2C265A9B192512738E25CB5A55E9C5A8039DB07D4E3A126745ED
              SHA-512:FF0C5FBAA936F38EC8900BAC5F41B954619C5E52A209950FB7088838A40441162A3187B2F68DA04C905A564560CA9E99C078110240ACCCAC76EAF7B169BF1D6D
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:41.544 16f4 Recovering log #3.2021/06/10-19:40:41.605 16f4 Delete type=0 #3.2021/06/10-19:40:41.606 16f4 Delete type=3 #2.
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MPEG-4 LOAS
              Category:dropped
              Size (bytes):50
              Entropy (8bit):5.028758439731456
              Encrypted:false
              SSDEEP:3:Ukk/vxQRDKIVmt+8jzn:oO7t8n
              MD5:031D6D1E28FE41A9BDCBD8A21DA92DF1
              SHA1:38CEE81CB035A60A23D6E045E5D72116F2A58683
              SHA-256:B51BC53F3C43A5B800A723623C4E56A836367D6E2787C57D71184DF5D24151DA
              SHA-512:E994CD3A8EE3E3CF6304C33DF5B7D6CC8207E0C08D568925AFA9D46D42F6F1A5BDD7261F0FD1FCDF4DF1A173EF4E159EE1DE8125E54EFEE488A1220CE85AF904
              Malicious:false
              Reputation:low
              Preview: V........leveldb.BytewiseComparator...#...........
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):338
              Entropy (8bit):5.228408930842146
              Encrypted:false
              SSDEEP:6:mwsqXXq2PWXp+N23iKKdKfrzAdIFUtpDsqo6ZmwPDsqoFkwOWXp+N23iKKdKfrzS:Qyva5Kk9FUtpAr6/PAL5f5Kk2J
              MD5:72B9A7A5FD38898E151330F1FB9CF00B
              SHA1:F1D8461C8ACC0C47E7CC2C1C13E2471019A34BCD
              SHA-256:4F8C157D0A24B4F46BE7417C24676BA51C5435A8B6FFB32FF800C5462D5D802B
              SHA-512:509A0AD50E7E3633CA8FDB795EF30520979D25B4BD78CF157A89EF65CA70B1B364F51E5E75D825A7EC0214110BA4FD8AA00492FD6EA186F63F1C1001A0910C36
              Malicious:false
              Reputation:low
              Preview: 2021/06/10-19:40:41.863 1670 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2021/06/10-19:40:41.864 1670 Recovering log #3.2021/06/10-19:40:41.865 1670 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/000003.log .
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:data
              Category:dropped
              Size (bytes):106
              Entropy (8bit):3.138546519832722
              Encrypted:false
              SSDEEP:3:tbloIlrJ5ldQxl7aXVdJiG6R0RlAl:tbdlrnQxZaHIGi0R6l
              MD5:DE9EF0C5BCC012A3A1131988DEE272D8
              SHA1:FA9CCBDC969AC9E1474FCE773234B28D50951CD8
              SHA-256:3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
              SHA-512:CEA946EBEADFE6BE65E33EDFF6C68953A84EC2E2410884E12F406CAC1E6C8A0793180433A7EF7CE097B24EA78A1FDBB4E3B3D9CDF1A827AB6FF5605DA3691724
              Malicious:false
              Reputation:low
              Preview: C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.
              C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with no line terminators
              Category:dropped
              Size (bytes):13
              Entropy (8bit):2.8150724101159437
              Encrypted:false
              SSDEEP:3:Yx7:4
              MD5:C422F72BA41F662A919ED0B70E5C3289
              SHA1:AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632
              SHA-256:02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
              SHA-512:86010ED2B2EEBDCC5A8A076B37703669C294C6D1BFAAEA963E26A9C94B81B4C53EC765D9425E5B616159C43923F800A891F9B903659575DF02F8845521F8DC46
              Malicious:false
              Reputation:low
              Preview: 85.0.4183.121
              C:\Users\user\AppData\Local\Google\Chrome\User Data\bec02132-8d20-4878-9b35-fe297c69f5ec.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines, with no line terminators
              Category:modified
              Size (bytes):172318
              Entropy (8bit):6.079160245510047
              Encrypted:false
              SSDEEP:3072:j4/M+6uBid07edCpsWFD8/k2Dsl8YGhRFcbXafIB0u1GOJmA3iuRb:8/M9uBid4edRW6s2Dk6haqfIlUOoSiuV
              MD5:B7537C38E80177B554E91616B08FD16F
              SHA1:39D59AD5F6FCA15BDC87D492C845E512AB78C7A4
              SHA-256:7687896575DB9D80D39306D619608904CC8CCE3221AB002702036CB016F886F9
              SHA-512:AC50679D487983F164182E43FBB083364A10818E5190EAC4DA18A5B4D81438A134883F01FF984D14F9497CD5A9F40464E12FEDCCB2DE3CBDE92F004D682E51BC
              Malicious:false
              Reputation:low
              Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.623379232956503e+12,"network":1.623346834e+12,"ticks":95964503.0,"uncertainty":4554237.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016965140"},"plugins":{"metadata":{"adobe-flash-player":{"displ
              C:\Users\user\AppData\Local\Google\Chrome\User Data\f780e1f5-a161-410c-a421-fc153fc92596.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text, with very long lines, with no line terminators
              Category:dropped
              Size (bytes):172318
              Entropy (8bit):6.079159256098059
              Encrypted:false
              SSDEEP:3072:LueM+6uBid07edCpsWFD8/k2Dsl8YGhRFcbXafIB0u1GOJmA3iuRb:aeM9uBid4edRW6s2Dk6haqfIlUOoSiuV
              MD5:3CF4BDBED0990C777461D5661ECE43AD
              SHA1:71F453CD5EABCF3BDEBD5017941D9FD6616D3E61
              SHA-256:605B4D543E4537C301B787C1BAC45A10308DC76D38EF0234E9CE5F27E71D78AE
              SHA-512:0DD747D6BBB369D71BF1E074317BB3D4E1356743BD0CDA24B98078A0D27DA2F67FAD9DDF0B99A1D1257A6DE460DFC7BC9149371BCA20B50A4E145086736F3297
              Malicious:false
              Reputation:low
              Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.623379232956503e+12,"network":1.623346834e+12,"ticks":95964503.0,"uncertainty":4554237.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABL95WKt94zTZq03WydzHLcAAAAAAIAAAAAABBmAAAAAQAAIAAAABAL2tyan+lsWtxhoUVdUYrYiwg8iJkppNr2ZbBFie9UAAAAAA6AAAAAAgAAIAAAABDv4gjLq1dOS7lkRG21YVXojnHhsRhNbP8/D1zs78mXMAAAAB045Od5v4BxiFP4bdRYJjDXn4W2fxYqQj2xfYeAnS1vCL4JXAsdfljw4oXIE4R7l0AAAABlt36FqChftM9b7EtaPw98XRX5Y944rq1WsGWcOPFyXOajfBL3GXBUhMXghJbDGb5WCu+JEdxaxLLxaYPp4zeP"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951016607996"},"plugins":{"metadata":{"adobe-flash-player":{"displ
              C:\Users\user\AppData\Local\Temp\28d0f286-284c-48ef-8a0c-45d14e2f0af9.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:very short file (no magic)
              Category:dropped
              Size (bytes):1
              Entropy (8bit):0.0
              Encrypted:false
              SSDEEP:3:L:L
              MD5:5058F1AF8388633F609CADB75A75DC9D
              SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
              SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
              SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
              Malicious:false
              Reputation:low
              Preview: .
              C:\Users\user\AppData\Local\Temp\3f4838d3-96af-4f3e-8d19-c1bc81a333b6.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:very short file (no magic)
              Category:dropped
              Size (bytes):1
              Entropy (8bit):0.0
              Encrypted:false
              SSDEEP:3:L:L
              MD5:5058F1AF8388633F609CADB75A75DC9D
              SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
              SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
              SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
              Malicious:false
              Reputation:low
              Preview: .
              C:\Users\user\AppData\Local\Temp\43a4eead-9d03-4ce2-b6b8-8cfd3c93f9a2.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:Google Chrome extension, version 3
              Category:dropped
              Size (bytes):248531
              Entropy (8bit):7.963657412635355
              Encrypted:false
              SSDEEP:3072:r+nmRykNgoldZ8GjJCiUXZSk+QSVh85PxEalRVHmcld9R6yYfEp4ABUGDcaKklrv:k3oF4Z4h45P99Fld9RBQYBVcaxlnfL
              MD5:541F52E24FE1EF9F8E12377A6CCAE0C0
              SHA1:189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
              SHA-256:81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
              SHA-512:D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
              Malicious:false
              Reputation:low
              Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f|.~.c.4.E.......0..0...*.H............0.......).'..b.*$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$|..|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...|!..A..L.+.=...kP.!.1..
              C:\Users\user\AppData\Local\Temp\629f5a27-4f10-48ac-8882-3f6b77eb6f59.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:Google Chrome extension, version 3
              Category:dropped
              Size (bytes):248531
              Entropy (8bit):7.963657412635355
              Encrypted:false
              SSDEEP:3072:r+nmRykNgoldZ8GjJCiUXZSk+QSVh85PxEalRVHmcld9R6yYfEp4ABUGDcaKklrv:k3oF4Z4h45P99Fld9RBQYBVcaxlnfL
              MD5:541F52E24FE1EF9F8E12377A6CCAE0C0
              SHA1:189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
              SHA-256:81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
              SHA-512:D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
              Malicious:false
              Reputation:low
              Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f|.~.c.4.E.......0..0...*.H............0.......).'..b.*$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$|..|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...|!..A..L.+.=...kP.!.1..
              C:\Users\user\AppData\Local\Temp\8b657bb1-889c-4fda-aa69-dad36e5ead88.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:Google Chrome extension, version 3
              Category:dropped
              Size (bytes):768843
              Entropy (8bit):7.992932603402907
              Encrypted:true
              SSDEEP:12288:cK2ED9wjXNC1Gse83ru82/u0eKhgxuPFrDXgtbPz54Pm1D0fBmfH1sBrJ9mTiDga:cK2ED9I48seur0/uZKCuPNbgtbz6m1ob
              MD5:A11D5CAF6BF849AEB84B0C95B1C3B7CF
              SHA1:27F410CCBD75852C01C7464A1FD7EF8C29BE3916
              SHA-256:D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
              SHA-512:086C124DE3A01BE467647F3BCB4EA05105F690AB45417A0E3D38935ABA9E2381DF59AF98D0FFF7823CEFD5390B48807352E135AC70977AED7B413A8CC48FB590
              Malicious:false
              Reputation:low
              Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........6W..>Nuw9..R{c...Nq.H.K..A!....`v.k+..?.5.>v.....;.._~....tp....x.q.V...7.m.O.~.{!.o/q.'..BK..4./?'.....L..fH&.._<..&.p.k^..\s...:1y..F.N.+...X.PO@Mo....X.G1:..Y.@;..j..........=ae...0.......DU....n...n.;.Ipr..Q....:... <.....a.Y....{ei........0..0...*.H............0.......Mbh=.[O}.+..U.KHF(n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$......l-m.............m....ni...`..W.....R.p.b.+...+.\k.R$e~.J\.&c%.d...M..j..V.%...+1F....D....X\.1ct.<........E.B.+.i@...8..^...&YR...I.o...,.....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. D.'.N@.(..GK....m...A.0.."
              C:\Users\user\AppData\Local\Temp\b3308d88-51ba-4f3d-b8ad-8e9ece537ed7.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:very short file (no magic)
              Category:dropped
              Size (bytes):1
              Entropy (8bit):0.0
              Encrypted:false
              SSDEEP:3:L:L
              MD5:5058F1AF8388633F609CADB75A75DC9D
              SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
              SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
              SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
              Malicious:false
              Reputation:low
              Preview: .
              C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):13226
              Entropy (8bit):4.6463041001093135
              Encrypted:false
              SSDEEP:192:zSNLVaObQI2bRbO7uODrO9O+C5O1VtsYz+0z6J/gue+9AmfeWYpvtRwG:udzHUeJbstsYz+0O5gue+9Amfepvbz
              MD5:DE85D888084D80660E674AB4BD590479
              SHA1:59DAD785722DCF5DCB329B41C3124BAB3AFB7068
              SHA-256:E61F532AA8EC781746C4152169FCDCD0D63DD4C0AB0660340A9A8AC5304872A4
              SHA-512:E56EE7052FEA9EB495C105FD56C2BC91109337627FB459E6DBA7090D5B1FF3F2BE0B1537180BF39F741E5FE21CD3D41A566A6C6C27F4FB563AA5C7420D1CD910
              Malicious:false
              Reputation:low
              Preview: CLIENT_HANDSHAKE_TRAFFIC_SECRET 4c9762e49cea3894a51c79f1ae54ebb3a5c0c6ede2d3ad7bbe5866630991debe f9d7943c9b3c2e1a35eca198b4da042af2dba3a9cda42a4556768f51f3314989.SERVER_HANDSHAKE_TRAFFIC_SECRET 4c9762e49cea3894a51c79f1ae54ebb3a5c0c6ede2d3ad7bbe5866630991debe c4498dfd4ccca364a616dd1dcc62dc69ccef352e35b916ab8ed2f5a49ee9914f.CLIENT_HANDSHAKE_TRAFFIC_SECRET 8420f951932dc604a57b8c06412645e681c51ecb6a553300120f3d5c94c3473d 5e98b1ac215708919678b6f9d3cf9633620740ef755755baa41581812f1865f7.SERVER_HANDSHAKE_TRAFFIC_SECRET 8420f951932dc604a57b8c06412645e681c51ecb6a553300120f3d5c94c3473d cf4c416202bf484dcd035c878e8bebc254e4d3e8f7139575f313714016431285.CLIENT_HANDSHAKE_TRAFFIC_SECRET dcfb73397af8fa8b31a07d6dc8a173b2799d20fbb533116f4bf14240c2f48570 21456ef6d622ff12b0b608d1c7f6ba3ac02486d0806c7620cffcf81dd1332ad9.SERVER_HANDSHAKE_TRAFFIC_SECRET dcfb73397af8fa8b31a07d6dc8a173b2799d20fbb533116f4bf14240c2f48570 623bdda66f683ae07588aa55c939600844a6560f27279bd0e4d91f9cb7a2a962.CLIENT_HANDSHAKE_TRAFFIC_SEC
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\8b657bb1-889c-4fda-aa69-dad36e5ead88.tmp
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:Google Chrome extension, version 3
              Category:dropped
              Size (bytes):768843
              Entropy (8bit):7.992932603402907
              Encrypted:true
              SSDEEP:12288:cK2ED9wjXNC1Gse83ru82/u0eKhgxuPFrDXgtbPz54Pm1D0fBmfH1sBrJ9mTiDga:cK2ED9I48seur0/uZKCuPNbgtbz6m1ob
              MD5:A11D5CAF6BF849AEB84B0C95B1C3B7CF
              SHA1:27F410CCBD75852C01C7464A1FD7EF8C29BE3916
              SHA-256:D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
              SHA-512:086C124DE3A01BE467647F3BCB4EA05105F690AB45417A0E3D38935ABA9E2381DF59AF98D0FFF7823CEFD5390B48807352E135AC70977AED7B413A8CC48FB590
              Malicious:false
              Reputation:low
              Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........6W..>Nuw9..R{c...Nq.H.K..A!....`v.k+..?.5.>v.....;.._~....tp....x.q.V...7.m.O.~.{!.o/q.'..BK..4./?'.....L..fH&.._<..&.p.k^..\s...:1y..F.N.+...X.PO@Mo....X.G1:..Y.@;..j..........=ae...0.......DU....n...n.;.Ipr..Q....:... <.....a.Y....{ei........0..0...*.H............0.......Mbh=.[O}.+..U.KHF(n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$......l-m.............m....ni...`..W.....R.p.b.+...+.\k.R$e~.J\.&c%.d...M..j..V.%...+1F....D....X\.1ct.<........E.B.+.i@...8..^...&YR...I.o...,.....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. D.'.N@.(..GK....m...A.0.."
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\am\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):17307
              Entropy (8bit):5.461848619761356
              Encrypted:false
              SSDEEP:384:arfbEVrFvMP4rMhuDopC3vUuFBYZV6uml:aHEVrFvMP4KuFvr6D6uml
              MD5:26330929DF0ED4E86F06C00C03F07CE3
              SHA1:478F3B7E7A7E007BEE182B89C2EF6FFE6045E92C
              SHA-256:621B5139ED199022BB6529AF18ED4DC312AE9F3E90ECAF3B2C9E1D12114F5B22
              SHA-512:0BE6183A1BF12575C0F99960705D4249E79CDB8528C55FF132BE99A111F09494231AD6A36CD61B090A3B34C6971D68A29373BA346888E852C52E05DC14380682
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "...... ... ..... .. ...... .... ... .... ......?".. },.. "128276876460319075": {.. "message": "..... ...".. },.. "1428448869078126731": {.. "message": ".... ......".. },.. "1522140683318860351": {.. "message": "..... ....... .... ..... .....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": "... ...".. },.. "1802762746589457177": {.. "message": "...".. },.. "1850397500312020388": {.. "message": ".$START_LINK$Google Home .......$END_LINK$ ... ...... Chromecast ..... .....? $START_SPAN$*$END_SPAN$",.. "placeholde
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\ar\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):16809
              Entropy (8bit):5.458147730761559
              Encrypted:false
              SSDEEP:192:0IprKC78JmUjk8RkeryFOYPATxLZ8fsbE3/IFV6c8TEKdl:Jrp8JjA8RkerK0lc3wFV6uml
              MD5:44325A88063573A4C77F6EF943B0FC3E
              SHA1:78908D766F3E7A0E4545E7BD823C8ED47C7164EB
              SHA-256:67A439A08804EF4BEF261BDBADD8F0FEFD51729167D01EDCA99DD4AF57D6108B
              SHA-512:889C02BC986794C58C76022E78F57F867DD1D5217687F12D679A33A2DB9E5A18F3A37CF94D8FE4585E747C78E4662EAB93361FF7D945990774C7CFCACCFB79D1
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": ".. .. ........ ....... .... .... ... .......".. },.. "128276876460319075": {.. "message": "...... .......".. },.. "1428448869078126731": {.. "message": "..... .......".. },.. "1522140683318860351": {.. "message": "..... ........ .... ........ ... .....".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": "..... .....".. },.. "1850397500312020388": {.. "message": "... ....... .. .... Chromecast .. $START_LINK$..... Google Home$END_LINK$. $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {..
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\bg\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):18086
              Entropy (8bit):5.408731329060678
              Encrypted:false
              SSDEEP:192:4jjpr342SIwPIasR9VhMkACVmrv8evj+3eXivOMbb2vVzCkwRV6V6c8TEKdl:4ZrYo+rxT+qOV6V6uml
              MD5:6911CE87E8C47223F33BEF9488272E40
              SHA1:980398F076BB7D451B18D7FDE2DE09041B1F55AD
              SHA-256:273DEF0F67F0FA080802B85EF6F334DE50A19408F46BDF41F0F099B1F5501EEA
              SHA-512:CDB69405BB553E46DCF02F71B1A394307D0051E7FA662DFFEBA7888F30DD933F13C7FD6E32F1D7AEAEE8746316873B6E1D92029724ABDC75E49DCC092172EA22
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": ".......".. },.. "1213957982723875920": {.. "message": "... .. ........ ......... ...... ...-..... ....... ..?".. },.. "128276876460319075": {.. "message": "......... .. ..........".. },.. "1428448869078126731": {.. "message": "........ .. .........".. },.. "1522140683318860351": {.. "message": "........... .. .. ........ ...., ........ .......".. },.. "1550904064710828958": {.. "message": "......".. },.. "1636686747687494376": {.. "message": ".......".. },.. "1802762746589457177": {.. "message": ".... .. .....".. },.. "1850397500312020388": {.. "message": "....... .. ............ .. Chromecast . $START_LINK$............ Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "p
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\bn\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):19695
              Entropy (8bit):5.315564774032776
              Encrypted:false
              SSDEEP:384:PrUCrcTIOeswIW/Vre/sZn8TFfzheV6uml:lPswIWtoK8xfG6uml
              MD5:F9DDF525C07251282A3BFFCEE9A09ABB
              SHA1:A343A078E804AF400A8F3E1891E3390DA754A5CD
              SHA-256:C69C6C90F7EB8F10685CD815AF1F6F1B87CF30C4E8D95DF1D577DE1105AAD227
              SHA-512:EBD339C37162984672513019D470B92DF8B743DD69D4430361EF12D42FD1C208DBDE818A7BFE20BE8A7D63CD6E02B3F4344DEA1C4AEDB8719D789981A49DA44C
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": ".... ...".. },.. "1213957982723875920": {.. "message": "..... ....... ..... ........... ...... ....... ...... ...?".. },.. "128276876460319075": {.. "message": "...... ........".. },.. "1428448869078126731": {.. "message": "...... ......... ...".. },.. "1522140683318860351": {.. "message": "..... .... ...... ....... ... ... .... ...... .....".. },.. "1550904064710828958": {.. "message": ".........".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": ".....".. },.. "1850397500312020388": {.. "message": "$START_LINK$ Google
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\ca\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):15518
              Entropy (8bit):5.242542310885
              Encrypted:false
              SSDEEP:384:drGUBKxMF2ayv8FrIccUVFmwf+7d9VKS3V6uml:dCUBKxMFBy0FE3UzmQ+zkSl6uml
              MD5:A90CF7930E7C3BEC61EE252DEFAD574A
              SHA1:F630CA01114A7BDD39607CB84B8280CCE218A5C6
              SHA-256:A533740E17559E2ADF40B4555C60F21EEC84E92C09CDBC19EED033A0B4DD2474
              SHA-512:598F991B344FA6724617D6CE57BB0D6D64EF86B4F5317BF6AD5EDF43E6B0A385094E7885F7A8FA2B107405B31C3D9F76E92315BC1D9BB52ACD4ECAD342917DE1
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": "Es congela".. },.. "1213957982723875920": {.. "message": "Quina de les opcions.seg.ents descriu millor la vostra xarxa?".. },.. "128276876460319075": {.. "message": "Detecci. de dispositius".. },.. "1428448869078126731": {.. "message": "Flu.desa del v.deo".. },.. "1522140683318860351": {.. "message": "S'ha produ.t un error en la connexi.. Torneu-ho a provar.".. },.. "1550904064710828958": {.. "message": "Correcta".. },.. "1636686747687494376": {.. "message": "Perfecta".. },.. "1802762746589457177": {.. "message": "Volum".. },.. "1850397500312020388": {.. "message": "Pots veure el Chromecast a l'$START_LINK$aplicaci. Google.Home$END_LINK$?$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\cs\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):15552
              Entropy (8bit):5.406413558584244
              Encrypted:false
              SSDEEP:192:eVdprJrG5efiTk93ebrxZR1fdc8VDCwT9fTV6c8TEKdl:2rMqiQerxQ88W7V6uml
              MD5:17E753EE877FDED25886D5F7925CA652
              SHA1:8E4EC969777CC0CEB7C12D0C1B9D87EBBB9C4678
              SHA-256:C562FCCFCE374D446BFAC30AC9B18FF17E7A3EF101C919FF857104917F300382
              SHA-512:33D61F6327FC81D7A45AA2CC97922DC527F5F43E54AA1A1638DA6EE407024A2F10CFD82CC5C3C581C2E7B216276987CB26C3FA95198572E139ACF29CC5B7ADCB
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": "Video zamrz.".. },.. "1213957982723875920": {.. "message": "Kter. popis nejl.pe vystihuje va.i s..?".. },.. "128276876460319075": {.. "message": "Zji..ov.n. za..zen.".. },.. "1428448869078126731": {.. "message": "Plynulost videa".. },.. "1522140683318860351": {.. "message": "P.ipojen. se nezda.ilo. Zkuste to pros.m znovu.".. },.. "1550904064710828958": {.. "message": "Plynul.".. },.. "1636686747687494376": {.. "message": "Perfektn.".. },.. "1802762746589457177": {.. "message": "Hlasitost".. },.. "1850397500312020388": {.. "message": "Vid.te sv.j Chromecast v.$START_LINK$aplikaci Google Home $END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\da\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):15340
              Entropy (8bit):5.2479291792849105
              Encrypted:false
              SSDEEP:192:+Upr8XnI1MY2kPuir8j7Rd3kbTWc4QtV6c8TEKdl:FrJ1H9br8h6eZCV6uml
              MD5:F08A313C78454109B629B37521959B33
              SHA1:3D585D52EC8B4399F66D4BE88CED10F4A034FCCC
              SHA-256:23BF7E5EDF70291CA6D8F4A64788C5B86379EECB628E3DFA7DD83344612F7564
              SHA-512:9F2868AEBBF7F6167A7EA120FE65E752F9A65D1DC51072AA2413B2FDE374DA2D169D455A4788E341717F694179E6F1FA80413C080D9CD8CB397C3E84668CBFEC
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": "Fryser".. },.. "1213957982723875920": {.. "message": "Hvilket af f.lgende udsagn beskriver bedst dit netv.rk?".. },.. "128276876460319075": {.. "message": "Enhedsregistrering".. },.. "1428448869078126731": {.. "message": "Videostabilitet".. },.. "1522140683318860351": {.. "message": "Forbindelsen blev afbrudt. Pr.v igen.".. },.. "1550904064710828958": {.. "message": "Problemfri".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Lydstyrke".. },.. "1850397500312020388": {.. "message": "Kan du se din Chromecast i $START_LINK$ Google Home-appen$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "STAR
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\de\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):15555
              Entropy (8bit):5.258022363187752
              Encrypted:false
              SSDEEP:192:AJprM71A4qyJSwlk5KR5rtXsmvL0xhVw921YV6c8TEKdl:2re3jJS5A5rt8msA2KV6uml
              MD5:980FB419ED6ED94AD75686AFFB4E4C2E
              SHA1:871BFBCA6BCBA9197811883A93C50C0716562D57
              SHA-256:585C7814AFD2453232BC940252D4AE821D6E6CBCFD74A793F78E5DB8BA5342F1
              SHA-512:1681FA9C3BA882250A5005FB807D759EB8A634F1AA011725B1C865C0028BE7AB7BC16DC821A7F5BBFBA84C91E7D663ADE715284798E7E84E8FFF2D254488882D
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": "H.ngenbleiben".. },.. "1213957982723875920": {.. "message": "Welche dieser Aussagen beschreibt dein Netzwerk am besten?".. },.. "128276876460319075": {.. "message": "Ger.teerkennung".. },.. "1428448869078126731": {.. "message": "Videowiedergabequalit.t".. },.. "1522140683318860351": {.. "message": "Fehler beim Herstellen der Verbindung. Bitte versuche es noch einmal.".. },.. "1550904064710828958": {.. "message": "St.rungsfrei".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Lautst.rke".. },.. "1850397500312020388": {.. "message": "Siehst du deinen Chromecast in der $START_LINK$Google Home App$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\el\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):17941
              Entropy (8bit):5.465343004010711
              Encrypted:false
              SSDEEP:384:S0rDuhLh41cZrP3TzDBknbpgo6djIV6uml:S0fuBh46ZD3TzDinbpgoUK6uml
              MD5:40EB778339005A24FF9DA775D56E02B7
              SHA1:B00561CC7020F7FE717B5F692884253C689A7C61
              SHA-256:F56BF7C171AA20038EE30B754478B69A98F3014C89362779B0A8788C7B9BEEE1
              SHA-512:8BED281A33EC1E4E88A9F9D62BB13FE0266C0FAF8856D1DC2A843D26DD3CE5E7D1400FD3325ABD783B0364EC4FB1188AD941D56AEB9073BC365BE0D12DE6C013
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": ".......".. },.. "1213957982723875920": {.. "message": ".... ... .. ........ .......... ........ .. ...... ...;".. },.. "128276876460319075": {.. "message": ".......... ........".. },.. "1428448869078126731": {.. "message": "......... ......".. },.. "1522140683318860351": {.. "message": "........ ......... ......... .....".. },.. "1550904064710828958": {.. "message": ".....".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": "...... ....".. },.. "1850397500312020388": {.. "message": "........ .. ..... .. Chromecast .... $START_LINK$........ Google Home$END_LINK$; $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\en\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):14897
              Entropy (8bit):5.197356586852831
              Encrypted:false
              SSDEEP:96:2MKUOp5N7GTNMRuv6M0bIt3FXGkW6/5NkkQ9NJKJhnH3t9F410sUA+ISN6cGDSyR:VKzprogudTGkWqrKcJhdIR+V6c8TEKdl
              MD5:8351AF4EA9BDD9C09019BC85D25B0016
              SHA1:F6EC1FFD291C8632758E01C9EE837B1AD18D4DCF
              SHA-256:F41C82D8A4F0E9B645656D630C882BE94A0FB7F8CEC0FE864B57298F0312B212
              SHA-512:75672B57F21F38F97341AD76A199AD764E9FBAB2384D701BF6EB06CEFDE6C4F20F047F9051A4E30D99621E5C1FBBDB9E38E8D2B47470806704B38DA130A146CF
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": "Freezes".. },.. "1213957982723875920": {.. "message": "Which of the following best describes your network?".. },.. "128276876460319075": {.. "message": "Device Discovery".. },.. "1428448869078126731": {.. "message": "Video Smoothness".. },.. "1522140683318860351": {.. "message": "Connection failed. Please try again.".. },.. "1550904064710828958": {.. "message": "Smooth".. },.. "1636686747687494376": {.. "message": "Perfect".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Are you able to see your Chromecast in the $START_LINK$ Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "START
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\es\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):15560
              Entropy (8bit):5.236752363299121
              Encrypted:false
              SSDEEP:192:NAgprfy1pTCukFr+1DIyDRoanvV6c8TEKdl:KMrq6FrmvV6uml
              MD5:8A70C18BB1090AA4D500DE9E8E4A00EF
              SHA1:8AFC097FA956C1317DB0835348B2DA19F0789669
              SHA-256:FF173D1CEF665B1234E02F11070ABD2B65230318150734579A03C7F31B4AE3F4
              SHA-512:140BAF40A4ABE9B8AF0855B0EBB7DFDF17869EDFC4EE1037C5EA7FDD8EDEBD4850E055B6A4D7B8782657618BCE1517813779BA01BA993CC838BB43E0BE71EEEE
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": "Congelaci.n de im.genes".. },.. "1213957982723875920": {.. "message": ".Cu.l de las siguientes respuestas describe mejor tu red?".. },.. "128276876460319075": {.. "message": "Detecci.n de dispositivo".. },.. "1428448869078126731": {.. "message": "Fluidez del v.deo".. },.. "1522140683318860351": {.. "message": "Error en la conexi.n. Vuelve a intentarlo.".. },.. "1550904064710828958": {.. "message": "V.deo fluido".. },.. "1636686747687494376": {.. "message": "Perfecta".. },.. "1802762746589457177": {.. "message": "Volumen".. },.. "1850397500312020388": {.. "message": ".Puedes ver tu Chromecast en la $START_LINK$aplicaci.n Google.Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\et\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):15139
              Entropy (8bit):5.228213017029721
              Encrypted:false
              SSDEEP:96:Z48bxhWYp5Ny5M63niwAKD4rrJSJ2RkPXh9P5NFP2+NBMU01jewUEVez3QOiSevy:ikxprot3lYkf/rHBc0KsUV6c8TEKdl
              MD5:A62F12BCBA6D2C579212CA2FF90F8266
              SHA1:F7E964A2D9BBDA364252BCE5CFBA3FD34FDD825E
              SHA-256:3EB3EB0B3B4A8E5A477D1B3C3A3891CCC7DC6B8879ECE243A7BD7C478068273D
              SHA-512:E300201245C00ADEC8F39D586875F8FA4607AB203572BF3CE353C1CA7CDCA05B8786810CA0CEE27E4EA54A5EFD53690F1EA7AA4148CFF472A66BB11202723566
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": "Hangub".. },.. "1213957982723875920": {.. "message": "Milline j.rgmistest v.idetest kirjeldab k.ige paremini teie v.rku?".. },.. "128276876460319075": {.. "message": "Seadme tuvastamine".. },.. "1428448869078126731": {.. "message": "Video sujuvus".. },.. "1522140683318860351": {.. "message": ".hendamine eba.nnestus. Proovige uuesti.".. },.. "1550904064710828958": {.. "message": ".htlane".. },.. "1636686747687494376": {.. "message": "T.iuslik".. },.. "1802762746589457177": {.. "message": "Helitugevus".. },.. "1850397500312020388": {.. "message": "Kas n.ete oma Chromecasti $START_LINK$rakenduses Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\fa\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):17004
              Entropy (8bit):5.485874780010479
              Encrypted:false
              SSDEEP:192:rngaIprIX/t9wkjTJrs3hqaXxRQdiIMDnD+LhfHdoltV6c8TEKdl:4rin5rU1X7Qd0M9CtV6uml
              MD5:852BD3CFF960F1BC3A2AAB3CB3874EF9
              SHA1:C9F6F3C776542889FE3B67971D65ACFE048A3A0A
              SHA-256:D87597B6C10364501B98AA42524843F109009CCEF022D8E0170440D7F144F4C6
              SHA-512:2A7AE4D70E33E53EE31831CE2E61DD8DF103C4170EC483BDA14B8788E5DD536EEE84DBA340CACBDF16889C7E6465B48D82C4714E746E8A7B372D12CBDF371C95
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": ".... ... .......".. },.. "1213957982723875920": {.. "message": ".... .. .. ..... ... .... ... .. .. ...... ... ..... .......".. },.. "128276876460319075": {.. "message": "..... ......".. },.. "1428448869078126731": {.. "message": "..... .....".. },.. "1522140683318860351": {.. "message": "..... ...... .... ..... ...... ...... .....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": "..... ...".. },.. "1850397500312020388": {.. "message": ".... ......... Chromecast ... .. .. $START_LINK$ ...... Google Home$END_LINK$ ....... $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {..
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\fi\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):15268
              Entropy (8bit):5.268402902466895
              Encrypted:false
              SSDEEP:192:efMprYXiYUNpj5Coik1tXxrUhvUzSPWV6c8TEKdl:eIrjbjosdrU5WV6uml
              MD5:3902581B6170D0CEA9B1ECF6CC82D669
              SHA1:C8208AC2B1DD6D4F8BDAAE01C8BD71FFFA5A732B
              SHA-256:D2A8180225A83A423BB6E17343DFA8F636D517154944002ED9240411B8C0C5E1
              SHA-512:612FDD8A3C5051F0A4F1E11E50B5D124B337C77D62D987D35C2AF9E08AFC6AFCEBAEE8D40FDFBCD1E1889F39758B96FAECBF6C6D1CF146C741A5261952050221
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": "Pys.htyy".. },.. "1213957982723875920": {.. "message": "Mik. seuraavista kuvaa parhaiten verkkoasi?".. },.. "128276876460319075": {.. "message": "Laitteiden tunnistaminen".. },.. "1428448869078126731": {.. "message": "Videon tasaisuus".. },.. "1522140683318860351": {.. "message": "Yhteys ep.onnistui. Yrit. uudelleen.".. },.. "1550904064710828958": {.. "message": "Tasainen".. },.. "1636686747687494376": {.. "message": "T.ydellinen".. },.. "1802762746589457177": {.. "message": "..nenvoimakkuus".. },.. "1850397500312020388": {.. "message": "N.etk. Chromecastisi $START_LINK$Google Home .sovelluksessa$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\fil\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):15570
              Entropy (8bit):5.1924418176212646
              Encrypted:false
              SSDEEP:192:+esprzAsQp68wIJYkMyr2k0jR1/7Rr1uV6c8TEKdl:Gr78JDMyrR0tJuV6uml
              MD5:59483AD798347B291363327D446FA107
              SHA1:C069F29BB68FA7BA2631B0BF5BBF313346AC6736
              SHA-256:DD47530EAE96346CD4DC3267A0BB1091BB17B704803A93CDA2E3E81551B94F12
              SHA-512:091595CA135E965ED3DE376873541117F0E7A8EBDEB4714833EFDD6C820234373891BE5DEC437BA85CCB79CCCA053D407E6ADA17EBDAE7D313324A48775C0010
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": "Hindi gumagalaw".. },.. "1213957982723875920": {.. "message": "Alin sa sumusunod ang pinakamahusay na naglalarawan sa iyong network?".. },.. "128276876460319075": {.. "message": "Pagtuklas ng Device".. },.. "1428448869078126731": {.. "message": "Pagka-smooth ng Video".. },.. "1522140683318860351": {.. "message": "Hindi nakakonekta. Pakisubukang muli.".. },.. "1550904064710828958": {.. "message": "Smooth".. },.. "1636686747687494376": {.. "message": "Perpekto".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Nakikita mo ba ang iyong Chromecast sa $START_LINK$ Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\fr\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):15826
              Entropy (8bit):5.277877116547859
              Encrypted:false
              SSDEEP:192:nLZprAZg3EkV3sjrICe8L/1Va7lt1rlxLAkoYHHavV6c8TEKdl:vrW+2jrI7TdLAk3MV6uml
              MD5:9B416146FE4F1403C2AACAC4DCF1A5C3
              SHA1:616F055C9FAD4CE972DF82EC8A9B2F4EDA3E7FAD
              SHA-256:7C7F5758F54008190ACCDDBD1761CBD980FB5FE0847E992874498228D2571DBC
              SHA-512:6E8E70380A8C6E2C0587ADFF6AE36963EC76694904841CE1DFE4EEE215B917AD3E8AF727555627FBDF6B8BA6A4A0674D2B90AC4E9331B6628A32F4C4348FB51B
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": "Se fige".. },.. "1213957982723875920": {.. "message": "Parmi les propositions suivantes, laquelle d.crit le mieux votre r.seau.?".. },.. "128276876460319075": {.. "message": "D.tection d'appareils".. },.. "1428448869078126731": {.. "message": "Fluidit. de la vid.o".. },.. "1522140683318860351": {.. "message": ".chec de la connexion. Veuillez r.essayer.".. },.. "1550904064710828958": {.. "message": "Fluide".. },.. "1636686747687494376": {.. "message": "Parfaite".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Votre Chromecast est-il visible dans l'$START_LINK$application Google.Home$END_LINK$.? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\gu\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):19255
              Entropy (8bit):5.32628732852814
              Encrypted:false
              SSDEEP:384:Hq2Mr+qPlJKYMdzKgXr3dGsGF+yAK37Wf7Cy/V6uml:KxzTVgX7ykj6uml
              MD5:68B03519786F71A426BAC24DECA2DD52
              SHA1:B8E6608932EC5CEC4BC3C5475BFC3E312D2E2E7D
              SHA-256:C77A4D27E9E6CA25B9290056D93A656E3EBE975957E4C2EE9F0FB11B133D5CD4
              SHA-512:5FFE06A10774877AF25E05BA07F3032CC52F874896D67E320F4EF9D524A22E40B462CC6206700E9557EB354FA2730172DC6912EBCA49C671FB0EF155B17F9EFF
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "........... .... ..... .......... ....... ..... ... ..?".. },.. "128276876460319075": {.. "message": "..... ...".. },.. "1428448869078126731": {.. "message": "........ ......".. },.. "1522140683318860351": {.. "message": "....... ...... ..... .... ..... ..... ...... ....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": ".......".. },.. "1850397500312020388": {.. "message": "... ... $START_LINK$ Google Home ..$END_LINK$... Chromecast..
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\hi\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):19381
              Entropy (8bit):5.328912995891658
              Encrypted:false
              SSDEEP:384:zrGrSmhKy7KyY+bNEDqlQdrMEPxtShJV6uml:zBqG6QdwEPrW6uml
              MD5:20C86E04B1833EA7F21C07361061420A
              SHA1:617C0D70E162CF380005E9780B61F650B7A39F9B
              SHA-256:C2C27CA242DBDE600BA3AA7782156BC2B190A64D8A1B51EDC8007BDECA139553
              SHA-512:9FB91AA8E0226519E298B1136E8A1A3C1879DB7F0E6052AF1BFD55921CD698346278D04602510680A9695A76DD5C96D9665380580044C50D81392BB2CB3E8E95
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "..... ... .. ... .... ....... .. .... ..... ..... .... ..?".. },.. "128276876460319075": {.. "message": "...... ...".. },.. "1428448869078126731": {.. "message": "...... .........".. },.. "1522140683318860351": {.. "message": "....... ..... ..... .... ...... .....".. },.. "1550904064710828958": {.. "message": ".......".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": ".....".. },.. "1850397500312020388": {.. "message": ".... .. $START_LINK$ Google Home .........$END_LINK$ ... .... Ch
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\hr\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):15507
              Entropy (8bit):5.290847699527565
              Encrypted:false
              SSDEEP:192:Pdapr6h85tRwVQgkvJryLkla5Kfndg/V6c8TEKdl:Arwot2Q7BryVce/V6uml
              MD5:3ED90E66789927D80B42346BB431431E
              SHA1:2B061E3271DF4255B1FFC47BDB207CDEC0D9724F
              SHA-256:0B41E3C42414F72C9A12C05F8772597F9685115366A774C66018467AD4B71A74
              SHA-512:92BE43F1FFC8EFBF5BBC50573AC4C65F6104416A5B6CD04404C3A9854CA3DCF2A43A4044C168590CDF83887D234495843572331ADCD5B020D2E48A3956F3C164
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": "Zamrzavanje".. },.. "1213957982723875920": {.. "message": "Koje od sljede.eg najbolje opisuje va.u mre.u?".. },.. "128276876460319075": {.. "message": "Otkrivanje ure.aja".. },.. "1428448869078126731": {.. "message": "Ujedna.enost videoreprodukcije".. },.. "1522140683318860351": {.. "message": "Povezivanje nije uspjelo. Poku.ajte ponovo.".. },.. "1550904064710828958": {.. "message": "Glatko".. },.. "1636686747687494376": {.. "message": "Savr.ena".. },.. "1802762746589457177": {.. "message": "Glasno.a".. },.. "1850397500312020388": {.. "message": "Vidite li svoj Chromecast u $START_LINK$aplikaciji Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\hu\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):15682
              Entropy (8bit):5.354505633120392
              Encrypted:false
              SSDEEP:192:CCEAproS9fZv+JwkDMrC2NSxoSgbV6c8TEKdl:5r5VZv+RDMrazoV6uml
              MD5:8E9FF7E49473C5734A2F6F0812E12EB3
              SHA1:A4F10DDD1580582533D5EB59EDF6D8048F887C81
              SHA-256:6CDD2FB39ADECE00E88B989E464B05ED1414092D0492F6D0AE58D549BFD1A46A
              SHA-512:E9A4AF31B1A276F395599BB620A3164CABF3459F3C102DD3F57DFEA734510BD985DE65CB409E1975559ACCC615075439A08E1DEBE22C90A0ABCAA3CAFEE79AC7
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": "Lefagy".. },.. "1213957982723875920": {.. "message": "Az al.bbiak k.z.l melyik jellemzi legjobban h.l.zat.t?".. },.. "128276876460319075": {.. "message": "Eszk.zfelfedez.s".. },.. "1428448869078126731": {.. "message": "Vide. folyamatoss.ga".. },.. "1522140683318860351": {.. "message": "Sikertelen kapcsol.d.s. K.rj.k, pr.b.lja .jra.".. },.. "1550904064710828958": {.. "message": "Folyamatos".. },.. "1636686747687494376": {.. "message": "T.k.letes".. },.. "1802762746589457177": {.. "message": "Hanger.".. },.. "1850397500312020388": {.. "message": "L.tja a Chromecastot a $START_LINK$Google Home alkalmaz.sban$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content":
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\id\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):15070
              Entropy (8bit):5.190057470347349
              Encrypted:false
              SSDEEP:192:GsprMtChjkWfrEWL0KRCnEOWV6c8TEKdl:9rtAEr3LTRuWV6uml
              MD5:7ADF9F2048944821F93879336EB61A78
              SHA1:C3DA74FB544684D5B250767BB0CB66FFB7C58963
              SHA-256:3630947E1075E3663AD3E4824D0BE42CB47C0D615D8053E83B9595047C8BA9BE
              SHA-512:1F28BB80E1839C5581106BEA3AE2501C7618249D7E3115819F5A9A87771D59F5DE346C1B9C87F7FFC390604D5B9888CE738E25F2F04A094002A0FB3B22CBEC95
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": "Membeku".. },.. "1213957982723875920": {.. "message": "Dari berikut ini, manakah yang paling mendeskripsikan jaringan Anda?".. },.. "128276876460319075": {.. "message": "Penemuan Perangkat".. },.. "1428448869078126731": {.. "message": "Kelancaran Video".. },.. "1522140683318860351": {.. "message": "Sambungan gagal. Coba lagi.".. },.. "1550904064710828958": {.. "message": "Lancar".. },.. "1636686747687494376": {.. "message": "Sempurna".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Bisakah Anda melihat Chromecast di $START_LINK$aplikasi Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\it\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):15256
              Entropy (8bit):5.210663765771143
              Encrypted:false
              SSDEEP:192:lYprk52dAaykVza8rE0QWBKD9+vq0hKEV6c8TEKdl:qrlA8r6DalV6uml
              MD5:BB3041A2B485B900F623E57459AE698A
              SHA1:502F5EA89F9FB0287E864B240EA39889D72053A4
              SHA-256:025737EF8FA06706B3F26D0F52B4844244A6D33DAE1D82FEF2931A14C003D57E
              SHA-512:BA51784073BEF82F3A116B33DA406FDB10EC823B9EE74375C46036DAD8BDCB4141F60845DE141ABE42CEEF9251572F6AB287CA5FC7669C60E4F68071D5AB8C2D
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": "Si blocca".. },.. "1213957982723875920": {.. "message": "Quale delle seguenti definizioni descrive meglio la tua rete?".. },.. "128276876460319075": {.. "message": "Rilevamento dispositivi".. },.. "1428448869078126731": {.. "message": "Uniformit. video".. },.. "1522140683318860351": {.. "message": "Connessione non riuscita. Riprova.".. },.. "1550904064710828958": {.. "message": "Fluido".. },.. "1636686747687494376": {.. "message": "Perfetta".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Riesci a vedere il tuo dispositivo Chromecast nell'$START_LINK$app Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\ja\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):16519
              Entropy (8bit):5.675556017051063
              Encrypted:false
              SSDEEP:192:nkprPhQdxkRWrZe1wYpMR5wnAV6c8TEKdl:YrLRWri65wAV6uml
              MD5:6F2CC1A6B258DF45F519BA24149FABDC
              SHA1:8A58C7880C6D22765DCBB6BCE22A192C1B109AE1
              SHA-256:42ECFEE727CFC4F2845FEFDACE5EDC2E0A40AFAD69973A3B950CE653A7633342
              SHA-512:F7454F0E14301C59CC54361ACC0A1C6D072EF9BDF5DEA60646FB90B1CE47612785938C784A4CF1DE3E62648A14420374933B5F5DA43907BC00D3799FF163A3D0
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": "...".. },.. "1213957982723875920": {.. "message": "................................".. },.. "128276876460319075": {.. "message": "......".. },.. "1428448869078126731": {.. "message": ".......".. },.. "1522140683318860351": {.. "message": ".......................".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": "$START_LINK$Google Home ...$END_LINK$. Chromecast .........$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".
              C:\Users\user\AppData\Local\Temp\scoped_dir6064_1821058515\CRX_INSTALL\_locales\kn\messages.json
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:UTF-8 Unicode text, with very long lines, with CRLF line terminators
              Category:dropped
              Size (bytes):20406
              Entropy (8bit):5.312117131662377
              Encrypted:false
              SSDEEP:384:a6C5rBSzvrZreGnla9ZBHRUDYr9yRwEcAa4rSeD5BSz0hJz8qbbM3gbr//Hkr44c:a6C5rBSzvFreGnla9ZBHRUDYr9yRwEcC
              MD5:2E3239FC277287810BC88D93A6691B09
              SHA1:FC5D585DA00ADC90BF79109C7377BD55E6653569
              SHA-256:5FC705AD19761204D8604EA069936A23731B055D51E7836CAAF16AC7719FBEEA
              SHA-512:DF8BC9E577D3ECB0E6C303E1D2C9E9A4A8317CAE810A9DFC88D91B373A4B665722C5A9AB5A589BB947FDA4C7CD9A6DF39DDD13EA47FE9EFF7E0AC43E49FF3479
              Malicious:false
              Reputation:low
              Preview: {.. "1018984561488520517": {.. "message": "....... .........".. },.. "1213957982723875920": {.. "message": "...... ...... ..... ........... ..... ......... ............?".. },.. "128276876460319075": {.. "message": "..... ........".. },.. "1428448869078126731": {.. "message": "........ .......".. },.. "1522140683318860351": {.. "message": "...... ........... ........ ..... ...........".. },.. "1550904064710828958": {.. "message": ".....".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": "........".. },.. "1850397500312020388": {.. "message": ".... $

              Static File Info

              No static file info

              Network Behavior

              Network Port Distribution

              TCP Packets

              TimestampSource PortDest PortSource IPDest IP
              Jun 10, 2021 19:40:32.395430088 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:32.396102905 CEST49730443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:32.414521933 CEST49731443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:32.602524042 CEST4434973066.206.8.98192.168.2.3
              Jun 10, 2021 19:40:32.602783918 CEST49730443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:32.603069067 CEST49730443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:32.603400946 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:32.603590965 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:32.603790045 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:32.619853973 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:32.620071888 CEST49731443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:32.620393991 CEST49731443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:32.809185028 CEST4434973066.206.8.98192.168.2.3
              Jun 10, 2021 19:40:32.811520100 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:32.813180923 CEST4434973066.206.8.98192.168.2.3
              Jun 10, 2021 19:40:32.813204050 CEST4434973066.206.8.98192.168.2.3
              Jun 10, 2021 19:40:32.813215017 CEST4434973066.206.8.98192.168.2.3
              Jun 10, 2021 19:40:32.813357115 CEST49730443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:32.817075968 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:32.817097902 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:32.817111969 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:32.817317009 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:32.822237968 CEST49730443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:32.822977066 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:32.823529005 CEST49730443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:32.825293064 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:32.826798916 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:32.826822996 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:32.826836109 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:32.826922894 CEST49731443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:32.828144073 CEST49731443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:33.028832912 CEST4434973066.206.8.98192.168.2.3
              Jun 10, 2021 19:40:33.028863907 CEST4434973066.206.8.98192.168.2.3
              Jun 10, 2021 19:40:33.028994083 CEST49730443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:33.031213999 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:33.031325102 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:33.031469107 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:33.031898975 CEST4434973066.206.8.98192.168.2.3
              Jun 10, 2021 19:40:33.033454895 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:33.033569098 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:33.033725023 CEST49731443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:33.042877913 CEST49730443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:33.253674030 CEST4434973066.206.8.98192.168.2.3
              Jun 10, 2021 19:40:33.345828056 CEST49730443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:33.346319914 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:33.346800089 CEST49731443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:33.552272081 CEST4434973066.206.8.98192.168.2.3
              Jun 10, 2021 19:40:33.552320957 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:33.554591894 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:33.663338900 CEST49730443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:33.663366079 CEST49731443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:33.663523912 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:33.901638985 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:34.021970987 CEST49731443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:34.110024929 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.110048056 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.110063076 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.110084057 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.110100985 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.110117912 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.110116959 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:34.110160112 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:34.110275984 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.110292912 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.110349894 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:34.110486031 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.110502005 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.110542059 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:34.227714062 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.227734089 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.227751017 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.227766991 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.227783918 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.227799892 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.227806091 CEST49731443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:34.227838993 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.227858067 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.227873087 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.227874994 CEST49731443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:34.227893114 CEST4434973166.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.227896929 CEST49731443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:34.227946043 CEST49731443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:34.318244934 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.318286896 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.318325996 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.318346977 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:34.318365097 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.318403959 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.318408966 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:34.318440914 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.318483114 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:34.318487883 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.318531036 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.318573952 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:34.318717957 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.318759918 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.318800926 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.318804979 CEST49729443192.168.2.366.206.8.98
              Jun 10, 2021 19:40:34.318840981 CEST4434972966.206.8.98192.168.2.3
              Jun 10, 2021 19:40:34.318880081 CEST4434972966.206.8.98192.168.2.3

              UDP Packets

              TimestampSource PortDest PortSource IPDest IP
              Jun 10, 2021 19:40:22.702373981 CEST6511053192.168.2.38.8.8.8
              Jun 10, 2021 19:40:22.755472898 CEST53651108.8.8.8192.168.2.3
              Jun 10, 2021 19:40:23.579339981 CEST5836153192.168.2.38.8.8.8
              Jun 10, 2021 19:40:23.629755020 CEST53583618.8.8.8192.168.2.3
              Jun 10, 2021 19:40:24.565392017 CEST6349253192.168.2.38.8.8.8
              Jun 10, 2021 19:40:24.618973017 CEST53634928.8.8.8192.168.2.3
              Jun 10, 2021 19:40:25.523793936 CEST6083153192.168.2.38.8.8.8
              Jun 10, 2021 19:40:25.576881886 CEST53608318.8.8.8192.168.2.3
              Jun 10, 2021 19:40:26.455351114 CEST6010053192.168.2.38.8.8.8
              Jun 10, 2021 19:40:26.508131981 CEST53601008.8.8.8192.168.2.3
              Jun 10, 2021 19:40:27.776098013 CEST5319553192.168.2.38.8.8.8
              Jun 10, 2021 19:40:27.826502085 CEST53531958.8.8.8192.168.2.3
              Jun 10, 2021 19:40:28.913021088 CEST5014153192.168.2.38.8.8.8
              Jun 10, 2021 19:40:28.963475943 CEST53501418.8.8.8192.168.2.3
              Jun 10, 2021 19:40:30.447173119 CEST5302353192.168.2.38.8.8.8
              Jun 10, 2021 19:40:30.497781992 CEST53530238.8.8.8192.168.2.3
              Jun 10, 2021 19:40:32.060286999 CEST5934953192.168.2.38.8.8.8
              Jun 10, 2021 19:40:32.110292912 CEST53593498.8.8.8192.168.2.3
              Jun 10, 2021 19:40:32.163017988 CEST5708453192.168.2.38.8.8.8
              Jun 10, 2021 19:40:32.169909954 CEST5882353192.168.2.38.8.8.8
              Jun 10, 2021 19:40:32.195692062 CEST5756853192.168.2.38.8.8.8
              Jun 10, 2021 19:40:32.199726105 CEST5054053192.168.2.38.8.8.8
              Jun 10, 2021 19:40:32.230434895 CEST53588238.8.8.8192.168.2.3
              Jun 10, 2021 19:40:32.262305021 CEST53575688.8.8.8192.168.2.3
              Jun 10, 2021 19:40:32.269094944 CEST53505408.8.8.8192.168.2.3
              Jun 10, 2021 19:40:32.374831915 CEST53570848.8.8.8192.168.2.3
              Jun 10, 2021 19:40:32.793972969 CEST5436653192.168.2.38.8.8.8
              Jun 10, 2021 19:40:32.852926016 CEST53543668.8.8.8192.168.2.3
              Jun 10, 2021 19:40:33.010629892 CEST5776253192.168.2.38.8.8.8
              Jun 10, 2021 19:40:33.078497887 CEST53577628.8.8.8192.168.2.3
              Jun 10, 2021 19:40:33.135169029 CEST5543553192.168.2.38.8.8.8
              Jun 10, 2021 19:40:33.185245037 CEST53554358.8.8.8192.168.2.3
              Jun 10, 2021 19:40:33.569641113 CEST5071353192.168.2.38.8.8.8
              Jun 10, 2021 19:40:33.630686045 CEST53507138.8.8.8192.168.2.3
              Jun 10, 2021 19:40:33.897928953 CEST5613253192.168.2.38.8.8.8
              Jun 10, 2021 19:40:33.963747978 CEST5898753192.168.2.38.8.8.8
              Jun 10, 2021 19:40:33.965111971 CEST53561328.8.8.8192.168.2.3
              Jun 10, 2021 19:40:34.025154114 CEST53589878.8.8.8192.168.2.3
              Jun 10, 2021 19:40:34.309818983 CEST5657953192.168.2.38.8.8.8
              Jun 10, 2021 19:40:34.360106945 CEST53565798.8.8.8192.168.2.3
              Jun 10, 2021 19:40:35.238336086 CEST6063353192.168.2.38.8.8.8
              Jun 10, 2021 19:40:35.297429085 CEST53606338.8.8.8192.168.2.3
              Jun 10, 2021 19:40:36.126198053 CEST6129253192.168.2.38.8.8.8
              Jun 10, 2021 19:40:36.185138941 CEST53612928.8.8.8192.168.2.3
              Jun 10, 2021 19:40:36.306081057 CEST6361953192.168.2.38.8.8.8
              Jun 10, 2021 19:40:36.359002113 CEST53636198.8.8.8192.168.2.3
              Jun 10, 2021 19:40:37.262063980 CEST5212353192.168.2.38.8.8.8
              Jun 10, 2021 19:40:37.315433979 CEST53521238.8.8.8192.168.2.3
              Jun 10, 2021 19:40:38.087790012 CEST5613053192.168.2.38.8.8.8
              Jun 10, 2021 19:40:38.147959948 CEST53561308.8.8.8192.168.2.3
              Jun 10, 2021 19:40:38.929193020 CEST5633853192.168.2.38.8.8.8
              Jun 10, 2021 19:40:38.979357958 CEST53563388.8.8.8192.168.2.3
              Jun 10, 2021 19:40:39.890672922 CEST5942053192.168.2.38.8.8.8
              Jun 10, 2021 19:40:39.941893101 CEST53594208.8.8.8192.168.2.3
              Jun 10, 2021 19:40:40.075125933 CEST5878453192.168.2.38.8.8.8
              Jun 10, 2021 19:40:40.075782061 CEST6397853192.168.2.38.8.8.8
              Jun 10, 2021 19:40:40.136130095 CEST53587848.8.8.8192.168.2.3
              Jun 10, 2021 19:40:40.143524885 CEST53639788.8.8.8192.168.2.3
              Jun 10, 2021 19:40:41.286128998 CEST5680353192.168.2.38.8.8.8
              Jun 10, 2021 19:40:41.337910891 CEST53568038.8.8.8192.168.2.3
              Jun 10, 2021 19:40:41.389976978 CEST5714553192.168.2.38.8.8.8
              Jun 10, 2021 19:40:41.456901073 CEST53571458.8.8.8192.168.2.3
              Jun 10, 2021 19:40:41.683079004 CEST5535953192.168.2.38.8.8.8
              Jun 10, 2021 19:40:41.741939068 CEST53553598.8.8.8192.168.2.3
              Jun 10, 2021 19:40:42.253715038 CEST6412453192.168.2.38.8.8.8
              Jun 10, 2021 19:40:42.312429905 CEST53641248.8.8.8192.168.2.3
              Jun 10, 2021 19:40:43.262075901 CEST4936153192.168.2.38.8.8.8
              Jun 10, 2021 19:40:43.329015970 CEST53493618.8.8.8192.168.2.3
              Jun 10, 2021 19:40:58.694577932 CEST6315053192.168.2.38.8.8.8
              Jun 10, 2021 19:40:58.761517048 CEST53631508.8.8.8192.168.2.3
              Jun 10, 2021 19:41:00.564340115 CEST5327953192.168.2.38.8.8.8
              Jun 10, 2021 19:41:00.643249035 CEST53532798.8.8.8192.168.2.3
              Jun 10, 2021 19:41:18.004019022 CEST5688153192.168.2.38.8.8.8
              Jun 10, 2021 19:41:18.080241919 CEST53568818.8.8.8192.168.2.3
              Jun 10, 2021 19:41:18.363066912 CEST5364253192.168.2.38.8.8.8
              Jun 10, 2021 19:41:18.424721956 CEST53536428.8.8.8192.168.2.3
              Jun 10, 2021 19:41:18.525141954 CEST5566753192.168.2.38.8.8.8
              Jun 10, 2021 19:41:18.588926077 CEST53556678.8.8.8192.168.2.3

              DNS Queries

              TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
              Jun 10, 2021 19:40:32.163017988 CEST192.168.2.38.8.8.80x7fcfStandard query (0)5topbars.comA (IP address)IN (0x0001)
              Jun 10, 2021 19:40:36.126198053 CEST192.168.2.38.8.8.80x6ee6Standard query (0)5topbars.comA (IP address)IN (0x0001)
              Jun 10, 2021 19:40:40.075125933 CEST192.168.2.38.8.8.80x5d7bStandard query (0)favicon.icoA (IP address)IN (0x0001)
              Jun 10, 2021 19:40:41.389976978 CEST192.168.2.38.8.8.80x43d4Standard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)
              Jun 10, 2021 19:40:41.683079004 CEST192.168.2.38.8.8.80x73d6Standard query (0)favicon.icoA (IP address)IN (0x0001)

              DNS Answers

              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
              Jun 10, 2021 19:40:32.374831915 CEST8.8.8.8192.168.2.30x7fcfNo error (0)5topbars.com66.206.8.98A (IP address)IN (0x0001)
              Jun 10, 2021 19:40:36.185138941 CEST8.8.8.8192.168.2.30x6ee6No error (0)5topbars.com66.206.8.98A (IP address)IN (0x0001)
              Jun 10, 2021 19:40:40.136130095 CEST8.8.8.8192.168.2.30x5d7bName error (3)favicon.icononenoneA (IP address)IN (0x0001)
              Jun 10, 2021 19:40:41.456901073 CEST8.8.8.8192.168.2.30x43d4No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)
              Jun 10, 2021 19:40:41.456901073 CEST8.8.8.8192.168.2.30x43d4No error (0)googlehosted.l.googleusercontent.com142.250.180.225A (IP address)IN (0x0001)
              Jun 10, 2021 19:40:41.741939068 CEST8.8.8.8192.168.2.30x73d6Name error (3)favicon.icononenoneA (IP address)IN (0x0001)

              HTTPS Packets

              TimestampSource IPSource PortDest IPDest PortSubjectIssuerNot BeforeNot AfterJA3 SSL Client FingerprintJA3 SSL Client Digest
              Jun 10, 2021 19:40:36.603337049 CEST66.206.8.98443192.168.2.349753CN=www.5topbars.com CN=R3, O=Let's Encrypt, C=USCN=R3, O=Let's Encrypt, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.Sat May 01 13:24:37 CEST 2021 Wed Oct 07 21:21:40 CEST 2020Fri Jul 30 13:24:37 CEST 2021 Wed Sep 29 21:21:40 CEST 2021771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
              CN=R3, O=Let's Encrypt, C=USCN=DST Root CA X3, O=Digital Signature Trust Co.Wed Oct 07 21:21:40 CEST 2020Wed Sep 29 21:21:40 CEST 2021

              Code Manipulations

              Statistics

              Behavior

              Click to jump to process

              System Behavior

              General

              Start time:19:40:29
              Start date:10/06/2021
              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
              Wow64 process (32bit):false
              Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://5topbars.com/103c/Wp-images/?i=i&0=name@example.com'
              Imagebase:0x7ff77b960000
              File size:2150896 bytes
              MD5 hash:C139654B5C1438A95B321BB01AD63EF6
              Has elevated privileges:true
              Has administrator privileges:true
              Programmed in:C, C++ or other language
              Reputation:low

              General

              Start time:19:40:30
              Start date:10/06/2021
              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
              Wow64 process (32bit):false
              Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1536,13694168875092988026,1129730578068911464,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1836 /prefetch:8
              Imagebase:0x7ff77b960000
              File size:2150896 bytes
              MD5 hash:C139654B5C1438A95B321BB01AD63EF6
              Has elevated privileges:true
              Has administrator privileges:true
              Programmed in:C, C++ or other language
              Reputation:low

              Disassembly

              Reset < >