Analysis Report https://list-manage.agle1.cc/click?u=http://www.leo.lopez.sakshamsevango.org.in/br?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=

Overview

General Information

Sample URL:	https://list-manage.agle1.cc/click?u=http://www.leo.lopez.sakshamsevango.org.in/br?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=
Analysis ID:	433426
Infos:
Most interesting Screenshot:

Detection

HTMLPhisher

Score:	68
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Yara detected HtmlPhish10

Phishing site detected (based on logo template match)

Found iframes

HTML body contains low number of good links

HTML title does not match URL

Submit button contains javascript call

Classification

Signatures

AV Detection:

Antivirus / Scanner detection for submitted sample

Source: https://list-manage.agle1.cc/click?u=http://www.leo.lopez.sakshamsevango.org.in/br?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=

SlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering

Antivirus detection for URL or domain

Source: https://www.australiabondcleaning.com.au/.well-known/login.php?ss=2&#bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=#client_id=e7b724e5-ef96-4f79-9c01-6e985e042d4d#loginpage=https://live.microsoftonline.com#reff=6d17fd2bdeb846c7987fc53a49f81755

SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

Yara detected HtmlPhish10

Source: Yara match

File source: 78387.pages.csv, type: HTML

Phishing site detected (based on logo template match)

Matcher: Template: microsoft matched

Found iframes

Source: https://www.australiabondcleaning.com.au/.well-known/login.php?ss=2&#bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=#client_id=e7b724e5-ef96-4f79-9c01-6e985e042d4d#loginpage=https://live.microsoftonline.com#reff=6d17fd2bdeb846c7987fc53a49f81755	HTTP Parser: Iframe src: https://www.office.com/prefetch/prefetch
Source: https://www.australiabondcleaning.com.au/.well-known/login.php?ss=2&#bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=#client_id=e7b724e5-ef96-4f79-9c01-6e985e042d4d#loginpage=https://live.microsoftonline.com#reff=6d17fd2bdeb846c7987fc53a49f81755	HTTP Parser: Iframe src: https://www.office.com/prefetch/prefetch

HTML body contains low number of good links

Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSO2_TUABG46RNH0MpCAESUlUkBoTk5NrXj7oICT8Sp4kT14mT1BFSFL8SO341durGAzNjJ4ayMVYwwIT6D-jUGXViQkwICQkx0f4Clk8633rO-gpVgiVQAk8LWAnbfUxAghzROoMyIwqiBIMBdETgFApJSEEcYCYJ4OzO-ubLk1cfr943xLeXxrMv-StwhmxNkiSKd8vlNE1LoW07hlUyQr_sjQLTCcafEeQSQb4jyGl-2QpQkTvLxxSksZ0dQDMAhxACigYlzeXcll_1NFdJBoI5afIAaJlBSqrnaC6baG7L0_Cq28oUUlarU1msLFqqQTQzJdHUlqM5ADQzDUj9PWIgVK6_ga9lWjoQ2u5AGHhf87dkdp5M8JsJZ05m_cqv2eHMH0ZhnJwW3uQP60ToNoei01EFfOCyrhdg42goHmViTTJQUpsuaDrSiYNYbfPGHIuq9a44IElZSlpHRz0mVXuSPqaVTE77vm4e18eNiO3NzERXycjsuKZtMpYrqtzUttrjflDrs3N0UWmgaVusy9Wu74mEjqITz8d1ZsZJUtTgjuUDs88y-6jepuI-nMYeQxyLkcKiOxWhzx3UmirhdHncaxBGV-dNRbFsKuTZdlhNDZjZ8DiLWShjZKLQknY0z9p-A9SVoLOQx2qmcXIvVaeZ3ZMXcM5HI67RodEdHTYzjwQ1_ABvsJ8KxWuZfhhcFDbCyAocczuahbbjWd8KD-PEiiZWkDpeHAYvvDAww0AfLW70Xy4hP5burRY3Cw9y27knd0Fhd3V1fTN3Q3-WkHfL1y0xzBahP_rAnt_fL278_Z27WC4fjg1P163uqOZ0Nc4dE_tJJYisiOdHlBXZoEscliW2o_GHzef0LnZSRE6KxYvi7T1h2KqoHZVtCWxbwIfgZzH_eiV3vvafOv8B0&mkt=en-GB&hosted=0&device_platform=Windows+10	HTTP Parser: Number of links: 0
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSO2_TUABG46RNH0MpCAESUlUkBoTk5NrXj7oICT8Sp4kT14mT1BFSFL8SO341durGAzNjJ4ayMVYwwIT6D-jUGXViQkwICQkx0f4Clk8633rO-gpVgiVQAk8LWAnbfUxAghzROoMyIwqiBIMBdETgFApJSEEcYCYJ4OzO-ubLk1cfr943xLeXxrMv-StwhmxNkiSKd8vlNE1LoW07hlUyQr_sjQLTCcafEeQSQb4jyGl-2QpQkTvLxxSksZ0dQDMAhxACigYlzeXcll_1NFdJBoI5afIAaJlBSqrnaC6baG7L0_Cq28oUUlarU1msLFqqQTQzJdHUlqM5ADQzDUj9PWIgVK6_ga9lWjoQ2u5AGHhf87dkdp5M8JsJZ05m_cqv2eHMH0ZhnJwW3uQP60ToNoei01EFfOCyrhdg42goHmViTTJQUpsuaDrSiYNYbfPGHIuq9a44IElZSlpHRz0mVXuSPqaVTE77vm4e18eNiO3NzERXycjsuKZtMpYrqtzUttrjflDrs3N0UWmgaVusy9Wu74mEjqITz8d1ZsZJUtTgjuUDs88y-6jepuI-nMYeQxyLkcKiOxWhzx3UmirhdHncaxBGV-dNRbFsKuTZdlhNDZjZ8DiLWShjZKLQknY0z9p-A9SVoLOQx2qmcXIvVaeZ3ZMXcM5HI67RodEdHTYzjwQ1_ABvsJ8KxWuZfhhcFDbCyAocczuahbbjWd8KD-PEiiZWkDpeHAYvvDAww0AfLW70Xy4hP5burRY3Cw9y27knd0Fhd3V1fTN3Q3-WkHfL1y0xzBahP_rAnt_fL278_Z27WC4fjg1P163uqOZ0Nc4dE_tJJYisiOdHlBXZoEscliW2o_GHzef0LnZSRE6KxYvi7T1h2KqoHZVtCWxbwIfgZzH_eiV3vvafOv8B0&mkt=en-GB&hosted=0&device_platform=Windows+10	HTTP Parser: Number of links: 0
Source: https://www.australiabondcleaning.com.au/.well-known/login.php?ss=2&#bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=#client_id=e7b724e5-ef96-4f79-9c01-6e985e042d4d#loginpage=https://live.microsoftonline.com#reff=6d17fd2bdeb846c7987fc53a49f81755	HTTP Parser: Number of links: 0
Source: https://www.australiabondcleaning.com.au/.well-known/login.php?ss=2&#bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=#client_id=e7b724e5-ef96-4f79-9c01-6e985e042d4d#loginpage=https://live.microsoftonline.com#reff=6d17fd2bdeb846c7987fc53a49f81755	HTTP Parser: Number of links: 0
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSO2_TUABG46RNH0MpCAESUlUkBoTk5NrXj7oICT8Sp4kT14mT1BFSFL8SO341durGAzNjJ4ayMVYwwIT6D-jUGXViQkwICQkx0f4Clk8633rO-gpVgiVQAk8LWAnbfUxAghzROoMyIwqiBIMBdETgFApJSEEcYCYJ4OzO-ubLk1cfr943xLeXxrMv-StwhmxNkiSKd8vlNE1LoW07hlUyQr_sjQLTCcafEeQSQb4jyGl-2QpQkTvLxxSksZ0dQDMAhxACigYlzeXcll_1NFdJBoI5afIAaJlBSqrnaC6baG7L0_Cq28oUUlarU1msLFqqQTQzJdHUlqM5ADQzDUj9PWIgVK6_ga9lWjoQ2u5AGHhf87dkdp5M8JsJZ05m_cqv2eHMH0ZhnJwW3uQP60ToNoei01EFfOCyrhdg42goHmViTTJQUpsuaDrSiYNYbfPGHIuq9a44IElZSlpHRz0mVXuSPqaVTE77vm4e18eNiO3NzERXycjsuKZtMpYrqtzUttrjflDrs3N0UWmgaVusy9Wu74mEjqITz8d1ZsZJUtTgjuUDs88y-6jepuI-nMYeQxyLkcKiOxWhzx3UmirhdHncaxBGV-dNRbFsKuTZdlhNDZjZ8DiLWShjZKLQknY0z9p-A9SVoLOQx2qmcXIvVaeZ3ZMXcM5HI67RodEdHTYzjwQ1_ABvsJ8KxWuZfhhcFDbCyAocczuahbbjWd8KD-PEiiZWkDpeHAYvvDAww0AfLW70Xy4hP5burRY3Cw9y27knd0Fhd3V1fTN3Q3-WkHfL1y0xzBahP_rAnt_fL278_Z27WC4fjg1P163uqOZ0Nc4dE_tJJYisiOdHlBXZoEscliW2o_GHzef0LnZSRE6KxYvi7T1h2KqoHZVtCWxbwIfgZ7HweiV3vvafOv8B0&mkt=en-GB&hosted=0&device_platform=Windows+10	HTTP Parser: Number of links: 0
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSO2_TUABG46RNH0MpCAESUlUkBoTk5NrXj7oICT8Sp4kT14mT1BFSFL8SO341durGAzNjJ4ayMVYwwIT6D-jUGXViQkwICQkx0f4Clk8633rO-gpVgiVQAk8LWAnbfUxAghzROoMyIwqiBIMBdETgFApJSEEcYCYJ4OzO-ubLk1cfr943xLeXxrMv-StwhmxNkiSKd8vlNE1LoW07hlUyQr_sjQLTCcafEeQSQb4jyGl-2QpQkTvLxxSksZ0dQDMAhxACigYlzeXcll_1NFdJBoI5afIAaJlBSqrnaC6baG7L0_Cq28oUUlarU1msLFqqQTQzJdHUlqM5ADQzDUj9PWIgVK6_ga9lWjoQ2u5AGHhf87dkdp5M8JsJZ05m_cqv2eHMH0ZhnJwW3uQP60ToNoei01EFfOCyrhdg42goHmViTTJQUpsuaDrSiYNYbfPGHIuq9a44IElZSlpHRz0mVXuSPqaVTE77vm4e18eNiO3NzERXycjsuKZtMpYrqtzUttrjflDrs3N0UWmgaVusy9Wu74mEjqITz8d1ZsZJUtTgjuUDs88y-6jepuI-nMYeQxyLkcKiOxWhzx3UmirhdHncaxBGV-dNRbFsKuTZdlhNDZjZ8DiLWShjZKLQknY0z9p-A9SVoLOQx2qmcXIvVaeZ3ZMXcM5HI67RodEdHTYzjwQ1_ABvsJ8KxWuZfhhcFDbCyAocczuahbbjWd8KD-PEiiZWkDpeHAYvvDAww0AfLW70Xy4hP5burRY3Cw9y27knd0Fhd3V1fTN3Q3-WkHfL1y0xzBahP_rAnt_fL278_Z27WC4fjg1P163uqOZ0Nc4dE_tJJYisiOdHlBXZoEscliW2o_GHzef0LnZSRE6KxYvi7T1h2KqoHZVtCWxbwIfgZ7HweiV3vvafOv8B0&mkt=en-GB&hosted=0&device_platform=Windows+10	HTTP Parser: Number of links: 0
Source: https://account.live.com/resetpassword.aspx	HTTP Parser: Number of links: 0
Source: https://account.live.com/resetpassword.aspx	HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://www.australiabondcleaning.com.au/.well-known/login.php?ss=2&#bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=#client_id=e7b724e5-ef96-4f79-9c01-6e985e042d4d#loginpage=https://live.microsoftonline.com#reff=6d17fd2bdeb846c7987fc53a49f81755	HTTP Parser: Title: Sign in to your account does not match URL
Source: https://www.australiabondcleaning.com.au/.well-known/login.php?ss=2&#bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=#client_id=e7b724e5-ef96-4f79-9c01-6e985e042d4d#loginpage=https://live.microsoftonline.com#reff=6d17fd2bdeb846c7987fc53a49f81755	HTTP Parser: Title: Sign in to your account does not match URL

Submit button contains javascript call

Source: https://account.live.com/resetpassword.aspx	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();
Source: https://account.live.com/resetpassword.aspx	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();
Source: https://account.live.com/resetpassword.aspx	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();
Source: https://account.live.com/resetpassword.aspx	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();

Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSO2_TUABG46RNH0MpCAESUlUkBoTk5NrXj7oICT8Sp4kT14mT1BFSFL8SO341durGAzNjJ4ayMVYwwIT6D-jUGXViQkwICQkx0f4Clk8633rO-gpVgiVQAk8LWAnbfUxAghzROoMyIwqiBIMBdETgFApJSEEcYCYJ4OzO-ubLk1cfr943xLeXxrMv-StwhmxNkiSKd8vlNE1LoW07hlUyQr_sjQLTCcafEeQSQb4jyGl-2QpQkTvLxxSksZ0dQDMAhxACigYlzeXcll_1NFdJBoI5afIAaJlBSqrnaC6baG7L0_Cq28oUUlarU1msLFqqQTQzJdHUlqM5ADQzDUj9PWIgVK6_ga9lWjoQ2u5AGHhf87dkdp5M8JsJZ05m_cqv2eHMH0ZhnJwW3uQP60ToNoei01EFfOCyrhdg42goHmViTTJQUpsuaDrSiYNYbfPGHIuq9a44IElZSlpHRz0mVXuSPqaVTE77vm4e18eNiO3NzERXycjsuKZtMpYrqtzUttrjflDrs3N0UWmgaVusy9Wu74mEjqITz8d1ZsZJUtTgjuUDs88y-6jepuI-nMYeQxyLkcKiOxWhzx3UmirhdHncaxBGV-dNRbFsKuTZdlhNDZjZ8DiLWShjZKLQknY0z9p-A9SVoLOQx2qmcXIvVaeZ3ZMXcM5HI67RodEdHTYzjwQ1_ABvsJ8KxWuZfhhcFDbCyAocczuahbbjWd8KD-PEiiZWkDpeHAYvvDAww0AfLW70Xy4hP5burRY3Cw9y27knd0Fhd3V1fTN3Q3-WkHfL1y0xzBahP_rAnt_fL278_Z27WC4fjg1P163uqOZ0Nc4dE_tJJYisiOdHlBXZoEscliW2o_GHzef0LnZSRE6KxYvi7T1h2KqoHZVtCWxbwIfgZzH_eiV3vvafOv8B0&mkt=en-GB&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="author".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSO2_TUABG46RNH0MpCAESUlUkBoTk5NrXj7oICT8Sp4kT14mT1BFSFL8SO341durGAzNjJ4ayMVYwwIT6D-jUGXViQkwICQkx0f4Clk8633rO-gpVgiVQAk8LWAnbfUxAghzROoMyIwqiBIMBdETgFApJSEEcYCYJ4OzO-ubLk1cfr943xLeXxrMv-StwhmxNkiSKd8vlNE1LoW07hlUyQr_sjQLTCcafEeQSQb4jyGl-2QpQkTvLxxSksZ0dQDMAhxACigYlzeXcll_1NFdJBoI5afIAaJlBSqrnaC6baG7L0_Cq28oUUlarU1msLFqqQTQzJdHUlqM5ADQzDUj9PWIgVK6_ga9lWjoQ2u5AGHhf87dkdp5M8JsJZ05m_cqv2eHMH0ZhnJwW3uQP60ToNoei01EFfOCyrhdg42goHmViTTJQUpsuaDrSiYNYbfPGHIuq9a44IElZSlpHRz0mVXuSPqaVTE77vm4e18eNiO3NzERXycjsuKZtMpYrqtzUttrjflDrs3N0UWmgaVusy9Wu74mEjqITz8d1ZsZJUtTgjuUDs88y-6jepuI-nMYeQxyLkcKiOxWhzx3UmirhdHncaxBGV-dNRbFsKuTZdlhNDZjZ8DiLWShjZKLQknY0z9p-A9SVoLOQx2qmcXIvVaeZ3ZMXcM5HI67RodEdHTYzjwQ1_ABvsJ8KxWuZfhhcFDbCyAocczuahbbjWd8KD-PEiiZWkDpeHAYvvDAww0AfLW70Xy4hP5burRY3Cw9y27knd0Fhd3V1fTN3Q3-WkHfL1y0xzBahP_rAnt_fL278_Z27WC4fjg1P163uqOZ0Nc4dE_tJJYisiOdHlBXZoEscliW2o_GHzef0LnZSRE6KxYvi7T1h2KqoHZVtCWxbwIfgZzH_eiV3vvafOv8B0&mkt=en-GB&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="author".. found
Source: https://www.australiabondcleaning.com.au/.well-known/login.php?ss=2&#bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=#client_id=e7b724e5-ef96-4f79-9c01-6e985e042d4d#loginpage=https://live.microsoftonline.com#reff=6d17fd2bdeb846c7987fc53a49f81755	HTTP Parser: No <meta name="author".. found
Source: https://www.australiabondcleaning.com.au/.well-known/login.php?ss=2&#bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=#client_id=e7b724e5-ef96-4f79-9c01-6e985e042d4d#loginpage=https://live.microsoftonline.com#reff=6d17fd2bdeb846c7987fc53a49f81755	HTTP Parser: No <meta name="author".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSO2_TUABG46RNH0MpCAESUlUkBoTk5NrXj7oICT8Sp4kT14mT1BFSFL8SO341durGAzNjJ4ayMVYwwIT6D-jUGXViQkwICQkx0f4Clk8633rO-gpVgiVQAk8LWAnbfUxAghzROoMyIwqiBIMBdETgFApJSEEcYCYJ4OzO-ubLk1cfr943xLeXxrMv-StwhmxNkiSKd8vlNE1LoW07hlUyQr_sjQLTCcafEeQSQb4jyGl-2QpQkTvLxxSksZ0dQDMAhxACigYlzeXcll_1NFdJBoI5afIAaJlBSqrnaC6baG7L0_Cq28oUUlarU1msLFqqQTQzJdHUlqM5ADQzDUj9PWIgVK6_ga9lWjoQ2u5AGHhf87dkdp5M8JsJZ05m_cqv2eHMH0ZhnJwW3uQP60ToNoei01EFfOCyrhdg42goHmViTTJQUpsuaDrSiYNYbfPGHIuq9a44IElZSlpHRz0mVXuSPqaVTE77vm4e18eNiO3NzERXycjsuKZtMpYrqtzUttrjflDrs3N0UWmgaVusy9Wu74mEjqITz8d1ZsZJUtTgjuUDs88y-6jepuI-nMYeQxyLkcKiOxWhzx3UmirhdHncaxBGV-dNRbFsKuTZdlhNDZjZ8DiLWShjZKLQknY0z9p-A9SVoLOQx2qmcXIvVaeZ3ZMXcM5HI67RodEdHTYzjwQ1_ABvsJ8KxWuZfhhcFDbCyAocczuahbbjWd8KD-PEiiZWkDpeHAYvvDAww0AfLW70Xy4hP5burRY3Cw9y27knd0Fhd3V1fTN3Q3-WkHfL1y0xzBahP_rAnt_fL278_Z27WC4fjg1P163uqOZ0Nc4dE_tJJYisiOdHlBXZoEscliW2o_GHzef0LnZSRE6KxYvi7T1h2KqoHZVtCWxbwIfgZ7HweiV3vvafOv8B0&mkt=en-GB&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="author".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSO2_TUABG46RNH0MpCAESUlUkBoTk5NrXj7oICT8Sp4kT14mT1BFSFL8SO341durGAzNjJ4ayMVYwwIT6D-jUGXViQkwICQkx0f4Clk8633rO-gpVgiVQAk8LWAnbfUxAghzROoMyIwqiBIMBdETgFApJSEEcYCYJ4OzO-ubLk1cfr943xLeXxrMv-StwhmxNkiSKd8vlNE1LoW07hlUyQr_sjQLTCcafEeQSQb4jyGl-2QpQkTvLxxSksZ0dQDMAhxACigYlzeXcll_1NFdJBoI5afIAaJlBSqrnaC6baG7L0_Cq28oUUlarU1msLFqqQTQzJdHUlqM5ADQzDUj9PWIgVK6_ga9lWjoQ2u5AGHhf87dkdp5M8JsJZ05m_cqv2eHMH0ZhnJwW3uQP60ToNoei01EFfOCyrhdg42goHmViTTJQUpsuaDrSiYNYbfPGHIuq9a44IElZSlpHRz0mVXuSPqaVTE77vm4e18eNiO3NzERXycjsuKZtMpYrqtzUttrjflDrs3N0UWmgaVusy9Wu74mEjqITz8d1ZsZJUtTgjuUDs88y-6jepuI-nMYeQxyLkcKiOxWhzx3UmirhdHncaxBGV-dNRbFsKuTZdlhNDZjZ8DiLWShjZKLQknY0z9p-A9SVoLOQx2qmcXIvVaeZ3ZMXcM5HI67RodEdHTYzjwQ1_ABvsJ8KxWuZfhhcFDbCyAocczuahbbjWd8KD-PEiiZWkDpeHAYvvDAww0AfLW70Xy4hP5burRY3Cw9y27knd0Fhd3V1fTN3Q3-WkHfL1y0xzBahP_rAnt_fL278_Z27WC4fjg1P163uqOZ0Nc4dE_tJJYisiOdHlBXZoEscliW2o_GHzef0LnZSRE6KxYvi7T1h2KqoHZVtCWxbwIfgZ7HweiV3vvafOv8B0&mkt=en-GB&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="author".. found
Source: https://account.live.com/resetpassword.aspx	HTTP Parser: No <meta name="author".. found
Source: https://account.live.com/resetpassword.aspx	HTTP Parser: No <meta name="author".. found

Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSO2_TUABG46RNH0MpCAESUlUkBoTk5NrXj7oICT8Sp4kT14mT1BFSFL8SO341durGAzNjJ4ayMVYwwIT6D-jUGXViQkwICQkx0f4Clk8633rO-gpVgiVQAk8LWAnbfUxAghzROoMyIwqiBIMBdETgFApJSEEcYCYJ4OzO-ubLk1cfr943xLeXxrMv-StwhmxNkiSKd8vlNE1LoW07hlUyQr_sjQLTCcafEeQSQb4jyGl-2QpQkTvLxxSksZ0dQDMAhxACigYlzeXcll_1NFdJBoI5afIAaJlBSqrnaC6baG7L0_Cq28oUUlarU1msLFqqQTQzJdHUlqM5ADQzDUj9PWIgVK6_ga9lWjoQ2u5AGHhf87dkdp5M8JsJZ05m_cqv2eHMH0ZhnJwW3uQP60ToNoei01EFfOCyrhdg42goHmViTTJQUpsuaDrSiYNYbfPGHIuq9a44IElZSlpHRz0mVXuSPqaVTE77vm4e18eNiO3NzERXycjsuKZtMpYrqtzUttrjflDrs3N0UWmgaVusy9Wu74mEjqITz8d1ZsZJUtTgjuUDs88y-6jepuI-nMYeQxyLkcKiOxWhzx3UmirhdHncaxBGV-dNRbFsKuTZdlhNDZjZ8DiLWShjZKLQknY0z9p-A9SVoLOQx2qmcXIvVaeZ3ZMXcM5HI67RodEdHTYzjwQ1_ABvsJ8KxWuZfhhcFDbCyAocczuahbbjWd8KD-PEiiZWkDpeHAYvvDAww0AfLW70Xy4hP5burRY3Cw9y27knd0Fhd3V1fTN3Q3-WkHfL1y0xzBahP_rAnt_fL278_Z27WC4fjg1P163uqOZ0Nc4dE_tJJYisiOdHlBXZoEscliW2o_GHzef0LnZSRE6KxYvi7T1h2KqoHZVtCWxbwIfgZzH_eiV3vvafOv8B0&mkt=en-GB&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="copyright".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSO2_TUABG46RNH0MpCAESUlUkBoTk5NrXj7oICT8Sp4kT14mT1BFSFL8SO341durGAzNjJ4ayMVYwwIT6D-jUGXViQkwICQkx0f4Clk8633rO-gpVgiVQAk8LWAnbfUxAghzROoMyIwqiBIMBdETgFApJSEEcYCYJ4OzO-ubLk1cfr943xLeXxrMv-StwhmxNkiSKd8vlNE1LoW07hlUyQr_sjQLTCcafEeQSQb4jyGl-2QpQkTvLxxSksZ0dQDMAhxACigYlzeXcll_1NFdJBoI5afIAaJlBSqrnaC6baG7L0_Cq28oUUlarU1msLFqqQTQzJdHUlqM5ADQzDUj9PWIgVK6_ga9lWjoQ2u5AGHhf87dkdp5M8JsJZ05m_cqv2eHMH0ZhnJwW3uQP60ToNoei01EFfOCyrhdg42goHmViTTJQUpsuaDrSiYNYbfPGHIuq9a44IElZSlpHRz0mVXuSPqaVTE77vm4e18eNiO3NzERXycjsuKZtMpYrqtzUttrjflDrs3N0UWmgaVusy9Wu74mEjqITz8d1ZsZJUtTgjuUDs88y-6jepuI-nMYeQxyLkcKiOxWhzx3UmirhdHncaxBGV-dNRbFsKuTZdlhNDZjZ8DiLWShjZKLQknY0z9p-A9SVoLOQx2qmcXIvVaeZ3ZMXcM5HI67RodEdHTYzjwQ1_ABvsJ8KxWuZfhhcFDbCyAocczuahbbjWd8KD-PEiiZWkDpeHAYvvDAww0AfLW70Xy4hP5burRY3Cw9y27knd0Fhd3V1fTN3Q3-WkHfL1y0xzBahP_rAnt_fL278_Z27WC4fjg1P163uqOZ0Nc4dE_tJJYisiOdHlBXZoEscliW2o_GHzef0LnZSRE6KxYvi7T1h2KqoHZVtCWxbwIfgZzH_eiV3vvafOv8B0&mkt=en-GB&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="copyright".. found
Source: https://www.australiabondcleaning.com.au/.well-known/login.php?ss=2&#bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=#client_id=e7b724e5-ef96-4f79-9c01-6e985e042d4d#loginpage=https://live.microsoftonline.com#reff=6d17fd2bdeb846c7987fc53a49f81755	HTTP Parser: No <meta name="copyright".. found
Source: https://www.australiabondcleaning.com.au/.well-known/login.php?ss=2&#bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=#client_id=e7b724e5-ef96-4f79-9c01-6e985e042d4d#loginpage=https://live.microsoftonline.com#reff=6d17fd2bdeb846c7987fc53a49f81755	HTTP Parser: No <meta name="copyright".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSO2_TUABG46RNH0MpCAESUlUkBoTk5NrXj7oICT8Sp4kT14mT1BFSFL8SO341durGAzNjJ4ayMVYwwIT6D-jUGXViQkwICQkx0f4Clk8633rO-gpVgiVQAk8LWAnbfUxAghzROoMyIwqiBIMBdETgFApJSEEcYCYJ4OzO-ubLk1cfr943xLeXxrMv-StwhmxNkiSKd8vlNE1LoW07hlUyQr_sjQLTCcafEeQSQb4jyGl-2QpQkTvLxxSksZ0dQDMAhxACigYlzeXcll_1NFdJBoI5afIAaJlBSqrnaC6baG7L0_Cq28oUUlarU1msLFqqQTQzJdHUlqM5ADQzDUj9PWIgVK6_ga9lWjoQ2u5AGHhf87dkdp5M8JsJZ05m_cqv2eHMH0ZhnJwW3uQP60ToNoei01EFfOCyrhdg42goHmViTTJQUpsuaDrSiYNYbfPGHIuq9a44IElZSlpHRz0mVXuSPqaVTE77vm4e18eNiO3NzERXycjsuKZtMpYrqtzUttrjflDrs3N0UWmgaVusy9Wu74mEjqITz8d1ZsZJUtTgjuUDs88y-6jepuI-nMYeQxyLkcKiOxWhzx3UmirhdHncaxBGV-dNRbFsKuTZdlhNDZjZ8DiLWShjZKLQknY0z9p-A9SVoLOQx2qmcXIvVaeZ3ZMXcM5HI67RodEdHTYzjwQ1_ABvsJ8KxWuZfhhcFDbCyAocczuahbbjWd8KD-PEiiZWkDpeHAYvvDAww0AfLW70Xy4hP5burRY3Cw9y27knd0Fhd3V1fTN3Q3-WkHfL1y0xzBahP_rAnt_fL278_Z27WC4fjg1P163uqOZ0Nc4dE_tJJYisiOdHlBXZoEscliW2o_GHzef0LnZSRE6KxYvi7T1h2KqoHZVtCWxbwIfgZ7HweiV3vvafOv8B0&mkt=en-GB&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="copyright".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSO2_TUABG46RNH0MpCAESUlUkBoTk5NrXj7oICT8Sp4kT14mT1BFSFL8SO341durGAzNjJ4ayMVYwwIT6D-jUGXViQkwICQkx0f4Clk8633rO-gpVgiVQAk8LWAnbfUxAghzROoMyIwqiBIMBdETgFApJSEEcYCYJ4OzO-ubLk1cfr943xLeXxrMv-StwhmxNkiSKd8vlNE1LoW07hlUyQr_sjQLTCcafEeQSQb4jyGl-2QpQkTvLxxSksZ0dQDMAhxACigYlzeXcll_1NFdJBoI5afIAaJlBSqrnaC6baG7L0_Cq28oUUlarU1msLFqqQTQzJdHUlqM5ADQzDUj9PWIgVK6_ga9lWjoQ2u5AGHhf87dkdp5M8JsJZ05m_cqv2eHMH0ZhnJwW3uQP60ToNoei01EFfOCyrhdg42goHmViTTJQUpsuaDrSiYNYbfPGHIuq9a44IElZSlpHRz0mVXuSPqaVTE77vm4e18eNiO3NzERXycjsuKZtMpYrqtzUttrjflDrs3N0UWmgaVusy9Wu74mEjqITz8d1ZsZJUtTgjuUDs88y-6jepuI-nMYeQxyLkcKiOxWhzx3UmirhdHncaxBGV-dNRbFsKuTZdlhNDZjZ8DiLWShjZKLQknY0z9p-A9SVoLOQx2qmcXIvVaeZ3ZMXcM5HI67RodEdHTYzjwQ1_ABvsJ8KxWuZfhhcFDbCyAocczuahbbjWd8KD-PEiiZWkDpeHAYvvDAww0AfLW70Xy4hP5burRY3Cw9y27knd0Fhd3V1fTN3Q3-WkHfL1y0xzBahP_rAnt_fL278_Z27WC4fjg1P163uqOZ0Nc4dE_tJJYisiOdHlBXZoEscliW2o_GHzef0LnZSRE6KxYvi7T1h2KqoHZVtCWxbwIfgZ7HweiV3vvafOv8B0&mkt=en-GB&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="copyright".. found
Source: https://account.live.com/resetpassword.aspx	HTTP Parser: No <meta name="copyright".. found
Source: https://account.live.com/resetpassword.aspx	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 152.199.21.175:443 -> 192.168.2.4:49921 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.21.175:443 -> 192.168.2.4:49922 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.21.175:443 -> 192.168.2.4:49924 version: TLS 1.2

Source: global traffic	HTTP traffic detected: GET /br?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y= HTTP/1.1Host: www.leo.lopez.sakshamsevango.org.inConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /br/?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y= HTTP/1.1Host: www.leo.lopez.sakshamsevango.org.inConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8

Source: unknown

DNS traffic detected: queries for: list-manage.agle1.cc

Source: 77EC63BDA74BD0D0E0426DC8F8008506.1.dr	String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: Current Session.0.dr	String found in binary or memory: http://www.leo.lopez.sakshamsevango.org.in
Source: Current Session.0.dr, Favicons-journal.0.dr	String found in binary or memory: http://www.leo.lopez.sakshamsevango.org.in/br/?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=
Source: History Provider Cache.0.dr	String found in binary or memory: http://www.leo.lopez.sakshamsevango.org.in/br/?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=2
Source: Favicons-journal.0.dr	String found in binary or memory: http://www.leo.lopez.sakshamsevango.org.in/br/?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=P
Source: History-journal.0.dr	String found in binary or memory: http://www.leo.lopez.sakshamsevango.org.in/br/?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=Sign
Source: Favicons-journal.0.dr	String found in binary or memory: http://www.leo.lopez.sakshamsevango.org.in/br/?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=j
Source: History-journal.0.dr	String found in binary or memory: http://www.leo.lopez.sakshamsevango.org.in/br?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=
Source: History Provider Cache.0.dr	String found in binary or memory: http://www.leo.lopez.sakshamsevango.org.in/br?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=2
Source: History-journal.0.dr	String found in binary or memory: http://www.leo.lopez.sakshamsevango.org.in/br?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=Sign
Source: Favicons-journal.0.dr	String found in binary or memory: http://www.leo.lopez.sakshamsevango.org.in/br?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=T
Source: a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr	String found in binary or memory: https://aadcdn.msauth.net
Source: Favicons-journal.0.dr	String found in binary or memory: https://aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Source: Favicons-journal.0.dr	String found in binary or memory: https://aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.icoP
Source: Favicons-journal.0.dr	String found in binary or memory: https://aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.icoj
Source: a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr	String found in binary or memory: https://aadcdn.msauthimages.net
Source: Network Action Predictor.0.dr	String found in binary or memory: https://account.live.com/
Source: Current Session.0.dr	String found in binary or memory: https://account.live.com/password/reset
Source: Current Session.0.dr	String found in binary or memory: https://account.live.com/resetpassword.aspx
Source: History-journal.0.dr	String found in binary or memory: https://account.live.com/resetpassword.aspxRecover
Source: 49194089-12e9-4067-9855-1e5bf754d56c.tmp.1.dr, a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr, manifest.json0.0.dr	String found in binary or memory: https://accounts.google.com
Source: Network Action Predictor.0.dr	String found in binary or memory: https://acctcdn.msauth.net/
Source: 263002cf0fbb71e6_0.0.dr	String found in binary or memory: https://acctcdn.msauth.net/accountcorepackage_YD-Y5A3nlj0ms1Ks9fXU6A2.js?v=1
Source: f6ef8939da32ec75_0.0.dr	String found in binary or memory: https://acctcdn.msauth.net/bootstrap_3.3.0_B68S-_daR6nLiLVZsh4XiA2.js?v=1
Source: 59f8bbf14d4853fd_0.0.dr	String found in binary or memory: https://acctcdn.msauth.net/datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js
Source: Favicons.0.dr	String found in binary or memory: https://acctcdn.msauth.net/images/favicon.ico?v=2
Source: 4278acc4333443e6_0.0.dr	String found in binary or memory: https://acctcdn.msauth.net/jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2.js?v=1
Source: f469a98fdcf53c25_0.0.dr	String found in binary or memory: https://acctcdn.msauth.net/knockout_old_GJ62c6D9R5HuKFdkoO8XYw2.js?v=1
Source: 7e4cea594f77c74d_0.0.dr	String found in binary or memory: https://acctcdn.msauth.net/oneds_Xr2D7Nex80v7A-8bxF8jgQ2.js?v=1
Source: 7cab34efca253074_0.0.dr	String found in binary or memory: https://acctcdn.msauth.net/resetpasswordpackage_X7k_NcCIooflIFuKCGNtCw2.js?v=1
Source: 0decd6ee54701714_0.0.dr	String found in binary or memory: https://acctcdn.msauth.net/wlivepackagefull_2169QIWB52Tqqm3jo5_AUA2.js?v=1
Source: Network Action Predictor-journal.0.dr	String found in binary or memory: https://ajax.aspnetcdn.com/
Source: 094e2d6bf2abec98_0.0.dr	String found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.js
Source: f46ad1d2652b0b43_0.0.dr	String found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js
Source: 949d2b57c43cbcd6_0.0.dr, 397eaf5d020aa337_0.0.dr	String found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.0.min.js
Source: 397eaf5d020aa337_0.0.dr	String found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.0.min.jsaD
Source: a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr	String found in binary or memory: https://ajax.googleapis.com
Source: 64ea806cd0219a37_0.0.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Source: 49194089-12e9-4067-9855-1e5bf754d56c.tmp.1.dr, a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr, manifest.json0.0.dr	String found in binary or memory: https://apis.google.com
Source: Network Action Predictor-journal.0.dr	String found in binary or memory: https://assets.onestore.ms/
Source: 64ea806cd0219a37_0.0.dr	String found in binary or memory: https://australiabondcleaning.com.au/
Source: 8ba90312ac6aad2e_0.0.dr	String found in binary or memory: https://australiabondcleaning.com.au/I
Source: ef31c506f3510843_0.0.dr	String found in binary or memory: https://client.hip.live.com/GetHIP/GetWLSPHIP0/WLSPHIP0?fid=0256f3f1c27e4d6e932d97776c3cd4c1&id=2825
Source: 280762aeaed2bc04_0.0.dr	String found in binary or memory: https://client.hip.live.com/GetHIP/GetWLSPHIP0/WLSPHIP0?fid=8a89a375569c494ab67c45a2dc38fc59&id=2825
Source: cb15386b3caf164a_0.0.dr	String found in binary or memory: https://client.hip.live.com/GetHIP/GetWLSPHIP0/WLSPHIP0?fid=9eee0ddc2b4e42129178b8f55c049679&id=2825
Source: 49194089-12e9-4067-9855-1e5bf754d56c.tmp.1.dr	String found in binary or memory: https://clients2.google.com
Source: manifest.json0.0.dr	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 49194089-12e9-4067-9855-1e5bf754d56c.tmp.1.dr, a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr	String found in binary or memory: https://code.jquery.com
Source: 13216249a71837e7_0.0.dr	String found in binary or memory: https://code.jquery.com/jquery-3.1.1.min.js
Source: manifest.json0.0.dr	String found in binary or memory: https://content.googleapis.com
Source: 49194089-12e9-4067-9855-1e5bf754d56c.tmp.1.dr, db243429-63d0-4e4c-b9e8-3dc94e482ab2.tmp.1.dr, a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr, bf5ae8f0-82c0-483a-b23d-a6a465cece41.tmp.1.dr, 26c40031-9f82-44c3-8d35-6e3540319a60.tmp.1.dr, 33c44a09-f198-46e7-82f2-a99a935d3993.tmp.1.dr	String found in binary or memory: https://dns.google
Source: Reporting and NEL.1.dr	String found in binary or memory: https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=CDG
Source: manifest.json0.0.dr	String found in binary or memory: https://feedback.googleusercontent.com
Source: 49194089-12e9-4067-9855-1e5bf754d56c.tmp.1.dr, a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr	String found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.dr	String found in binary or memory: https://fonts.googleapis.com;
Source: 49194089-12e9-4067-9855-1e5bf754d56c.tmp.1.dr, a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr	String found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.0.dr	String found in binary or memory: https://fonts.gstatic.com;
Source: manifest.json0.0.dr	String found in binary or memory: https://hangouts.google.com/
Source: a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr	String found in binary or memory: https://list-manage.agle1.cc
Source: History.0.dr	String found in binary or memory: https://list-manage.agle1.cc/click?u=http://www.leo.lopez.sakshamsevango.org.in/br?bGVvLmxvcGV6QHRlY
Source: 7cab34efca253074_0.0.dr, 4278acc4333443e6_0.0.dr	String found in binary or memory: https://live.com/
Source: 263002cf0fbb71e6_0.0.dr	String found in binary or memory: https://live.com/A
Source: 7e4cea594f77c74d_0.0.dr	String found in binary or memory: https://live.com/Ri
Source: f6ef8939da32ec75_0.0.dr	String found in binary or memory: https://live.com/i
Source: 05711a550dadec40_0.0.dr	String found in binary or memory: https://microsoftonline.com/
Source: cb15386b3caf164a_0.0.dr	String found in binary or memory: https://microsoftonline.com/D-DT
Source: 949d2b57c43cbcd6_0.0.dr	String found in binary or memory: https://microsoftonline.com/L
Source: d2d66a99f78ccae1_0.0.dr	String found in binary or memory: https://microsoftonline.com/N
Source: 98431752fa0d1df4_0.0.dr	String found in binary or memory: https://microsoftonline.com/Z
Source: 280762aeaed2bc04_0.0.dr	String found in binary or memory: https://microsoftonline.com/t4
Source: 914981e1a3a6bf84_0.0.dr	String found in binary or memory: https://microsoftonline.com/v
Source: a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr	String found in binary or memory: https://officehome.cdn.office.net
Source: 49194089-12e9-4067-9855-1e5bf754d56c.tmp.1.dr, a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr	String found in binary or memory: https://ogs.google.com
Source: Current Session.0.dr	String found in binary or memory: https://outlook.office365.com/owa/prefetch.aspx
Source: 000003.log0.0.dr	String found in binary or memory: https://passwordreset.microsoftonline.com/
Source: History-journal.0.dr, Favicons-journal.0.dr	String found in binary or memory: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2frep
Source: 914981e1a3a6bf84_0.0.dr	String found in binary or memory: https://passwordreset.microsoftonline.com/ScriptResource.axd?d=4g-KgwMm_BqPQdbE5kksnnK4aEUO_ElVq3B3i
Source: d2d66a99f78ccae1_0.0.dr	String found in binary or memory: https://passwordreset.microsoftonline.com/ScriptResource.axd?d=7mNLgzlwuZkA9TAssKpNEJH0oT16Rgo-ReAyN
Source: 98431752fa0d1df4_0.0.dr	String found in binary or memory: https://passwordreset.microsoftonline.com/ScriptResource.axd?d=lpJqtggTHYeoqLfPDGjso-Zm_BE4vd_5wolP-
Source: f2f9dc233f4dd8b6_0.0.dr	String found in binary or memory: https://passwordreset.microsoftonline.com/WebResource.axd?d=HAV6PjMKiAmtAvxBgE9JDGqR1xYgZB9pt2QBI2F1
Source: 7f239fb82bdc9a15_0.0.dr	String found in binary or memory: https://passwordreset.microsoftonline.com/WebResource.axd?d=K8SG-wKQphiVYLlIdWNflHCKk9laM7b9jg1MsaXM
Source: Favicons-journal.0.dr	String found in binary or memory: https://passwordreset.microsoftonline.com/favicon.ico?v=1342177280
Source: 308e7fc8113abdbe_0.0.dr	String found in binary or memory: https://passwordreset.microsoftonline.com/js/Button.js?v=1342177280
Source: 308e7fc8113abdbe_0.0.dr	String found in binary or memory: https://passwordreset.microsoftonline.com/js/Button.js?v=1342177280aD
Source: 05711a550dadec40_0.0.dr	String found in binary or memory: https://passwordreset.microsoftonline.com/js/Captcha.js?v=1342177280
Source: 05711a550dadec40_0.0.dr	String found in binary or memory: https://passwordreset.microsoftonline.com/js/Captcha.js?v=1342177280a
Source: 05711a550dadec40_0.0.dr	String found in binary or memory: https://passwordreset.microsoftonline.com/js/Captcha.js?v=1342177280aD
Source: a64bbd896a35b6e4_0.0.dr	String found in binary or memory: https://passwordreset.microsoftonline.com/js/Common.js
Source: a64bbd896a35b6e4_0.0.dr	String found in binary or memory: https://passwordreset.microsoftonline.com/js/Common.jsaD
Source: f12d30eb3faa08de_0.0.dr	String found in binary or memory: https://passwordreset.microsoftonline.com/js/Webtrends.js
Source: f12d30eb3faa08de_0.0.dr	String found in binary or memory: https://passwordreset.microsoftonline.com/js/Webtrends.jsaD
Source: manifest.json.0.dr	String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: 49194089-12e9-4067-9855-1e5bf754d56c.tmp.1.dr, a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr	String found in binary or memory: https://play.google.com
Source: a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr	String found in binary or memory: https://r4.res.office365.com
Source: 49194089-12e9-4067-9855-1e5bf754d56c.tmp.1.dr	String found in binary or memory: https://r5---sn-h0jeln7l.gvt1.com
Source: 49194089-12e9-4067-9855-1e5bf754d56c.tmp.1.dr, a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr	String found in binary or memory: https://redirector.gvt1.com
Source: manifest.json.0.dr	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: 49194089-12e9-4067-9855-1e5bf754d56c.tmp.1.dr, a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr	String found in binary or memory: https://ssl.gstatic.com
Source: Network Action Predictor-journal.0.dr	String found in binary or memory: https://statics-marketingsites-eus-ms-com.akamaized.net/
Source: messages.json41.0.dr	String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.dr	String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: History-journal.0.dr	String found in binary or memory: https://www.australiabondcleaning.com.au/.well-known/?ss=2&email=bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=
Source: History Provider Cache.0.dr	String found in binary or memory: https://www.australiabondcleaning.com.au/.well-known/?ss=2&email=bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=2
Source: History-journal.0.dr	String found in binary or memory: https://www.australiabondcleaning.com.au/.well-known/?ss=2&email=bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=Sig
Source: Favicons-journal.0.dr	String found in binary or memory: https://www.australiabondcleaning.com.au/.well-known/?ss=2&email=bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=x
Source: 8ba90312ac6aad2e_0.0.dr	String found in binary or memory: https://www.australiabondcleaning.com.au/.well-known/js/maximum.js
Source: Current Session.0.dr	String found in binary or memory: https://www.australiabondcleaning.com.au/.well-known/login.php?ss=2&
Source: History-journal.0.dr, Favicons-journal.0.dr	String found in binary or memory: https://www.australiabondcleaning.com.au/.well-known/login.php?ss=2&#bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y
Source: Current Session.0.dr	String found in binary or memory: https://www.australiabondcleaning.com.au2
Source: 49194089-12e9-4067-9855-1e5bf754d56c.tmp.1.dr, a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr, manifest.json0.0.dr	String found in binary or memory: https://www.google.com
Source: manifest.json.0.dr	String found in binary or memory: https://www.google.com/
Source: manifest.json0.0.dr	String found in binary or memory: https://www.google.com;
Source: 49194089-12e9-4067-9855-1e5bf754d56c.tmp.1.dr, a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr	String found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: 49194089-12e9-4067-9855-1e5bf754d56c.tmp.1.dr, a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr	String found in binary or memory: https://www.gstatic.com
Source: manifest.json0.0.dr	String found in binary or memory: https://www.gstatic.com;
Source: Current Session.0.dr, a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp.1.dr	String found in binary or memory: https://www.office.com
Source: Current Session.0.dr	String found in binary or memory: https://www.office.com/
Source: Current Session.0.dr	String found in binary or memory: https://www.office.com/prefetch/prefetch
Source: Current Session.0.dr	String found in binary or memory: https://www.office.com0(https://www.australiabondcleaning.com.au2

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921

Source: unknown	HTTPS traffic detected: 152.199.21.175:443 -> 192.168.2.4:49921 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.21.175:443 -> 192.168.2.4:49922 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 152.199.21.175:443 -> 192.168.2.4:49924 version: TLS 1.2

Source: classification engine

Classification label: mal68.phis.win@40/218@22/13

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-60C3A06A-1944.pma

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\1eae9380-541a-4cda-a039-80273124dab9.tmp

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://list-manage.agle1.cc/click?u=http://www.leo.lopez.sakshamsevango.org.in/br?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y='
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1624,4652876236295108038,17951007052133139354,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1728 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1624,4652876236295108038,17951007052133139354,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1728 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Accept
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Accept

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
40.101.137.82	HHN-efz.ms-acdc.office.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.180.225	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false
43.250.140.39	australiabondcleaning.com.au	Australia	45638	SYNERGYWHOLESALE-APSYNERGYWHOLESALEPTYLTDAU	false
142.250.180.243	ghs.googlehosted.com	United States	15169	GOOGLEUS	false
152.199.23.72	cs1025.wpc.upsiloncdn.net	United States	15133	EDGECASTUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
216.10.243.103	www.leo.lopez.sakshamsevango.org.in	India	394695	PUBLIC-DOMAIN-REGISTRYUS	false
152.199.21.175	sni1gl.wpc.alphacdn.net	United States	15133	EDGECASTUS	false

Private

IP
192.168.2.1
192.168.2.7
192.168.2.3
192.168.2.5
127.0.0.1

Contacted Domains

Name	IP	Active
sni1gl.wpc.alphacdn.net	152.199.21.175	true
australiabondcleaning.com.au	43.250.140.39	true
HHN-efz.ms-acdc.office.com	40.101.137.82	true
cs1025.wpc.upsiloncdn.net	152.199.23.72	true
ghs.googlehosted.com	142.250.180.243	true
googlehosted.l.googleusercontent.com	142.250.180.225	true
www.leo.lopez.sakshamsevango.org.in	216.10.243.103	true
www.office.com	unknown	unknown
r4.res.office365.com	unknown	unknown
aadcdn.msauth.net	unknown	unknown
assets.onestore.ms	unknown	unknown
account.live.com	unknown	unknown
ajax.aspnetcdn.com	unknown	unknown
acctcdn.msauth.net	unknown	unknown
outlook.office365.com	unknown	unknown
client.hip.live.com	unknown	unknown
passwordreset.microsoftonline.com	unknown	unknown
aadcdn.msauthimages.net	unknown	unknown
clients2.googleusercontent.com	unknown	unknown
scu.client.hip.live.com	unknown	unknown
code.jquery.com	unknown	unknown
www.australiabondcleaning.com.au	unknown	unknown
list-manage.agle1.cc	unknown	unknown
acctcdn.msftauth.net	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.australiabondcleaning.com.au/.well-known/login.php?ss=2&#bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=#client_id=e7b724e5-ef96-4f79-9c01-6e985e042d4d#loginpage=https://live.microsoftonline.com#reff=6d17fd2bdeb846c7987fc53a49f81755	true	SlashNext: Fake Login Page type: Phishing & Social Engineering	unknown
https://www.office.com/prefetch/prefetch	false		high
https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSO2_TUABG46RNH0MpCAESUlUkBoTk5NrXj7oICT8Sp4kT14mT1BFSFL8SO341durGAzNjJ4ayMVYwwIT6D-jUGXViQkwICQkx0f4Clk8633rO-gpVgiVQAk8LWAnbfUxAghzROoMyIwqiBIMBdETgFApJSEEcYCYJ4OzO-ubLk1cfr943xLeXxrMv-StwhmxNkiSKd8vlNE1LoW07hlUyQr_sjQLTCcafEeQSQb4jyGl-2QpQkTvLxxSksZ0dQDMAhxACigYlzeXcll_1NFdJBoI5afIAaJlBSqrnaC6baG7L0_Cq28oUUlarU1msLFqqQTQzJdHUlqM5ADQzDUj9PWIgVK6_ga9lWjoQ2u5AGHhf87dkdp5M8JsJZ05m_cqv2eHMH0ZhnJwW3uQP60ToNoei01EFfOCyrhdg42goHmViTTJQUpsuaDrSiYNYbfPGHIuq9a44IElZSlpHRz0mVXuSPqaVTE77vm4e18eNiO3NzERXycjsuKZtMpYrqtzUttrjflDrs3N0UWmgaVusy9Wu74mEjqITz8d1ZsZJUtTgjuUDs88y-6jepuI-nMYeQxyLkcKiOxWhzx3UmirhdHncaxBGV-dNRbFsKuTZdlhNDZjZ8DiLWShjZKLQknY0z9p-A9SVoLOQx2qmcXIvVaeZ3ZMXcM5HI67RodEdHTYzjwQ1_ABvsJ8KxWuZfhhcFDbCyAocczuahbbjWd8KD-PEiiZWkDpeHAYvvDAww0AfLW70Xy4hP5burRY3Cw9y27knd0Fhd3V1fTN3Q3-WkHfL1y0xzBahP_rAnt_fL278_Z27WC4fjg1P163uqOZ0Nc4dE_tJJYisiOdHlBXZoEscliW2o_GHzef0LnZSRE6KxYvi7T1h2KqoHZVtCWxbwIfgZ7HweiV3vvafOv8B0&mkt=en-GB&hosted=0&device_platform=Windows+10	false		high
https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSO2_TUABG46RNH0MpCAESUlUkBoTk5NrXj7oICT8Sp4kT14mT1BFSFL8SO341durGAzNjJ4ayMVYwwIT6D-jUGXViQkwICQkx0f4Clk8633rO-gpVgiVQAk8LWAnbfUxAghzROoMyIwqiBIMBdETgFApJSEEcYCYJ4OzO-ubLk1cfr943xLeXxrMv-StwhmxNkiSKd8vlNE1LoW07hlUyQr_sjQLTCcafEeQSQb4jyGl-2QpQkTvLxxSksZ0dQDMAhxACigYlzeXcll_1NFdJBoI5afIAaJlBSqrnaC6baG7L0_Cq28oUUlarU1msLFqqQTQzJdHUlqM5ADQzDUj9PWIgVK6_ga9lWjoQ2u5AGHhf87dkdp5M8JsJZ05m_cqv2eHMH0ZhnJwW3uQP60ToNoei01EFfOCyrhdg42goHmViTTJQUpsuaDrSiYNYbfPGHIuq9a44IElZSlpHRz0mVXuSPqaVTE77vm4e18eNiO3NzERXycjsuKZtMpYrqtzUttrjflDrs3N0UWmgaVusy9Wu74mEjqITz8d1ZsZJUtTgjuUDs88y-6jepuI-nMYeQxyLkcKiOxWhzx3UmirhdHncaxBGV-dNRbFsKuTZdlhNDZjZ8DiLWShjZKLQknY0z9p-A9SVoLOQx2qmcXIvVaeZ3ZMXcM5HI67RodEdHTYzjwQ1_ABvsJ8KxWuZfhhcFDbCyAocczuahbbjWd8KD-PEiiZWkDpeHAYvvDAww0AfLW70Xy4hP5burRY3Cw9y27knd0Fhd3V1fTN3Q3-WkHfL1y0xzBahP_rAnt_fL278_Z27WC4fjg1P163uqOZ0Nc4dE_tJJYisiOdHlBXZoEscliW2o_GHzef0LnZSRE6KxYvi7T1h2KqoHZVtCWxbwIfgZzH_eiV3vvafOv8B0&mkt=en-GB&hosted=0&device_platform=Windows+10	false		high
https://account.live.com/resetpassword.aspx	false		high
http://www.leo.lopez.sakshamsevango.org.in/br/?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=	false	Avira URL Cloud: safe	unknown
http://www.leo.lopez.sakshamsevango.org.in/br?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=	false	Avira URL Cloud: safe	unknown
https://outlook.office365.com/owa/prefetch.aspx	false		high

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506	Microsoft Cabinet archive data, 60080 bytes, 1 file	6045BACCF49E1EBA0E674945311A06E6	379C6234849EECEDE26FAD192C2EE59E0F0221CB	65830A65CB913BEE83258E4AC3E140FAF131E7EB084D39F7020C7ACC825B0A58
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506	data	39BB82822AC1CAEA0B9414184EF94D08	31BFD923392407A8C3658B5C135C081C8A8A24DA	E15AD74E0DA09AB67BE2D384CB21F967A581E68FE130014190C3BF4A97552A27
C:\Users\user\AppData\Local\Google\Chrome\User Data\0501df76-b361-4a0d-a5f7-973b0bfe6765.tmp	ASCII text, with very long lines, with no line terminators	7788E4B09E1CA44AA0DF89603180C299	3B2F193B01EBC732D316558FAB6E8CAC5E338469	608C404548B94CA744EFBA3D88219E3C39CB98D7F9A1C5FCE1897EAA331D9E63
C:\Users\user\AppData\Local\Google\Chrome\User Data\11a4e9ec-dcb9-4579-a2d6-3da61fb7a126.tmp	ASCII text, with very long lines, with no line terminators	586AD44D46130A407BA0F6B7FA8A18E4	4EDDB1BECB124DC6EE5A83B4D36B694EE04F22D5	9FC4FEFD47D8E5EBA564E79F222B2F664C5B64DFC57FC0BC7D10A3E62E744CAD
C:\Users\user\AppData\Local\Google\Chrome\User Data\2e9496c3-9951-4076-909b-efa9dc9a6ba4.tmp	data	10FA75F01AF5D1B72A5670A5975711EF	C358F4838770FA4C1F5228D9BEF57F4AA6D903C4	F43437E087D0CA1CDD03500FE8F7BC95B38ED083A4CF693F5A1963A9DF5F3F6E
C:\Users\user\AppData\Local\Google\Chrome\User Data\522efdb9-21b2-421e-a05e-721589dbb363.tmp	ASCII text, with very long lines, with no line terminators	DBC3AFCE0D7B2EC0FF58E706AAE21C10	C75F49348D38137459C4466CE26BACB232E6E40D	2DEFC46D08DC3ABA09238FF1FE2775D98409E4A4796634CD37BEE80103F12F37
C:\Users\user\AppData\Local\Google\Chrome\User Data\6615a104-cf27-467b-a198-95c501166212.tmp	ASCII text, with very long lines, with no line terminators	E1B6FE029CFF86FB15A7A46519B2558C	05730E47EA61563E7ACE038ACC75B1412D9C605E	7E4CFF2E31D50B05DF6C240D1E453A9C28FE0E64F7464AA03A02965BD7BA9177
C:\Users\user\AppData\Local\Google\Chrome\User Data\67735183-2479-4dba-bd01-82d1b41d0e3c.tmp	ASCII text, with very long lines, with no line terminators	7788E4B09E1CA44AA0DF89603180C299	3B2F193B01EBC732D316558FAB6E8CAC5E338469	608C404548B94CA744EFBA3D88219E3C39CB98D7F9A1C5FCE1897EAA331D9E63
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	E6C1693D9F0F6B6E878D098FBFD4C92A	D9D2708143B4A3BA5D14DFED59DCB6B88DF172D9	E9DA6B8F6549D084D8740EB4C25755989B057EBF4F36B5E526F34DFFAB7500CF
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2dda344b-3aae-4748-a746-802fe5bbc0b1.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\39045de3-6310-467a-a3b4-436f6cd96dbd.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	E7A55FC6EA72DA74BCB4FCBFCC9E0D8F	F719A20F2C3904C3E6CA6DDB0A32CAA4A0F05AB6	8C55CE15A235EC3C551F10704C27C1FDD26581972065C5455A5ABA0E3E57FCE0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3c7c14e5-c815-4e98-955d-484ff39c9d95.tmp	ASCII text, with very long lines, with no line terminators	43D4D905313CDA8023B73590B3E78582	E1F16AA97339F29C663E53A5FD98C3DBA792A38E	61FF9BE3AAC5869CFFFD72B3793402EB73B712A3800BC5FD401D62CB0677913D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\49194089-12e9-4067-9855-1e5bf754d56c.tmp	ASCII text, with very long lines, with no line terminators	A1CDBC88F8B4CC8D10212775766B42CF	895505AE442DC20942D1D7A5094B01E3DCE208F4	AFB41143BF853D6784565FA685200B22EC79DFE2A846E8C774C1D4CBD5A9C82D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\49b072ba-d04a-4ff5-8eb9-7df303b61fc6.tmp	ASCII text, with very long lines, with no line terminators	18393BEAC18DFCE9530BEE3DE057C7EC	C029EAD28B563D0BC554E1270C405E32D7297AD6	E878F4866A01F718D3FC399818070D6EC592266B36818CD1B8A68F6681A200BF
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6c8ab708-f920-488c-984c-281359aa4590.tmp	ASCII text, with very long lines, with no line terminators	0C108BCCCBA2CCC6D4E125A32692AB3C	98CBCAA91EF8489EC3547E8B43A16A844DCCC5EB	1256E3B38C3B3B24E7A145A65A026066691432740E408739D220E5F224D77549
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6d7cc2ea-94ba-4460-8232-bace5164261c.tmp	ASCII text, with very long lines, with no line terminators	7567485B2AD73B4AE9C6EEB24425DADA	EFB5687E27F65158D8720AE2EDC1AB43434604D7	7017064CDFBC235518FAD2E1C1A51D58221FBE55AC3ED55E339E532569488567
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\72fad40a-67ce-4a33-93e3-6890c6366c4a.tmp	ASCII text, with very long lines, with no line terminators	A09E6BF2ECD658553C9CCE8039E95829	AE0FF383565072B52B8336804418FF0E206ACD25	FB145D65A1A0BE28BE840AE73B661E995F2F252B5A0E3516E50FA633C68744F8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\84277d50-d269-4904-8d24-25a123a949d7.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	E1FB2A27FD474E98AFF0859AF599B61C	5C0169089D0BEEB0D58AB029E6440F5366BA15BA	5F370039F8DDAF7F1B53342DFE3F4FDCC0A2D4EE0DEB0EC6F512674C0CCDFD03
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG	ASCII text	1EF2965964F0FCA841B33B6CCF55D975	058C8E37EA226BA40491E4C3D50030A008061A5D	3C9C213133F2745500F3CB5BBFD08F5A6B05CA1A9B9C29535F8C773A88D8C941
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG	ASCII text	26420D9874D88C8CD35BEB386004A298	86E2BAC714310032BD1E7BDA143747385B26C951	5DDE84A58735BD097152F58E80A330947D152D07091DF076851E7B9B2CE01450
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\00e9eabc0bc6d2eb_0	data	876CE05E21CF2D3FA1A6F12FA4F9FE4A	48B1141C4F764B3AA4A3958745C133D31C8141C6	0E3D0B36DA4DD905E26C7E1E90468C7E42ECFBB0D13DD4F34D47ADA88BDB8B02
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\05711a550dadec40_0	data	ED43EDBFC6FA91CE971E760F1BCD2BC4	A9471B8D99C03B9B0E186AC7C075ADEABCDB4182	135A01993A54C54281D5AAEF95DC0812F01BF1F1FAD810E948B8B28AAB631C24
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\094e2d6bf2abec98_0	data	009DABA4CD1D45DB8A3CB377ABD27513	8504EB72D055936EA0A5DFB7F38A1E55FA2BF04E	AEFE25E337D8A5273A7860288242B5A4FCB3CDE4578E39067A3147D64F04F67D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0decd6ee54701714_0	data	7515E08D4C07DD749504921CF4A153C0	FAEC6AB79A7DBF5FB8CA4185EC8C3B085566BB29	01180902DAD34C4690B4B634B7BD8B99B4A5CD29D4A855535D515383DB0DE5ED
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\13216249a71837e7_0	data	A067C16C98B73D1E5F3D5B02603C0559	576600C1C323903400E59E7A0BF5DCED78F90713	70BBB91C55D8DE0825327C9B1045F681CE1B8A58083946D016A08A640DAA94A4
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\263002cf0fbb71e6_0	data	C90EAEA67C8E4DAA0978006EBE3B2B7D	99A50FE6116657CB873F0BA81FE1CB6C67662165	79C6369493F8019A13270FB3DE3AA255F17A8D00F27ED1B01CA7E2B71BAC1A6D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\280762aeaed2bc04_0	data	5A20D7F1719F730D4BD7BDE8D49E5D3C	86EDC031B036BCEEC703C2C4BB3343F258DB52AF	AEF12A8D6BDEB77D3062D553FDB46649661C77C68198DA53A216259C8DD6ED99
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\308e7fc8113abdbe_0	data	A1DDD1CF4CA69A006FC9907B78F1C79C	3C8CC523EEEF70DE155786BA79D540BF8F8DF994	327233DFF2378E9F6B318DCAB4D4660626FE0B2C9060A6006E12BAE74EF212F0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\397eaf5d020aa337_0	data	938EA3E30CBF141004740B050953CFAA	8997809E2353C0B001BAEA7F7CD3FA83B60517A3	7BDA35B3D889F1C1E6D98E337903EC5B0F471EBEE2C7652A8A994EEC4526167F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4278acc4333443e6_0	data	6BF7841AA5C75DD7EBF7438B6EE65DA9	5563C8EDA1ECC57D64054EA6A7A8B7037A404000	F6BE0EDE5A1BE263FBA2DDD1643D58CE3AFA1C438315D6A3FA767BDFEA84DB10
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\59f8bbf14d4853fd_0	data	B98AF6B4ACDD69EF536A3B83CE1B3D2F	3AABBB302582A9E35C5A2C1EACB7F6ADBE3CC310	F2BBB2B20AAD60598308769761861DFC1F18A76343D4B4913D595795B9DBCED3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\64ea806cd0219a37_0	data	183F49F135E47A3B9C86F51D679526AA	D7B2E19D3A60071AAE33E1D827DEFCDC9692BFA2	46B1FDD540D22DA303F84B523AADE99B44E332FC554F64D6B311514E9DBD79D5
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7cab34efca253074_0	data	5D7EBC339107B429FDD01C2B09A68B53	6DE366FD2EF94D9A82D058244812B2736DB88D4C	7D2F200105C0273BD01264E85E06D1F34D359E2133731CCE196ABBB56734E62D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7e4cea594f77c74d_0	data	2295FE26DA0E15EBE8FB98C48A0D69E2	05FFCED37B0D1331C5F9E8292C9FBC984FF66398	185996BC981388C9C83D39FA9B3F5101D677A78DB5DA5BF1FE103B18C9A6CA08
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7f239fb82bdc9a15_0	data	12D661F2170857155B0BDA65112E5585	FA43FE031213B7626FE92BF99ED4FA60E3618ACF	E2495BCB16558204DE7C5AC91606FF33288554B98B7366C1D0112EA8072A76B4
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\83b9c3db1088f864_0	data	A7B995F305993DC4B6520CB786A9BC3E	20E1AB8420577803E721D039DCB5F0F7C686DA12	C9BD97BFF58135C2CD3AD19599AE8A14639C9B27EBA336116EEFD390EF6DDA17
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8ba90312ac6aad2e_0	data	1FDD7DA7262829A9A9A0B42AA948AEE3	28686B3143EA6CC90D021FD550FFDB74B692EDF0	850F7B7DDBB4C395F1928E63512F73243C31891D5EAB0C7282258DA27BBEA814
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8f3c2e2c260a7099_0	data	4C9C9140B9F85384B0E3ECEF6A4BDCBC	34AC5E977512E228D14B1F3A2C5FE545E7E856DD	204C1938BD5B61AE204AF97B074900F2EF7531685D717E6C4EF821A41536FA2D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\914981e1a3a6bf84_0	data	FFF658856FA789B71D8D5200A4696468	3FF337807A86AA090F77242465B2A81A6D41EDF4	6A3F829D2B9FFD4CA1F917E3D680CA400BBF6F6CD012BFE7EF3718E6597010CF
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\949d2b57c43cbcd6_0	data	E250869EB17FFACF7933BED29793B522	E909F3D237FDC94447AF274FE02D91EE1611FA2A	F166308DD598AB6578CD31B7E43F1BC1375DB6FBCAC89013FE00638BA581937D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\98431752fa0d1df4_0	data	BEB055258ED1A2F964327A5A4248C989	1AE680E058DC64F079209EEF1B938F5E0DA70AE6	222B7194974CA5110B35E623C254B613EF612009FD58AC745256340E43B25920
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a64bbd896a35b6e4_0	data	8399B307EC44C82993A61CDB91E4E43E	BA33D57841C8A052552CE72034070C4228B38C06	360A8F86A0937A1DC957820051706E8A67F2A2C43BA431983EEBDFBD61E4563D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cb15386b3caf164a_0	data	4C81B35BC3005F9EC6CE7BC890B38A4D	37E20724E3F9C8E7AC73BBE46F08174975E6680A	E98C57B3E44B541AB287491AC0B2A1C59C1B00336022841FD05821782BE66982
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d2d66a99f78ccae1_0	data	75D78E5F4EBD331A66D9C965AE6733B0	45D64DFC9EFB60AA5A93CDA30ACFDBFD7D907258	33D465DFE9302CA62F9B081B0202D7CC5A5529FB742DCAF67B19A9534761606D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ef31c506f3510843_0	data	D06F16EEE2A88287894A0D6F0A6946B1	E49AA033B162020E03B67CBB8E4170E87D17513F	9C8DDF29B3CCE616B51615398E79615B6266E1CA248EABD2C012AA241A403646
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f12d30eb3faa08de_0	data	41941112EB3885AAA004E087F846EAA2	16C9EA7896C11AB7466711C71322B398A7C5607D	9A72C157FAEF0C95D3BA7941F803EC02BBCC253F37C07FB13BB918FB99AEDEEA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f2f9dc233f4dd8b6_0	data	B7B17E42209BDDA40465C43C5652063D	F65E5B18F9BFE3EEF0A1675B1723643E5F469FDB	F13870FA3416CB53691C6169A16464E99E28F5764B36C57A6DA66D76C23813E8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f31034cd60667b7f_0	data	377A5B4F1EBB5CDF72884564EF45D328	96958EA7074B205181567BD8AC9093CF0C618F37	175F410F8659CC40CDBDE77E7271C93677DAD3E10B1944AD086A80864D5BC9C6
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f469a98fdcf53c25_0	data	E62EEAAE1278D673ACB14A51BCAD25B4	3CA74EAA7BDDE3541596173DDE752068451C66F0	8E53E4C405BC8771E426FF17358C1F089928F82679D40756665EB04A42E07505
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f46ad1d2652b0b43_0	data	6C869023DCD5AF14CB1D3DB49FA1EA03	25959BC496602BAA883C18095743AE37CE3D78F5	E2159A54509F761D98A6D7D520BF04169598FAF7BE07872DFE180E6AB84D4E55
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f6ef8939da32ec75_0	data	452B3B3EC54E1A913F78266C2F998A15	07AEFD08BD4CEAEE77C0EE406A538CD5ACF1F0CF	B11224C7F113C2B8B7C8B54F23B070F581F8B7271E5EA2CE75E8FA249B265F4F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fca8dda49898d420_0	data	806A7229B2867BCFED65AD5F920721CB	DB6391696F5976EBC9C60FBE033640456C07B468	42882DBD7E4CA6E1A56229D4AFF3F83923B3200EFA67BF669D0F18F17825DAB2
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fd9925bdad311f6d_0	data	490CE23BCDAA246DBCA555813E4894C0	B58F6070F1BD9923D6265E8E9F87948861A71DF7	0D829B23C271C33FFC8A1A6AE51B9E66EBD919D799003273A0564F2A523CD367
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index	Maple help database	117AD56EAD44A01EF447C94F80AEDCE1	3370203B38CDB096B1951F022360F60AE2A76E37	34EE34236E8D3A32180C0D065FC61D4A324ACA32990C0D75AA2A26257C9C1501
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies	SQLite 3.x database, last written using SQLite version 3032001	9F0394797E37B4FD9E95C40C8DF952F3	00973A9102AB4F2A0A61251465B027AD6014BAD2	292BA4B2E9A7A7F34AD7896FDC27186A926928164F510B63CAB49BAF1143CEEF
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal	data	DD996338F08E0005D26CFB402087DC90	A72DF683FE687AEC65DF69C1D3862E617AE5AFB7	9EE3187C2EF2ED87D15C027C2B9FA79C1B3A6F2CBBB3FB36CD789047EC58652D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session	data	C08E495DA8ED4F65C23DE3388528B6EB	B081F093482D8533A7B9F6C8BD5EDF8454872E71	08F30F375CD71A23BAC664F57F042FC06561CA376630EEF7F48CF0DAB0A11A35
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs	data	0686D6159557E1162D04C44240103333	053E9DB58E20A67D1E158E407094359BF61D0639	3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log	data	0A906A9A542CDF08FF50DAAF1D1E596E	B97D6274196F40874A368C265799F5FA78C52893	EB9CABBF5FDA1AD535300B0110EAA4068A083248BA928A631C9278545935426D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG	ASCII text	E3848D312C1171AB9643700BB404685A	04093EF13F171951BF3D11292662DDDA6CCB2F57	EF36C056091056FC5A68C341F0EDC4C93ABB2DEE6E1F156458D077F7D1C4359D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log	data	D4BA0AE0BB0B9FAFF3DA6F35FDBC3C8A	FB3E9DEC7F35A9B1D94E54A5659DD0DE484055E7	99DEF1B557F19F04C1AFFC6F247D0451F33FC10EC42E73792223C3215AC98BE6
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG	ASCII text	DC282A811089E6EA8723F4893F6EC720	022A59A055347388E56E5A0058C867FC00B491CA	BF8A7FA81EB82124CBD16A22511E1475DCC806EA4DDB6E7ED367D0CCAD9CE8C1
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	90F880064A42B29CCFF51FE5425BF1A3	6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF	965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	6AE2135EA4583C2F06CDEBEA4AE70FA4	DCEB26C7F02D53B5F214305F4C75B4A33A79CDC2	03AA1944CB3C4F39E20B6361571BC45DFBEBD3FFDA3D8F148CC6ECB29958F903
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons	SQLite 3.x database, last written using SQLite version 3032001	65647BCAFE524248BAB3BB544E5B14F5	40620F11C2372A302094F41C21EB9E374FC69D9F	9C3D431CEDAF9E1B0592A056224E02E2F43BE9B0CB7A643BBC4292E71D63126D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal	data	C492223F894B4443A9AB76F09737CE42	312949945C2FEE58C10F0036A7986E9A871DBA82	6EA3BA7C210AB30A7FBCCAE8BCBB7DB2AE8F6577F5A2954210F90BEAF5A9915F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log	data	0407B455F23E3655661BA46A574CFCA4	855CB7CC8EAC30458B4207614D046CB09EE3A591	AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG	ASCII text	48318654D450FD1A489D617EFEBA9B92	9A09612CB69F562FBA81F6431DD159705E1D498A	A4AF1DBF1A01069C4C30B019DB5E4F875A1D518E15769930A1A45E42FCEB7C19
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG	ASCII text	617FD2D24B4DC4684C623FB2FECDE613	84FC2E41D66880AD92E25D2DD053AEA4408EBB5F	F70D7C7EA4887B46B9935008EF7716B10F375B339A523AFE48E676D6B9A8CBDD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG	ASCII text	E9917BE10006B60D464524B879561288	4DB08EEECE7CCA6F3671C5982DCC38E500AC0E9D	1EF7092DE0311C4FEA420F545B94B68C840494724715F090829E23038D5EFAF7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History	SQLite 3.x database, last written using SQLite version 3032001	8E133DF2FDD2587BFA89BD5C77C1CAD6	2DC90E031B12399FF18F423AC38BF670EF967A72	93F50A9250F98E5B5D979ADECC9A2B0D5D04C74943DEDAAA15E84DD67B9F7A05
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache	data	8C2F108BA3E4D9B9F871E00240570DC5	A507E0F16C800D6D622039B72CAEA2850848F46A	134C1CB5163C8FF836B637AF217E5C609E21893AE19C1A0222B6DA3789514DB0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal	data	FCF08B71CC245F705D2DDD0FA61A7C2E	7D635475A0BBBEB0E27C3EBE96D0A83E901B826E	6659AC5E26CCC448FAEFE0A11A44690CE8378B94ADB471D8879365B636FBE615
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log	PGP\011Secret Sub-key -	45F1162EC709A6B86423832C7F1F6C49	3628951437CADB1038ABDAEA93C601DC3525C008	281F3CDF243247E37029465FFD6DCC865B7C8BB15E7F28BD25FA436B6BDB5151
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG	ASCII text	43F33E441828DC3609B3E8E090A31EA3	ED8EC15E39D3DED87B66775A5C28416E0A008D26	2F163BF7B08F596CF6DF854DA5FA58D979D41AFFE6EAC2060C93488A127053DB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor	SQLite 3.x database, last written using SQLite version 3032001	50268AAD6347936B09F7457FC53159E5	53271B18AF80392D2F79CD4FDD576380FEBA9E60	F8028877006C8719E7830076E06EE948959C4F31D3AA39A7055177B7F09677B1
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal	data	E014FC25DDDDD808A3D861C6012B4E1F	68F1E294B17CE77C5831EA41495FB645FD536BC4	8A9ABFEDBF786428CACE3EF99C0D3B33A549A0F49436742AE403C76434F3A460
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG	ASCII text	96EE3DEAC996DEE9BF055936CF2093DC	8A91EF3A4CE7D157B35D0708A6224EB32E32DC1E	F3F10EC8E050B838FD305165BD8F75EF3CFB4C73397E8F428225240FAD931859
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL	SQLite 3.x database, last written using SQLite version 3032001	9072BD9DD8D7650D0337C452FF0E307F	D7CE1687A57ECB8069CF44A9A5446F78891968E1	327534E3D5C2EFAA40DCD52CA709C9909E81F1527486361A2B91E8521C07EB4D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal	data	AACA768BE0395DAE37CDCACFB639E5F7	C9CF4B2FED80BE74F2F3993A60D37020D0558150	8DB012A687BFB62974AE3D161A82F202354AD0857FF6A086997FC7EF7A23CCE2
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log	data	77AF19B5CAE4B46DF54BE64CE8B33B7D	E136A7B4C6A1320974DD023FA3DC443E57E51ABF	6EE3B5BE8E27779C22E5D865C3C1A957901DF71FF6B7DB7C9A033F3FA65D4D68
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG	ASCII text	D3016BE087294C3B8B03FABB0A252FA4	B822AF2E815BFFB92E0F92B01702B579106ED21F	A901F9614DA57E7F21019DD7E0D7C2E09773AE86172185E88B919F908C3ED4C0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG	ASCII text	873A25E8F684534F1E2EC977370482C3	F66F26CD124A8B5AA5C88791AB0396E82F82A189	6BC66FA6E7EA483E594652786FB709EBD5F586B572AC4B9E1AC3A4321290CA3B
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\26c40031-9f82-44c3-8d35-6e3540319a60.tmp	ASCII text, with very long lines, with no line terminators	8CA9278965B437DFC789E755E4C61B82	5776B6C90CA1D2DDC765ED673B5E6DC8E167F0D6	A57D9231244C1FBDE58A1BF50CAD3A1E3EA28D042BFA272782B65139446E7C51
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\33c44a09-f198-46e7-82f2-a99a935d3993.tmp	ASCII text, with very long lines, with no line terminators	A6C1D2076E0E7FFE40E5BFEC0BEAFAA7	F1CD6815325610D07455A215A1C4E724D2F1DC17	3B3BD7020547A67DD4A6A30E8ADBC4A5921570268D7E0182053BF5412F5BFF50
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1	data	C4DF0FB10C4332150B2C336396CE1B66	780A76E101DE3DE2E68D23E64AB1A44D47A73207	18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG	ASCII text	A667EAD90C28CCF003E493EB59AE0628	DF2A31F03B1D4759177BFCF59F54124FCA268F36	5CC16BB7F1DB40A01CCB1D5493E0B9B8B5090C08EE790A108E1F42031A4B61DB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG	ASCII text	E81C27227BB2A5E1F627DC14981EDC10	D3F41C7226C46917930A92DBDC7175302ED8A206	41773D5F9CA6A0D2DCA3F91CDFB362D702A148ADFCD33055C9D1371E44199FCD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log	data	E556F26DF3E95C19DBAECA8F5DF0C341	247A89F0557FC3666B5173833DB198B188F3AA2E	B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG	ASCII text	EB64C027920E5F3416477616A742365A	9B93F59866B0198A4A8804F23C93349326E85A1D	660D4554847F66C8D5383F756324DBCDDC855DFDF4B39A1810D14265DBF7B6A3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1	data	C4DF0FB10C4332150B2C336396CE1B66	780A76E101DE3DE2E68D23E64AB1A44D47A73207	18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG	ASCII text	2BEFD615CF2DE999A83CA243C2F064F0	EEE2A6AD3174C47C9B61E81C257C380AA56A61D2	133A1E32AB3CD5CF68F16D675F47F977D498FED5C83E5C090255930D68176FFA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG	ASCII text	B0175C67B45C07BABA91878B519E6EA3	617AA6ACBE264D1E5EECCDFD2A0996CE543F6CBA	259D832E1B8F9B526900EB9E41A6CDB097F21B09599042886652083EEB49F251
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log	data	E556F26DF3E95C19DBAECA8F5DF0C341	247A89F0557FC3666B5173833DB198B188F3AA2E	B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG	ASCII text	02F5CD2DAA058FA0F0524116D6ADD878	90A0CC3E54FDCBC812F1B910062DA11238A0502B	B801362EAA58CC4BEE374B02BA1CB85DF7DA46AE886D56A5C022393ED2684BD8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\bf5ae8f0-82c0-483a-b23d-a6a465cece41.tmp	ASCII text, with very long lines, with no line terminators	E94036DF834460DF6795F5DDCCCD0B69	0352869460986A77961DDB65A85572FFBF4AC0FF	4087DF4160118C6F53D2E18B0A65B23FD373796A4285116852AF4EF927C40FA8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\db243429-63d0-4e4c-b9e8-3dc94e482ab2.tmp	ASCII text, with very long lines, with no line terminators	B0429187E1BE99DE4D548DC5B2EDEA0A	B3E07BEE5D753BF1B613BD2DE665C7C21E8184F6	D8DABBF936DAB4F17437ECA255020EA847D76D6B789F9486010C95E995CFED03
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log	data	45A8ECA4E5C4A6B1395080C1B728B6C9	8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E	DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG	ASCII text	AF5EEA971EB8E3CDB6C2F7A01974EBD8	1F71D0573BC54C926E11D551BA5DD42E6AFF7BF2	FBFC6D631416332B1D1E5D1AC31A9E4185695D9B7614FEC5490054AFC4C05721
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG	ASCII text	AFFAF46819A4CEF67E0570BFCA7324BD	7C24D86889BBD6907A3C27BA6D95B07DDC0D5B7E	23EBC6DFF091BF6318E040BECBB322D13F5EFD9822D35EDF0054D25807818D76
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links	data	5E9861EC478ED766647747EF39DDB724	42F36F07E7BD01D08898493A417529263FB8AB31	FDBD1BC3194DF6A939C94129B699C9B3341F4C3D0D3828267408B51A6BFC64B2
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a71b24d4-097a-4ad9-9eb1-de6c1cfbfacb.tmp	ASCII text, with very long lines, with no line terminators	B343AC56FA73F9BF5699FE3B2B5469B1	9CCF813C230EBAF4E70207D067C2100F9F20E8E2	B8B069A82F1BD55CC309DC6F6D05F08B8418334BE4D37E24A7D13332B1191BBD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ce0fe9e2-0eb6-456d-af87-2f2ec4cb7242.tmp	ASCII text, with very long lines, with no line terminators	FE70FBD3817E77C6497F00A98A176026	F7BD3B5F2AE3A4A66FFC079C3DB4B759A428380A	08C3BD510402EC8B7F2EA2B3A4B71E0E4B7388C278FE201B2EA630554C374564
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cfd2839e-e90a-4523-8386-8daefe286ae2.tmp	ASCII text, with very long lines, with no line terminators	116269C42AA6DE3FDB6D5263D3DD289E	660C97369A29972C18C773A28B4D0134971F388D	BF2EC378DFDD155C6331E2806C12747052FED9EE79064C5C6720F30D14973875
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp	ASCII text	6752A1D65B201C13B62EA44016EB221F	58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B	0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG	ASCII text	41C540FC85C1247BDBD15748F6904839	BB6E8E4B2E4A4247ADB4C2C0963DD89FB0A6070C	5FE519A835D1574BBC661C627C9E1BB70130CFFD2763C6CD645AD3A4EA4D4E99
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004	MPEG-4 LOAS	031D6D1E28FE41A9BDCBD8A21DA92DF1	38CEE81CB035A60A23D6E045E5D72116F2A58683	B51BC53F3C43A5B800A723623C4E56A836367D6E2787C57D71184DF5D24151DA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\dfb3ac29-19af-4c7b-b0ea-1026b8fde2a3.tmp	ASCII text, with very long lines, with no line terminators	A70C8124A2A65EE72DFD298921EA4C1D	7B2C7D978FB799108344E08CF5F3E73D554955B4	2A4DDAF83FEFE211195CC833452E9414E8104D8CDDEC7228CCC5B237E65579D2
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e72ec7d8-830e-4606-8f1a-66b25a0b2716.tmp	ASCII text, with very long lines, with no line terminators	75037396D8EBF0C8574D7ABDA774F085	A3BD428CC5597EA80DDC340F0D840FD17B46A600	6ACEC7E45C560A6DC53BE8FB4D4954C4C0BE62FFCEEB9B673C5233C43423AE5A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ef14856c-053e-410a-bddb-b7b0b9e80663.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	8F98DC7E31E10946774224D6A335EC51	D3EE557E4FEA226FB1F5449AA270C529F5F79949	9D11CB8DD8B5B8F7699812BC8C9216188B4ACE5E25D45FE7A15A41B761A9531F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f625c36b-53ec-443e-8048-7c9337c2da79.tmp	ASCII text, with very long lines, with no line terminators	7A687695A57DE69316029326DC71D0CA	75F8B896241DA809D574714E0ED7B0F6996746B7	104A4912F48F5434C0F6EA1482BAE80FC7E8CD7C86ADF97AEA484D4979179A7C
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG	ASCII text	DB62026253AA70DF5B9ABA3F084B346F	D6B07684060CDEA1F4F7DA96FFCB4265BDAC58E9	C6029C799F7CE61C92E6F9ED170D0683B16B3A0D0BCDEBBF7BCEADEC2DAF286E
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser	data	DE9EF0C5BCC012A3A1131988DEE272D8	FA9CCBDC969AC9E1474FCE773234B28D50951CD8	3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version	ASCII text, with no line terminators	C422F72BA41F662A919ED0B70E5C3289	AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632	02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
C:\Users\user\AppData\Local\Google\Chrome\User Data\d4e2b83e-afe5-412b-abfd-2a4754645e51.tmp	ASCII text, with very long lines, with no line terminators	E4FCA0C96D0D84808FC45D3B4E76BF08	9191AB454835EF9F8EEFF1F09B043880D25F4B0E	343079DBAC8B58806A63666C19AC27F9F2C5AC0F018F11DC395A5E90895C5142
C:\Users\user\AppData\Local\Google\Chrome\User Data\d4f45fd4-3eed-42d7-adaa-3944d21ef21c.tmp	ASCII text, with very long lines, with no line terminators	E4E393688BDE61FD2C3E0A04300AE90E	F10237BE63E979A62CC0A2378F3F886CA851826E	5E62AD608385A5C7EE61C562C73BDAD2820A416B8E0E43E3BFC696EB1AB808DA
C:\Users\user\AppData\Local\Google\Chrome\User Data\e275d1ac-c435-4a4e-b5fc-2e4ccec187a0.tmp	ASCII text, with very long lines, with no line terminators	FD63C01CC784E48377F12A2A9B30645B	BEDE4CA116F8E8B816CD42D97F7C594914FE03C7	8865D52ACBE7E4DE4820B2F9B286C992863E39DAC5F9613B3E2332CF513097B3
C:\Users\user\AppData\Local\Google\Chrome\User Data\fede787b-b012-4e48-9e90-1b88f24d64fe.tmp	SysEx File -	B182AC99E60AFE9CE68AB2F064AC3A40	5786E9EBA61955F5419A858808BFEDCF13E739F1	CDDD9157226EF3DCD2DD215A90C0377C1B66861E212B3A88C3CCAC17ADFFC631
C:\Users\user\AppData\Local\Temp\053f00f0-7c39-48ce-b61f-2f66edf513ba.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Temp\1eae9380-541a-4cda-a039-80273124dab9.tmp	Google Chrome extension, version 3	541F52E24FE1EF9F8E12377A6CCAE0C0	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
C:\Users\user\AppData\Local\Temp\b97431a0-2a90-4faa-9d45-01685afd4294.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log	ASCII text	4761908FBB9AECD87233ECBB53D4F63D	BE12A9067B4439CCB210C77CA53B4DBAEAA91A4D	8EA799B9BFD7AF1EE2B5545146FA148724F895D510368B19C7914BF984BDBA78
C:\Users\user\AppData\Local\Temp\ddbe8dbc-a1e7-45da-81a7-17ba243f0011.tmp	Google Chrome extension, version 3	A11D5CAF6BF849AEB84B0C95B1C3B7CF	27F410CCBD75852C01C7464A1FD7EF8C29BE3916	D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\1eae9380-541a-4cda-a039-80273124dab9.tmp	Google Chrome extension, version 3	541F52E24FE1EF9F8E12377A6CCAE0C0	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\bg\messages.json	UTF-8 Unicode text, with CRLF line terminators	6F8E288A9AD5B1ED8633B430E2B4D4CA	F671D3D4BEFA431D1946D706F4192D44E29B6F08	A114E2783D0E9B12155017323BA70838F0F82A71C7EE8DC1F115AE36991241F8
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\ca\messages.json	UTF-8 Unicode text, with CRLF line terminators	1FDAFC926391BD580B655FBAF46ED260	C95743C3F43B2B099FEBEBC5BD850F0C20E820AC	C67898B67F9C9209EAFDA6532B62D5789863CFB855998DD6A70E7775316CEC20
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\cs\messages.json	UTF-8 Unicode text, with CRLF line terminators	76DEC64ED1556180B452A13C83171883	CFB1E56FD587BCDC459C1D9A683B71F9849058F9	32290D69A90E6BAAC428B10382C99221B12773BB9A184F3B93DFB48A4F6D7A40
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\da\messages.json	UTF-8 Unicode text, with CRLF line terminators	238B97A36E411E42FF37CEFAF2927ED1	4E47AC90BA24C8F4724D9293FA40CFD4ADA66FE0	4977D4A053542FF66967FAED6B06585DD70E68E20BFEB533B66FE3287F9655D9
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\de\messages.json	UTF-8 Unicode text, with CRLF line terminators	6B3E916E8C1991AA0453CBA00FEDCAAA	D6366D15912E40CA107FD42BFE9579C3336A51F9	A62FFAB910E31531758EEE48B2CC71A8857BEC3021DEAD50B668CBA3C8667053
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\el\messages.json	UTF-8 Unicode text, with CRLF line terminators	05C437A322C1148B5F78B2F341339147	AB53003A678E44A170E73711FBD9949833BBF3AA	A052C32B4FCAC61152EB0ADB2C260FB6A8256AD104AA0013DB93E9798D41A070
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\en\messages.json	ASCII text, with CRLF line terminators	91F5BC87FD478A007EC68C4E8ADF11AC	D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6	92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\en_GB\messages.json	ASCII text, with CRLF line terminators	91F5BC87FD478A007EC68C4E8ADF11AC	D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6	92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\es\messages.json	UTF-8 Unicode text, with CRLF line terminators	82719BD3999AD66193A9B0BB525F97CD	41194D511F1ACC16C1CA828AC81C18C8C6B47287	4DB9B2721E625C18B9E05C04B31AF5D9694712F1CAAF6219ABE34BB08E5DB1C7
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\es_419\messages.json	UTF-8 Unicode text, with CRLF line terminators	6B2583D8D1C147E36A69A88009CBEBC7	4D4DEEB4BE6AA0181825F3371A761ABC5B4D5937	6659BC3705311D7641A73995DCFEA80C7734F2F4EBBC3787B3892A240348324F
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\et\messages.json	UTF-8 Unicode text, with CRLF line terminators	CFF6CB76EC724B17C1BC920726CB35A7	14ED068251D65A840F00C05409D705259D329FFC	C85800BF45942FCC7FD6B1DF929C25F9CC2A977A6678966BD03D4B6B69889AFD
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\fi\messages.json	UTF-8 Unicode text, with CRLF line terminators	3A01FEE829445C482D1721FF63153D16	F3EAAADDC03F943FC88B30B67F534AA13E3336DD	0BDE54B20845124113383B6EB81E43A0F05E4EB0C44BEE3C1DFAC4CC5FEC2836
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\fil\messages.json	ASCII text, with CRLF line terminators	57AF5B654270A945BDA8053A83353A06	EEEF7A4F869F97CF471A05D345E74F982D15E167	EC002ED92359F67818B49455DFC579E140368E6A004080AF022FD4F57F6B03F2
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\fr\messages.json	UTF-8 Unicode text, with CRLF line terminators	8D11C90F44A6585B57B933AB38D1FFF8	3F9D44EA8807069A32AACA2AAAD02FD892E6CC90	599491F8C52B945C16C441ADF45BFD45AFAE046DA07757D97C56AF4DE75ED3B5
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\hi\messages.json	UTF-8 Unicode text, with CRLF line terminators	E376D757C8FD66AC70A7D2D49760B94E	1525C5B1312D409604F097768503298EC440CC4D	8106D98C4F8DA16DB698444409558E29CC96735E188BFA303C333A5D99231C1D
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\hr\messages.json	UTF-8 Unicode text, with CRLF line terminators	8185D0490C86363602A137F9A261CC50	5BD933B874441CEACB9201CCC941FF67BAED6DC0	A2B2EC359A9DD9DCCCE02859CE1E738BD30FAA4A05F1DC522893FFDF722BBC15
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\hu\messages.json	UTF-8 Unicode text, with CRLF line terminators	85609CF8623582A8376C206556ED2131	1E16EB70DB5E59BB684866FF3E3925C2DEF25A12	32A249749F12ADB6A220BF9ADC272C7E5D9AD5497A38B0086D961E3ABA17FBC6
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\id\messages.json	ASCII text, with CRLF line terminators	EAB2B946D1232AB98137E760954003AA	60BDC2937905B311D2C9844DF2D639D7AC9F7F67	C6E8800450602DE0F39FE9F6854472383813FB454B08ABAE7E25A9167CE004C3
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\it\messages.json	UTF-8 Unicode text, with CRLF line terminators	A328EEF5E841E0C72D3CD7366899C5C8	2851ED658385804E87911643F5A4200B1FB26E13	CD891C45F7586FB4A2514205A11F260E4A6D4482FA03D901909DD9F57BE0536D
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\ja\messages.json	UTF-8 Unicode text, with CRLF line terminators	9B3A5D473C3F2BBFAEECE94A07A940B8	61BACA342CF766BBA15C7B4D892A0E7DAC9405AA	706312A4A2AEF3317223F141EB2B82685345B7EED444F16BB4DF3A272716DA1F
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\ko\messages.json	UTF-8 Unicode text, with CRLF line terminators	9F6B4D82A70C74CA751E2EAE70FAB5CF	0534F125FFCE8222277CF2BE3401C59DAF9217F8	D1467B8D037114403E8F4EFC52E88C4A7FEB96126BE4CFF883FEFF1084EF7E68
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\lt\messages.json	UTF-8 Unicode text, with CRLF line terminators	4CA644F875606986A9898D04BDAE3EA5	722A10569E93975129D67FBDB75B537D9D622AD1	7C311AB751D840D750C11553C083785813E079C1D464FE568A98C9E3EF3DB96C
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\lv\messages.json	UTF-8 Unicode text, with CRLF line terminators	C5CE2C51391EAFD3DA9E4C71549A3C28	1F67FF6EF6E90C0CE3AAF56ED543A3EFD381574D	1FA1DF2CA8516DEF490FB8484E9AA498ACFF80EEF5C9258FFE42D3678E6C7DED
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\nb\messages.json	UTF-8 Unicode text, with CRLF line terminators	93C459A23BC6953FF744C35920CD2AF9	162F884972103A08ADB616A7EB3598431A2924C5	2CD700AEB57D89C2E73333D0702556EE3FF3863516170F85669BC680FCBDC4E0
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\nl\messages.json	ASCII text, with CRLF line terminators	7A8F9D0249C680F64DEC7650A432BD57	53477198AEE389F6580921B4876719B400A23CA1	92BE7C2DC9CFBE5A65E9CE6488D364C8D7EC19E7B67A31E4D43C1CB2B169671C
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\pl\messages.json	UTF-8 Unicode text, with CRLF line terminators	0E6194126AFCCD1E3098D276A7400175	E8127B905A640B1C46362FA6E1127BE172F4A40F	E2699F98C511B18A2AFB82EAE9A4804B646C4FF1077D80E77C17A3943A6373C2
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\pt_BR\messages.json	UTF-8 Unicode text, with CRLF line terminators	86A2B91FA18B867209024C522ED665D5	63DEC245637818C76655E01FCB6D59784BC7184E	6374880FDD1F8AF1EE8AEA6A06B73BE0AB265AFCEB4FE6F08BDE3B3989264B21
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\pt_PT\messages.json	UTF-8 Unicode text, with CRLF line terminators	750A4800EDB93FBE56495963F9FB3B94	8BFB915488A4EB3CB33D68E2E59F1F8447DB7D61	C1C94F65FABAF17DEF98A8587711A56D61B1E5607500E9B01F2824DB109F9E83
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\ro\messages.json	UTF-8 Unicode text, with CRLF line terminators	98D43E4B1054A65DF3FA3CC40AB6FB6D	46E0A21C4DA2BB5D4D8F837AE211C1B6FA26E7E2	113A13900CBA62FE8AED06751971C23A80A99B47F9BE219CF884D57DB19611D9
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\ru\messages.json	UTF-8 Unicode text, with CRLF line terminators	DB2EDF1465946C06BD95C71A1E13AE64	FB4F3ECE9ECECEBBC6CA2A592A15FB9C1FDFB811	FBAF22CE6E16DE174CED8CB5EA3098CCA1C3426A2111FF33BD3E64DA64ED67AB
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\sk\messages.json	UTF-8 Unicode text, with CRLF line terminators	8DF215D1EFBDABB175CCDD68ED8DCB0A	2B374462137A38589A73FDD00A84CBDC7E50F9F4	7FA16AF97E6CFC52EC6008EB679D3F30E7E0C24F9EF2D18A9228EAF4DED9D63B
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\sl\messages.json	UTF-8 Unicode text, with CRLF line terminators	3943FA2A647AECEDFD685408B27139EE	0129DD19D28373359530B3B477FE8A9279DABB7D	18AFF072EE0DF7C3495045435C752A805606E6D5D462EF2321C443F1773F4B3A
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\sr\messages.json	UTF-8 Unicode text, with CRLF line terminators	D485DF17F085B6A37125694F85646FD0	24D51D8642CDC6EFD5D8D7A4430232D8CDE25108	7FFDE34C58E7C376C042DE64DEF6481DAE32BE8B70F0B18EDF536290CBE0C818
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\sv\messages.json	UTF-8 Unicode text, with CRLF line terminators	D372B8204EB743E16F45C7CBD3CAAF37	C96C57219D292B01016B37DCF82E7C79AD0DD1E8	B8BA77E0089B0676545EC16D32468B727812B444F90B33A7A5B748E6C36C4388
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\th\messages.json	UTF-8 Unicode text, with CRLF line terminators	83E2D1E97791A4B2C5C69926EFB629C9	429600425CB0F196DDD717F940E94DBD8BFF2837	2FECA577F43D97BAEEA464741D585892103585208FD0A935B810A03BDCE83C88
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\tr\messages.json	UTF-8 Unicode text, with CRLF line terminators	2CEAE0567B6BB1D240BBAD690A98CA3B	5944346FBD4A0797B13223895995CAB58E9ECD23	A7CB86F30C9C31FE5540282C308BA96ADB4EC16EF98C87129EB88105E5BEF5FC
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\uk\messages.json	UTF-8 Unicode text, with CRLF line terminators	AB0B56120E6B38C42CC3612BE948EF50	8B3F520E5713D9F116D68E71DAEED1F6E8D74629	68ABA284751EB9C856032062EF9B1651E2A1E5CE5FDA0977FFC97D63BA7BED9E
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\vi\messages.json	UTF-8 Unicode text, with CRLF line terminators	7EBB677FEAD8557D3676505225A7249A	F161B4B6001AEAEAB246FF8987F4D992B48D47BE	051F96ED874C11C4A13589B5F68964E4F5B03B52DDA223D56524F2CA23760C04
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\zh_CN\messages.json	UTF-8 Unicode text, with CRLF line terminators	BB73BF561BB79F89D9BF7C67C5AE5C65	2FADD3A1959B29C44830033A35C637D0311A8C9C	D804F2A040D21D7511EFD5213D8E1721D64964A1A0DBB48E21622CEEDC9D967E
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\_locales\zh_TW\messages.json	UTF-8 Unicode text, with CRLF line terminators	5FF50C673CC0C661D615F0CFD0E6DCA0	60DFF98DEAB9C4746B288BDD9C94B3BCAE5EAA85	C6F8C640F3353A7B9B1432A0C139C1AEEC40133800E6C9B467B63991AD660308
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\images\icon_128.png	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	4DBC9F9E6F5A08D299BAC9E54DF07694	BB38F5DE34B1E0BE1109220BA55271087A4D9EA5	91C2718DD23B4356D71F88F6146868369033291086DF327534546DFA459BEB0E
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\images\icon_16.png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	FB9C46EA81AD3E456D90D58697C12C06	5FC450F7D73CCFAC8F0D818CB3392BA4D91B69DE	016CA659BA080E194FBFC0929602B16506ED60AA6019FAA51410C4FD93B583E8
C:\Users\user\AppData\Local\Temp\scoped_dir6468_1176304011\CRX_INSTALL\manifest.json	ASCII text, with CRLF line terminators	01334FB9D092AF2AA46C4185E405C627	47AD3C0E82362FFE5B881DF8D71D6F79AB7F5796	F52714812D68C577A445169D11E84DF6751C2D6886BC429643072BB5D61C6C27
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\am\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	26330929DF0ED4E86F06C00C03F07CE3	478F3B7E7A7E007BEE182B89C2EF6FFE6045E92C	621B5139ED199022BB6529AF18ED4DC312AE9F3E90ECAF3B2C9E1D12114F5B22
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\ar\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	44325A88063573A4C77F6EF943B0FC3E	78908D766F3E7A0E4545E7BD823C8ED47C7164EB	67A439A08804EF4BEF261BDBADD8F0FEFD51729167D01EDCA99DD4AF57D6108B
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\bg\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	6911CE87E8C47223F33BEF9488272E40	980398F076BB7D451B18D7FDE2DE09041B1F55AD	273DEF0F67F0FA080802B85EF6F334DE50A19408F46BDF41F0F099B1F5501EEA
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\bn\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	F9DDF525C07251282A3BFFCEE9A09ABB	A343A078E804AF400A8F3E1891E3390DA754A5CD	C69C6C90F7EB8F10685CD815AF1F6F1B87CF30C4E8D95DF1D577DE1105AAD227
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\ca\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	A90CF7930E7C3BEC61EE252DEFAD574A	F630CA01114A7BDD39607CB84B8280CCE218A5C6	A533740E17559E2ADF40B4555C60F21EEC84E92C09CDBC19EED033A0B4DD2474
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\cs\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	17E753EE877FDED25886D5F7925CA652	8E4EC969777CC0CEB7C12D0C1B9D87EBBB9C4678	C562FCCFCE374D446BFAC30AC9B18FF17E7A3EF101C919FF857104917F300382
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\da\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	F08A313C78454109B629B37521959B33	3D585D52EC8B4399F66D4BE88CED10F4A034FCCC	23BF7E5EDF70291CA6D8F4A64788C5B86379EECB628E3DFA7DD83344612F7564
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\de\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	980FB419ED6ED94AD75686AFFB4E4C2E	871BFBCA6BCBA9197811883A93C50C0716562D57	585C7814AFD2453232BC940252D4AE821D6E6CBCFD74A793F78E5DB8BA5342F1
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\el\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	40EB778339005A24FF9DA775D56E02B7	B00561CC7020F7FE717B5F692884253C689A7C61	F56BF7C171AA20038EE30B754478B69A98F3014C89362779B0A8788C7B9BEEE1
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\en\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	8351AF4EA9BDD9C09019BC85D25B0016	F6EC1FFD291C8632758E01C9EE837B1AD18D4DCF	F41C82D8A4F0E9B645656D630C882BE94A0FB7F8CEC0FE864B57298F0312B212
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\es\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	8A70C18BB1090AA4D500DE9E8E4A00EF	8AFC097FA956C1317DB0835348B2DA19F0789669	FF173D1CEF665B1234E02F11070ABD2B65230318150734579A03C7F31B4AE3F4
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\et\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	A62F12BCBA6D2C579212CA2FF90F8266	F7E964A2D9BBDA364252BCE5CFBA3FD34FDD825E	3EB3EB0B3B4A8E5A477D1B3C3A3891CCC7DC6B8879ECE243A7BD7C478068273D
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\fa\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	852BD3CFF960F1BC3A2AAB3CB3874EF9	C9F6F3C776542889FE3B67971D65ACFE048A3A0A	D87597B6C10364501B98AA42524843F109009CCEF022D8E0170440D7F144F4C6
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\fi\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	3902581B6170D0CEA9B1ECF6CC82D669	C8208AC2B1DD6D4F8BDAAE01C8BD71FFFA5A732B	D2A8180225A83A423BB6E17343DFA8F636D517154944002ED9240411B8C0C5E1
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\fil\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	59483AD798347B291363327D446FA107	C069F29BB68FA7BA2631B0BF5BBF313346AC6736	DD47530EAE96346CD4DC3267A0BB1091BB17B704803A93CDA2E3E81551B94F12
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\fr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	9B416146FE4F1403C2AACAC4DCF1A5C3	616F055C9FAD4CE972DF82EC8A9B2F4EDA3E7FAD	7C7F5758F54008190ACCDDBD1761CBD980FB5FE0847E992874498228D2571DBC
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\gu\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	68B03519786F71A426BAC24DECA2DD52	B8E6608932EC5CEC4BC3C5475BFC3E312D2E2E7D	C77A4D27E9E6CA25B9290056D93A656E3EBE975957E4C2EE9F0FB11B133D5CD4
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\hi\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	20C86E04B1833EA7F21C07361061420A	617C0D70E162CF380005E9780B61F650B7A39F9B	C2C27CA242DBDE600BA3AA7782156BC2B190A64D8A1B51EDC8007BDECA139553
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\hr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	3ED90E66789927D80B42346BB431431E	2B061E3271DF4255B1FFC47BDB207CDEC0D9724F	0B41E3C42414F72C9A12C05F8772597F9685115366A774C66018467AD4B71A74
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\hu\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	8E9FF7E49473C5734A2F6F0812E12EB3	A4F10DDD1580582533D5EB59EDF6D8048F887C81	6CDD2FB39ADECE00E88B989E464B05ED1414092D0492F6D0AE58D549BFD1A46A
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\id\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	7ADF9F2048944821F93879336EB61A78	C3DA74FB544684D5B250767BB0CB66FFB7C58963	3630947E1075E3663AD3E4824D0BE42CB47C0D615D8053E83B9595047C8BA9BE
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\it\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	BB3041A2B485B900F623E57459AE698A	502F5EA89F9FB0287E864B240EA39889D72053A4	025737EF8FA06706B3F26D0F52B4844244A6D33DAE1D82FEF2931A14C003D57E
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\ja\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	6F2CC1A6B258DF45F519BA24149FABDC	8A58C7880C6D22765DCBB6BCE22A192C1B109AE1	42ECFEE727CFC4F2845FEFDACE5EDC2E0A40AFAD69973A3B950CE653A7633342
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\kn\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	2E3239FC277287810BC88D93A6691B09	FC5D585DA00ADC90BF79109C7377BD55E6653569	5FC705AD19761204D8604EA069936A23731B055D51E7836CAAF16AC7719FBEEA
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\ko\messages.json	UTF-8 Unicode text, with CRLF line terminators	E303CD63AD00EB3154431DED78E871C4	3B1E5B8E2CF5EBDF5D33656EF80A46563F751783	FDE602BFDB1AFD282682DA5338C4F91D8A2F6CB5411DB8F62F4583D629CE67A6
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\lt\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	93BBBE82F024FBCB7FB18E203F253429	83F4D80F64FA2ADCE6C515C5F663BD38A76C51DB	E7A8570922CCC4F2CA3721C4E61F426158C4E7BC90274FBC8BE4040FF8B6CA9B
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\lv\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	388590CE5E144AE5467FD6585073BD11	61228673A400A98D5834389C06127589F19D3A30	05CA14196CA5D90B228C0F03684E03EBE403A3E7B513AE0A059244AE12B51164
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\ml\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	2AF93901DE80CA49DA869188BCDA9495	E60DF4F2FB12BD3F1CA869DAD9F6BDE0C17CEB11	329E80AEE1212F634E180DEF7E16D6E38D9C9FDA9AC9DB1D99B8AE1626EF304E
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\mr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	659F5B4ACA112D3ECBB6EC1613DDE824	5DEE35FCD260554999F8DDEC489FBA9F81FA8EEE	C8B765E7A07578BC078A952E151E3B866506959E15E79E9E5E1DBB98F9C4008F
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\ms\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	09D75141E0D80FBD3E9E92CE843DA986	B24EAB4B1242C31B69514D77BC1DB36A3F648F40	8F1DBDEFD910AD88BEEC7956619CDB34391D6E69254C3A7497E8F87134AE8B5C
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\nb\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	ED99169537909291BCC1ED1EA7BB63F0	5F72D51B6DBE8C622EF33D2B2AEBD7E9E20DAFB3	65B6598225ADA1E14EE9CB76CA863708E8F9EE0724B4EDC8F9508532BD631BAB
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\nl\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	E9236F0B36764D22EEC86B717602241E	DE82B804B18933907095DEF3F2EF164C1BB5F9B6	300F4F7C45EBE39EAAF40776C28D0A399A710699AAB58E9A8D43A6FD2DD00376
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\pl\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	8254020C39A5F6C1716639CC530BB0D6	A97A70427581ADA902CA73C898825F7B4B4FAC8F	2F4E4FC6AEB4A8E7F0E0DCE220D66E763F4EBF1FA79985834D636C6692FEA3E8
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\pt\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	FABD5D64267F0E6D7BE6983AB8704F8C	D4DAAD0FF5C461C51E6C1FD22B86AFC5B13E123F	D82DCA262FF005668B252B478DEDAAC4A5C1E417AF9DE57C22F169A6680183AE
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\ro\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	75E16A8FB75A9A168CFF86388F190C99	C27CE4C1DB3DF2D232925C73DC9AC1FA24DAD396	9C4716FF42A730F1E7725F0D9E703F311E79FDA31F85B4BB0B8863FC3C27AB9D
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\ru\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	8EF94823972EA8D2FC9BB7EC09AB1846	4171DC9CE9D82FDA5A280517A1FE58C907D75CE3	1009DB9FFA64E411B31E0780EBA43B9C9F8B05B5AC8CCA9A38514650261ABB0A
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\sk\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	C314FAC15AFF6A2EE9C732C64AB5A66D	D51F3362B5FDD2F3756DE42D7D6227DC818C6344	8EE2A25A09D6D0F89063FAA34BA2BC4DB505DD31FE6D5064C5D6E1E153721484
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\sl\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	F60AB4E9A79FD6F32909AFAC226446B3	07C9E383D4488BEBE316CA86966FC728F55A2E32	CDE581E6E7CF0136B003B45549E3BBEE7B67B74ADD786A8D5607BFDAD1DE7B87
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\sr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	4E233461D805CA7E54B0B394FFF42CAB	77F30833FC73A4C02C652C9E5A6EAFE9C3988A30	E1E1C64213EBF2CFEB7BA83E51B697CEA449B3A8B279B1024B859228DE869879
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\sv\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	897DAE6B0CF0FDE42648F0B47CB26E06	E1F5F5F65AF34FF9484AB2B01E571EAF19BA23D0	52656C24F6F6D0F3B3FC01E9504C4D5CEB85624F1B22E974CA675DD0E94EB82D
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\sw\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	EC233129047C1202D87DC140F7BA266D	537E4C887428081365D028F32C53E3C92F29AAA6	28EDBC5C4858217811D45CAA215710E452C8926E4DE99F810001AD664D08BE0D
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\ta\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	C50C5D2EDFC79DBDCBD5A58A027A3231	14314D760A18C39F06CD072CF5843832AFB86689	EEB0E89D5AD92B80FF08F88533A111DB3416D7C3860C64227D1CC8B7C2B58298
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\te\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	F740F25488BE253FCF5355D5A7022CEE	203A8DF19BA5A602A43DE18E99A6615D950C450E	5B9C96CB5D62510836B321EB9CEEF23865BB9D4DC4DE7716E90A858E00701FDF
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\th\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	9F926FCB8BAEA23453B99EA162CCDEA1	04D1E45591C0435A39DCA00A81E83E68585E8B64	100463C587F549C964A4EB21EA38EA1B4ADEF11E927FAC8FF884623B77202C02
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\tr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	B0420F071E7C6C2DE11715A0BF026C63	F41CC696786B18805DB8DC9E1E476146C0D6BE90	309F946F753DF6AF5C255D772EA0D429462152F78ABA4A96A2E369707A2C6B67
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\uk\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	FF06E78C06E8DFF4A422EA24F0AB3760	A434D1CE22DE0D2FD1842E94F5815F7B1972D1EE	E209FDEF12CCEC03B4E0D5B9464F90D527E62C5BC4DD565C680661D7F282AB02
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\vi\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	C3A40E8433D96D7E766C011D9EC7502B	EAB7BFAE48B1D29B95A8AE040DE94D3500824EE3	BD3D0F8CF100C96415B224011F550082D4516593CBD3631347748B7D6AD5B85A
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\zh\messages.json	UTF-8 Unicode text, with CRLF line terminators	D4513639FFC58664556B4607BF8A3F19	65629BC4CBBACA498F4082DD5884C8D3D7DDDC8A	C6D49997A9B4FF7FE701EC3644B1A523679A27778FB4BD39B7DBCA9F1ACCE595
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\_locales\zh_TW\messages.json	UTF-8 Unicode text, with CRLF line terminators	494CE2ACB21A426E051C146E600E7564	D045ECC2A69C963D5D34A148FE4A7939DE6A1322	A1053F9496ED7FA3C625C94347F07A5E760F514FD8EE142EC9EE64E86B9C063D
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\CRX_INSTALL\manifest.json	ASCII text, with very long lines, with CRLF line terminators	F76238944C3D189174DD74989CF1C0C6	85CE141EC8867B699668A5F5A48F404C84FCEB04	2EF48A1CF322DE356E8844DD2FD3431E8E7ACD04770649B6507EACA5ABDB53A7
C:\Users\user\AppData\Local\Temp\scoped_dir6468_154092003\ddbe8dbc-a1e7-45da-81a7-17ba243f0011.tmp	Google Chrome extension, version 3	A11D5CAF6BF849AEB84B0C95B1C3B7CF	27F410CCBD75852C01C7464A1FD7EF8C29BE3916	D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31

ID:	433426
Product:	CloudBasic
Start time:	19:41:08
Start date:	11.06.2021
Cookbook:	browseurl.jbs
System description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Architecture:	WINDOWS

Analysis Report https://list-manage.agle1.cc/click?u=http://www.leo.lopez.sakshamsevango.org.in/br?bGVvLmxvcGV6QHRlYS50ZXhhcy5nb3Y=

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection:

Phishing:

Compliance:

Networking:

System Summary:

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs