Play interactive tour

Edit tour

Windows Analysis Report http://www.delval.com/

Overview

General Information

Sample URL:	http://www.delval.com/
Analysis ID:	438545
Infos:
Most interesting Screenshot:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

No high impact signatures.

Classification

Process Tree

System is w10x64

chrome.exe (PID: 3544 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://www.delval.com/' MD5: C139654B5C1438A95B321BB01AD63EF6)

chrome.exe (PID: 768 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1548,14534732740687434052,6577963013927893067,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1736 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)

cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.220.29
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.220.29

Source: global traffic

HTTP traffic detected: GET / HTTP/1.1Host: www.delval.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: unknown

DNS traffic detected: queries for: www.delval.com

Source: 77EC63BDA74BD0D0E0426DC8F8008506.1.dr	String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: 297e8c9f-f4bc-4c7a-8c6d-7c9c24be9843.tmp.1.dr, 679ac2d4-e74e-4adf-b4da-73b8d40b88f6.tmp.1.dr, manifest.json0.0.dr	String found in binary or memory: https://accounts.google.com
Source: 297e8c9f-f4bc-4c7a-8c6d-7c9c24be9843.tmp.1.dr, 679ac2d4-e74e-4adf-b4da-73b8d40b88f6.tmp.1.dr, manifest.json0.0.dr	String found in binary or memory: https://apis.google.com
Source: 297e8c9f-f4bc-4c7a-8c6d-7c9c24be9843.tmp.1.dr, 679ac2d4-e74e-4adf-b4da-73b8d40b88f6.tmp.1.dr	String found in binary or memory: https://clients2.google.com
Source: manifest.json0.0.dr	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 297e8c9f-f4bc-4c7a-8c6d-7c9c24be9843.tmp.1.dr, 679ac2d4-e74e-4adf-b4da-73b8d40b88f6.tmp.1.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: manifest.json0.0.dr	String found in binary or memory: https://content.googleapis.com
Source: Current Session.0.dr	String found in binary or memory: https://delval.com/
Source: Current Session.0.dr	String found in binary or memory: https://delval.com/t
Source: 297e8c9f-f4bc-4c7a-8c6d-7c9c24be9843.tmp.1.dr, 679ac2d4-e74e-4adf-b4da-73b8d40b88f6.tmp.1.dr, 23c76855-875d-4b30-90ff-231e886bac63.tmp.1.dr, b8a1fa10-c607-453c-bbc6-e05cfc0e657d.tmp.1.dr	String found in binary or memory: https://dns.google
Source: manifest.json0.0.dr	String found in binary or memory: https://feedback.googleusercontent.com
Source: 297e8c9f-f4bc-4c7a-8c6d-7c9c24be9843.tmp.1.dr, 679ac2d4-e74e-4adf-b4da-73b8d40b88f6.tmp.1.dr	String found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.dr	String found in binary or memory: https://fonts.googleapis.com;
Source: 297e8c9f-f4bc-4c7a-8c6d-7c9c24be9843.tmp.1.dr, 679ac2d4-e74e-4adf-b4da-73b8d40b88f6.tmp.1.dr	String found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.0.dr	String found in binary or memory: https://fonts.gstatic.com;
Source: manifest.json0.0.dr	String found in binary or memory: https://hangouts.google.com/
Source: 297e8c9f-f4bc-4c7a-8c6d-7c9c24be9843.tmp.1.dr, 679ac2d4-e74e-4adf-b4da-73b8d40b88f6.tmp.1.dr	String found in binary or memory: https://ogs.google.com
Source: manifest.json.0.dr	String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: 297e8c9f-f4bc-4c7a-8c6d-7c9c24be9843.tmp.1.dr	String found in binary or memory: https://r4---sn-h0jeenle.gvt1.com
Source: 297e8c9f-f4bc-4c7a-8c6d-7c9c24be9843.tmp.1.dr	String found in binary or memory: https://redirector.gvt1.com
Source: manifest.json.0.dr	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: 297e8c9f-f4bc-4c7a-8c6d-7c9c24be9843.tmp.1.dr, 679ac2d4-e74e-4adf-b4da-73b8d40b88f6.tmp.1.dr	String found in binary or memory: https://ssl.gstatic.com
Source: messages.json41.0.dr	String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.dr	String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: 297e8c9f-f4bc-4c7a-8c6d-7c9c24be9843.tmp.1.dr, 679ac2d4-e74e-4adf-b4da-73b8d40b88f6.tmp.1.dr, manifest.json0.0.dr	String found in binary or memory: https://www.google.com
Source: manifest.json.0.dr	String found in binary or memory: https://www.google.com/
Source: manifest.json0.0.dr	String found in binary or memory: https://www.google.com;
Source: 297e8c9f-f4bc-4c7a-8c6d-7c9c24be9843.tmp.1.dr, 679ac2d4-e74e-4adf-b4da-73b8d40b88f6.tmp.1.dr	String found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: 297e8c9f-f4bc-4c7a-8c6d-7c9c24be9843.tmp.1.dr, 679ac2d4-e74e-4adf-b4da-73b8d40b88f6.tmp.1.dr	String found in binary or memory: https://www.gstatic.com
Source: manifest.json0.0.dr	String found in binary or memory: https://www.gstatic.com;

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49684
Source: unknown	Network traffic detected: HTTP traffic on port 49679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49684 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49679

Source: classification engine

Classification label: clean0.win@31/165@3/8

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-60D28DA9-DD8.pma

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user~1\AppData\Local\Temp\c1ee36df-f31b-474a-ac7f-00a6ebe1c164.tmp

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://www.delval.com/'
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1548,14534732740687434052,6577963013927893067,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1736 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1548,14534732740687434052,6577963013927893067,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1736 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading3	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection1	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol2	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol3	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	At (Windows)	Logon Script (Mac)	Logon Script (Mac)	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	Scheduled Transfer	Ingress Tool Transfer1	SIM Card Swap		Carrier Billing Fraud

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://www.delval.com/	0%	Virustotal		Browse
http://www.delval.com/	0%	Avira URL Cloud	safe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

Source	Detection	Scanner	Label	Link
delval.com	0%	Virustotal		Browse
www.delval.com	0%	Virustotal		Browse

URLs

Source	Detection	Scanner	Label	Link
https://dns.google	0%	URL Reputation	safe
https://dns.google	0%	URL Reputation	safe
https://dns.google	0%	URL Reputation	safe
https://dns.google	0%	URL Reputation	safe
https://delval.com/	0%	Virustotal		Browse
https://delval.com/	0%	Avira URL Cloud	safe
https://delval.com/t	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
delval.com	162.214.158.161	true	false	0%, Virustotal, Browse	unknown
www.delval.com	162.214.158.161	true	false	0%, Virustotal, Browse	unknown
googlehosted.l.googleusercontent.com	216.58.212.161	true	false		high
clients2.googleusercontent.com	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://www.delval.com/	false		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://dns.google	297e8c9f-f4bc-4c7a-8c6d-7c9c24be9843.tmp.1.dr, 679ac2d4-e74e-4adf-b4da-73b8d40b88f6.tmp.1.dr, 23c76855-875d-4b30-90ff-231e886bac63.tmp.1.dr, b8a1fa10-c607-453c-bbc6-e05cfc0e657d.tmp.1.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://clients2.googleusercontent.com	297e8c9f-f4bc-4c7a-8c6d-7c9c24be9843.tmp.1.dr, 679ac2d4-e74e-4adf-b4da-73b8d40b88f6.tmp.1.dr	false		high
https://delval.com/	Current Session.0.dr	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://feedback.googleusercontent.com	manifest.json0.0.dr	false		high
https://delval.com/t	Current Session.0.dr	false	Avira URL Cloud: safe	unknown

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
239.255.255.250	unknown	Reserved	unknown	unknown	false
162.214.158.161	delval.com	United States	46606	UNIFIEDLAYER-AS-1US	false
216.58.212.161	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.1
192.168.2.7
192.168.2.4
192.168.2.3
127.0.0.1

General Information

Joe Sandbox Version:	32.0.0 Black Diamond
Analysis ID:	438545
Start date:	22.06.2021
Start time:	18:25:12
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 4m 0s
Hypervisor based Inspection enabled:	false
Report type:	light
Cookbook file name:	browseurl.jbs
Sample URL:	http://www.delval.com/
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	16
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@31/165@3/8
Cookbook Comments:	Adjust boot time Enable AMSI
Warnings:	Show All Exclude process from analysis (whitelisted): taskhostw.exe, BackgroundTransferHost.exe, backgroundTaskHost.exe, SgrmBroker.exe, svchost.exe TCP Packets have been reduced to 100 Created / dropped Files have been reduced to 100 Excluded IPs from analysis (whitelisted): 20.82.210.154, 204.79.197.200, 13.107.21.200, 104.42.151.234, 23.211.6.115, 104.43.193.48, 142.250.74.206, 172.217.18.109, 142.250.186.174, 142.250.185.163, 74.125.108.41, 34.104.35.123, 173.222.108.226, 173.222.108.210, 142.250.185.170, 142.250.185.202, 142.250.185.234, 142.250.181.234, 216.58.212.170, 142.250.74.202, 142.250.186.42, 142.250.186.74, 142.250.186.106, 142.250.186.138, 142.250.186.170, 142.250.184.202, 142.250.184.234, 172.217.18.106, 172.217.23.106, 216.58.212.138, 23.35.236.56, 216.58.212.163, 142.250.186.35 Excluded domains from analysis (whitelisted): au.download.windowsupdate.com.edgesuite.net, store-images.s-microsoft.com-c.edgekey.net, clientservices.googleapis.com, iris-de-prod-azsc-neu-b.northeurope.cloudapp.azure.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, arc.msn.com, e12564.dspb.akamaiedge.net, clients2.google.com, redirector.gvt1.com, www-bing-com.dual-a-0001.a-msedge.net, audownload.windowsupdate.nsatc.net, update.googleapis.com, arc.trafficmanager.net, r4.sn-h0jeenle.gvt1.com, watson.telemetry.microsoft.com, www.gstatic.com, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, www.bing.com, fs.microsoft.com, accounts.google.com, dual-a-0001.a-msedge.net, ctldl.windowsupdate.com, e1723.g.akamaiedge.net, a767.dscg3.akamai.net, www.googleapis.com, r4---sn-h0jeenle.gvt1.com, skypedataprdcolcus15.cloudapp.net, a-0001.a-afdentry.net.trafficmanager.net, edgedl.me.gvt1.com, store-images.s-microsoft.com, blobcollector.events.data.trafficmanager.net, clients.l.google.com, skypedataprdcolwus16.cloudapp.net Not all processes where analyzed, report is missing behavior information Report size getting too big, too many NtCreateFile calls found. Report size getting too big, too many NtOpenFile calls found. Report size getting too big, too many NtQueryVolumeInformationFile calls found. Report size getting too big, too many NtWriteVirtualMemory calls found.

Simulations

Behavior and APIs

Time	Type	Description
18:26:08	API Interceptor	1x Sleep call for process: chrome.exe modified

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	451603
Entropy (8bit):	5.009711072558331
Encrypted:	false
SSDEEP:	12288:ZHfRTyGZ6lup8Cfrvq4JBPKh+FBlESBw4p6:NfOCzvRKhGvwJ
MD5:	A78AD14E77147E7DE3647E61964C0335
SHA1:	CECC3DD41F4CEA0192B24300C71E1911BD4FCE45
SHA-256:	0D6803758FF8F87081FAFD62E90F0950DFB2DD7991E9607FE76A8F92D0E893FA
SHA-512:	DDE24D5AD50D68FC91E9E325D31E66EF8F624B6BB3A07D14FFED1104D3AB5F4EF1D7969A5CDE0DFBB19CB31C506F7DE97AF67C2F244F7E7E8E10648EA8321101
Malicious:	false
Reputation:	low
Preview:	BDic.... ....6...."..Z..4g....6.2...{/...3...5....AF 1363.AF nm.AF pt.AF n1.AF p.AF tc.AF SM.AF M.AF S.AF MS.AF MNR.AF GDS.AF MNT.AF MH.AF MR.AF SZMR.AF MJ.AF MT.AF MY.AF MRZ.AF MN.AF MG.AF RM.AF N.AF MV.AF XM.AF DSM.AF SD.AF G.AF R.AF MNX.AF MRS.AF MD.AF MNRB.AF B.AF ZSMR.AF PM.AF SMNGJ.AF SMN.AF ZMR.AF SMGB.AF MZR.AF GM.AF SMR.AF SMDG.AF RMZ.AF ZM.AF MDG.AF MDT.AF SMNXT.AF SDY.AF LSDG.AF LGDS.AF GLDS.AF UY.AF U.AF DSGNX.AF GNDSX.AF DSG.AF Y.AF GS.AF IEMS.AF YP.AF ZGDRS.AF XGNVDS.AF UT.AF GNDS.AF GVDS.AF MYPS.AF XGNDS.AF TPRY.AF MDSG.AF ZGSDR.AF DYSG.AF PMYTNS.AF AGDS.AF DRZGS.AF PY.AF GSPMDY.AF EGVDS.AF SL.AF GNXDS.AF DSBG.AF IM.AF I.AF MDGS.AF SMY.AF DSGN.AF DSLG.AF GMDS.AF MDSBG.AF SGD.AF IY.AF P.AF DSMG.AF BLZGDRS.AF TR.AF AGSD.AF ZGBDRSL.AF PTRY.AF ASDGV.AF ASM.AF ICANGSD.AF ICAM.AF IKY.AF AMS.AF PMYTRS.AF BZGVDRS.AF SDRBZG.AF GVMDS.AF PSM.AF DGLS.AF GNVXDS.AF AGDSL.AF DGS.AF XDSGNV.AF BZGDRS.AF AM.AF AS.AF A.AF LDSG.AF AGVDS.AF SDG.AF LDSMG.AF EDSMG.AF EY.AF DRSMZG.AF PRYT.AF LZ

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Microsoft Cabinet archive data, 60080 bytes, 1 file
Category:	dropped
Size (bytes):	60080
Entropy (8bit):	7.995256720209506
Encrypted:	true
SSDEEP:	768:O78wIEbt8Rc7GHyP7zpxeiB9jTs6cX8ENclXVbFYYDceSKZyhRhbzfgtEnz9BPNZ:A8Rc7GHyhUHsVNPOlhbz2E5BPNiUu+g4
MD5:	6045BACCF49E1EBA0E674945311A06E6
SHA1:	379C6234849EECEDE26FAD192C2EE59E0F0221CB
SHA-256:	65830A65CB913BEE83258E4AC3E140FAF131E7EB084D39F7020C7ACC825B0A58
SHA-512:	DA32AF6A730884E73956E4EB6BFF61A1326B3EF8BA0A213B5B4AAD6DE4FBD471B3550B6AC2110F1D0B2091E33C70D44E498F897376F8E1998B1D2AFAC789ABEB
Malicious:	false
Reputation:	low
Preview:	MSCF............,...................I........d.........R9b .authroot.stl.3..).4..CK..8T....c_.d....A.K...].M$[v.4.)7-.%.QIR..$t)Kd.-[..T\{..ne.....{..<.......Ab.<..X....sb.....e........dbu.3...0........X..00&Z....C...p0.}..2..0m.}..Cj.9U..J.j.Y...#.L..\X..O.,...,.qu..]..(B.nE~Q...)..Gcx.....}...f....zw.a..9+[.<0.'..2 .s..ya..J......wd....OO!.s....`.WA...F6._f....6...g..2..7.$,....X.k..&...E...g.....>uv."..!......xc......C..?....P0$.Y..?u....Z0.g3.>W0&.y.(....].`>... ..R.q..wgX......qB!.B....Z.4..>.R.M..0.8...=.8..Ya.s.......add..)..w.4.&.z...2.&74.5]..w.j.._iK..\|\|[.w.M.!<-.}%.C<tDX5\s._..I....nb.....GCQ.V..r..Y.............q...0..V)Tu>.Z..r...I...<.R{Ac..x^. .<A........\|.{.....Q...&....X..C$....e9.:..vI..x.R4...L......%g...<..}'{....E8Sl...E".h...*.........ItVs.K......3.9.l..`D..e.i`....y...,..5....aSs`..W...d...t.J..]....'u3..d]7..=e....[R!:........Q.%..@........ga.v.~..q....{.!N.b]x..Zx.../;#}.f.)k.c9..{rmPt..z5.m=..q..%.D#<+Ex....1\|.._F.

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	328
Entropy (8bit):	3.1324726258947213
Encrypted:	false
SSDEEP:	6:kKCfse8N+SkQlPlEGYRMY9z+4KlDA3RUeWlK1MMx:ys8kPlE99SNxAhUe3OMx
MD5:	957A4304FFFD1D51473E460E5B6CB14F
SHA1:	392A26D816D00EDC9DB8C9B73B1C6FB09F25F4D5
SHA-256:	D1AD0726A6A5809D00FE4E1D63FB87E8A86FA1E164468ABA479D4EB9296EE746
SHA-512:	AF0CFC7BF26AAF1868D553EC9F82074717B848527060F39A1E173FCB1E86CEC846CD87BB5C1A16F59AB328E46EEB2140D5CD4FF0548CDCC11DDB5D4F69A7F0CE
Malicious:	false
Reputation:	low
Preview:	p...... ..........U..g..(....................................................... ............L......&...............h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".0.9.0.e.6.c.f.e.3.4.c.d.7.1.:.0."...

C:\Users\user\AppData\Local\Google\Chrome\User Data\20f2fa24-6a42-4654-b3d2-5b065716ff63.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	164928
Entropy (8bit):	6.049685994550217
Encrypted:	false
SSDEEP:	3072:WHB48W0p6hRPkbz3GtzKyc2YEZBLA7bV/nYorVcI8XIssElYTRx:k4yohR830dZBgbV/njhcI8II6Rx
MD5:	9C9B617BAEC1F894F72E16AD0D7E49B2
SHA1:	203D8BA3FCBABE87C0F07E67DF5B7449B60103DF
SHA-256:	FD817DBC8609F4C08DED69EE95BC5B144BD3A4031770C48084877C8E284DD813
SHA-512:	4173D8C73C536E63D5FF903B5C3BF2F153D49FACFF9A79B5DC523A9DA2E80F7831728633660C957580453BE652344D9793791C83C4537D4996BB3ED116723C92
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.624411564762215e+12,"network":1.624379167e+12,"ticks":3929828827.0,"uncertainty":4757751.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAD5yRpyxHTvRo045wUdD0XcAAAAAAIAAAAAABBmAAAAAQAAIAAAABLbexqB/oExTFJmpcENOvX+bVETIkvlcZMf3oIBvp2bAAAAAA6AAAAAAgAAIAAAAAb9GGQ1QmHgGBymkKDudOpZA89StPbsfruaqqGAbN50MAAAALDWaloNNJZN9rwnlUq/XLN9khJ9Jz9md9VO4rX+Yg+g8mRS88Enlg3B2TpBYYNjwkAAAACddQYw45aj+S/8dGnDKvRWon1T/sv/0i6HXgLXg0I1kMUaef/c6zqkTQ7ehiG3nkSfg6dR/4o1ZLALr+MYbEZ2"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951909646977"},"plugins":{"metadata":{"adobe-flash-player":{"dis

C:\Users\user\AppData\Local\Google\Chrome\User Data\36cbc8c7-445e-4a30-890d-d88df4deb1c2.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	173382
Entropy (8bit):	6.079321291444276
Encrypted:	false
SSDEEP:	3072:jkEHB48W0p6hRPkbz3GtzKyc2YEZBLA7bV/nYorVcI8XIssElYTRx:Ym4yohR830dZBgbV/njhcI8II6Rx
MD5:	0E9EAACC85A1E01C57966BFCCBFE4D90
SHA1:	B2E94AA89B30489B65FA2C34A56BCCC1FF0D4EB5
SHA-256:	99D6D5854F01858F89006F8505401C2F3DA73C448A8F03DAA7B159588FE0A359
SHA-512:	19F615AB3655C1ACC911A9F0335004A2BCA23A3ADFB4124658F56CBE3051579FE9A1D4BBBAA81E6FBC94A62B72F98A29F510F772128DFBFDC34E6094484E258D
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.624411564762215e+12,"network":1.624379167e+12,"ticks":3929828827.0,"uncertainty":4757751.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAD5yRpyxHTvRo045wUdD0XcAAAAAAIAAAAAABBmAAAAAQAAIAAAABLbexqB/oExTFJmpcENOvX+bVETIkvlcZMf3oIBvp2bAAAAAA6AAAAAAgAAIAAAAAb9GGQ1QmHgGBymkKDudOpZA89StPbsfruaqqGAbN50MAAAALDWaloNNJZN9rwnlUq/XLN9khJ9Jz9md9VO4rX+Yg+g8mRS88Enlg3B2TpBYYNjwkAAAACddQYw45aj+S/8dGnDKvRWon1T/sv/0i6HXgLXg0I1kMUaef/c6zqkTQ7ehiG3nkSfg6dR/4o1ZLALr+MYbEZ2"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951909646977"},"plugins":{"metadata":{"adobe-flash-player":{"dis

C:\Users\user\AppData\Local\Google\Chrome\User Data\641e7650-d6a1-4796-a9c4-fc9dd493d294.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	92724
Entropy (8bit):	3.751937888104343
Encrypted:	false
SSDEEP:	384:TfCBxvk+LHQNMNFrmvJD3qNrWH3yGG5rE3t5xaTb3ar45mA70TdttaO3XNN01183:Gu5tCvOeYej9jHQXbefKpH9p7
MD5:	495027ADB10485EA7839F5831ED8E28C
SHA1:	19334314FA3AFE2EBD4420A791D33660652406B7
SHA-256:	3C4CDECC8A54B20B7A94DDDE0A44A6C6D34089977A3CA49B8CE36F06958EDDFF
SHA-512:	B143E2D737EE55660DBE6470E7A42BEE80C29A5CF6794D9DDB737E2BEE1A7BB0A92A0E0489E9F59A52AF973B9D8E36DB4CD1F0D01F1313840DB1D0C0264BD592
Malicious:	false
Reputation:	low
Preview:	0j.................C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6......M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....=8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	120
Entropy (8bit):	3.254162526001658
Encrypted:	false
SSDEEP:	3:FkXJFIsz6VVJFIsz6VVJFIsz6I:+rJsrJsrJJ
MD5:	E4C3A0CCEDB71D53052C719DE30FD750
SHA1:	C89D101217D4AA05AD9C6FB24DB2037B3BCC630E
SHA-256:	B9ABED457F567199890198C9CE3B20954C73C458014CEB77C5E4514B1A8D8BF9
SHA-512:	D248EFCFA1BA3BA433A7A8D57B432F13D968DCF82A29535295BF03044982E69F441E6455EE7E6E7E4E902794B6D1B9CDAACBC92050B73062C0FDD33C40580346
Malicious:	false
Reputation:	low
Preview:	sdPC.......................@..L..nM._bMsdPC.......................@..L..nM._bMsdPC.......................@.*.L..nM._bM

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2146c338-cf8b-462d-9932-ebe22a7f1819.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:L:L
MD5:	5058F1AF8388633F609CADB75A75DC9D
SHA1:	3A52CE780950D4D969792A2559CD519D7EE8C727
SHA-256:	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
SHA-512:	0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
Malicious:	false
Reputation:	low
Preview:	.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\297e8c9f-f4bc-4c7a-8c6d-7c9c24be9843.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	modified
Size (bytes):	2047
Entropy (8bit):	4.893533401734502
Encrypted:	false
SSDEEP:	48:Y2nCDHXT6qtwz5sIRLssXTsmErsksGDsGyKsZ3gYhbyD8:JnCDHXTxOzn7XQrsSvoxhj
MD5:	1BB1BE33349A27B2D47C41F5BE8E290C
SHA1:	955888696D9766D5BE8247D22E8DBD74A7C3CA0E
SHA-256:	59F71ED791FFA0D9D1B1E98B858D58CD1DA373F7FC406CA4E25E46269E7FA488
SHA-512:	DE9AC2E1A261FA139CBB4AFB2521163E957F1EF083998FA5676ADFBF20EC45C71A72072643876A99AE649794FC1731EBDB06EBC4B57C7E76F8A674B3BB6B3B65
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://www.google.com","supports_spdy":true},{"isolation":[],"server":"https://fonts.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"isolation":[],"server":"https://www.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://fonts.googleapis.com","supports_spdy":true},{"isolation":[],"server":"https://ssl.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13271477166443504","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://accounts.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13271477166466053","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://redirector.gvt1.com","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4d0964d6-f528-4fd5-8154-6a35eaf13819.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	16745
Entropy (8bit):	5.577603103357752
Encrypted:	false
SSDEEP:	384:ikstzLlD3XQ1kXqKf/pUZNCgVLH2HfDYrUm3kbmn4s:uLlTQ1kXqKf/pUZNCgVLH2HfUrUm3znP
MD5:	BE7B3EE139CA8B16221443941DAB5C73
SHA1:	DD1223D000F7E73FA1E6F604E748BC633C0AF296
SHA-256:	EE5F97F5B8526E11C011648ADD8B63EF1DF497C3614F03A542EC0B5B76829DC9
SHA-512:	D1161BD3E1F53D44DB60EFAA80652616616E40ED805A02162CA8C3F1E682C7EACA506BA04744C1169107188387718DB2135425E4965BDF24CE8D9CCD056DA915
Malicious:	false
Reputation:	low
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13268885161629126","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\557e28a5-1c2b-4bb0-ab88-e103e67e1d3f.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5468
Entropy (8bit):	5.1742888306313395
Encrypted:	false
SSDEEP:	48:Yc/m0klS8kl6Rjqc3MzqAudqRIkn6tr4Xq4lYqlQuoTw0XHBCHBmxc8C1Nfct/92:nO3hF7lMRIkFYVhik0JCKL8ObOTQVuwn
MD5:	6A876088A715AF0A3CECE5FFB60E7F64
SHA1:	8572018797EB65D519AD224D611F5C9199699235
SHA-256:	FFA165934E80CE2172893E7D7E76229A0AC9AC53E7F0590BB1E726F790B4243A
SHA-512:	D3B5065ECFB08D951A7C958CF78629A9A08B47805CB5D26FAEF956221AC10FB0F87D57D9CD4A1329369C7F62EBA19B8964E7A10A2A9EC2774841EFB1EFF56536
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13268885161874438","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245952329814949","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245952502420488","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355952"],"daily_received_length":["0","0","0","0","0","0","0","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\679ac2d4-e74e-4adf-b4da-73b8d40b88f6.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2724
Entropy (8bit):	4.858441642519087
Encrypted:	false
SSDEEP:	48:YXsPMHi5s7MHgKsSMH/zs8MHIs51tFsL6zsbWsdCshDysuMHCLsKMH9swIMHlYhj:XGiQGBGFGJ12LLHDwGyGkGihj
MD5:	9E0C31BCE1C83C78981EB86A29E2879B
SHA1:	3973E5D4DA1BC0BB99B78D1DFA7BEA045C85E173
SHA-256:	3D1BDA968D1CFF79DBD0C4B9D2A22367E9D9B8374622CD4263BD39137D8FE584
SHA-512:	D196B2993F4A46AFFD38DBA59866B048221D5CF6EAB1574846D1799B748BD71B09BE28D8154B16D97AEA300C7EE13719DC2E5034EC9D8913C6A6B399BDEBC23E
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248544495618845","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31528},"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248544345624305","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":26637},"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248544345531701","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":53820},"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248544345601356","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":36228},"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"exp

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\898711cf-0221-4a91-9405-cf4a085352c8.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	5442
Entropy (8bit):	5.1715570709101115
Encrypted:	false
SSDEEP:	48:Yc/m0klS8kl6RjqceqAudqRIkn6tr4Xq4lYqlQuoTw0XHBCHBmxc8C1Nfct/9BhX:nO3hFPlMRIkFYVhik0JCKL81bOTQVuwn
MD5:	834E235DBA0AD6BB0938B08DFC12BF18
SHA1:	0777D3A65A6E68E0F40FC562F939D8A02879459C
SHA-256:	FA3B39FC8C2200E5E7AEB98883653273F9E6792171101DF941865F7F22F51491
SHA-512:	DF1AFB3B906CA7D06CF1E0207D16F8037EC0FC5DCCF667E4E55C4B13EFF835F6E611D646262AFAAA478B5ECD3CA0A540DFCDD46DF773B0343D6B659A17207C12
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13268885161874438","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245952329814949","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245952502420488","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355952"],"daily_received_length":["0","0","0","0","0","0","0","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8a92513e-a312-4c21-9de7-c44cd8f9e18e.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	22596
Entropy (8bit):	5.5356757353469845
Encrypted:	false
SSDEEP:	384:ikstyLlD3XQ1kXqKf/pUZNCgVLH2HfDYrUNHGvnT+okbHkn4l:VLlTQ1kXqKf/pUZNCgVLH2HfUrUxGvnq
MD5:	6EB421F2C1945D6FB56A944B7497769B
SHA1:	89AD5E699352F88CAA38590D11E21717C1FD244D
SHA-256:	BC4D91E25CEFAAC82373765AD2A97BDB37C5AB9E0AA5AA8BA06AA62EB5031ABB
SHA-512:	AE51A842BB14A3C0A704E83D89C9080A8CAE27641D7A8294AB00B7030DEA44B7B7BE215D4867ABCCB445681DD139B32C0BFDAD8DB63578C2F053E409CDC68117
Malicious:	false
Reputation:	low
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13268885161629126","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\931f8b30-c273-46ed-880a-abb10e99ef07.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4846
Entropy (8bit):	4.958064653328377
Encrypted:	false
SSDEEP:	48:Yc/m0klS8kl6RjqcBqAM5dqTlYqlQuoTw0XHBCHBmxc8C1Nfct/9BhUJo3KhmeSz:nO3hFo/MpYVhik0JCKL81bOTQVuwn
MD5:	24795FF0F03DE2D7D3FA8114290EEDCD
SHA1:	D9EA4042623E6A682FB277CA224707AC2F60CC15
SHA-256:	9A90326F1930E52529EE06B36E220F10FE6F18AE7BCAC0F881D03608D8994A89
SHA-512:	4E4B239C0F0887FB6D3BD0AE5CC13E5C1E882F9D332AEFFB321943DF8CB06A9303EB9D81F2D5877D38E3C3C35BF4382482E46E60ED3BE940D1E6AB9EAD55572B
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13268885161874438","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245952329814949","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245952502420488","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","7355952"],"daily_received_length":["0","0","0","0","0","0","0","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\94256365-d19e-4206-b912-eaae7a6e6cc2.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	22595
Entropy (8bit):	5.53583119807826
Encrypted:	false
SSDEEP:	384:ikstyLlD3XQ1kXqKf/pUZNCgVLH2HfDYrUNHGQnT+okb7n4i:VLlTQ1kXqKf/pUZNCgVLH2HfUrUxGQns
MD5:	C576233D9F9DF8D8609237794D59F6F9
SHA1:	F5DE60B738ECCA5DA3CC9A015CE0720E5EE640F8
SHA-256:	D002437561452BE5A6DB58C5A74683AA226EEA42811DEAE8AFF0B6977B2A53C8
SHA-512:	6EF4D39167E0712B67A0BA8D1915FA66567AC8D469DB83ED2991C67792AAC359AC49D6F7E4761E9F5A336A6F1BFD7117D14B4AF5ABF213F11A29C0A80813EA37
Malicious:	false
Reputation:	low
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13268885161629126","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	339
Entropy (8bit):	5.191016310096253
Encrypted:	false
SSDEEP:	6:mvDKq2PcNwi23iKKdK9RXXTZIFUtpCDoR9ZmwPCDoRPkwOcNwi23iKKdK9RXX5LJ:aKvLZ5Kk7XT2FUtpK2/PKK54Z5Kk7XVJ
MD5:	0D74F8E2D45EC66C69AF850C34D1C5E0
SHA1:	3A0DF7C1A78D14B0059D8FEA0FF0D7F6F82FBC73
SHA-256:	EA66FF268A072ACCD66FC699EDD27EEE44BE41084A568B99104AC221C9CE8744
SHA-512:	A160D75A2301833BF62E1D93DB0B735FC3E832473565F871E8FB2C8688921DDC2CA6D6719CE9CB7E0D7ECB4705071EE9B386B18B8E75289990B01695E7C70219
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:20.046 864 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2021/06/22-18:26:20.047 864 Recovering log #3.2021/06/22-18:26:20.047 864 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	323
Entropy (8bit):	5.164442253950696
Encrypted:	false
SSDEEP:	6:mvDwq2PcNwi23iKKdKyDZIFUtpCDaR9ZmwPCD1kwOcNwi23iKKdKyJLJ:awvLZ5Kk02FUtpKaR9/PK154Z5KkWJ
MD5:	387552524E63E58DFBEF0027D08E155A
SHA1:	770C206B76BFEE9156FD0A29146144C0ED2DCCEE
SHA-256:	88D3E018683C480943BAD62524AC70BE7B3142B27390C7D91C14DA00212A4765
SHA-512:	451D69D66A3766A740529D234B330D6B07088477F77CB1419E6317A7675C11E2D2A76030A2DFED06488A9EE2CA8A9AA53EA61B2F9B10C659F873F8F6711D4D72
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:20.040 864 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2021/06/22-18:26:20.041 864 Recovering log #3.2021/06/22-18:26:20.042 864 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	12288
Entropy (8bit):	0.6863571317626186
Encrypted:	false
SSDEEP:	12:TLyen4ufFdbXGwcFOaOndOtJRbGMNmt2SH/+eVpUHFxOUwae6:TLyqJLbXaFpEO5bNmISHn06Uwd
MD5:	1C0EAEEE6463CAE33B7A7CD9D9DF4DA5
SHA1:	FBC6A28A1501E40154FDC0A9D0C2F34A5F88AA65
SHA-256:	ED8AE7C5E6885874A39F4E86258F552670352A18D29BE1FF4D372A2F4CD06C8A
SHA-512:	355D19828609971998B09B36E7C7D304B7FB88C7A726670BEBF5CF2E2710F8E71B0F9DEF6FE9712B484C1EB122AEEEFDECF31D13E02C4539C399DFB86EC7619F
Malicious:	false
Reputation:	low
Preview:	SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	12836
Entropy (8bit):	0.9675368760465136
Encrypted:	false
SSDEEP:	24:82+tYeFtqLbJLbXaFpEO5bNmISHn06Uwx8:82UYenq5LLOpEO5J/Kn7Ui8
MD5:	7760568AEC4A6C56E10E69BA89D03E63
SHA1:	1B5ED5B13EC3B1BEC3C3BECC3DF033DDDE088A0D
SHA-256:	D1EEB2BBE5FA07C66D89B671B06FF6ED58E3EB514F88FCCBC46968B7C2FE6F85
SHA-512:	1F9C6B0E16DDBEC03F6F4703A348657D33ABE66A860F265D881251147E000BA0742A5AD403B1EC4387FB4A3ECB2311726055EC30CDF5602E07BAA3EAE31CDEB7
Malicious:	false
Reputation:	low
Preview:	..............I.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	867
Entropy (8bit):	3.028341509191679
Encrypted:	false
SSDEEP:	12:3olydJhG1ZUEAV7J/2dPlpxlpNwKMF1lpdYamoVlylDdBYaY:34S+UjV12tlrlpM/lTYamU2DLYaY
MD5:	4DAA9521385E68CAFE3B98FD97FF6AF1
SHA1:	DFE419CA73EF5B3EBDD769922E2AA346B9AB91E6
SHA-256:	05501808E353DB537B5D5D22851CAA90A9EFF1DE3838C126851AAF46F0F1E3DF
SHA-512:	7433E06471844AC6E3389197A651BFBA118A280B56FEE2AC7B4473E1B775F5DB0A154C6F3ED1BB228A5AE8CFE8953D0516842BDEAB0BA7521E3EAD8F5B16A117
Malicious:	false
Reputation:	low
Preview:	SNSS....................................................!.............................................1..,.......$...e4dfc613_029d_4589_b134_130ce4cdcd87..........................................................................................................5..0.......&...{C578CEAF-A17C-4AAB-9284-A5059F1242C7}...........................................................https://delval.com/.....t...p.......h...................................h.......`.......................................................C'..d...D'..d...................................................h.t.t.p.s.:././.d.e.l.v.a.l...c.o.m./...................................8.......0.......8....................................................................... ...........................................................https://delval.com/..........#/.............................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	8
Entropy (8bit):	1.8112781244591325
Encrypted:	false
SSDEEP:	3:3Dtn:3h
MD5:	0686D6159557E1162D04C44240103333
SHA1:	053E9DB58E20A67D1E158E407094359BF61D0639
SHA-256:	3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
SHA-512:	884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
Malicious:	false
Reputation:	low
Preview:	SNSS....

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	164
Entropy (8bit):	4.391736045892206
Encrypted:	false
SSDEEP:	3:FQxlXayz/t2Hmwg0EOZL7Ao4uhFkEuRLKyC5Ei5+Gg:qT5z/t2qoEwhXeLKB
MD5:	0A906A9A542CDF08FF50DAAF1D1E596E
SHA1:	B97D6274196F40874A368C265799F5FA78C52893
SHA-256:	EB9CABBF5FDA1AD535300B0110EAA4068A083248BA928A631C9278545935426D
SHA-512:	8795E905B711ADE6B1C4B402D50AF491B64D157AA738669482DDBFC30E857DF970BFFB774A925F3F4A0802BD27AFAF939CE140894FF09B67FB9C0BB83ED4491A
Malicious:	false
Reputation:	low
Preview:	.f.5................i.Wd...............Sgdaefkejpgkiemlaofpalmlakkmbjdnl.declarative_rules.declarativeContent.onPageChanged.[]..F..................F................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	328
Entropy (8bit):	5.218267556946344
Encrypted:	false
SSDEEP:	6:mvD2L2O4q2PcNwi23iKKdK8aPrqIFUtpCD2L0cZmwPCD2LBTkwOcNwi23iKKdK8h:aRO4vLZ5KkL3FUtpKk/PK454Z5KkQJ
MD5:	A1A4CE962910659582BB6B2069C60A97
SHA1:	36CFE4C04FB7FA585E5737FFE5B2089ED7BE64D0
SHA-256:	12B9AFAE449346E038AD6BFB40582BD5E2CD3192AACEA5F51CEBA4A999D80D97
SHA-512:	E5562AE17659583A41F4DFA7C74924C663A308D07CAC4939EE4301C64B117BD62DEEDA22944422992DFCC2C693E2B2E7807B89B3DE2F14CE8C497814F1E1FAE6
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:01.937 12f4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/06/22-18:26:01.939 12f4 Recovering log #3.2021/06/22-18:26:01.940 12f4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	570
Entropy (8bit):	1.8784775129881184
Encrypted:	false
SSDEEP:	6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWW
MD5:	D4BA0AE0BB0B9FAFF3DA6F35FDBC3C8A
SHA1:	FB3E9DEC7F35A9B1D94E54A5659DD0DE484055E7
SHA-256:	99DEF1B557F19F04C1AFFC6F247D0451F33FC10EC42E73792223C3215AC98BE6
SHA-512:	86FD07C34B9ABD4C52BA19EAE291936F92BC6D38A75C021EDC1DEDBC15617669876180CD99F959C62476D82EC6BB9F5FE4C6CB4D82CB037EFB76D99A4D3D9C51
Malicious:	false
Reputation:	low
Preview:	.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	328
Entropy (8bit):	5.193590201089327
Encrypted:	false
SSDEEP:	6:mvDGYnOq2PcNwi23iKKdK8NIFUtpCD2ZmwPCDKsPkwOcNwi23iKKdK8+eLJ:aGYnOvLZ5KkpFUtpK2/PKKc54Z5KkqJ
MD5:	7BCE6A50D90F0070B084C9C6C52D1012
SHA1:	973A9537D9F0493A11B1594860A147FDFB048D8B
SHA-256:	3A156F482B1FB8166B2ACA19BF82696F203A616D680B36059D45F9717D59D179
SHA-512:	462EAE2DCA806EA4CCD4BBE8F3D871A44F8A6804F5FBE7B625CF2F5A9063CD31AFB53382F2110A5276FB40E63AA090023A696924C6D59B38FB5F83ABE9C7B6B8
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:04.234 12d4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/06/22-18:26:04.237 12d4 Recovering log #3.2021/06/22-18:26:04.238 12d4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	11217
Entropy (8bit):	6.069602775336632
Encrypted:	false
SSDEEP:	192:GbylJnlTwGB7V9Hne4qasKxXItmLG48gcLg/PkI:Gb+nldByaFx4toj8VEPT
MD5:	90F880064A42B29CCFF51FE5425BF1A3
SHA1:	6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF
SHA-256:	965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
SHA-512:	D9CBFCD865356F19A57954F8FD952CAF3D31B354112766C41892D1EF40BD2533682D4EC3F4DA0E59A5397364F67A484B45091BA94E6C69ED18AB681403DFD3F3
Malicious:	false
Reputation:	low
Preview:	{"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAFMms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	23474
Entropy (8bit):	6.059847580419268
Encrypted:	false
SSDEEP:	384:7dNc1NC6IcafusK4H1IIGRlhKlkIALQWdynQh2RX4K6M1tVztzr7XSNyzH:7dOscSRKc1nGRSkIhEw6M1tf7SNyb
MD5:	6AE2135EA4583C2F06CDEBEA4AE70FA4
SHA1:	DCEB26C7F02D53B5F214305F4C75B4A33A79CDC2
SHA-256:	03AA1944CB3C4F39E20B6361571BC45DFBEBD3FFDA3D8F148CC6ECB29958F903
SHA-512:	B5945E67D9F73DD1982D687E5C6D9B5D6B3886C8050363A259755C76AC0F93651F3425FA7C21AA6A13977AC1C8C9322F998F131648CB8909096058D4F0D23312
Malicious:	false
Reputation:	low
Preview:	{"file_hashes":[{"block_hashes":["DOZdV3jFvk12AM2JNDYKo3KZrIVRprmJ+sVGWkqqE4Q=","rVElW3Hu3T52SzDDUqGT5YiJTBGUv2h3pNuBKFlhZ1U=","X/3fg4KZxgQ1jBr5QGq0F5JnflgE27UErd88mrxTcxs=","VibLbpy0ig+5INMOU71fTYN76iaka2XVpmm1qAKYsX8=","EChCwCbQHbHQ7oDdGT2qNyiRJ0yck2YC2emNGq4whtE="],"block_size":4096,"path":"_locales/iw/messages.json"},{"block_hashes":["xklkoZ7iSU1+7cd6DAtEmUC5lPFd+EgcbnzxkOiFwlk=","3KbsvoxKY/3AwqgF2aAdVQRpMhsNVRkQ3rx2A6Z2Z+Y=","o9+tsohquaCMj+70zeinRG/hBhA2uLoDl/WoC1uokME=","xV/K8xucyWJELVT8Cqn+ugFjobBVmg8pnmACF+2PP4Y=","p/mvJm2wuCl32Rx3it654MljKAsMe3S9IDEabc1A8mE=","j8mPrTb5oOsBTj2Fer78JE6xG6+kR64Cvu2SW8d3j/k=","nqSRpGQ3USU2bZJsZ+AzBmFOyann8omwJrhEWFZDTXc=","eTcQyJUuNuF9yCga/fXGyFCj/pysSceanhBzksdx23s=","Wj7faqnspelXKMvnduxHn1XUBG8TEOqyns7/oUihekM=","VtBwXoadI3EP336rAiL33Gz19KGqtN+RYdKnMKAXoLw=","iDgLXQqXJp8nCZxgLuC9LXM45DGfufvGnXvmHsn18wc=","g+RfdDfrWTUK0Pkcsbot7NJ4SC9wVRV/dVVMuHAtEj8=","2oC4HcCuXu3VjFf6wnKlznt9uqQNaebcuWpm/mWj69U=","aMUIpuFqPMiieSaWhIktCK62v2P3OZQAWupWsYzCnvk=","L

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	19
Entropy (8bit):	1.8784775129881184
Encrypted:	false
SSDEEP:	3:FQxlX:qT
MD5:	0407B455F23E3655661BA46A574CFCA4
SHA1:	855CB7CC8EAC30458B4207614D046CB09EE3A591
SHA-256:	AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
SHA-512:	3020F7C87DC5201589FA43E03B1591ED8BEB64523B37EB3736557F3AB7D654980FB42284115A69D91DE44204CEFAB751B60466C0EF677608467DE43D41BFB939
Malicious:	false
Reputation:	low
Preview:	.f.5...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	377
Entropy (8bit):	5.243125903564494
Encrypted:	false
SSDEEP:	6:mvDZRROq2PcNwi23iKKdK25+Xqx8chI+IFUtpCDA5ZmwPCDz1zkwOcNwi23iKKdP:avROvLZ5KkTXfchI3FUtpKA5/PKz1z5b
MD5:	E38D0757C78AAAB3AA9F728258522636
SHA1:	C7D6B80D9F09A6F1795E64075E37CC584D7B2374
SHA-256:	284C68CE2B230E14D1B7852F83FE8B985192DDD22D3EFC8C827D88972127F59D
SHA-512:	3F162E6D4535A3695D8AECA9FE3CEF864A4FECD2BAC6CB016E0582E1CDA60D0C47FF6EE3E8367F56B1D8A19318F5B2F202992AEF694E8B0B305855604006F897
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:20.035 864 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2021/06/22-18:26:20.036 864 Recovering log #3.2021/06/22-18:26:20.037 864 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	363
Entropy (8bit):	5.1784584734796315
Encrypted:	false
SSDEEP:	6:mvD6Iq2PcNwi23iKKdK25+XuoIFUtpCDl1ZZmwPCDl1zkwOcNwi23iKKdK25+Xu6:a6IvLZ5KkTXYFUtpKZ/PKz54Z5KkTXHJ
MD5:	6FF44F209D2BBD0216679817D4FE9557
SHA1:	BED81A9FA7EDFFEDFE11441730544207551CC59C
SHA-256:	2984F102F6549BE3973E99F4BB931F59ACACB4C0C618B05FA317214C9A668D96
SHA-512:	D4F9A0CBFD554534F542304D87C10DCCBAE2E0F9024E92C0D75589F3BBA7D77A25F512ECD96FE750A6F336CBDC0162478E14DBA986D0CB4CEC14D521EE9AF66C
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:20.029 864 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2021/06/22-18:26:20.031 864 Recovering log #3.2021/06/22-18:26:20.031 864 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	338
Entropy (8bit):	5.27627613158839
Encrypted:	false
SSDEEP:	6:mvDjSAq2PcNwi23iKKdKWT5g1IdqIFUtpCDCovZZmwPCDCovzkwOcNwi23iKKdKn:ajSAvLZ5Kkg5gSRFUtpKCoh/PKCo754h
MD5:	D5E3FE94558002AF5A2A021C0B0253F8
SHA1:	D694CBF5EC7988DBB0391C8916DD6FA6A1CC7F3B
SHA-256:	E5C0CF0939E1C59229DCE6AB8B035518CB8B2A4A38E5E118FE4A45A2849D93B7
SHA-512:	738D002B39D9F76F711AED8020A4F981AC7B1D0D1720B769AFBECD0A78DBED21E7CF8B3AE84AB0714C054E498B097129A0ED0AC310596E59015B8685117C5D91
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:19.974 1970 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2021/06/22-18:26:19.975 1970 Recovering log #3.2021/06/22-18:26:19.975 1970 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	8720
Entropy (8bit):	0.32780102044485143
Encrypted:	false
SSDEEP:	6:ybwl94/fMt76Y4QZVs0i99pG/3ZUvTqR4EZY4QZv8fOWn:5v4nMWQti9L8ZZBQZ8fOW
MD5:	1503604C2104CAD7D93808F1ACBA0568
SHA1:	525F762523845D878F41482316A12BABB6A9559F
SHA-256:	557F70BEE4661FAD73AB05E2156DFEA58BAB91300694573E2172B257CE52D9C5
SHA-512:	9F9C5FA526E387847B73F09CA29422BEEDE97C78726B35C0A3DE19F4135DCA0A316D046434C563C44C08D1E595857D5AB50D2306CE371D308A8CF6400BDE5F45
Malicious:	false
Reputation:	low
Preview:	............V..6........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	2955
Entropy (8bit):	5.464335001740415
Encrypted:	false
SSDEEP:	48:mpsGC9sa7QMr8db2lXubQSefgGjNrS0U9RdiN9p6:mRa7QM4db2lXubQ5fgGxrS0u
MD5:	2BBA7CCF33F5E58A2F5094C499EA8CD8
SHA1:	5C54B7A4D64B37206D3B6656BE062345057257D8
SHA-256:	25E5E087E8E8AA11BB0E698DF3B596852AD984C1B27EC3CA8FB91170DDADEA88
SHA-512:	EAAE7B538C0631C1BDF67470C8FFFAE8E117E1A480A211CCC8AE8DEDDA0A8977AA4734FBE023C157841BBFF3C23365128336AA94F55C69F7E75C45802D61FA18
Malicious:	false
Reputation:	low
Preview:	..t...*............8META:chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm.............Y_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.HangoutSinkDiscoveryService;.{"cache":{"sinks":{},"g":{},"h":null},"manualHangouts":{}}.a_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.IdGenerator.cast.RequestIdGenerator..255950000.H_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.LogManager...["[2021-06-22 18:26:21.67][INFO][mr.Init] MR instance ID: 470fce17-34b0-4aa8-b9fe-911383b0a9f3\n","[2021-06-22 18:26:21.67][INFO][mr.Init] Native Cast MRP is disabled.\n","[2021-06-22 18:26:21.67][INFO][mr.Init] Native Mirroring Service is enabled.\n","[2021-06-22 18:26:21.68][INFO][mr.PersistentDataManager] removeTemporary_: 163 chars used\n","[2021-06-22 18:26:21.68][INFO][mr.PersistentDataManager] initialize: 163 chars used, 67 other chars\n","[2021-06-22 18:26:21.68][INFO][mr.CastProvider] Query enabled: true\n","[2021-06-22 18:26:21.68][INFO][mr.CloudProvider]

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	340
Entropy (8bit):	5.184565732565379
Encrypted:	false
SSDEEP:	6:mvD2LpZ4q2PcNwi23iKKdK8a2jMGIFUtpCD2LY3JZmwPCD2L6F3DkwOcNwi23iKi:aDvLZ5Kk8EFUtpK3/PKxF54Z5Kk8bJ
MD5:	6988B3EE451430D1A9B9B2A0ABA4EF90
SHA1:	8E270B237626E5D02AFC0C54F4454484FC11067F
SHA-256:	CEC5B0894804CCBC948E4B0C5118146E8F0E746D7633EB40D35E367FE97928B6
SHA-512:	64DC92F13BF44D6AF920EF485008979920EAD97A2EF75AF89D0F8A36A4DEE56F08E2027B3EEA2BEB7B2959244EC741AF89818A95C36E6864CABFBF6620571021
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:01.633 1540 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/06/22-18:26:01.634 1540 Recovering log #3.2021/06/22-18:26:01.636 1540 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	339
Entropy (8bit):	5.148389661853668
Encrypted:	false
SSDEEP:	6:mvD2LZOq2PcNwi23iKKdKgXz4rRIFUtpCD2LhZmwPCD2L/NDkwOcNwi23iKKdKgi:aAOvLZ5KkgXiuFUtpKA/PKGND54Z5Kkt
MD5:	C50DDC051B0BF29375CE52077EA7AFA1
SHA1:	778F942F3F9BBA0C91C1869C82EB19BD5E295469
SHA-256:	FC05A3923FA0767944D12F9EF9A0A251C7CD8A2C9571AEED3C4CB1315D336F0B
SHA-512:	552847C390AEFBCEF8B95DE67C670AA4309B72ED142B959E1977E22A86E4C39AD97EB426BA9969145F9A7E4E293F29D0BC01991BE5DCE58CAA3807C4ADD8A94C
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:01.962 2a0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/06/22-18:26:01.966 2a0 Recovering log #3.2021/06/22-18:26:01.968 2a0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	114
Entropy (8bit):	1.9837406708828553
Encrypted:	false
SSDEEP:	3:5ljljljljljl:5ljljljljljl
MD5:	1B4FA89099996CE3C9E5A0A9768230E8
SHA1:	9026E1E0906E3B3FE0E414EE814CC5A042807A04
SHA-256:	537818AAFD0902A8B2D58B483674391E33E762B5E1E8CD226D873098CCE9C8F9
SHA-512:	4279C9380ACC5AB329EC6BCDA10CCF0A7437CEF63845B63E741CE517042CFE83340D2D362DD6B9E039BF55E61F484CCF72B8FD8477D1D0292E0B879CB949461B
Malicious:	false
Reputation:	low
Preview:	..&f.................&f.................&f.................&f.................&f.................&f...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	325
Entropy (8bit):	5.117810020283821
Encrypted:	false
SSDEEP:	6:mvD2LTd4q2PcNwi23iKKdKrQMxIFUtpCD2LTPZZmwPCD2LVmVFkwOcNwi23iKKd0:aAevLZ5KkCFUtpKAPZ/PKL54Z5KktJ
MD5:	E9968CE10D8F4489B1F48653B198F91D
SHA1:	5A7D85D265398519D4582E79C925B62947434E69
SHA-256:	58C97B3AA644614A75D2523D3C63DCB2C23086419FC9B5DE415A859CCC6CB321
SHA-512:	22E969A89AF71956277730E2E064E8EFC2E3A8CA3C557402CCD5B1947D7EEF35607EDA3C4A873C478A356B6D97DC10AAB0D471FBC3D3324E5E23A1FA9A3DDF35
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:01.843 2a0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/06/22-18:26:01.845 2a0 Recovering log #3.2021/06/22-18:26:01.822 2a0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	353
Entropy (8bit):	5.184271993611222
Encrypted:	false
SSDEEP:	6:mvD2L5SN+q2PcNwi23iKKdK7Uh2ghZIFUtpCD2LlZmwPCD2LYVkwOcNwi23iKKdb:aOi+vLZ5KkIhHh2FUtpKU/PKlV54Z5KF
MD5:	1272E3A872B88E4ED55756A913081F9D
SHA1:	01D88C2A899BBB2132740ACA89BCAA7B8005BC3F
SHA-256:	755831EB618094839EC4F5411D68007225F688318358E11F6338BD36DF579BC0
SHA-512:	61AC04F35AD3532FA32754CA648B52359395802B1431E5B7E384F67A801879F12751F91EEC24382104E6059B4251A13FCE3DECB95EC983A4A59F75B747A31F2A
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:01.593 abc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/06/22-18:26:01.596 abc Recovering log #3.2021/06/22-18:26:01.597 abc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\23c76855-875d-4b30-90ff-231e886bac63.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	325
Entropy (8bit):	4.957371343316884
Encrypted:	false
SSDEEP:	6:YHpoNXR8+eq7JdV5hsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sd7sBdLJlyH7E4f3K33y
MD5:	363D9EBEDB5030036B53B6B28E8A8EA5
SHA1:	1C7C9012156AC8295EB465BC774430A866096832
SHA-256:	466FE09323B709A587648157D77298132B29F7CD916CD68EF6B28A0FC5EE355B
SHA-512:	9C9A230BAF627B8A9856C0AC66E4EA262C304BBC2272662F4213EB617297DFE222E0CCC4FC0F22B04FAFB3125D55D774174700B381EA3FF90B8C3D11926E0238
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248544335120983","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	296
Entropy (8bit):	0.19535324365485862
Encrypted:	false
SSDEEP:	3:8E:8
MD5:	C4DF0FB10C4332150B2C336396CE1B66
SHA1:	780A76E101DE3DE2E68D23E64AB1A44D47A73207
SHA-256:	18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
SHA-512:	51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
Malicious:	false
Reputation:	low
Preview:	.'..(...................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	438
Entropy (8bit):	5.25333290814684
Encrypted:	false
SSDEEP:	6:mvD2Lhq2PcNwi23iKKdKusNpV/2jMGIFUtpCD2L8XXZmwPCD2LrVkwOcNwi23iK4:aqvLZ5KkFFUtpKZX/PK+V54Z5KkOJ
MD5:	942BC6EB8B542582ECF12B9829F48D5E
SHA1:	EDCC967E649845478620A90BE324243C1D21B21E
SHA-256:	4D1FEDAFC9A3C215528DD588A536F68A61CF752A5F4342DAB6D5306DF6D55536
SHA-512:	A96C1EC20A99AF673ECC163FA18FA9B50D4EC8E1174EBC1620449FC7455DAA1A81B14E41934D93AB803395EAD95451F1A8FFA90F02355CB32EEB98C0595BA9BD
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:01.925 12d4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/06/22-18:26:01.927 12d4 Recovering log #3.2021/06/22-18:26:01.928 12d4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	440
Entropy (8bit):	5.276993355611024
Encrypted:	false
SSDEEP:	6:mvD2Lnq2PcNwi23iKKdKusNpqz4rRIFUtpCD2LGHZmwPCD2LpsRFkwOcNwi23iKV:aovLZ5KkmiuFUtpKj/PKnRF54Z5Kkm2J
MD5:	9350EC342ECCE2AC287EB321E1D59714
SHA1:	316A70723D4F818EA5BB479297EB2E7B5730E2FA
SHA-256:	EC5632EEC5DFBBD566ABF82DA57B7B451B306B97198AC84B2D653744886743BA
SHA-512:	5B53959ED45A9B1DFF324620230C286B31BF3BDF9D889BE2A0A86723DA2CAF47D2D9AB1F00A4BB1FA9271D4E31BC1B7DBAC3EAE78CD7A971244685718E2A20E9
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:01.967 12d4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/06/22-18:26:01.969 12d4 Recovering log #3.2021/06/22-18:26:01.970 12d4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	19
Entropy (8bit):	1.9837406708828553
Encrypted:	false
SSDEEP:	3:5l:5l
MD5:	E556F26DF3E95C19DBAECA8F5DF0C341
SHA1:	247A89F0557FC3666B5173833DB198B188F3AA2E
SHA-256:	B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
SHA-512:	055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
Malicious:	false
Reputation:	low
Preview:	..&f...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	426
Entropy (8bit):	5.263866461137946
Encrypted:	false
SSDEEP:	6:mvDbujyq2PcNwi23iKKdKusNpZQMxIFUtpCDo+1ZmwPCDZGRkwOcNwi23iKKdKuG:aiyvLZ5KkMFUtpKoo/PKZGR54Z5KkTJ
MD5:	B244E56BA497910A2870AAAEBC316B9E
SHA1:	FB7203E4E9D7869CAEB7B8D59823D1FB446BB2DA
SHA-256:	DE282F133C13A4C916B894ECABB52C8503A3A4178FD85F50A8974B8E32F22B05
SHA-512:	02C39DDD1EA26C8CF0B718C7225D3FD0F5FA188659773AC67ECD26627341EDD04E6BA94C8622C9DCAD75DAFF6F7B77676B71FDEDD8CE163A8111DCB30716DD5B
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:18.131 1534 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/MANIFEST-000001.2021/06/22-18:26:18.132 1534 Recovering log #3.2021/06/22-18:26:18.133 1534 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	296
Entropy (8bit):	0.19535324365485862
Encrypted:	false
SSDEEP:	3:8E:8
MD5:	C4DF0FB10C4332150B2C336396CE1B66
SHA1:	780A76E101DE3DE2E68D23E64AB1A44D47A73207
SHA-256:	18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
SHA-512:	51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
Malicious:	false
Reputation:	low
Preview:	.'..(...................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	438
Entropy (8bit):	5.165103399650066
Encrypted:	false
SSDEEP:	12:aZOvLZ5KkkGHArBFUtpKTB9/PKTBP54Z5KkkGHAryJ:ael5KkkGgPg4TBQTBBo5KkkGga
MD5:	283622B7A9A3CF28AF720A03802FA991
SHA1:	4D82A55184E1C440F003ADBE04C764AEBF6C79FE
SHA-256:	9918DB52892707D7D09F2855A40E78E6579A5738A422FB4C7881DEA0B8F7FDBF
SHA-512:	F93AD0E654B6C74EE64746B56B86D921859A434FF8D9E3868DC15C1FF4DB24649633D8907FE23D8C8A31E144C085FDC3BBE7B448C9F4FCAA53303842FE2010BB
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:20.450 12d4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/MANIFEST-000001.2021/06/22-18:26:20.452 12d4 Recovering log #3.2021/06/22-18:26:20.452 12d4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	440
Entropy (8bit):	5.205265168101966
Encrypted:	false
SSDEEP:	12:aPz+vLZ5KkkGHArqiuFUtpKzDW/PKXV54Z5KkkGHArq2J:aPwl5KkkGgCg4/B3o5KkkGg7
MD5:	DE06DB7EBDA3E69DB1C6F8BD76716034
SHA1:	A41334F1FCE6747AB7E5184AB5B9FD417F7C3235
SHA-256:	CB408251C3456EFF0EAA39F6705AD34BB3560FA1A0C6D27D2C5495844B81F7C7
SHA-512:	D9A768CCC6C2570F2959BF1DA35E55B31DE72EB26259A85A87AAD66F252D42C61CA736A6EA7A4A28BBCF81ED48A1BC16DAE825D5F1E9FE80F93CC8887E971CD9
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:20.459 17ec Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/MANIFEST-000001.2021/06/22-18:26:20.463 17ec Recovering log #3.2021/06/22-18:26:20.464 17ec Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	19
Entropy (8bit):	1.9837406708828553
Encrypted:	false
SSDEEP:	3:5l:5l
MD5:	E556F26DF3E95C19DBAECA8F5DF0C341
SHA1:	247A89F0557FC3666B5173833DB198B188F3AA2E
SHA-256:	B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
SHA-512:	055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
Malicious:	false
Reputation:	low
Preview:	..&f...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	426
Entropy (8bit):	5.201594940362558
Encrypted:	false
SSDEEP:	12:aIIIvLZ5KkkGHArAFUtpK1/PKn54Z5KkkGHArfJ:aIVl5KkkGgkg445o5KkkGgV
MD5:	8AA4E74BCD4A172B0914BFE2C6401FA6
SHA1:	63982266A88FC3CDF4E7D6F62ECE14FF29535888
SHA-256:	55F35B440B5FE299F3478A24D1404152ACAC07E774C2B5FD32D02BF5940B4630
SHA-512:	35ECC1013B68977727C6D6D83BD4185B51315535A1DA58F3243F9CD01FF46CB812B5E25974471B230437D0C06CD6FD1B28D02E7A237D8BAA9250E4BF6E4AB009
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:35.676 1530 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/MANIFEST-000001.2021/06/22-18:26:35.678 1530 Recovering log #3.2021/06/22-18:26:35.678 1530 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\b8a1fa10-c607-453c-bbc6-e05cfc0e657d.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	325
Entropy (8bit):	4.96345415074364
Encrypted:	false
SSDEEP:	6:YHpoNXR8+eq7JdV5Z0WlyhsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sd/0WCsBdLJlyH7E4f3K33y
MD5:	1FE877DDE8B96DED122AC08BB07A83C5
SHA1:	5BEA5FFAF686474CE8ACA1D95500C29D65007745
SHA-256:	3AD373EB6FF8EA394964EDA2A9E53ADD8DBA11DC9716ED3CA672F10DF369BA4D
SHA-512:	1854F005CD691674FCF27376150ABD6F036A79C42BB4FFECDCCA14A74CB21D8ADF2552CACE631E6E9C92C58E7EF27279CA30CE5648C8EB90B06F2247A4620043
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248544342473569","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	38
Entropy (8bit):	1.9837406708828553
Encrypted:	false
SSDEEP:	3:sgGg:st
MD5:	45A8ECA4E5C4A6B1395080C1B728B6C9
SHA1:	8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E
SHA-256:	DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
SHA-512:	8EE91A3A1E77459273553F6A776C423A8EE95DB9DCFA897771814B7AD13FD84F06BB2B859F22B6DDA384B39EAA91F1819F170BABED6DA16BDBCF5BCB06CF2124
Malicious:	false
Reputation:	low
Preview:	..F..................F................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	329
Entropy (8bit):	5.147483456759854
Encrypted:	false
SSDEEP:	6:mvD2LZiOq2PcNwi23iKKdKpIFUtpCD2LZWyF3JZmwPCD2LZQ7kwOcNwi23iKKdK7:alOvLZ5KkmFUtpKwX/PKl54Z5KkaUJ
MD5:	7A725F48CFC88422AB8FA771D04B5863
SHA1:	898941169BEC1523457A6C130512C61E50C7DEE3
SHA-256:	E58A5D499D8CF8C13840F852747CA12FF5750CDFDA6E9BF054301051296DD9B5
SHA-512:	C2CD4AFE5A1FD48959E7972C9B1B9094EF0A3DB4B12257AD370D90A6A091D11B2F909DB5C9B3730C6ACC68158FECA441178A82FDC273EC44586B6D4658AE5A3D
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:01.602 2a0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/06/22-18:26:01.603 2a0 Recovering log #3.2021/06/22-18:26:01.604 2a0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	407
Entropy (8bit):	5.27218718322824
Encrypted:	false
SSDEEP:	12:acKIvLZ5KkkOrsFUtpKcEto/PKcEtw54Z5KkkOrzJ:ac7l5Kk+g4cEtjcEt6o5Kkn
MD5:	7769A1C648762D79E7D6D37C520E0A8F
SHA1:	3DE50167B251ABB3EB8B77E9DCDBBB4AB987E6AE
SHA-256:	B74F63F8F6C9C020540764386B9729F0EE15B7BA8742E5B15DB1D4A2F31AC6BA
SHA-512:	4D110FA19AB4AAF42420EB321B8FC1A0FB32CCCBA05E737DFA35A723141F16FB78EF8F85DC75260B4855B0EEFB22F8CBB5872E603129EDA1B7854FD851A07F12
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:21.653 2a0 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/MANIFEST-000001.2021/06/22-18:26:21.654 2a0 Recovering log #3.2021/06/22-18:26:21.654 2a0 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d7a72871-5d64-4a3f-ad0b-99e801d6f1db.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	875
Entropy (8bit):	5.566039308622117
Encrypted:	false
SSDEEP:	24:YU6H0UhvrRlG1KUevEhUeT7m97wUuRUevxQ:YU6UUhveKUevGUeOdwUuUev2
MD5:	453F64EFE0CA98DB646E59BD255BCC5F
SHA1:	472B331450615C52452B12191523BB7E30EEE22C
SHA-256:	23F5573BBEB090ABF624D6D0A8B20DB72185083CBE238E2BB78A7541A84E61A9
SHA-512:	93B526211A4F5A46752B761C127BAFC943ADF818A7A91A7CEE8E4DBF1F5E0A407578E814151643CEC43847F61532DBE688E3F9AF0E9C7130BB1AE6343CC83754
Malicious:	false
Reputation:	low
Preview:	{"expect_ct":[],"sts":[{"expiry":1633014895.618904,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601478895.618908},{"expiry":1633014895.522238,"host":"nAuqgR4iEWti7SOdT3UHPl6rmZU/DeaIm38P2O2OkgA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478895.522241},{"expiry":1633014902.981094,"host":"5EdUoB7YUY9zZV+2DkgVXgho8WUvp+D+6KpeUOhNQIM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478902.981097},{"expiry":1655947566.443645,"host":"8/RrMmQlCD2Gsp14wUCE1P8r7B2C5+yE0+g79IPyRsc=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1624411566.443651},{"expiry":1633014895.739906,"host":"+ccWXqaoHJ9hfuXbleKV6FQUrBlyXAJ31BdqjNQJpHs=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601478895.739909}],"version":2}

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	16
Entropy (8bit):	3.2743974703476995
Encrypted:	false
SSDEEP:	3:1sjgWIV//Rv:1qIFJ
MD5:	6752A1D65B201C13B62EA44016EB221F
SHA1:	58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B
SHA-256:	0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
SHA-512:	9CFD838D3FB570B44FC3461623AB2296123404C6C8F576B0DE0AABD9A6020840D4C9125EB679ED384170DBCAAC2FA30DC7FA9EE5B77D6DF7C344A0AA030E0389
Malicious:	false
Reputation:	low
Preview:	MANIFEST-000004.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	139
Entropy (8bit):	4.513433861039284
Encrypted:	false
SSDEEP:	3:tUKUXYUdfDqrZZmwv3GXYUdfDfk+1V8sGXYUdfD5oVk+1WGv:mvDqrZZmwPCDfhVvCD5ctv
MD5:	3DDF6848154864E2F3A29CD201ADB2BB
SHA1:	F33152350321AF7A44ED9CCF6288C009D94917A8
SHA-256:	FA6923EE4A2821E1561FE48052E30E3949E24A3F1A298500B6529B5F62A6854D
SHA-512:	78D69A2091B585A793ABB4351E8C4DE80AC4A11FF7608BA067F8F38D06941C647EFC01C179ACEA9D87CDB7751B796F24FD21A5923B6296572073048C9EF9C405
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:19.787 1970 Recovering log #3.2021/06/22-18:26:19.843 1970 Delete type=0 #3.2021/06/22-18:26:19.844 1970 Delete type=3 #2.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MPEG-4 LOAS
Category:	dropped
Size (bytes):	50
Entropy (8bit):	5.028758439731456
Encrypted:	false
SSDEEP:	3:Ukk/vxQRDKIVmt+8jzn:oO7t8n
MD5:	031D6D1E28FE41A9BDCBD8A21DA92DF1
SHA1:	38CEE81CB035A60A23D6E045E5D72116F2A58683
SHA-256:	B51BC53F3C43A5B800A723623C4E56A836367D6E2787C57D71184DF5D24151DA
SHA-512:	E994CD3A8EE3E3CF6304C33DF5B7D6CC8207E0C08D568925AFA9D46D42F6F1A5BDD7261F0FD1FCDF4DF1A173EF4E159EE1DE8125E54EFEE488A1220CE85AF904
Malicious:	false
Reputation:	low
Preview:	V........leveldb.BytewiseComparator...#...........

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	346
Entropy (8bit):	5.190767987251181
Encrypted:	false
SSDEEP:	6:mvD81yq2PcNwi23iKKdKfrzAdIFUtpCD6Y1ZmwPCD6ORkwOcNwi23iKKdKfrzILJ:aAyvLZ5Kk9FUtpKz/PKvR54Z5Kk2J
MD5:	164444C4B627EE341CC48867F77C62C3
SHA1:	0CE8F52659D9C22880BD304F989A00CF5C74179F
SHA-256:	9D7388C4AD543679E151337C084F484040266198BC14C3041F564A6A1A50FD66
SHA-512:	67CA3338D5E9E0F3B6E133DE9D4B3017C9FC95FDBDBC649FDD9DC0C589096DC37355E3D07ADBC63B7C421A8ED850FF785B13C3E7020643C26776A1174ED3BCD8
Malicious:	false
Reputation:	low
Preview:	2021/06/22-18:26:20.060 1534 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2021/06/22-18:26:20.061 1534 Recovering log #3.2021/06/22-18:26:20.061 1534 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	106
Entropy (8bit):	3.138546519832722
Encrypted:	false
SSDEEP:	3:tbloIlrJ5ldQxl7aXVdJiG6R0RlAl:tbdlrnQxZaHIGi0R6l
MD5:	DE9EF0C5BCC012A3A1131988DEE272D8
SHA1:	FA9CCBDC969AC9E1474FCE773234B28D50951CD8
SHA-256:	3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
SHA-512:	CEA946EBEADFE6BE65E33EDFF6C68953A84EC2E2410884E12F406CAC1E6C8A0793180433A7EF7CE097B24EA78A1FDBB4E3B3D9CDF1A827AB6FF5605DA3691724
Malicious:	false
Reputation:	low
Preview:	C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	13
Entropy (8bit):	2.8150724101159437
Encrypted:	false
SSDEEP:	3:Yx7:4
MD5:	C422F72BA41F662A919ED0B70E5C3289
SHA1:	AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632
SHA-256:	02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
SHA-512:	86010ED2B2EEBDCC5A8A076B37703669C294C6D1BFAAEA963E26A9C94B81B4C53EC765D9425E5B616159C43923F800A891F9B903659575DF02F8845521F8DC46
Malicious:	false
Reputation:	low
Preview:	85.0.4183.121

C:\Users\user\AppData\Local\Google\Chrome\User Data\bb1b7928-039d-4f4e-a19d-810b93a1fa76.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	modified
Size (bytes):	95428
Entropy (8bit):	3.7522524701996067
Encrypted:	false
SSDEEP:	384:dfCBxvk+/0HXVgmNMNFrmvJD3qNrWH3yGG5rE3t5xaTb3ar45mA0a0TdttaO3XNw:VKu5tCvQeYej9jHQXbefKpH9p2
MD5:	2E6994C836A8E5DDADE67FB62501C9C9
SHA1:	474E5728485B79D599092BC7D2E7ACE883881B0F
SHA-256:	A3EA1EEE9407C7394B8ADAD2DC33CA6919D6121D9C70946EFCD94C48FFEA9DC8
SHA-512:	538456E824EE75348F59F66568005B178698E8B7F8D5A81BF093590075D7E6136D8A8ECAF23841E9D156F7F9F34E1137436639AC1FF0BE823E3F655A3098F923
Malicious:	false
Reputation:	low
Preview:	.t.................C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6......M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....=8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.

C:\Users\user\AppData\Local\Google\Chrome\User Data\ca883edd-4eec-40c4-aebf-832c3a5d38f3.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	173382
Entropy (8bit):	6.079320067821776
Encrypted:	false
SSDEEP:	3072:ykWHB48W0p6hRPkbz3GtzKyc2YEZBLA7bV/nYorVcI8XIssElYTRx:Z44yohR830dZBgbV/njhcI8II6Rx
MD5:	3F484995DA03CAFEA1B175033212C904
SHA1:	1B56B4C2ABB886594120EE0EE4061FCE388F0A27
SHA-256:	957AFE538F42325E646D2843F418C3B7C25DCF427310385D203C96DD0A28E315
SHA-512:	16BD14EDCCE73E7A905D04DEA303FD6F8DCDCB5AE204FC67FF8209FD04E23FF01A07A1C83094712DAC21E24052AFFDE446D94949DEE044909FE4B66D2BA8AA33
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.624411564762215e+12,"network":1.624379167e+12,"ticks":3929828827.0,"uncertainty":4757751.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAD5yRpyxHTvRo045wUdD0XcAAAAAAIAAAAAABBmAAAAAQAAIAAAABLbexqB/oExTFJmpcENOvX+bVETIkvlcZMf3oIBvp2bAAAAAA6AAAAAAgAAIAAAAAb9GGQ1QmHgGBymkKDudOpZA89StPbsfruaqqGAbN50MAAAALDWaloNNJZN9rwnlUq/XLN9khJ9Jz9md9VO4rX+Yg+g8mRS88Enlg3B2TpBYYNjwkAAAACddQYw45aj+S/8dGnDKvRWon1T/sv/0i6HXgLXg0I1kMUaef/c6zqkTQ7ehiG3nkSfg6dR/4o1ZLALr+MYbEZ2"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951909820208"},"plugins":{"metadata":{"adobe-flash-player":{"dis

C:\Users\user\AppData\Local\Google\Chrome\User Data\e9b1dfd0-25a5-4e8d-89a6-be6b7764323b.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SysEx File -
Category:	dropped
Size (bytes):	94708
Entropy (8bit):	3.752213657009978
Encrypted:	false
SSDEEP:	384:tfCBxvk+/0HXVgmNMNFrmvJD3qNrWH3yGG5rE3t5xaTb3ar45mA70TdttaO3XNNZ:FKu5tCvOeYej9jHQXbefKpH9pp
MD5:	A32E1340CAFA42FBC9EB17B784D3E5C1
SHA1:	5F242E436CB48DA97F49E864D95861BAE622E6BC
SHA-256:	0025FB6D26616320511D73063473430CFBD780F966E6AC7EEDDEDB380A592DC7
SHA-512:	BA4795BDCEFBFE2FDB2B2C0E27B0D2178FDFB4744F69FA62382D58AAE7C5C71E25985903F21C28520FFEB4242DF6805A0F518566E705C3D8DF56F0336F05B4BD
Malicious:	false
Reputation:	low
Preview:	.q.................C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6......M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....=8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.

C:\Users\user\AppData\Local\Google\Chrome\User Data\f02e27fb-91da-40f5-9403-559bb5a40d9f.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	173382
Entropy (8bit):	6.079320616929443
Encrypted:	false
SSDEEP:	3072:ykEHB48W0p6hRPkbz3GtzKyc2YEZBLA7bV/nYorVcI8XIssElYTRx:Zm4yohR830dZBgbV/njhcI8II6Rx
MD5:	EF5550A83563C18F33425665099F9040
SHA1:	2002741C29D825DF28E16C7BB222D01CCB96D377
SHA-256:	DBF6BCD034215CA1332D29DA7CE65CFE0EC64B3B44CB69E925324F15BE8FE3F6
SHA-512:	DF6A0D76C9C40E2F85AB22CC91971DF975A6CF3DA1ADD2AEDBADC8736A0746DB37848C73FD32FDB7DA35C97D75C7217DE7F0221419E6F8720D7F3C3B0C1061E0
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.624411564762215e+12,"network":1.624379167e+12,"ticks":3929828827.0,"uncertainty":4757751.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAD5yRpyxHTvRo045wUdD0XcAAAAAAIAAAAAABBmAAAAAQAAIAAAABLbexqB/oExTFJmpcENOvX+bVETIkvlcZMf3oIBvp2bAAAAAA6AAAAAAgAAIAAAAAb9GGQ1QmHgGBymkKDudOpZA89StPbsfruaqqGAbN50MAAAALDWaloNNJZN9rwnlUq/XLN9khJ9Jz9md9VO4rX+Yg+g8mRS88Enlg3B2TpBYYNjwkAAAACddQYw45aj+S/8dGnDKvRWon1T/sv/0i6HXgLXg0I1kMUaef/c6zqkTQ7ehiG3nkSfg6dR/4o1ZLALr+MYbEZ2"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245951909820208"},"plugins":{"metadata":{"adobe-flash-player":{"dis

C:\Users\user\AppData\Local\Temp\608d50b2-008a-4bc6-b775-a93e196760bc.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Google Chrome extension, version 3
Category:	dropped
Size (bytes):	768843
Entropy (8bit):	7.992932603402907
Encrypted:	true
SSDEEP:	12288:cK2ED9wjXNC1Gse83ru82/u0eKhgxuPFrDXgtbPz54Pm1D0fBmfH1sBrJ9mTiDga:cK2ED9I48seur0/uZKCuPNbgtbz6m1ob
MD5:	A11D5CAF6BF849AEB84B0C95B1C3B7CF
SHA1:	27F410CCBD75852C01C7464A1FD7EF8C29BE3916
SHA-256:	D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
SHA-512:	086C124DE3A01BE467647F3BCB4EA05105F690AB45417A0E3D38935ABA9E2381DF59AF98D0FFF7823CEFD5390B48807352E135AC70977AED7B413A8CC48FB590
Malicious:	false
Reputation:	low
Preview:	Cr24..............0.."0....H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L\|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.\|1..n.<Fb..f..Q1.....s..2..{.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-eu...b.........6W..>Nuw9..R{c...Nq.H.K..A!....`v.k+..?.5.>v.....;.._~....tp....x.q.V...7.m.O.~.{!.o/q.'..BK..4./?'.....L..fH&.._<..&.p.k^..\s...:1y..F.N.+...X.PO@Mo....X.G1:..Y.@;..j..........=ae...0.......DU....n...n.;.Ipr..Q....:... <.....a.Y....{ei........0..0....H............0.......Mbh=.[O}.+..U.KHF(n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;\|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$......l-m.............m....ni...`..W.....R.p.b.+...+.\k.R$e~.J\.&c%.d...M..j..V.%...+1F....D....X\.1ct.<........E.B.+.i@...8..^...&YR...I.o...,.....[0Y0....H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. D.'.N@.(..GK....m...A.0.."

C:\Users\user\AppData\Local\Temp\65b04852-7204-4fdd-ac51-987615e47829.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:L:L
MD5:	5058F1AF8388633F609CADB75A75DC9D
SHA1:	3A52CE780950D4D969792A2559CD519D7EE8C727
SHA-256:	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
SHA-512:	0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
Malicious:	false
Reputation:	low
Preview:	.

C:\Users\user\AppData\Local\Temp\browser-sslkeys.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	8428
Entropy (8bit):	4.653496039279706
Encrypted:	false
SSDEEP:	192:/tUxzn8EnOnWVNCklClnZFIJwgAVBqsQaY:/tWzhOnWVN5lClnZFIzD
MD5:	A54A87D78AC1C6B1A0E4D3F71139DAB6
SHA1:	B729D18E8FD186ABED476389B6CBE8AFF3EDD68C
SHA-256:	419939A25FC99F00530673AEB8926AAB3588CCE9C15976DB9450185A35CFA907
SHA-512:	39161ADFC989673D359D32A3D0936AE6555AC89923AD5BDEEB81F965F1AF07C590FC5F2D2989A048F076E7B7E87B199122109CCC549255F5D90ED180C753FEA1
Malicious:	false
Reputation:	low
Preview:	CLIENT_HANDSHAKE_TRAFFIC_SECRET 51f57d0ece7ebc8c6c6bf0f89987c15f6067833bf065038b0f588226b3b4b9a5 a5afe6a300067bec08f4df8c62c53ffed290f69b563f4b3613b92fa923377bbd.SERVER_HANDSHAKE_TRAFFIC_SECRET 51f57d0ece7ebc8c6c6bf0f89987c15f6067833bf065038b0f588226b3b4b9a5 d2aa9db5983029eb6ef071fde939523e558e78acec6f4ef3fb4dc7de813f9e5b.CLIENT_HANDSHAKE_TRAFFIC_SECRET ce9cd9c4d15fcf23dd7a68e5d1dd91298789aeba39b4116b29998cb0d01caa0d 028e8113247c6c7ff563aceb8261db32b7d2c14e053c97febb1eb387287c77f4.SERVER_HANDSHAKE_TRAFFIC_SECRET ce9cd9c4d15fcf23dd7a68e5d1dd91298789aeba39b4116b29998cb0d01caa0d a08938e0499b1332c77e5ccb48f2421e1275584b993142454fc4f20331af28cb.CLIENT_HANDSHAKE_TRAFFIC_SECRET 7b4e51c77d40dfab46827b09b0417b50784f4fd6eb82f4cdf21a730e3ad09340 2f38a3a921c19c8e1fdbcaee31ba57606a0273db995958734ebeb475fd2d5af1.SERVER_HANDSHAKE_TRAFFIC_SECRET 7b4e51c77d40dfab46827b09b0417b50784f4fd6eb82f4cdf21a730e3ad09340 dd7746e43bf31d0192f3ef22e57f376f0102f5a61c502c0f00eed0ee1638e18f.CLIENT_HANDSHAKE_TRAFFIC_SEC

C:\Users\user\AppData\Local\Temp\c1ee36df-f31b-474a-ac7f-00a6ebe1c164.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Google Chrome extension, version 3
Category:	dropped
Size (bytes):	248531
Entropy (8bit):	7.963657412635355
Encrypted:	false
SSDEEP:	3072:r+nmRykNgoldZ8GjJCiUXZSk+QSVh85PxEalRVHmcld9R6yYfEp4ABUGDcaKklrv:k3oF4Z4h45P99Fld9RBQYBVcaxlnfL
MD5:	541F52E24FE1EF9F8E12377A6CCAE0C0
SHA1:	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
SHA-256:	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
SHA-512:	D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
Malicious:	false
Reputation:	low
Preview:	Cr24..............0.."0....H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L\|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.\|1..n.<Fb..f..Q1.....s..2..{.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f\|.~.c.4.E.......0..0....H............0.......).'..b.$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.\|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$\|..\|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0....H.=.....H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...\|!..A..L.+.=...kP.!.1..

C:\Users\user\AppData\Local\Temp\edf2f93c-fda2-4327-9e62-9d88f225b10f.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:L:L
MD5:	5058F1AF8388633F609CADB75A75DC9D
SHA1:	3A52CE780950D4D969792A2559CD519D7EE8C727
SHA-256:	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
SHA-512:	0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
Malicious:	false
Reputation:	low
Preview:	.

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\608d50b2-008a-4bc6-b775-a93e196760bc.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Google Chrome extension, version 3
Category:	dropped
Size (bytes):	768843
Entropy (8bit):	7.992932603402907
Encrypted:	true
SSDEEP:	12288:cK2ED9wjXNC1Gse83ru82/u0eKhgxuPFrDXgtbPz54Pm1D0fBmfH1sBrJ9mTiDga:cK2ED9I48seur0/uZKCuPNbgtbz6m1ob
MD5:	A11D5CAF6BF849AEB84B0C95B1C3B7CF
SHA1:	27F410CCBD75852C01C7464A1FD7EF8C29BE3916
SHA-256:	D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
SHA-512:	086C124DE3A01BE467647F3BCB4EA05105F690AB45417A0E3D38935ABA9E2381DF59AF98D0FFF7823CEFD5390B48807352E135AC70977AED7B413A8CC48FB590
Malicious:	false
Reputation:	low
Preview:	Cr24..............0.."0....H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L\|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.\|1..n.<Fb..f..Q1.....s..2..{.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-eu...b.........6W..>Nuw9..R{c...Nq.H.K..A!....`v.k+..?.5.>v.....;.._~....tp....x.q.V...7.m.O.~.{!.o/q.'..BK..4./?'.....L..fH&.._<..&.p.k^..\s...:1y..F.N.+...X.PO@Mo....X.G1:..Y.@;..j..........=ae...0.......DU....n...n.;.Ipr..Q....:... <.....a.Y....{ei........0..0....H............0.......Mbh=.[O}.+..U.KHF(n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;\|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$......l-m.............m....ni...`..W.....R.p.b.+...+.\k.R$e~.J\.&c%.d...M..j..V.%...+1F....D....X\.1ct.<........E.B.+.i@...8..^...&YR...I.o...,.....[0Y0....H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. D.'.N@.(..GK....m...A.0.."

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\am\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17307
Entropy (8bit):	5.461848619761356
Encrypted:	false
SSDEEP:	384:arfbEVrFvMP4rMhuDopC3vUuFBYZV6uml:aHEVrFvMP4KuFvr6D6uml
MD5:	26330929DF0ED4E86F06C00C03F07CE3
SHA1:	478F3B7E7A7E007BEE182B89C2EF6FFE6045E92C
SHA-256:	621B5139ED199022BB6529AF18ED4DC312AE9F3E90ECAF3B2C9E1D12114F5B22
SHA-512:	0BE6183A1BF12575C0F99960705D4249E79CDB8528C55FF132BE99A111F09494231AD6A36CD61B090A3B34C6971D68A29373BA346888E852C52E05DC14380682
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "...... ... ..... .. ...... .... ... .... ......?".. },.. "128276876460319075": {.. "message": "..... ...".. },.. "1428448869078126731": {.. "message": ".... ......".. },.. "1522140683318860351": {.. "message": "..... ....... .... ..... .....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": "... ...".. },.. "1802762746589457177": {.. "message": "...".. },.. "1850397500312020388": {.. "message": ".$START_LINK$Google Home .......$END_LINK$ ... ...... Chromecast ..... .....? $START_SPAN$*$END_SPAN$",.. "placeholde

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\ar\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	16809
Entropy (8bit):	5.458147730761559
Encrypted:	false
SSDEEP:	192:0IprKC78JmUjk8RkeryFOYPATxLZ8fsbE3/IFV6c8TEKdl:Jrp8JjA8RkerK0lc3wFV6uml
MD5:	44325A88063573A4C77F6EF943B0FC3E
SHA1:	78908D766F3E7A0E4545E7BD823C8ED47C7164EB
SHA-256:	67A439A08804EF4BEF261BDBADD8F0FEFD51729167D01EDCA99DD4AF57D6108B
SHA-512:	889C02BC986794C58C76022E78F57F867DD1D5217687F12D679A33A2DB9E5A18F3A37CF94D8FE4585E747C78E4662EAB93361FF7D945990774C7CFCACCFB79D1
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": ".. .. ........ ....... .... .... ... .......".. },.. "128276876460319075": {.. "message": "...... .......".. },.. "1428448869078126731": {.. "message": "..... .......".. },.. "1522140683318860351": {.. "message": "..... ........ .... ........ ... .....".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": "..... .....".. },.. "1850397500312020388": {.. "message": "... ....... .. .... Chromecast .. $START_LINK$..... Google Home$END_LINK$. $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {..

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\bg\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	18086
Entropy (8bit):	5.408731329060678
Encrypted:	false
SSDEEP:	192:4jjpr342SIwPIasR9VhMkACVmrv8evj+3eXivOMbb2vVzCkwRV6V6c8TEKdl:4ZrYo+rxT+qOV6V6uml
MD5:	6911CE87E8C47223F33BEF9488272E40
SHA1:	980398F076BB7D451B18D7FDE2DE09041B1F55AD
SHA-256:	273DEF0F67F0FA080802B85EF6F334DE50A19408F46BDF41F0F099B1F5501EEA
SHA-512:	CDB69405BB553E46DCF02F71B1A394307D0051E7FA662DFFEBA7888F30DD933F13C7FD6E32F1D7AEAEE8746316873B6E1D92029724ABDC75E49DCC092172EA22
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".......".. },.. "1213957982723875920": {.. "message": "... .. ........ ......... ...... ...-..... ....... ..?".. },.. "128276876460319075": {.. "message": "......... .. ..........".. },.. "1428448869078126731": {.. "message": "........ .. .........".. },.. "1522140683318860351": {.. "message": "........... .. .. ........ ...., ........ .......".. },.. "1550904064710828958": {.. "message": "......".. },.. "1636686747687494376": {.. "message": ".......".. },.. "1802762746589457177": {.. "message": ".... .. .....".. },.. "1850397500312020388": {.. "message": "....... .. ............ .. Chromecast . $START_LINK$............ Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "p

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\bn\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	19695
Entropy (8bit):	5.315564774032776
Encrypted:	false
SSDEEP:	384:PrUCrcTIOeswIW/Vre/sZn8TFfzheV6uml:lPswIWtoK8xfG6uml
MD5:	F9DDF525C07251282A3BFFCEE9A09ABB
SHA1:	A343A078E804AF400A8F3E1891E3390DA754A5CD
SHA-256:	C69C6C90F7EB8F10685CD815AF1F6F1B87CF30C4E8D95DF1D577DE1105AAD227
SHA-512:	EBD339C37162984672513019D470B92DF8B743DD69D4430361EF12D42FD1C208DBDE818A7BFE20BE8A7D63CD6E02B3F4344DEA1C4AEDB8719D789981A49DA44C
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".... ...".. },.. "1213957982723875920": {.. "message": "..... ....... ..... ........... ...... ....... ...... ...?".. },.. "128276876460319075": {.. "message": "...... ........".. },.. "1428448869078126731": {.. "message": "...... ......... ...".. },.. "1522140683318860351": {.. "message": "..... .... ...... ....... ... ... .... ...... .....".. },.. "1550904064710828958": {.. "message": ".........".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": ".....".. },.. "1850397500312020388": {.. "message": "$START_LINK$ Google

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\ca\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15518
Entropy (8bit):	5.242542310885
Encrypted:	false
SSDEEP:	384:drGUBKxMF2ayv8FrIccUVFmwf+7d9VKS3V6uml:dCUBKxMFBy0FE3UzmQ+zkSl6uml
MD5:	A90CF7930E7C3BEC61EE252DEFAD574A
SHA1:	F630CA01114A7BDD39607CB84B8280CCE218A5C6
SHA-256:	A533740E17559E2ADF40B4555C60F21EEC84E92C09CDBC19EED033A0B4DD2474
SHA-512:	598F991B344FA6724617D6CE57BB0D6D64EF86B4F5317BF6AD5EDF43E6B0A385094E7885F7A8FA2B107405B31C3D9F76E92315BC1D9BB52ACD4ECAD342917DE1
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Es congela".. },.. "1213957982723875920": {.. "message": "Quina de les opcions.seg.ents descriu millor la vostra xarxa?".. },.. "128276876460319075": {.. "message": "Detecci. de dispositius".. },.. "1428448869078126731": {.. "message": "Flu.desa del v.deo".. },.. "1522140683318860351": {.. "message": "S'ha produ.t un error en la connexi.. Torneu-ho a provar.".. },.. "1550904064710828958": {.. "message": "Correcta".. },.. "1636686747687494376": {.. "message": "Perfecta".. },.. "1802762746589457177": {.. "message": "Volum".. },.. "1850397500312020388": {.. "message": "Pots veure el Chromecast a l'$START_LINK$aplicaci. Google.Home$END_LINK$?$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\cs\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15552
Entropy (8bit):	5.406413558584244
Encrypted:	false
SSDEEP:	192:eVdprJrG5efiTk93ebrxZR1fdc8VDCwT9fTV6c8TEKdl:2rMqiQerxQ88W7V6uml
MD5:	17E753EE877FDED25886D5F7925CA652
SHA1:	8E4EC969777CC0CEB7C12D0C1B9D87EBBB9C4678
SHA-256:	C562FCCFCE374D446BFAC30AC9B18FF17E7A3EF101C919FF857104917F300382
SHA-512:	33D61F6327FC81D7A45AA2CC97922DC527F5F43E54AA1A1638DA6EE407024A2F10CFD82CC5C3C581C2E7B216276987CB26C3FA95198572E139ACF29CC5B7ADCB
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Video zamrz.".. },.. "1213957982723875920": {.. "message": "Kter. popis nejl.pe vystihuje va.i s..?".. },.. "128276876460319075": {.. "message": "Zji..ov.n. za..zen.".. },.. "1428448869078126731": {.. "message": "Plynulost videa".. },.. "1522140683318860351": {.. "message": "P.ipojen. se nezda.ilo. Zkuste to pros.m znovu.".. },.. "1550904064710828958": {.. "message": "Plynul.".. },.. "1636686747687494376": {.. "message": "Perfektn.".. },.. "1802762746589457177": {.. "message": "Hlasitost".. },.. "1850397500312020388": {.. "message": "Vid.te sv.j Chromecast v.$START_LINK$aplikaci Google Home $END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\da\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15340
Entropy (8bit):	5.2479291792849105
Encrypted:	false
SSDEEP:	192:+Upr8XnI1MY2kPuir8j7Rd3kbTWc4QtV6c8TEKdl:FrJ1H9br8h6eZCV6uml
MD5:	F08A313C78454109B629B37521959B33
SHA1:	3D585D52EC8B4399F66D4BE88CED10F4A034FCCC
SHA-256:	23BF7E5EDF70291CA6D8F4A64788C5B86379EECB628E3DFA7DD83344612F7564
SHA-512:	9F2868AEBBF7F6167A7EA120FE65E752F9A65D1DC51072AA2413B2FDE374DA2D169D455A4788E341717F694179E6F1FA80413C080D9CD8CB397C3E84668CBFEC
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Fryser".. },.. "1213957982723875920": {.. "message": "Hvilket af f.lgende udsagn beskriver bedst dit netv.rk?".. },.. "128276876460319075": {.. "message": "Enhedsregistrering".. },.. "1428448869078126731": {.. "message": "Videostabilitet".. },.. "1522140683318860351": {.. "message": "Forbindelsen blev afbrudt. Pr.v igen.".. },.. "1550904064710828958": {.. "message": "Problemfri".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Lydstyrke".. },.. "1850397500312020388": {.. "message": "Kan du se din Chromecast i $START_LINK$ Google Home-appen$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "STAR

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\de\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15555
Entropy (8bit):	5.258022363187752
Encrypted:	false
SSDEEP:	192:AJprM71A4qyJSwlk5KR5rtXsmvL0xhVw921YV6c8TEKdl:2re3jJS5A5rt8msA2KV6uml
MD5:	980FB419ED6ED94AD75686AFFB4E4C2E
SHA1:	871BFBCA6BCBA9197811883A93C50C0716562D57
SHA-256:	585C7814AFD2453232BC940252D4AE821D6E6CBCFD74A793F78E5DB8BA5342F1
SHA-512:	1681FA9C3BA882250A5005FB807D759EB8A634F1AA011725B1C865C0028BE7AB7BC16DC821A7F5BBFBA84C91E7D663ADE715284798E7E84E8FFF2D254488882D
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "H.ngenbleiben".. },.. "1213957982723875920": {.. "message": "Welche dieser Aussagen beschreibt dein Netzwerk am besten?".. },.. "128276876460319075": {.. "message": "Ger.teerkennung".. },.. "1428448869078126731": {.. "message": "Videowiedergabequalit.t".. },.. "1522140683318860351": {.. "message": "Fehler beim Herstellen der Verbindung. Bitte versuche es noch einmal.".. },.. "1550904064710828958": {.. "message": "St.rungsfrei".. },.. "1636686747687494376": {.. "message": "Perfekt".. },.. "1802762746589457177": {.. "message": "Lautst.rke".. },.. "1850397500312020388": {.. "message": "Siehst du deinen Chromecast in der $START_LINK$Google Home App$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\el\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17941
Entropy (8bit):	5.465343004010711
Encrypted:	false
SSDEEP:	384:S0rDuhLh41cZrP3TzDBknbpgo6djIV6uml:S0fuBh46ZD3TzDinbpgoUK6uml
MD5:	40EB778339005A24FF9DA775D56E02B7
SHA1:	B00561CC7020F7FE717B5F692884253C689A7C61
SHA-256:	F56BF7C171AA20038EE30B754478B69A98F3014C89362779B0A8788C7B9BEEE1
SHA-512:	8BED281A33EC1E4E88A9F9D62BB13FE0266C0FAF8856D1DC2A843D26DD3CE5E7D1400FD3325ABD783B0364EC4FB1188AD941D56AEB9073BC365BE0D12DE6C013
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".......".. },.. "1213957982723875920": {.. "message": ".... ... .. ........ .......... ........ .. ...... ...;".. },.. "128276876460319075": {.. "message": ".......... ........".. },.. "1428448869078126731": {.. "message": "......... ......".. },.. "1522140683318860351": {.. "message": "........ ......... ......... .....".. },.. "1550904064710828958": {.. "message": ".....".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": "...... ....".. },.. "1850397500312020388": {.. "message": "........ .. ..... .. Chromecast .... $START_LINK$........ Google Home$END_LINK$; $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\en\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	14897
Entropy (8bit):	5.197356586852831
Encrypted:	false
SSDEEP:	96:2MKUOp5N7GTNMRuv6M0bIt3FXGkW6/5NkkQ9NJKJhnH3t9F410sUA+ISN6cGDSyR:VKzprogudTGkWqrKcJhdIR+V6c8TEKdl
MD5:	8351AF4EA9BDD9C09019BC85D25B0016
SHA1:	F6EC1FFD291C8632758E01C9EE837B1AD18D4DCF
SHA-256:	F41C82D8A4F0E9B645656D630C882BE94A0FB7F8CEC0FE864B57298F0312B212
SHA-512:	75672B57F21F38F97341AD76A199AD764E9FBAB2384D701BF6EB06CEFDE6C4F20F047F9051A4E30D99621E5C1FBBDB9E38E8D2B47470806704B38DA130A146CF
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Freezes".. },.. "1213957982723875920": {.. "message": "Which of the following best describes your network?".. },.. "128276876460319075": {.. "message": "Device Discovery".. },.. "1428448869078126731": {.. "message": "Video Smoothness".. },.. "1522140683318860351": {.. "message": "Connection failed. Please try again.".. },.. "1550904064710828958": {.. "message": "Smooth".. },.. "1636686747687494376": {.. "message": "Perfect".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Are you able to see your Chromecast in the $START_LINK$ Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "START

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\es\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15560
Entropy (8bit):	5.236752363299121
Encrypted:	false
SSDEEP:	192:NAgprfy1pTCukFr+1DIyDRoanvV6c8TEKdl:KMrq6FrmvV6uml
MD5:	8A70C18BB1090AA4D500DE9E8E4A00EF
SHA1:	8AFC097FA956C1317DB0835348B2DA19F0789669
SHA-256:	FF173D1CEF665B1234E02F11070ABD2B65230318150734579A03C7F31B4AE3F4
SHA-512:	140BAF40A4ABE9B8AF0855B0EBB7DFDF17869EDFC4EE1037C5EA7FDD8EDEBD4850E055B6A4D7B8782657618BCE1517813779BA01BA993CC838BB43E0BE71EEEE
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Congelaci.n de im.genes".. },.. "1213957982723875920": {.. "message": ".Cu.l de las siguientes respuestas describe mejor tu red?".. },.. "128276876460319075": {.. "message": "Detecci.n de dispositivo".. },.. "1428448869078126731": {.. "message": "Fluidez del v.deo".. },.. "1522140683318860351": {.. "message": "Error en la conexi.n. Vuelve a intentarlo.".. },.. "1550904064710828958": {.. "message": "V.deo fluido".. },.. "1636686747687494376": {.. "message": "Perfecta".. },.. "1802762746589457177": {.. "message": "Volumen".. },.. "1850397500312020388": {.. "message": ".Puedes ver tu Chromecast en la $START_LINK$aplicaci.n Google.Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\et\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15139
Entropy (8bit):	5.228213017029721
Encrypted:	false
SSDEEP:	96:Z48bxhWYp5Ny5M63niwAKD4rrJSJ2RkPXh9P5NFP2+NBMU01jewUEVez3QOiSevy:ikxprot3lYkf/rHBc0KsUV6c8TEKdl
MD5:	A62F12BCBA6D2C579212CA2FF90F8266
SHA1:	F7E964A2D9BBDA364252BCE5CFBA3FD34FDD825E
SHA-256:	3EB3EB0B3B4A8E5A477D1B3C3A3891CCC7DC6B8879ECE243A7BD7C478068273D
SHA-512:	E300201245C00ADEC8F39D586875F8FA4607AB203572BF3CE353C1CA7CDCA05B8786810CA0CEE27E4EA54A5EFD53690F1EA7AA4148CFF472A66BB11202723566
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Hangub".. },.. "1213957982723875920": {.. "message": "Milline j.rgmistest v.idetest kirjeldab k.ige paremini teie v.rku?".. },.. "128276876460319075": {.. "message": "Seadme tuvastamine".. },.. "1428448869078126731": {.. "message": "Video sujuvus".. },.. "1522140683318860351": {.. "message": ".hendamine eba.nnestus. Proovige uuesti.".. },.. "1550904064710828958": {.. "message": ".htlane".. },.. "1636686747687494376": {.. "message": "T.iuslik".. },.. "1802762746589457177": {.. "message": "Helitugevus".. },.. "1850397500312020388": {.. "message": "Kas n.ete oma Chromecasti $START_LINK$rakenduses Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\fa\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17004
Entropy (8bit):	5.485874780010479
Encrypted:	false
SSDEEP:	192:rngaIprIX/t9wkjTJrs3hqaXxRQdiIMDnD+LhfHdoltV6c8TEKdl:4rin5rU1X7Qd0M9CtV6uml
MD5:	852BD3CFF960F1BC3A2AAB3CB3874EF9
SHA1:	C9F6F3C776542889FE3B67971D65ACFE048A3A0A
SHA-256:	D87597B6C10364501B98AA42524843F109009CCEF022D8E0170440D7F144F4C6
SHA-512:	2A7AE4D70E33E53EE31831CE2E61DD8DF103C4170EC483BDA14B8788E5DD536EEE84DBA340CACBDF16889C7E6465B48D82C4714E746E8A7B372D12CBDF371C95
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".... ... .......".. },.. "1213957982723875920": {.. "message": ".... .. .. ..... ... .... ... .. .. ...... ... ..... .......".. },.. "128276876460319075": {.. "message": "..... ......".. },.. "1428448869078126731": {.. "message": "..... .....".. },.. "1522140683318860351": {.. "message": "..... ...... .... ..... ...... ...... .....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": "..... ...".. },.. "1850397500312020388": {.. "message": ".... ......... Chromecast ... .. .. $START_LINK$ ...... Google Home$END_LINK$ ....... $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {..

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\fi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15268
Entropy (8bit):	5.268402902466895
Encrypted:	false
SSDEEP:	192:efMprYXiYUNpj5Coik1tXxrUhvUzSPWV6c8TEKdl:eIrjbjosdrU5WV6uml
MD5:	3902581B6170D0CEA9B1ECF6CC82D669
SHA1:	C8208AC2B1DD6D4F8BDAAE01C8BD71FFFA5A732B
SHA-256:	D2A8180225A83A423BB6E17343DFA8F636D517154944002ED9240411B8C0C5E1
SHA-512:	612FDD8A3C5051F0A4F1E11E50B5D124B337C77D62D987D35C2AF9E08AFC6AFCEBAEE8D40FDFBCD1E1889F39758B96FAECBF6C6D1CF146C741A5261952050221
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Pys.htyy".. },.. "1213957982723875920": {.. "message": "Mik. seuraavista kuvaa parhaiten verkkoasi?".. },.. "128276876460319075": {.. "message": "Laitteiden tunnistaminen".. },.. "1428448869078126731": {.. "message": "Videon tasaisuus".. },.. "1522140683318860351": {.. "message": "Yhteys ep.onnistui. Yrit. uudelleen.".. },.. "1550904064710828958": {.. "message": "Tasainen".. },.. "1636686747687494376": {.. "message": "T.ydellinen".. },.. "1802762746589457177": {.. "message": "..nenvoimakkuus".. },.. "1850397500312020388": {.. "message": "N.etk. Chromecastisi $START_LINK$Google Home .sovelluksessa$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\fil\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15570
Entropy (8bit):	5.1924418176212646
Encrypted:	false
SSDEEP:	192:+esprzAsQp68wIJYkMyr2k0jR1/7Rr1uV6c8TEKdl:Gr78JDMyrR0tJuV6uml
MD5:	59483AD798347B291363327D446FA107
SHA1:	C069F29BB68FA7BA2631B0BF5BBF313346AC6736
SHA-256:	DD47530EAE96346CD4DC3267A0BB1091BB17B704803A93CDA2E3E81551B94F12
SHA-512:	091595CA135E965ED3DE376873541117F0E7A8EBDEB4714833EFDD6C820234373891BE5DEC437BA85CCB79CCCA053D407E6ADA17EBDAE7D313324A48775C0010
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Hindi gumagalaw".. },.. "1213957982723875920": {.. "message": "Alin sa sumusunod ang pinakamahusay na naglalarawan sa iyong network?".. },.. "128276876460319075": {.. "message": "Pagtuklas ng Device".. },.. "1428448869078126731": {.. "message": "Pagka-smooth ng Video".. },.. "1522140683318860351": {.. "message": "Hindi nakakonekta. Pakisubukang muli.".. },.. "1550904064710828958": {.. "message": "Smooth".. },.. "1636686747687494376": {.. "message": "Perpekto".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Nakikita mo ba ang iyong Chromecast sa $START_LINK$ Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\fr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15826
Entropy (8bit):	5.277877116547859
Encrypted:	false
SSDEEP:	192:nLZprAZg3EkV3sjrICe8L/1Va7lt1rlxLAkoYHHavV6c8TEKdl:vrW+2jrI7TdLAk3MV6uml
MD5:	9B416146FE4F1403C2AACAC4DCF1A5C3
SHA1:	616F055C9FAD4CE972DF82EC8A9B2F4EDA3E7FAD
SHA-256:	7C7F5758F54008190ACCDDBD1761CBD980FB5FE0847E992874498228D2571DBC
SHA-512:	6E8E70380A8C6E2C0587ADFF6AE36963EC76694904841CE1DFE4EEE215B917AD3E8AF727555627FBDF6B8BA6A4A0674D2B90AC4E9331B6628A32F4C4348FB51B
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Se fige".. },.. "1213957982723875920": {.. "message": "Parmi les propositions suivantes, laquelle d.crit le mieux votre r.seau.?".. },.. "128276876460319075": {.. "message": "D.tection d'appareils".. },.. "1428448869078126731": {.. "message": "Fluidit. de la vid.o".. },.. "1522140683318860351": {.. "message": ".chec de la connexion. Veuillez r.essayer.".. },.. "1550904064710828958": {.. "message": "Fluide".. },.. "1636686747687494376": {.. "message": "Parfaite".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Votre Chromecast est-il visible dans l'$START_LINK$application Google.Home$END_LINK$.? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\gu\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	19255
Entropy (8bit):	5.32628732852814
Encrypted:	false
SSDEEP:	384:Hq2Mr+qPlJKYMdzKgXr3dGsGF+yAK37Wf7Cy/V6uml:KxzTVgX7ykj6uml
MD5:	68B03519786F71A426BAC24DECA2DD52
SHA1:	B8E6608932EC5CEC4BC3C5475BFC3E312D2E2E7D
SHA-256:	C77A4D27E9E6CA25B9290056D93A656E3EBE975957E4C2EE9F0FB11B133D5CD4
SHA-512:	5FFE06A10774877AF25E05BA07F3032CC52F874896D67E320F4EF9D524A22E40B462CC6206700E9557EB354FA2730172DC6912EBCA49C671FB0EF155B17F9EFF
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "........... .... ..... .......... ....... ..... ... ..?".. },.. "128276876460319075": {.. "message": "..... ...".. },.. "1428448869078126731": {.. "message": "........ ......".. },.. "1522140683318860351": {.. "message": "....... ...... ..... .... ..... ..... ...... ....".. },.. "1550904064710828958": {.. "message": "....".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": ".......".. },.. "1850397500312020388": {.. "message": "... ... $START_LINK$ Google Home ..$END_LINK$... Chromecast..

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\hi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	19381
Entropy (8bit):	5.328912995891658
Encrypted:	false
SSDEEP:	384:zrGrSmhKy7KyY+bNEDqlQdrMEPxtShJV6uml:zBqG6QdwEPrW6uml
MD5:	20C86E04B1833EA7F21C07361061420A
SHA1:	617C0D70E162CF380005E9780B61F650B7A39F9B
SHA-256:	C2C27CA242DBDE600BA3AA7782156BC2B190A64D8A1B51EDC8007BDECA139553
SHA-512:	9FB91AA8E0226519E298B1136E8A1A3C1879DB7F0E6052AF1BFD55921CD698346278D04602510680A9695A76DD5C96D9665380580044C50D81392BB2CB3E8E95
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".....".. },.. "1213957982723875920": {.. "message": "..... ... .. ... .... ....... .. .... ..... ..... .... ..?".. },.. "128276876460319075": {.. "message": "...... ...".. },.. "1428448869078126731": {.. "message": "...... .........".. },.. "1522140683318860351": {.. "message": "....... ..... ..... .... ...... .....".. },.. "1550904064710828958": {.. "message": ".......".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": ".....".. },.. "1850397500312020388": {.. "message": ".... .. $START_LINK$ Google Home .........$END_LINK$ ... .... Ch

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\hr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15507
Entropy (8bit):	5.290847699527565
Encrypted:	false
SSDEEP:	192:Pdapr6h85tRwVQgkvJryLkla5Kfndg/V6c8TEKdl:Arwot2Q7BryVce/V6uml
MD5:	3ED90E66789927D80B42346BB431431E
SHA1:	2B061E3271DF4255B1FFC47BDB207CDEC0D9724F
SHA-256:	0B41E3C42414F72C9A12C05F8772597F9685115366A774C66018467AD4B71A74
SHA-512:	92BE43F1FFC8EFBF5BBC50573AC4C65F6104416A5B6CD04404C3A9854CA3DCF2A43A4044C168590CDF83887D234495843572331ADCD5B020D2E48A3956F3C164
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Zamrzavanje".. },.. "1213957982723875920": {.. "message": "Koje od sljede.eg najbolje opisuje va.u mre.u?".. },.. "128276876460319075": {.. "message": "Otkrivanje ure.aja".. },.. "1428448869078126731": {.. "message": "Ujedna.enost videoreprodukcije".. },.. "1522140683318860351": {.. "message": "Povezivanje nije uspjelo. Poku.ajte ponovo.".. },.. "1550904064710828958": {.. "message": "Glatko".. },.. "1636686747687494376": {.. "message": "Savr.ena".. },.. "1802762746589457177": {.. "message": "Glasno.a".. },.. "1850397500312020388": {.. "message": "Vidite li svoj Chromecast u $START_LINK$aplikaciji Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\hu\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15682
Entropy (8bit):	5.354505633120392
Encrypted:	false
SSDEEP:	192:CCEAproS9fZv+JwkDMrC2NSxoSgbV6c8TEKdl:5r5VZv+RDMrazoV6uml
MD5:	8E9FF7E49473C5734A2F6F0812E12EB3
SHA1:	A4F10DDD1580582533D5EB59EDF6D8048F887C81
SHA-256:	6CDD2FB39ADECE00E88B989E464B05ED1414092D0492F6D0AE58D549BFD1A46A
SHA-512:	E9A4AF31B1A276F395599BB620A3164CABF3459F3C102DD3F57DFEA734510BD985DE65CB409E1975559ACCC615075439A08E1DEBE22C90A0ABCAA3CAFEE79AC7
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Lefagy".. },.. "1213957982723875920": {.. "message": "Az al.bbiak k.z.l melyik jellemzi legjobban h.l.zat.t?".. },.. "128276876460319075": {.. "message": "Eszk.zfelfedez.s".. },.. "1428448869078126731": {.. "message": "Vide. folyamatoss.ga".. },.. "1522140683318860351": {.. "message": "Sikertelen kapcsol.d.s. K.rj.k, pr.b.lja .jra.".. },.. "1550904064710828958": {.. "message": "Folyamatos".. },.. "1636686747687494376": {.. "message": "T.k.letes".. },.. "1802762746589457177": {.. "message": "Hanger.".. },.. "1850397500312020388": {.. "message": "L.tja a Chromecastot a $START_LINK$Google Home alkalmaz.sban$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content":

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\id\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15070
Entropy (8bit):	5.190057470347349
Encrypted:	false
SSDEEP:	192:GsprMtChjkWfrEWL0KRCnEOWV6c8TEKdl:9rtAEr3LTRuWV6uml
MD5:	7ADF9F2048944821F93879336EB61A78
SHA1:	C3DA74FB544684D5B250767BB0CB66FFB7C58963
SHA-256:	3630947E1075E3663AD3E4824D0BE42CB47C0D615D8053E83B9595047C8BA9BE
SHA-512:	1F28BB80E1839C5581106BEA3AE2501C7618249D7E3115819F5A9A87771D59F5DE346C1B9C87F7FFC390604D5B9888CE738E25F2F04A094002A0FB3B22CBEC95
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Membeku".. },.. "1213957982723875920": {.. "message": "Dari berikut ini, manakah yang paling mendeskripsikan jaringan Anda?".. },.. "128276876460319075": {.. "message": "Penemuan Perangkat".. },.. "1428448869078126731": {.. "message": "Kelancaran Video".. },.. "1522140683318860351": {.. "message": "Sambungan gagal. Coba lagi.".. },.. "1550904064710828958": {.. "message": "Lancar".. },.. "1636686747687494376": {.. "message": "Sempurna".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Bisakah Anda melihat Chromecast di $START_LINK$aplikasi Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\it\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15256
Entropy (8bit):	5.210663765771143
Encrypted:	false
SSDEEP:	192:lYprk52dAaykVza8rE0QWBKD9+vq0hKEV6c8TEKdl:qrlA8r6DalV6uml
MD5:	BB3041A2B485B900F623E57459AE698A
SHA1:	502F5EA89F9FB0287E864B240EA39889D72053A4
SHA-256:	025737EF8FA06706B3F26D0F52B4844244A6D33DAE1D82FEF2931A14C003D57E
SHA-512:	BA51784073BEF82F3A116B33DA406FDB10EC823B9EE74375C46036DAD8BDCB4141F60845DE141ABE42CEEF9251572F6AB287CA5FC7669C60E4F68071D5AB8C2D
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Si blocca".. },.. "1213957982723875920": {.. "message": "Quale delle seguenti definizioni descrive meglio la tua rete?".. },.. "128276876460319075": {.. "message": "Rilevamento dispositivi".. },.. "1428448869078126731": {.. "message": "Uniformit. video".. },.. "1522140683318860351": {.. "message": "Connessione non riuscita. Riprova.".. },.. "1550904064710828958": {.. "message": "Fluido".. },.. "1636686747687494376": {.. "message": "Perfetta".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Riesci a vedere il tuo dispositivo Chromecast nell'$START_LINK$app Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3"..

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\ja\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	16519
Entropy (8bit):	5.675556017051063
Encrypted:	false
SSDEEP:	192:nkprPhQdxkRWrZe1wYpMR5wnAV6c8TEKdl:YrLRWri65wAV6uml
MD5:	6F2CC1A6B258DF45F519BA24149FABDC
SHA1:	8A58C7880C6D22765DCBB6BCE22A192C1B109AE1
SHA-256:	42ECFEE727CFC4F2845FEFDACE5EDC2E0A40AFAD69973A3B950CE653A7633342
SHA-512:	F7454F0E14301C59CC54361ACC0A1C6D072EF9BDF5DEA60646FB90B1CE47612785938C784A4CF1DE3E62648A14420374933B5F5DA43907BC00D3799FF163A3D0
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "...".. },.. "1213957982723875920": {.. "message": "................................".. },.. "128276876460319075": {.. "message": "......".. },.. "1428448869078126731": {.. "message": ".......".. },.. "1522140683318860351": {.. "message": ".......................".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": "$START_LINK$Google Home ...$END_LINK$. Chromecast .........$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\kn\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	20406
Entropy (8bit):	5.312117131662377
Encrypted:	false
SSDEEP:	384:a6C5rBSzvrZreGnla9ZBHRUDYr9yRwEcAa4rSeD5BSz0hJz8qbbM3gbr//Hkr44c:a6C5rBSzvFreGnla9ZBHRUDYr9yRwEcC
MD5:	2E3239FC277287810BC88D93A6691B09
SHA1:	FC5D585DA00ADC90BF79109C7377BD55E6653569
SHA-256:	5FC705AD19761204D8604EA069936A23731B055D51E7836CAAF16AC7719FBEEA
SHA-512:	DF8BC9E577D3ECB0E6C303E1D2C9E9A4A8317CAE810A9DFC88D91B373A4B665722C5A9AB5A589BB947FDA4C7CD9A6DF39DDD13EA47FE9EFF7E0AC43E49FF3479
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "....... .........".. },.. "1213957982723875920": {.. "message": "...... ...... ..... ........... ..... ......... ............?".. },.. "128276876460319075": {.. "message": "..... ........".. },.. "1428448869078126731": {.. "message": "........ .......".. },.. "1522140683318860351": {.. "message": "...... ........... ........ ..... ...........".. },.. "1550904064710828958": {.. "message": ".....".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": "........".. },.. "1850397500312020388": {.. "message": ".... $

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\ko\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	15480
Entropy (8bit):	5.617756574352461
Encrypted:	false
SSDEEP:	192:kWprGvSQtkxWffrnl5JuFBWVZV6c8TEKdl:TrkuxKfrlT4YVZV6uml
MD5:	E303CD63AD00EB3154431DED78E871C4
SHA1:	3B1E5B8E2CF5EBDF5D33656EF80A46563F751783
SHA-256:	FDE602BFDB1AFD282682DA5338C4F91D8A2F6CB5411DB8F62F4583D629CE67A6
SHA-512:	18BA1D5A25FBC1829AD957A531B0CC490AFCBD20AC22181021363AA3CFB916270B8732E824463C9B0897220E8AE86EB1BE561D6540E6C625F08F228F61DDFFA3
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "...".. },.. "1213957982723875920": {.. "message": ".. . .. .. ..... .. . .... ... .....?".. },.. "128276876460319075": {.. "message": ".. ..".. },.. "1428448869078126731": {.. "message": "... ..".. },.. "1522140683318860351": {.. "message": ".... ...... .. ... ....".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "...".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": "$START_LINK$Google Home .$END_LINK$. Chromecast. .....? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\lt\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15802
Entropy (8bit):	5.354550839818046
Encrypted:	false
SSDEEP:	192:lGxSprfkiRR+2zJckS1khrnPI85+80p3DWReV6c8TEKdl:lG4rlq0OkSmhrwbpIeV6uml
MD5:	93BBBE82F024FBCB7FB18E203F253429
SHA1:	83F4D80F64FA2ADCE6C515C5F663BD38A76C51DB
SHA-256:	E7A8570922CCC4F2CA3721C4E61F426158C4E7BC90274FBC8BE4040FF8B6CA9B
SHA-512:	B7E7878106B466CE95069141DF1DE387E847348B62E9C4D548006452F3E164B3AD842E9673A56DC011A5ECC3346B5863E2034EE477A9D1F3E0ABD76B2D0F640A
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Stringa".. },.. "1213957982723875920": {.. "message": "Kuris i. toliau pateikt. teigini. geriausiai apib.dina j.s. tinkl.?".. },.. "128276876460319075": {.. "message": ".renginio suradimas".. },.. "1428448869078126731": {.. "message": "Vaizdo .ra.o sklandumas".. },.. "1522140683318860351": {.. "message": ".vyko ry.io klaida. Bandykite dar kart..".. },.. "1550904064710828958": {.. "message": "Leid.iama skland.iai".. },.. "1636686747687494376": {.. "message": "Puiki".. },.. "1802762746589457177": {.. "message": "Garsumas".. },.. "1850397500312020388": {.. "message": "Ar .Chromecast. rodomas $START_LINK$programoje .Google Home.$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\lv\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15891
Entropy (8bit):	5.36794040601742
Encrypted:	false
SSDEEP:	192:y18prUkm15wkLDG2raqhnZDuvyI762V6c8TEKdl:RrAL7rte62V6uml
MD5:	388590CE5E144AE5467FD6585073BD11
SHA1:	61228673A400A98D5834389C06127589F19D3A30
SHA-256:	05CA14196CA5D90B228C0F03684E03EBE403A3E7B513AE0A059244AE12B51164
SHA-512:	BF83AC90BC56CEB1CA12DCB47BCE542FB8CFE0BC14E34DE4FE1A84F7CDB4B54E36C125CEA7EE06EA6244F7795A0957A8A20DB30CA4C60FC6E96EF2A735448521
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".Iesald.ts. att.ls".. },.. "1213957982723875920": {.. "message": "Kur. no t.l.k min.tajiem apgalvojumiem vislab.k raksturo j.su t.klu?".. },.. "128276876460319075": {.. "message": "Ier.ces atra.ana".. },.. "1428448869078126731": {.. "message": "Video vienm.r.ba".. },.. "1522140683318860351": {.. "message": "Neizdev.s izveidot savienojumu. L.dzu, m..iniet v.lreiz.".. },.. "1550904064710828958": {.. "message": "Vienm.r.gs att.ls".. },.. "1636686747687494376": {.. "message": "Nevainojama".. },.. "1802762746589457177": {.. "message": "Ska.ums".. },.. "1850397500312020388": {.. "message": "Vai j.su Chromecast ier.ce ir redzama $START_LINK$lietotn. Google.Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2"..

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\ml\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	20986
Entropy (8bit):	5.347122984404251
Encrypted:	false
SSDEEP:	384:6pQrdbhWHZ3wOn1HbxytQdroExFVRnTPV6uml:X5hUtz6uml
MD5:	2AF93901DE80CA49DA869188BCDA9495
SHA1:	E60DF4F2FB12BD3F1CA869DAD9F6BDE0C17CEB11
SHA-256:	329E80AEE1212F634E180DEF7E16D6E38D9C9FDA9AC9DB1D99B8AE1626EF304E
SHA-512:	DD1711B017DC65E1272972A1BEBD7A1B1769E1F22B37B20582573392CD432725D19DCE134145B3C031428BC0B5948B02A9AA93C8A651BEAA189B686B7BC2AD46
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "...........".. },.. "1213957982723875920": {.. "message": "................ ..... ....... ...... ....... ......... ............. .................?".. },.. "128276876460319075": {.. "message": "...... .........".. },.. "1428448869078126731": {.. "message": "...... ...............".. },.. "1522140683318860351": {.. "message": "...... .............. ....... ...........".. },.. "1550904064710828958": {.. "message": ".........".. },.. "1636686747687494376": {.. "message": "........".. },.. "1802762746589457177": {.. "message"

C:\Users\user\AppData\Local\Temp\scoped_dir3544_1068232442\CRX_INSTALL\_locales\mr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	19628
Entropy (8bit):	5.311054092888986
Encrypted:	false
SSDEEP:	192:PbrpprGy+RmIosTmidpzlF1Akk03LQYOkQrjNjP8hZYiEQ5z+excV6c8TEKdl:PbfrGUIos7dpzxbP7KrjNjaBEYuV6uml
MD5:	659F5B4ACA112D3ECBB6EC1613DDE824
SHA1:	5DEE35FCD260554999F8DDEC489FBA9F81FA8EEE
SHA-256:	C8B765E7A07578BC078A952E151E3B866506959E15E79E9E5E1DBB98F9C4008F
SHA-512:	F74B36C1B6160E444F4969D13788A9C60637BDC11DC5065B2518B668E8D638384E00557ACDC88B3EA225D9231B6BED4B227BFB2E12C92773073B256F62ADDE63
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "......".. },.. "1213957982723875920": {.. "message": "......... ..... ...... ......... ............ ..... ....?".. },.. "128276876460319075": {.. "message": "........ ...".. },.. "1428448869078126731": {.. "message": "....... .......".. },.. "1522140683318860351": {.. "message": "....... ....... ..... ..... ...... ....... ....".. },.. "1550904064710828958": {.. "message": ".... ..... .....".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": ".........".. },.. "1850397500312020388": {.. "message": "...... $START_LINK$ Goo

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jun 22, 2021 18:25:54.355319977 CEST	443	49679	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.355889082 CEST	443	49679	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.364299059 CEST	443	49684	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.364739895 CEST	443	49684	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.408214092 CEST	443	49684	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.511260033 CEST	443	49679	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.511287928 CEST	443	49679	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.511308908 CEST	443	49679	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.511327028 CEST	443	49679	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.511344910 CEST	443	49679	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.511363029 CEST	443	49679	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.511379004 CEST	443	49679	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.511394024 CEST	49679	443	192.168.2.7	20.190.159.138
Jun 22, 2021 18:25:54.511398077 CEST	443	49679	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.511414051 CEST	443	49679	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.511424065 CEST	49679	443	192.168.2.7	20.190.159.138
Jun 22, 2021 18:25:54.511473894 CEST	49679	443	192.168.2.7	20.190.159.138
Jun 22, 2021 18:25:54.516295910 CEST	443	49684	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.516371012 CEST	443	49684	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.516436100 CEST	443	49684	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.516468048 CEST	49684	443	192.168.2.7	20.190.159.138
Jun 22, 2021 18:25:54.516496897 CEST	443	49684	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.516547918 CEST	49684	443	192.168.2.7	20.190.159.138
Jun 22, 2021 18:25:54.516557932 CEST	443	49684	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.516619921 CEST	443	49684	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.516669035 CEST	49684	443	192.168.2.7	20.190.159.138
Jun 22, 2021 18:25:54.516681910 CEST	443	49684	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.516751051 CEST	443	49684	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.516808033 CEST	443	49684	20.190.159.138	192.168.2.7
Jun 22, 2021 18:25:54.516809940 CEST	49684	443	192.168.2.7	20.190.159.138
Jun 22, 2021 18:25:54.568110943 CEST	49684	443	192.168.2.7	20.190.159.138
Jun 22, 2021 18:26:06.748398066 CEST	49707	80	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:06.749285936 CEST	49708	80	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:06.810544014 CEST	49710	80	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:06.938904047 CEST	80	49707	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:06.939026117 CEST	49707	80	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:06.939348936 CEST	49707	80	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:06.945246935 CEST	80	49708	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:06.945353031 CEST	49708	80	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:07.003034115 CEST	80	49710	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:07.003273010 CEST	49710	80	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:07.129710913 CEST	80	49707	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:07.798326969 CEST	80	49707	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:07.886392117 CEST	49707	80	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:07.985941887 CEST	49716	443	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:08.063213110 CEST	49717	443	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:08.179692030 CEST	443	49716	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:08.179779053 CEST	49716	443	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:08.180196047 CEST	49716	443	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:08.260360956 CEST	443	49717	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:08.260448933 CEST	49717	443	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:08.260711908 CEST	49717	443	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:08.373744011 CEST	443	49716	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:08.374975920 CEST	443	49716	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:08.375000000 CEST	443	49716	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:08.375011921 CEST	443	49716	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:08.375027895 CEST	443	49716	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:08.375066996 CEST	49716	443	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:08.375109911 CEST	49716	443	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:08.377232075 CEST	443	49716	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:08.377258062 CEST	443	49716	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:08.377311945 CEST	49716	443	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:08.457906008 CEST	443	49717	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:08.459217072 CEST	443	49717	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:08.459242105 CEST	443	49717	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:08.459256887 CEST	443	49717	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:08.459270954 CEST	443	49717	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:08.459326982 CEST	49717	443	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:08.461229086 CEST	443	49717	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:08.461255074 CEST	443	49717	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:08.461319923 CEST	49717	443	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:08.461347103 CEST	49717	443	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:09.238285065 CEST	49716	443	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:09.238399029 CEST	49717	443	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:09.322562933 CEST	49708	80	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:09.322638035 CEST	49710	80	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:09.432295084 CEST	443	49716	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:09.432403088 CEST	49716	443	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:09.434541941 CEST	443	49717	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:09.434634924 CEST	49717	443	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:09.515635967 CEST	80	49710	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:09.515700102 CEST	49710	80	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:09.518892050 CEST	80	49708	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:09.518909931 CEST	80	49708	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:09.519026995 CEST	49708	80	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:12.061764956 CEST	49707	80	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:12.252535105 CEST	80	49707	162.214.158.161	192.168.2.7
Jun 22, 2021 18:26:12.252635956 CEST	49707	80	192.168.2.7	162.214.158.161
Jun 22, 2021 18:26:20.575177908 CEST	49740	443	192.168.2.7	216.58.212.161
Jun 22, 2021 18:26:20.617769957 CEST	443	49740	216.58.212.161	192.168.2.7
Jun 22, 2021 18:26:20.617861032 CEST	49740	443	192.168.2.7	216.58.212.161
Jun 22, 2021 18:26:20.618108988 CEST	49740	443	192.168.2.7	216.58.212.161
Jun 22, 2021 18:26:20.662381887 CEST	443	49740	216.58.212.161	192.168.2.7
Jun 22, 2021 18:26:20.669668913 CEST	443	49740	216.58.212.161	192.168.2.7
Jun 22, 2021 18:26:20.669703007 CEST	443	49740	216.58.212.161	192.168.2.7
Jun 22, 2021 18:26:20.669724941 CEST	443	49740	216.58.212.161	192.168.2.7
Jun 22, 2021 18:26:20.669745922 CEST	443	49740	216.58.212.161	192.168.2.7
Jun 22, 2021 18:26:20.669765949 CEST	49740	443	192.168.2.7	216.58.212.161
Jun 22, 2021 18:26:20.669787884 CEST	443	49740	216.58.212.161	192.168.2.7
Jun 22, 2021 18:26:20.669799089 CEST	49740	443	192.168.2.7	216.58.212.161

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jun 22, 2021 18:25:54.640270948 CEST	62452	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:25:54.658487082 CEST	57820	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:25:54.706842899 CEST	53	62452	8.8.8.8	192.168.2.7
Jun 22, 2021 18:25:54.718622923 CEST	53	57820	8.8.8.8	192.168.2.7
Jun 22, 2021 18:25:55.799384117 CEST	50848	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:25:55.858206987 CEST	53	50848	8.8.8.8	192.168.2.7
Jun 22, 2021 18:25:56.903404951 CEST	61242	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:25:56.966525078 CEST	53	61242	8.8.8.8	192.168.2.7
Jun 22, 2021 18:25:57.877115011 CEST	58562	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:25:57.940088987 CEST	53	58562	8.8.8.8	192.168.2.7
Jun 22, 2021 18:25:58.012042999 CEST	56590	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:25:58.067289114 CEST	53	56590	8.8.8.8	192.168.2.7
Jun 22, 2021 18:25:59.262166977 CEST	60501	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:25:59.321685076 CEST	53	60501	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:00.493211985 CEST	53775	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:00.544029951 CEST	53	53775	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:02.646872997 CEST	51837	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:02.698430061 CEST	53	51837	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:05.169608116 CEST	55411	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:05.222830057 CEST	53	55411	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:06.304411888 CEST	60338	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:06.354841948 CEST	53	60338	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:06.552709103 CEST	58717	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:06.559986115 CEST	59762	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:06.566613913 CEST	54329	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:06.567910910 CEST	58052	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:06.569727898 CEST	54008	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:06.604207039 CEST	53	58717	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:06.629635096 CEST	53	58052	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:06.632709980 CEST	53	59762	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:06.637486935 CEST	53	54008	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:06.741251945 CEST	53	54329	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:07.070727110 CEST	59451	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:07.130527020 CEST	53	59451	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:07.156178951 CEST	52914	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:07.217261076 CEST	53	52914	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:07.508124113 CEST	64569	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:07.564199924 CEST	53	64569	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:07.811069965 CEST	52816	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:07.983958006 CEST	53	52816	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:08.838773966 CEST	50781	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:08.905169964 CEST	53	50781	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:09.746798038 CEST	59310	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:09.798486948 CEST	53	59310	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:10.958692074 CEST	51919	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:11.012298107 CEST	53	51919	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:12.982881069 CEST	64296	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:13.043463945 CEST	53	64296	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:14.007163048 CEST	56680	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:14.068592072 CEST	53	56680	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:14.928050995 CEST	58820	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:14.978940964 CEST	53	58820	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:19.909559011 CEST	60983	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:19.961494923 CEST	53	60983	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:20.503932953 CEST	49247	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:20.574176073 CEST	53	49247	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:21.396286011 CEST	52286	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:21.453206062 CEST	53	52286	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:21.988714933 CEST	56064	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:22.052819967 CEST	53	56064	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:22.370580912 CEST	63744	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:22.450635910 CEST	53	63744	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:23.081851006 CEST	61457	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:23.140636921 CEST	53	61457	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:27.076689005 CEST	58367	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:27.129151106 CEST	53	58367	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:28.933418036 CEST	60599	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:28.983758926 CEST	53	60599	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:33.241481066 CEST	59571	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:33.293067932 CEST	53	59571	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:34.662981987 CEST	52689	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:34.716614962 CEST	53	52689	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:41.628367901 CEST	50290	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:41.687980890 CEST	53	50290	8.8.8.8	192.168.2.7
Jun 22, 2021 18:26:49.871994019 CEST	60427	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:26:49.936662912 CEST	53	60427	8.8.8.8	192.168.2.7
Jun 22, 2021 18:27:02.582326889 CEST	59582	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:27:02.641757965 CEST	53	59582	8.8.8.8	192.168.2.7
Jun 22, 2021 18:27:03.551251888 CEST	60949	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:27:03.612855911 CEST	53	60949	8.8.8.8	192.168.2.7
Jun 22, 2021 18:27:03.820801020 CEST	58542	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:27:03.880363941 CEST	53	58542	8.8.8.8	192.168.2.7
Jun 22, 2021 18:27:04.515019894 CEST	59179	53	192.168.2.7	8.8.8.8
Jun 22, 2021 18:27:04.575325966 CEST	53	59179	8.8.8.8	192.168.2.7

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Jun 22, 2021 18:26:06.566613913 CEST	192.168.2.7	8.8.8.8	0x945d	Standard query (0)	www.delval.com	A (IP address)	IN (0x0001)
Jun 22, 2021 18:26:07.811069965 CEST	192.168.2.7	8.8.8.8	0x70e0	Standard query (0)	delval.com	A (IP address)	IN (0x0001)
Jun 22, 2021 18:26:20.503932953 CEST	192.168.2.7	8.8.8.8	0x9eaa	Standard query (0)	clients2.googleusercontent.com	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Jun 22, 2021 18:26:06.741251945 CEST	8.8.8.8	192.168.2.7	0x945d	No error (0)	www.delval.com		162.214.158.161	A (IP address)	IN (0x0001)
Jun 22, 2021 18:26:07.983958006 CEST	8.8.8.8	192.168.2.7	0x70e0	No error (0)	delval.com		162.214.158.161	A (IP address)	IN (0x0001)
Jun 22, 2021 18:26:20.574176073 CEST	8.8.8.8	192.168.2.7	0x9eaa	No error (0)	clients2.googleusercontent.com	googlehosted.l.googleusercontent.com		CNAME (Canonical name)	IN (0x0001)
Jun 22, 2021 18:26:20.574176073 CEST	8.8.8.8	192.168.2.7	0x9eaa	No error (0)	googlehosted.l.googleusercontent.com		216.58.212.161	A (IP address)	IN (0x0001)

HTTP Request Dependency Graph

www.delval.com

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
0	192.168.2.7	49707	162.214.158.161	80	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	kBytes transferred	Direction	Data
Jun 22, 2021 18:26:06.939348936 CEST	919	OUT	GET / HTTP/1.1 Host: www.delval.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
1	162.214.158.161	80	192.168.2.7	49707	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	kBytes transferred	Direction	Data
Jun 22, 2021 18:26:07.798326969 CEST	1804	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 22 Jun 2021 16:26:06 GMT Server: Apache X-Redirect-By: WordPress Upgrade: h2,h2c Connection: Upgrade, Keep-Alive Location: https://delval.com/ Content-Length: 0 Keep-Alive: timeout=5, max=100 Content-Type: text/html; charset=UTF-8

Code Manipulations

Statistics

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exe PID: 3544 Parent PID: 4288

General

Start time:	18:26:00
Start date:	22/06/2021
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://www.delval.com/'
Imagebase:	0x7ff76d1c0000
File size:	2150896 bytes
MD5 hash:	C139654B5C1438A95B321BB01AD63EF6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Analysis Process: chrome.exe PID: 768 Parent PID: 3544

General

Start time:	18:26:02
Start date:	22/06/2021
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1548,14534732740687434052,6577963013927893067,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1736 /prefetch:8
Imagebase:	0x7ff76d1c0000
File size:	2150896 bytes
MD5 hash:	C139654B5C1438A95B321BB01AD63EF6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Disassembly

Reset < >

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Files may be copied from an external adversary controlled system through the command and control channel to bring tools into the victim network or through alternate protocols with another tool such as FTP. Files can also be copied over on Mac and Linux with native tools like scp, rsync, and sftp.
Tactics:	Command and Control
Data Sources:	File monitoring, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process command-line parameters, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Windows Analysis Report http://www.delval.com/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Overview

Sigma Overview

Signature Overview

Compliance:

Networking:

System Summary:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

Private

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

No static file info

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

HTTP Packets

Code Manipulations

Statistics

Behavior

System Behavior

Analysis Process: chrome.exe PID: 3544 Parent PID: 4288

General

Analysis Process: chrome.exe PID: 768 Parent PID: 3544

General

Disassembly