Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Windows Analysis Report https://gios.co.in/dalube

Overview

General Information

Sample URL:https://gios.co.in/dalube
Analysis ID:452574
Infos:

Most interesting Screenshot:

Detection

HTMLPhisher
Score:68
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Yara detected HtmlPhish10
Phishing site detected (based on logo template match)
HTML body contains low number of good links
HTML title does not match URL
Suspicious form URL found

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 5512 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://gios.co.in/dalube' MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 984 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1504,162524958323097783,14263672154630043900,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1832 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Jbx Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

barindex
Antivirus / Scanner detection for submitted sampleShow sources
Source: https://gios.co.in/dalubeSlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering
Antivirus detection for URL or domainShow sources
Source: https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1Eq5B6Rl1vAteD2XLcZ1aB67F3mcRTLSXXMDf4RFkSlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

barindex
Yara detected HtmlPhish10Show sources
Source: Yara matchFile source: 25855.pages.csv, type: HTML
Phishing site detected (based on logo template match)Show sources
Source: https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1Eq5B6Rl1vAteD2XLcZ1aB67F3mcRTLSXXMDf4RFkMatcher: Template: office matched
Source: https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1Eq5B6Rl1vAteD2XLcZ1aB67F3mcRTLSXXMDf4RFkHTTP Parser: Number of links: 0
Source: https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1Eq5B6Rl1vAteD2XLcZ1aB67F3mcRTLSXXMDf4RFkHTTP Parser: Number of links: 0
Source: https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1Eq5B6Rl1vAteD2XLcZ1aB67F3mcRTLSXXMDf4RFkHTTP Parser: Title: Office 365 Business Portal does not match URL
Source: https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1Eq5B6Rl1vAteD2XLcZ1aB67F3mcRTLSXXMDf4RFkHTTP Parser: Title: Office 365 Business Portal does not match URL
Source: https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1Eq5B6Rl1vAteD2XLcZ1aB67F3mcRTLSXXMDf4RFkHTTP Parser: Form action: aloc.php
Source: https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1Eq5B6Rl1vAteD2XLcZ1aB67F3mcRTLSXXMDf4RFkHTTP Parser: Form action: aloc.php
Source: https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1Eq5B6Rl1vAteD2XLcZ1aB67F3mcRTLSXXMDf4RFkHTTP Parser: No <meta name="author".. found
Source: https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1Eq5B6Rl1vAteD2XLcZ1aB67F3mcRTLSXXMDf4RFkHTTP Parser: No <meta name="author".. found
Source: https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1Eq5B6Rl1vAteD2XLcZ1aB67F3mcRTLSXXMDf4RFkHTTP Parser: No <meta name="copyright".. found
Source: https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1Eq5B6Rl1vAteD2XLcZ1aB67F3mcRTLSXXMDf4RFkHTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 162.241.29.157:443 -> 192.168.2.4:49737 version: TLS 1.2
Source: unknownHTTPS traffic detected: 162.241.29.157:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknownHTTPS traffic detected: 162.241.29.157:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 162.241.29.157:443 -> 192.168.2.4:49757 version: TLS 1.2
Source: unknownDNS traffic detected: queries for: gios.co.in
Source: 6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.dr, manifest.json0.0.drString found in binary or memory: https://accounts.google.com
Source: 6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.dr, manifest.json0.0.drString found in binary or memory: https://apis.google.com
Source: 6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.drString found in binary or memory: https://clients2.google.com
Source: manifest.json0.0.drString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.drString found in binary or memory: https://clients2.googleusercontent.com
Source: manifest.json0.0.drString found in binary or memory: https://content.googleapis.com
Source: 6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.dr, df925a64-fa94-4f61-a53f-53847a4b39f8.tmp.3.dr, 684e2fe0-0e4e-4001-aaa2-77634aa6a841.tmp.3.drString found in binary or memory: https://dns.google
Source: manifest.json0.0.drString found in binary or memory: https://feedback.googleusercontent.com
Source: 6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.drString found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.googleapis.com;
Source: 6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.drString found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.gstatic.com;
Source: Current Session.0.drString found in binary or memory: https://gios.co.in
Source: Favicons.0.drString found in binary or memory: https://gios.co.in/dalube
Source: Current Session.0.dr, Favicons.0.drString found in binary or memory: https://gios.co.in/dalube/
Source: History Provider Cache.0.drString found in binary or memory: https://gios.co.in/dalube/2
Source: History Provider Cache.0.drString found in binary or memory: https://gios.co.in/dalube/2:
Source: History.0.drString found in binary or memory: https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1
Source: Favicons.0.drString found in binary or memory: https://gios.co.in/dalube/FUNC/ico.ico
Source: History.0.drString found in binary or memory: https://gios.co.in/dalube/Office
Source: History Provider Cache.0.drString found in binary or memory: https://gios.co.in/dalube2
Source: History Provider Cache.0.drString found in binary or memory: https://gios.co.in/dalube2:
Source: History.0.drString found in binary or memory: https://gios.co.in/dalubeOffice
Source: manifest.json0.0.drString found in binary or memory: https://hangouts.google.com/
Source: 6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.drString found in binary or memory: https://ogs.google.com
Source: manifest.json.0.drString found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: 6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.drString found in binary or memory: https://play.google.com
Source: 6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.drString found in binary or memory: https://r5---sn-h0jeln7l.gvt1.com
Source: 6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.drString found in binary or memory: https://redirector.gvt1.com
Source: manifest.json.0.drString found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: 6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.drString found in binary or memory: https://ssl.gstatic.com
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: 6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.dr, manifest.json0.0.drString found in binary or memory: https://www.google.com
Source: manifest.json.0.drString found in binary or memory: https://www.google.com/
Source: manifest.json0.0.drString found in binary or memory: https://www.google.com;
Source: 6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.drString found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: 6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.drString found in binary or memory: https://www.gstatic.com
Source: manifest.json0.0.drString found in binary or memory: https://www.gstatic.com;
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownHTTPS traffic detected: 162.241.29.157:443 -> 192.168.2.4:49737 version: TLS 1.2
Source: unknownHTTPS traffic detected: 162.241.29.157:443 -> 192.168.2.4:49738 version: TLS 1.2
Source: unknownHTTPS traffic detected: 162.241.29.157:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 162.241.29.157:443 -> 192.168.2.4:49757 version: TLS 1.2
Source: classification engineClassification label: mal68.phis.win@28/159@6/7
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-60F97886-1588.pmaJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Temp\af3dbe2e-a1a6-4c2e-bd4a-a62d486fe056.tmpJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://gios.co.in/dalube'
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1504,162524958323097783,14263672154630043900,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1832 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1504,162524958323097783,14263672154630043900,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1832 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management InstrumentationPath InterceptionProcess Injection1Masquerading1OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network MediumEncrypted Channel2Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsProcess Injection1LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothNon-Application Layer Protocol1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or Information1Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationApplication Layer Protocol2Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://gios.co.in/dalube0%VirustotalBrowse
https://gios.co.in/dalube0%Avira URL Cloudsafe
https://gios.co.in/dalube100%SlashNextFake Login Page type: Phishing & Social Engineering

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1Eq5B6Rl1vAteD2XLcZ1aB67F3mcRTLSXXMDf4RFk100%SlashNextFake Login Page type: Phishing & Social Engineering
https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM10%Avira URL Cloudsafe
https://dns.google0%URL Reputationsafe
https://dns.google0%URL Reputationsafe
https://dns.google0%URL Reputationsafe
https://gios.co.in/dalubeOffice0%Avira URL Cloudsafe
https://www.google.com;0%Avira URL Cloudsafe
https://gios.co.in/dalube2:0%Avira URL Cloudsafe
https://gios.co.in/dalube20%Avira URL Cloudsafe
https://gios.co.in/dalube/FUNC/ico.ico0%Avira URL Cloudsafe
https://gios.co.in/dalube/0%Avira URL Cloudsafe
https://gios.co.in0%Avira URL Cloudsafe
https://gios.co.in/dalube/Office0%Avira URL Cloudsafe
https://gios.co.in/dalube/2:0%Avira URL Cloudsafe
https://gios.co.in/dalube/20%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
accounts.google.com
172.217.168.45
truefalse
    		high
    clients.l.google.com
    		142.250.203.110
    		truefalse
      		high
      gios.co.in
      		162.241.29.157
      		truefalse
        		unknown
        googlehosted.l.googleusercontent.com
        		142.250.203.97
        		truefalse
          		high
          clients2.googleusercontent.com
          		unknown
          		unknownfalse
            		high
            clients2.google.com
            		unknown
            		unknownfalse
              		high
              www.ericsson.com
              		unknown
              		unknownfalse
                		high

                Contacted URLs

                NameMaliciousAntivirus DetectionReputation
                https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1Eq5B6Rl1vAteD2XLcZ1aB67F3mcRTLSXXMDf4RFktrue
                • SlashNext: Fake Login Page type: Phishing & Social Engineering
                		unknown

                URLs from Memory and Binaries

                NameSourceMaliciousAntivirus DetectionReputation
                https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1History.0.drtrue
                • Avira URL Cloud: safe
                		unknown
                https://dns.google6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.dr, df925a64-fa94-4f61-a53f-53847a4b39f8.tmp.3.dr, 684e2fe0-0e4e-4001-aaa2-77634aa6a841.tmp.3.drfalse
                • URL Reputation: safe
                • URL Reputation: safe
                • URL Reputation: safe
                		unknown
                https://ogs.google.com6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.drfalse
                  		high
                  https://support.google.com/chromecast/troubleshooter/2995236messages.json41.0.drfalse
                    		high
                    https://play.google.com6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.drfalse
                      		high
                      https://gios.co.in/dalubeOfficeHistory.0.drtrue
                      • Avira URL Cloud: safe
                      		unknown
                      https://payments.google.com/payments/v4/js/integrator.jsmanifest.json.0.drfalse
                        		high
                        https://www.google.com;manifest.json0.0.drfalse
                        • Avira URL Cloud: safe
                        		low
                        https://hangouts.google.com/manifest.json0.0.drfalse
                          		high
                          https://gios.co.in/dalube2:History Provider Cache.0.drtrue
                          • Avira URL Cloud: safe
                          		unknown
                          https://gios.co.in/dalube2History Provider Cache.0.drtrue
                          • Avira URL Cloud: safe
                          		unknown
                          https://gios.co.in/dalube/FUNC/ico.icoFavicons.0.drtrue
                          • Avira URL Cloud: safe
                          		unknown
                          https://sandbox.google.com/payments/v4/js/integrator.jsmanifest.json.0.drfalse
                            		high
                            https://gios.co.in/dalube/Current Session.0.dr, Favicons.0.drtrue
                            • Avira URL Cloud: safe
                            		unknown
                            https://gios.co.inCurrent Session.0.drfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://www.google.com6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.dr, manifest.json0.0.drfalse
                              		high
                              https://gios.co.in/dalube/OfficeHistory.0.drtrue
                              • Avira URL Cloud: safe
                              		unknown
                              https://gios.co.in/dalube/2:History Provider Cache.0.drtrue
                              • Avira URL Cloud: safe
                              		unknown
                              https://accounts.google.com6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.dr, manifest.json0.0.drfalse
                                		high
                                https://gios.co.in/dalube/2History Provider Cache.0.drtrue
                                • Avira URL Cloud: safe
                                		unknown
                                https://support.google.com/chromecast/answer/2998456messages.json41.0.drfalse
                                  		high
                                  https://clients2.googleusercontent.com6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.drfalse
                                    		high
                                    https://apis.google.com6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.dr, manifest.json0.0.drfalse
                                      		high
                                      https://www.google.com/manifest.json.0.drfalse
                                        		high
                                        https://feedback.googleusercontent.commanifest.json0.0.drfalse
                                          		high
                                          https://gios.co.in/dalubeFavicons.0.drtrue
                                            		unknown
                                            https://clients2.google.com6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp.3.drfalse
                                              		high
                                              https://clients2.google.com/service/update2/crxmanifest.json0.0.drfalse
                                                		high

                                                Contacted IPs

                                                • No. of IPs < 25%
                                                • 25% < No. of IPs < 50%
                                                • 50% < No. of IPs < 75%
                                                • 75% < No. of IPs

                                                Public

                                                IPDomainCountryFlagASNASN NameMalicious
                                                172.217.168.45
                                                		accounts.google.comUnited States
                                                		15169GOOGLEUSfalse
                                                142.250.203.97
                                                		googlehosted.l.googleusercontent.comUnited States
                                                		15169GOOGLEUSfalse
                                                239.255.255.250
                                                		unknownReserved
                                                		unknownunknownfalse
                                                142.250.203.110
                                                		clients.l.google.comUnited States
                                                		15169GOOGLEUSfalse
                                                162.241.29.157
                                                		gios.co.inUnited States
                                                		46606UNIFIEDLAYER-AS-1USfalse

                                                Private

                                                IP
                                                192.168.2.1
                                                127.0.0.1

                                                General Information

                                                Joe Sandbox Version:33.0.0 White Diamond
                                                Analysis ID:452574
                                                Start date:22.07.2021
                                                Start time:15:53:25
                                                Joe Sandbox Product:CloudBasic
                                                Overall analysis duration:0h 4m 49s
                                                Hypervisor based Inspection enabled:false
                                                Report type:light
                                                Cookbook file name:browseurl.jbs
                                                Sample URL:https://gios.co.in/dalube
                                                Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                Number of analysed new started processes analysed:12
                                                Number of new started drivers analysed:0
                                                Number of existing processes analysed:0
                                                Number of existing drivers analysed:0
                                                Number of injected processes analysed:0
                                                Technologies:
                                                • HCA enabled
                                                • EGA enabled
                                                • AMSI enabled
                                                Analysis Mode:default
                                                Analysis stop reason:Timeout
                                                Detection:MAL
                                                Classification:mal68.phis.win@28/159@6/7
                                                Cookbook Comments:
                                                • Adjust boot time
                                                • Enable AMSI
                                                Warnings:
                                                Show All
                                                • Exclude process from analysis (whitelisted): BackgroundTransferHost.exe, backgroundTaskHost.exe, svchost.exe, wuapihost.exe
                                                • TCP Packets have been reduced to 100
                                                • Created / dropped Files have been reduced to 100
                                                • Excluded IPs from analysis (whitelisted): 104.43.139.144, 20.50.102.62, 23.211.6.115, 52.255.188.83, 104.43.193.48, 172.217.168.67, 34.104.35.123, 216.58.215.234, 23.50.109.201, 172.217.168.10, 172.217.168.42, 172.217.168.74, 142.250.203.106, 20.82.209.104, 20.54.110.249, 40.112.88.60, 173.222.108.210, 173.222.108.226
                                                • Excluded domains from analysis (whitelisted): au.download.windowsupdate.com.edgesuite.net, store-images.s-microsoft.com-c.edgekey.net, clientservices.googleapis.com, arc.msn.com, www.ericsson.com.edgekey.net.globalredir.akadns.net, iris-de-ppe-azsc-neu.northeurope.cloudapp.azure.com, e12564.dspb.akamaiedge.net, consumer-displaycatalogrp-aks2aks-europe.md.mp.microsoft.com.akadns.net, audownload.windowsupdate.nsatc.net, arc.trafficmanager.net, www.ericsson.com.edgekey.net, displaycatalog.mp.microsoft.com, watson.telemetry.microsoft.com, au-bg-shim.trafficmanager.net, content-autofill.googleapis.com, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, neu-displaycatalogrp.frontdoor.bigcatalog.commerce.microsoft.com, ris-prod.trafficmanager.net, asf-ris-prod-neu.northeurope.cloudapp.azure.com, ctldl.windowsupdate.com, skypedataprdcolcus16.cloudapp.net, a767.dscg3.akamai.net, www.googleapis.com, iris-de-prod-azsc-uks.uksouth.cloudapp.azure.com, skypedataprdcolcus15.cloudapp.net, e7890.dscx.akamaiedge.net, ris.api.iris.microsoft.com, skypedataprdcoleus17.cloudapp.net, edgedl.me.gvt1.com, store-images.s-microsoft.com, blobcollector.events.data.trafficmanager.net, displaycatalog-rp.md.mp.microsoft.com.akadns.net
                                                • Not all processes where analyzed, report is missing behavior information
                                                • Report size getting too big, too many NtCreateFile calls found.
                                                • Report size getting too big, too many NtOpenFile calls found.
                                                • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
                                                • Report size getting too big, too many NtWriteVirtualMemory calls found.

                                                Simulations

                                                Behavior and APIs

                                                No simulations

                                                Joe Sandbox View / Context

                                                IPs

                                                No context

                                                Domains

                                                No context

                                                ASN

                                                No context

                                                JA3 Fingerprints

                                                No context

                                                Dropped Files

                                                No context

                                                Created / dropped Files

                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\9f5c22cf-6daa-46c2-a48d-f79635716c1b.tmp
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text, with very long lines, with no line terminators
                                                Category:dropped
                                                Size (bytes):174555
                                                Entropy (8bit):6.079337287210883
                                                Encrypted:false
                                                SSDEEP:3072:j8V9WW4u2Vl2CViqRnjUkQJUwYMrwjYUEDt5HCzSdFcbXafIB0u1GOJmA3iuRM:IszH2aHRnjOJYMrw8LCzS7aqfIlUOoS+
                                                MD5:D666095B8F599DD8E1744CAFB6307C08
                                                SHA1:8C7E8DD135AFDD79C8CA3349349E2D3EC836FACA
                                                SHA-256:50DF229BF40602CA993E03750A6DDF7B990E8296200DADB86A219751AB1F72EA
                                                SHA-512:E2CB17504530409AC083D6FE8FF1E51F4487A5D0E42C4939C96CA5FD1CD1B818D456E60331C6772A257103484DFFAE1775E66828405C490667CF8AE9A9C14F8E
                                                Malicious:false
                                                Reputation:low
                                                Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.626962057446478e+12,"network":1.626962059e+12,"ticks":6728009421.0,"uncertainty":4764579.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715401452"},"plugins":{"metadata":{"adobe-flash-player":{"
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):120
                                                Entropy (8bit):3.3041625260016576
                                                Encrypted:false
                                                SSDEEP:3:FkXwgs0oRL6twgs0oRL6twgs0oRLn:+taRL+taRL+taRLn
                                                MD5:E6C1693D9F0F6B6E878D098FBFD4C92A
                                                SHA1:D9D2708143B4A3BA5D14DFED59DCB6B88DF172D9
                                                SHA-256:E9DA6B8F6549D084D8740EB4C25755989B057EBF4F36B5E526F34DFFAB7500CF
                                                SHA-512:19B28BFE66708B294AB033C2F87D219E1C29D4F9363AC92E89B9406F6E2ACB13AD5DF73DD7E163D1ADEC0AF89C42DA112AE153EB23378EC29302F91192B7C5A9
                                                Malicious:false
                                                Reputation:low
                                                Preview: sdPC.....................UO..E.D.Q.o....sdPC.....................UO..E.D.Q.o....sdPC.....................UO..E.D.Q.o....
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1dfd0b49-b121-4990-84ed-dca0467835d1.tmp
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text, with very long lines, with no line terminators
                                                Category:dropped
                                                Size (bytes):1207
                                                Entropy (8bit):5.571988813980347
                                                Encrypted:false
                                                SSDEEP:24:Ym6H0UhsSTG1KUeiXzkq/HeUe8zUeZTBTnUEvZ7wU8rRUeiQ:Ym6UUhyKUeiYqPeUekUeZxUSBwUiUeP
                                                MD5:C83F9CBE63F3F7F5FF07732A383B94F8
                                                SHA1:2D67C5A1CED99538C44CFEC90F8E1C1E16DE75D9
                                                SHA-256:60A5CC80940E668496EAB03AD1D00AE0104CB218D22D811ED2E87AC4440DE33F
                                                SHA-512:625F4D52FB6DFF458C8696B0279A80BDEF938948DE9CF91953287CFD51FCA025C11BF0ED8FFBFB01E95D2567B17D7E65AB158743ACEA42E012CE7C21EA480202
                                                Malicious:false
                                                Reputation:low
                                                Preview: {"expect_ct":[],"sts":[{"expiry":1632986995.029294,"host":"OuKlWsMW1dkkbI1X/oi6o0Y95ZNSWnSoeaIXAEYPlv4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1601450995.029298},{"expiry":1632986994.959502,"host":"nAuqgR4iEWti7SOdT3UHPl6rmZU/DeaIm38P2O2OkgA=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601450994.959505},{"expiry":1632987007.31909,"host":"0J7rAWV0ouCFYJ9XrkDiKnAO1SshXJmLJE1SS3V8kDM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601451007.319093},{"expiry":1632987013.78633,"host":"5EdUoB7YUY9zZV+2DkgVXgho8WUvp+D+6KpeUOhNQIM=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1601451013.786337},{"expiry":1658498061.128535,"host":"7w+bndSQG/m7K5u40LaJ5B6vA5F9uWb6nC9HDDNLhmw=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1626962061.12854},{"expiry":1658498059.143057,"host":"8/RrMmQlCD2Gsp14wUCE1P8r7B2C5+yE0+g79IPyRsc=","mode":"force-https","sts_include_subdomains":false,"sts_obs
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\64c78665-60ed-4fb9-9a90-e3b6ab5baed5.tmp
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                                                Category:dropped
                                                Size (bytes):22600
                                                Entropy (8bit):5.536493130949841
                                                Encrypted:false
                                                SSDEEP:384:l8xtXLlSSX+1kXqKf/pUZNCgVLH2HfD9rUeHGPnZSlu45:2Llb+1kXqKf/pUZNCgVLH2HfxrUOGPnA
                                                MD5:03479E6B815D900E3D1699116DE918E3
                                                SHA1:CE50BBE1B926D4768648CBF4DAB27C3BC2DFDE3E
                                                SHA-256:06B9CAA4C307E892C7939C6F34562D302F714BB98D2E3F30043159CF16909BEA
                                                SHA-512:B47B137154876E442147D90742C94598941AEDCC7179E9E44FD03CA56C2BE7C9738D8DCADA610260F026CD60346B43CDE93D42D4723F665824F5D466E2CC95B5
                                                Malicious:false
                                                Reputation:low
                                                Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13271435654536582","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6c8d66ce-205d-43e1-b674-00fb2b3ca4f9.tmp
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text, with very long lines, with no line terminators
                                                Category:dropped
                                                Size (bytes):3473
                                                Entropy (8bit):4.884843136744451
                                                Encrypted:false
                                                SSDEEP:96:6FGX0G70GhIGpyGzRDYLiEHYDBKGzUGaCGjHGESHG/OG6mhM:6Fe0i0sIIyGzRDYLiEHYDBKSUpCQHrSP
                                                MD5:494384A177157C36E9017D1FFB39F0BF
                                                SHA1:CE5D9754A70CD84CEE77C9180DB92C69715BE105
                                                SHA-256:07CF0A5189FAD30A4AA721F4F6DA1B15100991115833EACFA1E2DC84A1B54337
                                                SHA-512:BFB80EEC0C0B5D9E487047703BE49826321A4D249422E0C81E978E6C8A310F41C7B4B8F849229BA87484FDF4831DD6A98FF994D0FDA5CE3D341CE615C15F2F1C
                                                Malicious:false
                                                Reputation:low
                                                Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607497410","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":27387},"server":"https://www.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607334226","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":34287},"server":"https://ssl.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607463627","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":31787},"server":"https://fonts.gstatic.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248516607318875","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":23359},"server":"https://apis.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):334
                                                Entropy (8bit):5.247577200970933
                                                Encrypted:false
                                                SSDEEP:6:mOU2eTMq2Pwkn23iKKdK9RXXTZIFUtpNUdeXZmwPNU08kwOwkn23iKKdK9RXX5LJ:22eTMvYf5Kk7XT2FUtpGc/PG95Jf5KkT
                                                MD5:BB5BFFEF9518812DC5DC6A8F964317B3
                                                SHA1:A41CE90C77F6C922A7F0A2162BD5D98E0E94F0EA
                                                SHA-256:D1DE02BF81F698CA8300E93281F1C86EDD1117BF55BA55598E7F0168F74F40C3
                                                SHA-512:6CF2614F68C8AF8D8BF2F853987BD93699B9510C2A6A354F99B0915F499D6D0CFE2D1B0689BCE740DDA9FEF0364245D4D8D3EFC015537402B385940553B16387
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:21.517 1b64 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2021/07/22-15:54:21.518 1b64 Recovering log #3.2021/07/22-15:54:21.519 1b64 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):318
                                                Entropy (8bit):5.189200258730321
                                                Encrypted:false
                                                SSDEEP:6:mOQjWM+q2Pwkn23iKKdKyDZIFUtpNURe1ZmwPN3SlWMVkwOwkn23iKKdKyJLJ:SjL+vYf5Kk02FUtpGi/PALV5Jf5KkWJ
                                                MD5:DD6255628092123F7F4A5AA1FD6B02D9
                                                SHA1:3C60D99C4AC5BF192E04E3992412C398EA8C05E2
                                                SHA-256:814A7EFBBBA7A5A74EE2411F16CD1D059E1C8E1E618757C09ED0EFC6789EA10E
                                                SHA-512:C6760BDFD8B88EFEA3923671A15BF354C02B568788E4FD33DCD025B5AB144B5D0856709A6BFBCDF8B154DCEA862F5C52FB68D29AF7AB6278AE6297D6D16F816D
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:21.504 161c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2021/07/22-15:54:21.514 161c Recovering log #3.2021/07/22-15:54:21.520 161c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:SQLite 3.x database, last written using SQLite version 3032001
                                                Category:modified
                                                Size (bytes):12288
                                                Entropy (8bit):0.833443211261429
                                                Encrypted:false
                                                SSDEEP:24:TLyqJLbXaFpEO5bNmISHn06UwljE+/jv0y8Ih:TekLLOpEO5J/Kn7U/+/AIh
                                                MD5:877888E59C77A03A9D5AF23767DF3FD2
                                                SHA1:C2D6D997C56DB1DE2B0EDD8418E4CD83F7B5CA6E
                                                SHA-256:F99AEA5C507A2C7F19CB84A57533861365CFA8D4C2302662247804FBEDF43AFF
                                                SHA-512:F449024C8580B0078693ACA4520F3987223958E538ADAF04427E259A6B89C763E8360C893195C0807564203FA7E5A66548B3CB106648429827E95E31EBB406A8
                                                Malicious:false
                                                Reputation:low
                                                Preview: SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):12836
                                                Entropy (8bit):0.9743231154040015
                                                Encrypted:false
                                                SSDEEP:24:Pe9H6pf1H1oNkqLbJLbXaFpEO5bNmISHn06UwBt8:PbfvoNkq5LLOpEO5J/Kn7U+t8
                                                MD5:39EE753A12527F4181A5642D35155736
                                                SHA1:0A2F7791E8860845CAF5C780B477A31BFF9783DF
                                                SHA-256:EB40F60C62D97AA738549A0F5345F38570DF03AF0146363298C0830DFD6D9394
                                                SHA-512:03CEEB2C633342336B046318BC68A7685715DF5753309AE918F87EDFCD08116A5AB50982F6737939773817AA8F26FA651E93389C9092E6443E1559AC37FC2581
                                                Malicious:false
                                                Reputation:low
                                                Preview: ...............^........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):1420
                                                Entropy (8bit):3.934328470087528
                                                Encrypted:false
                                                SSDEEP:24:34S++lrlJBryJmeaTJ6KtSp+ldClfyl4OozlgT134rPSpNB6RKJlLlL:34baxf2me8S4dCladxqSqKrRL
                                                MD5:1A6B6C4F655FF419EB089AC692DB82FC
                                                SHA1:4DE95A2284E38AAF07A1E1C8F0ED0819CC25E098
                                                SHA-256:CE6F00D87C337958CD5183C7CCBE8D8D0CE7C7393C2ADBC6D37CA813C72D4BD7
                                                SHA-512:A8C3ABE6FFEF52909AFF4729E354BBE71BB04F32BF3D4515B2CAD929F94084CB2F53AC343C04D21663817CAC1E50E2FACDC778BE4045528D667E50C83397B269
                                                Malicious:false
                                                Reputation:low
                                                Preview: SNSS....................................................!.............................................1..,.......$...5fb8d4f5_78ff_49bd_b3fe_6ffabd2d1e4d........................................................................................................5..0.......&...{730C75E3-B87A-4292-818B-DC8F984D08AE}...........................................https://gios.co.in/dalube/Client/?sslchannel=true&sessionid=PLUyBh6GTtCpKF53GmWD1TES726ndjpHyq0xnEM1Eq5B6Rl1vAteD2XLcZ1aB67F3mcRTLSXXMDf4RFk....................................................h.......`........................................................>.......>..............(.......(....................... .......h.t.t.p.s.:././.g.i.o.s...c.o...i.n./.d.a.l.u.b.e./.C.l.i.e.n.t./.?.s.s.l.c.h.a.n.n.e.l.=.t.r.u.e.&.s.e.s.s.i.o.n.i.d.=.P.L.U.y.B.h.6.G.T.t.C.p.K.F.5.3.G.m.W.D.1.T.E.S.7.2.6.n.d.j.p.H.y.q.0.x.n.E.M.1.E.q.5.B.6.R.l.1.v.A.t.e.D.2.X.L.c.Z.1.a.B.6.7.F.3.m.c.R.T.L.S.X.X.M.D.f.4.R.F.k.................<.......h.t.t.p.s.:././.g.i.o
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):8
                                                Entropy (8bit):1.8112781244591325
                                                Encrypted:false
                                                SSDEEP:3:3Dtn:3h
                                                MD5:0686D6159557E1162D04C44240103333
                                                SHA1:053E9DB58E20A67D1E158E407094359BF61D0639
                                                SHA-256:3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
                                                SHA-512:884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
                                                Malicious:false
                                                Reputation:low
                                                Preview: SNSS....
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):164
                                                Entropy (8bit):4.391736045892206
                                                Encrypted:false
                                                SSDEEP:3:FQxlXayz/t2Hmwg0EOZL7Ao4uhFkEuRLKyC5Ei5+Gg:qT5z/t2qoEwhXeLKB
                                                MD5:0A906A9A542CDF08FF50DAAF1D1E596E
                                                SHA1:B97D6274196F40874A368C265799F5FA78C52893
                                                SHA-256:EB9CABBF5FDA1AD535300B0110EAA4068A083248BA928A631C9278545935426D
                                                SHA-512:8795E905B711ADE6B1C4B402D50AF491B64D157AA738669482DDBFC30E857DF970BFFB774A925F3F4A0802BD27AFAF939CE140894FF09B67FB9C0BB83ED4491A
                                                Malicious:false
                                                Reputation:low
                                                Preview: .f.5................i.Wd...............Sgdaefkejpgkiemlaofpalmlakkmbjdnl.declarative_rules.declarativeContent.onPageChanged.[]..F..................F................
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):317
                                                Entropy (8bit):5.253647503434932
                                                Encrypted:false
                                                SSDEEP:6:m3RiN+q2Pwkn23iKKdK8aPrqIFUtpCRIZmwPCRYVkwOwkn23iKKdK8amLJ:iiIvYf5KkL3FUtpSI/PSQ5Jf5KkQJ
                                                MD5:1D479B336936C953C7DE77FCC26504A0
                                                SHA1:AF85C3DE4BB764CD12FBE2F99C083DBEE31A4A86
                                                SHA-256:A652004D083CD6ABB096737C909FE852733BA401D516AE601DF67DE30D46A9D9
                                                SHA-512:E5AF0FD2A6B8A789B2B998548AD40C8E9167F3212AA550EF8792580D351D641099512E2B6A57DD333B15642D33535DEDFC8D089C1EDD319EC8BC7434BF1B4D9D
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:14.794 528 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/07/22-15:54:14.796 528 Recovering log #3.2021/07/22-15:54:14.796 528 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):570
                                                Entropy (8bit):1.8784775129881184
                                                Encrypted:false
                                                SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWW
                                                MD5:D4BA0AE0BB0B9FAFF3DA6F35FDBC3C8A
                                                SHA1:FB3E9DEC7F35A9B1D94E54A5659DD0DE484055E7
                                                SHA-256:99DEF1B557F19F04C1AFFC6F247D0451F33FC10EC42E73792223C3215AC98BE6
                                                SHA-512:86FD07C34B9ABD4C52BA19EAE291936F92BC6D38A75C021EDC1DEDBC15617669876180CD99F959C62476D82EC6BB9F5FE4C6CB4D82CB037EFB76D99A4D3D9C51
                                                Malicious:false
                                                Reputation:low
                                                Preview: .f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):317
                                                Entropy (8bit):5.232443596966226
                                                Encrypted:false
                                                SSDEEP:6:m3CFwVq2Pwkn23iKKdK8NIFUtpCCNNAgZmwPCsAIkwOwkn23iKKdK8+eLJ:/OvYf5KkpFUtpPJ/PPD5Jf5KkqJ
                                                MD5:C6AA35E845F45E4C0BA17CEE19A4289B
                                                SHA1:8259C8785010B899F938BF501B55053D15430C0D
                                                SHA-256:5D60B0CE7A1AE861258C46084388BBB18E653AB8DA55B6212D095BE805244B58
                                                SHA-512:33D0CC3D6F00C8DD0CD986908F11ADD646CE6D9985C9C857208FAF12F00CAD56EE0EEA4D614D9CEDF24D4C3CD5047453701A533687E15B0F3BEB1356DB159CE4
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:17.823 614 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/07/22-15:54:17.825 614 Recovering log #3.2021/07/22-15:54:17.832 614 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text, with very long lines, with no line terminators
                                                Category:dropped
                                                Size (bytes):11217
                                                Entropy (8bit):6.069602775336632
                                                Encrypted:false
                                                SSDEEP:192:GbylJnlTwGB7V9Hne4qasKxXItmLG48gcLg/PkI:Gb+nldByaFx4toj8VEPT
                                                MD5:90F880064A42B29CCFF51FE5425BF1A3
                                                SHA1:6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF
                                                SHA-256:965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
                                                SHA-512:D9CBFCD865356F19A57954F8FD952CAF3D31B354112766C41892D1EF40BD2533682D4EC3F4DA0E59A5397364F67A484B45091BA94E6C69ED18AB681403DFD3F3
                                                Malicious:false
                                                Reputation:low
                                                Preview: {"file_hashes":[{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R8B8qYabnMSlLPhrtu0hGYrHn3llsMHqBbi70gkIjEE=","rhlzuEvv2KRAFMms896xFwkNgPrw6WvmgPn6xrBSa2Y=","LAMXv6sRb0VZrY34aVXF3Fftxs
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text, with very long lines, with no line terminators
                                                Category:dropped
                                                Size (bytes):23474
                                                Entropy (8bit):6.059847580419268
                                                Encrypted:false
                                                SSDEEP:384:7dNc1NC6IcafusK4H1IIGRlhKlkIALQWdynQh2RX4K6M1tVztzr7XSNyzH:7dOscSRKc1nGRSkIhEw6M1tf7SNyb
                                                MD5:6AE2135EA4583C2F06CDEBEA4AE70FA4
                                                SHA1:DCEB26C7F02D53B5F214305F4C75B4A33A79CDC2
                                                SHA-256:03AA1944CB3C4F39E20B6361571BC45DFBEBD3FFDA3D8F148CC6ECB29958F903
                                                SHA-512:B5945E67D9F73DD1982D687E5C6D9B5D6B3886C8050363A259755C76AC0F93651F3425FA7C21AA6A13977AC1C8C9322F998F131648CB8909096058D4F0D23312
                                                Malicious:false
                                                Reputation:low
                                                Preview: {"file_hashes":[{"block_hashes":["DOZdV3jFvk12AM2JNDYKo3KZrIVRprmJ+sVGWkqqE4Q=","rVElW3Hu3T52SzDDUqGT5YiJTBGUv2h3pNuBKFlhZ1U=","X/3fg4KZxgQ1jBr5QGq0F5JnflgE27UErd88mrxTcxs=","VibLbpy0ig+5INMOU71fTYN76iaka2XVpmm1qAKYsX8=","EChCwCbQHbHQ7oDdGT2qNyiRJ0yck2YC2emNGq4whtE="],"block_size":4096,"path":"_locales/iw/messages.json"},{"block_hashes":["xklkoZ7iSU1+7cd6DAtEmUC5lPFd+EgcbnzxkOiFwlk=","3KbsvoxKY/3AwqgF2aAdVQRpMhsNVRkQ3rx2A6Z2Z+Y=","o9+tsohquaCMj+70zeinRG/hBhA2uLoDl/WoC1uokME=","xV/K8xucyWJELVT8Cqn+ugFjobBVmg8pnmACF+2PP4Y=","p/mvJm2wuCl32Rx3it654MljKAsMe3S9IDEabc1A8mE=","j8mPrTb5oOsBTj2Fer78JE6xG6+kR64Cvu2SW8d3j/k=","nqSRpGQ3USU2bZJsZ+AzBmFOyann8omwJrhEWFZDTXc=","eTcQyJUuNuF9yCga/fXGyFCj/pysSceanhBzksdx23s=","Wj7faqnspelXKMvnduxHn1XUBG8TEOqyns7/oUihekM=","VtBwXoadI3EP336rAiL33Gz19KGqtN+RYdKnMKAXoLw=","iDgLXQqXJp8nCZxgLuC9LXM45DGfufvGnXvmHsn18wc=","g+RfdDfrWTUK0Pkcsbot7NJ4SC9wVRV/dVVMuHAtEj8=","2oC4HcCuXu3VjFf6wnKlznt9uqQNaebcuWpm/mWj69U=","aMUIpuFqPMiieSaWhIktCK62v2P3OZQAWupWsYzCnvk=","L
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:SQLite 3.x database, last written using SQLite version 3032001
                                                Category:dropped
                                                Size (bytes):16384
                                                Entropy (8bit):2.0068415955988526
                                                Encrypted:false
                                                SSDEEP:48:tBmw6fU1y2mewZ/uZxKzHEliv8w7WA6Yzl5d2LWF2met:tBCJVX/Zkliv97W6J5d2LWFVa
                                                MD5:2F75BDC68A94717D31F46FF434F388E9
                                                SHA1:AD9B7319B44BA2C6B21BCA971AC1CA1F385DA78E
                                                SHA-256:155A31BC59C7FA94C01604813F50DF3BCBB1A79E3A5447E3F5C03C3297510635
                                                SHA-512:00432289F7C763BBD05F05A7B216019BBA52266D3366BD73179525269EAF1A9E1D71EB052F75E11563F1F8E87CB9BEF975413866C16F539B02B133C5EDC407DD
                                                Malicious:false
                                                Reputation:low
                                                Preview: SQLite format 3......@ ..........................................................................C..........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):16972
                                                Entropy (8bit):0.813821613195582
                                                Encrypted:false
                                                SSDEEP:24:gYGGNlDGQwY1yLjtVxh0GY/l1rWR1PmCx9fZjsBX+T6Uwx3n:FiHKCBmw6fUG3n
                                                MD5:0AF553746254B8DE530A27E1AA15BD52
                                                SHA1:18993F4A95C06781B03FA4B75CB9000499244AB1
                                                SHA-256:2EA1ABA3A00FB0B88F079B8F32BD2644A6855846C347D05DC4147522D8DFAAEE
                                                SHA-512:833C5D5EC92C3F483C8D51DDAD2CACB8755F3CC42257D00439E6A6E983D50B0B26F181BF9F58AB837B5ED84F8057E33AACABA382690B7626DC23E6D5CE03D442
                                                Malicious:false
                                                Reputation:low
                                                Preview: .............19.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):19
                                                Entropy (8bit):1.8784775129881184
                                                Encrypted:false
                                                SSDEEP:3:FQxlX:qT
                                                MD5:0407B455F23E3655661BA46A574CFCA4
                                                SHA1:855CB7CC8EAC30458B4207614D046CB09EE3A591
                                                SHA-256:AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
                                                SHA-512:3020F7C87DC5201589FA43E03B1591ED8BEB64523B37EB3736557F3AB7D654980FB42284115A69D91DE44204CEFAB751B60466C0EF677608467DE43D41BFB939
                                                Malicious:false
                                                Reputation:low
                                                Preview: .f.5...............
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):372
                                                Entropy (8bit):5.260724682791507
                                                Encrypted:false
                                                SSDEEP:6:mOUXeOq2Pwkn23iKKdK25+Xqx8chI+IFUtpNUC8ZmwPNUC8kwOwkn23iKKdK25+M:2XeOvYf5KkTXfchI3FUtpGC8/PGC85JM
                                                MD5:9126E6DD182093B0623A9CFD55024E82
                                                SHA1:B8ACD0D2A8A8B8C8F5ED4FD711B60F7272602E15
                                                SHA-256:0F9702AA6BCE730394359F3A029AAEA64AE9909A89DD9925F3E4ECB40431468F
                                                SHA-512:6001C9B66FD0C83247501775A11858E3E34CF4A226096F969B1A7B83E57057327E262D9B8B845B17D2A533B0AF8A761F92E907646495F9F2142C00887802FF1D
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:21.512 1b64 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2021/07/22-15:54:21.513 1b64 Recovering log #3.2021/07/22-15:54:21.513 1b64 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):358
                                                Entropy (8bit):5.277701942396804
                                                Encrypted:false
                                                SSDEEP:6:mIShq2Pwkn23iKKdK25+XuoIFUtpLSvZmwPLS9kwOwkn23iKKdK25+XuxWLJ:7ShvYf5KkTXYFUtpLSv/PLS95Jf5KkTZ
                                                MD5:79D54F3E14AA5E140C3A11CBE1A063AA
                                                SHA1:97250E6BDEDA2FD9BFEA5DE26B499CE02F375CD1
                                                SHA-256:2765E216543AA05CE40B67BB8E6A2CFDB3DCD3B3EFEC3BBC5C23625F55677BE4
                                                SHA-512:48110B20F53B36E1AAFFD34CDF90B0D12DC2ABA237F01DA97399B7ADD057A1C16EA3F54A2DD4DCDABB9CC96337CA7F3DCC6DCE12315B14F76480C38F06753E65
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:21.378 1b64 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2021/07/22-15:54:21.379 1b64 Recovering log #3.2021/07/22-15:54:21.379 1b64 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):330
                                                Entropy (8bit):5.2294175854920715
                                                Encrypted:false
                                                SSDEEP:6:miU+WM+q2Pwkn23iKKdKWT5g1IdqIFUtpP1ZmwP/lWMVkwOwkn23iKKdKWT5g1Iu:c+L+vYf5Kkg5gSRFUtpN/P/lLV5Jf5Kg
                                                MD5:C03A1D6EA09136381B6076EEB9BC9456
                                                SHA1:FA169EE836BD596697F21B0DC9F5C0B4F247800C
                                                SHA-256:48D97D63D636BEB44D4156204DE718AAE05A5C74DF536281BC8E82691CA36701
                                                SHA-512:38C897AA6CB2A7E954C5E08FEFDA159802015ACD02CA2832494EA1EEDD8E60D28B31AC976E42980097940A04CB30D15253207589575A8303E4149B56EE08FAE9
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:21.464 161c Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2021/07/22-15:54:21.471 161c Recovering log #3.2021/07/22-15:54:21.475 161c Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:SQLite 3.x database, last written using SQLite version 3032001
                                                Category:dropped
                                                Size (bytes):32768
                                                Entropy (8bit):0.3058749979715968
                                                Encrypted:false
                                                SSDEEP:24:TLxWy2oyJmeaTUD/84Et/DmdoMv2KLyJmeaT9:TsyN2mebPT2KL2mec
                                                MD5:83EAB99D497B6A57E019723F5522A3F4
                                                SHA1:7B0DBECB22D54AB88F7633EF7AF64A2F4F95F87B
                                                SHA-256:43819E33135FB9B12B1E9302070A956407D3CFE1B8CD85D74D9EF1A06ECEE597
                                                SHA-512:0B742C4B2F611C74830CEBD0DB246C8B2438124EC8D2F62901D62FDFB9591DCBEE19AF790EE98C69013ED3A99D7B3A8E22D8DB6CEABC03EB4858F30066F26995
                                                Malicious:false
                                                Reputation:low
                                                Preview: SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):459
                                                Entropy (8bit):5.14628526173711
                                                Encrypted:false
                                                SSDEEP:12:bVvFknxO7bxxAsktSRBdIu7y7u23tVu/zVaOzAA8BN8qkAKqf3:RvFqo7bHAsk2dp12dBGQ
                                                MD5:43A3D1B57C5E1F23A21665E9A867F455
                                                SHA1:BC2615BEC458841FF4FFC9D78F7B18AB99D73FAA
                                                SHA-256:7D5F23B059A5A956F7DD09DEAA16F5F169E536DD1AC864CFEEE52317176BBEEF
                                                SHA-512:D0226ABCCA94AE0FAF0E7BBEBB4BE6CA429F77820878CFA8E8C644B4101A7E453619A39A4BA30F45F5BCEE45D77CE913A41C58E8694483AF5C28126E77F91D70
                                                Malicious:false
                                                Reputation:low
                                                Preview: ............".....co..dalube..gios..https..in*3......co......dalube......gios......https......in..2.........a........b........c........d........e........g........h........i.........l........n........o.........p........s.........t........u...:4....................................................B.....=...... ........*.https://gios.co.in/dalube2.:.................C...... ........*.https://gios.co.in/dalube/2.:.....................J.........................
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):33356
                                                Entropy (8bit):0.04761656801783401
                                                Encrypted:false
                                                SSDEEP:6:70S7QDtr1vtI93vt54zJvg9bNFlWCj/lEdKl3n:4pW9zQvqLBj/Sk3n
                                                MD5:423702280FF76F8D9D6839345D41AD55
                                                SHA1:E8E922360263C73FE35A473846F464399151EC1A
                                                SHA-256:463687EBF16E999B4AE9C807B6E536ABA68F7AA26053D07669E7BE8F0E849596
                                                SHA-512:00DAABBF9610F2AD236C90FF6CD17A390BF0E1A3D00E02B205F3A4D741B9231504DCD1A901BF73F8A1600849239D2D086FC16821B94776CE816476F1D55ADE15
                                                Malicious:false
                                                Reputation:low
                                                Preview: .............X..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):2955
                                                Entropy (8bit):5.474314096515142
                                                Encrypted:false
                                                SSDEEP:48:Y35Gsfa7SMk8dbr+O3bQSefgGjNrS0U9RdiN9NN:oa7SM3dbr+O3bQ5fgGxrS0fN
                                                MD5:9AD89159CC83093465E2E9ADC5E2FD36
                                                SHA1:1140596F5E424DF3D99E38B6F1393333CFCF2186
                                                SHA-256:5F17ACA94CC5F3C9B17D4B4AC834AE065FB62EAB27FCE727273F4C0801A35A11
                                                SHA-512:5A18345808204327C4F5FE2965AD65A144F4EEA28761943BEF135F8A238D4B7D851A64174FEA12F4971A39131735A9F8E8CE2E33510D2914CCF7C93382B1CA08
                                                Malicious:false
                                                Reputation:low
                                                Preview: x.....*............8META:chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm.............Y_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.HangoutSinkDiscoveryService;.{"cache":{"sinks":{},"g":{},"h":null},"manualHangouts":{}}.a_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.IdGenerator.cast.RequestIdGenerator..391283000.H_chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm..mr.temp.LogManager...["[2021-07-22 15:54:22.86][INFO][mr.Init] MR instance ID: 45f82e81-6b91-4b75-bc13-e2703a283fb4\n","[2021-07-22 15:54:22.86][INFO][mr.Init] Native Cast MRP is disabled.\n","[2021-07-22 15:54:22.86][INFO][mr.Init] Native Mirroring Service is enabled.\n","[2021-07-22 15:54:22.86][INFO][mr.PersistentDataManager] removeTemporary_: 163 chars used\n","[2021-07-22 15:54:22.86][INFO][mr.PersistentDataManager] initialize: 163 chars used, 67 other chars\n","[2021-07-22 15:54:22.87][INFO][mr.CastProvider] Query enabled: true\n","[2021-07-22 15:54:22.87][INFO][mr.CloudProvider]
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):332
                                                Entropy (8bit):5.223144839370525
                                                Encrypted:false
                                                SSDEEP:6:m3RnHt+q2Pwkn23iKKdK8a2jMGIFUtpCRnxZmwPCRn9CVkwOwkn23iKKdK8a2jM4:iHovYf5Kk8EFUtpSnx/PSn965Jf5Kk8N
                                                MD5:4330862FBB169373D35CE98442F1E9C3
                                                SHA1:ABF1BB121074192FA0A441FB6684E005D93258E0
                                                SHA-256:1369D45DFDB4FEE56749688BE6D6BA1168E7C060E31AE05B87FC9EB8D0FA74F5
                                                SHA-512:C1025645BB83A8D80E1AE6F7C2469F3947866CAB1005D5D0ED30E0BD86F9147FB8AE9C9237374F5121D56FC93B2355730F5EEFEB663DAD6EF59BA0E84CBB66B8
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:14.599 12b8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/07/22-15:54:14.601 12b8 Recovering log #3.2021/07/22-15:54:14.602 12b8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):331
                                                Entropy (8bit):5.261314235216176
                                                Encrypted:false
                                                SSDEEP:6:m3Rpxzq2Pwkn23iKKdKgXz4rRIFUtpCRpVRXZmwPCRp/GFkwOwkn23iKKdKgXz4n:i3vYf5KkgXiuFUtpSZX/PS1GF5Jf5Kkt
                                                MD5:2FAF22354DF115D455291BC547460732
                                                SHA1:6DA95393B43E378DB384A60F76B7CF1EB9E2570C
                                                SHA-256:946F1A9303F69DF360841FCD346390B3687CFE36E416E1D0237B3137D1930FA3
                                                SHA-512:003EDAFAE0184FF29D0706155C9CD1955A5FC77A7367BA565EC75A498E458E61601DA950392E60FDF39697A68685EB77548A32998F044904C6BAE4DFF6D25FC8
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:14.817 564 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/07/22-15:54:14.818 564 Recovering log #3.2021/07/22-15:54:14.819 564 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):114
                                                Entropy (8bit):1.9837406708828553
                                                Encrypted:false
                                                SSDEEP:3:5ljljljljljl:5ljljljljljl
                                                MD5:1B4FA89099996CE3C9E5A0A9768230E8
                                                SHA1:9026E1E0906E3B3FE0E414EE814CC5A042807A04
                                                SHA-256:537818AAFD0902A8B2D58B483674391E33E762B5E1E8CD226D873098CCE9C8F9
                                                SHA-512:4279C9380ACC5AB329EC6BCDA10CCF0A7437CEF63845B63E741CE517042CFE83340D2D362DD6B9E039BF55E61F484CCF72B8FD8477D1D0292E0B879CB949461B
                                                Malicious:false
                                                Reputation:low
                                                Preview: ..&f.................&f.................&f.................&f.................&f.................&f...............
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):317
                                                Entropy (8bit):5.192142734384314
                                                Encrypted:false
                                                SSDEEP:6:m3Rg6q2Pwkn23iKKdKrQMxIFUtpCRZZmwPCRzkwOwkn23iKKdKrQMFLJ:iXvYf5KkCFUtpSZ/PSz5Jf5KktJ
                                                MD5:EC9F6577AD5F75FBCA0AF6E9CF61ECA9
                                                SHA1:FFAEA5DDCB00E7EB8D6430FF55F3CF17E598FC6E
                                                SHA-256:AE7B24B248B62FB6CF7882F15FA169067B4378575C48B63D8C3625FE7ABA3F51
                                                SHA-512:C1888FDE0451F3CA8251E97B5ED9EC23EBF7A281156734058A47C417B6D60AC920809ECB9C33E59D2504F34373D0F9688033BA5ED3C5C8A19E5B5710B5111442
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:14.729 564 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/07/22-15:54:14.731 564 Recovering log #3.2021/07/22-15:54:14.731 564 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):345
                                                Entropy (8bit):5.181476414985015
                                                Encrypted:false
                                                SSDEEP:6:m3RZOq2Pwkn23iKKdK7Uh2ghZIFUtpCRaVuZZmwPCRahBPkwOwkn23iKKdK7Uh2w:iZOvYf5KkIhHh2FUtpSaM/PSahBP5JfI
                                                MD5:39D79BDD8989133A6F0092AF95455B23
                                                SHA1:D12846BCBACDAD91ECC579A7C8897C059D64EAFB
                                                SHA-256:78A6243BCB2A22C873EA504F05E17DB94115EE599C1DB69DD5B9A9BCA72FB40A
                                                SHA-512:B6BA370126F25C96CBB6F37DDBC6664367DC4CDEFC9FFC74FBD0378FCBCBA9E00164DBC5579A26A3899CB0948EFAE232F884B1E643B235BC8E12FDD86B217C3E
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:14.557 5d4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/07/22-15:54:14.560 5d4 Recovering log #3.2021/07/22-15:54:14.561 5d4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\684e2fe0-0e4e-4001-aaa2-77634aa6a841.tmp
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text, with very long lines, with no line terminators
                                                Category:dropped
                                                Size (bytes):325
                                                Entropy (8bit):4.971623449303805
                                                Encrypted:false
                                                SSDEEP:6:YHpoNXR8+eq7JdV5p7DHJShsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdHfHYhsBdLJlyH7E4f3K33y
                                                MD5:8CA9278965B437DFC789E755E4C61B82
                                                SHA1:5776B6C90CA1D2DDC765ED673B5E6DC8E167F0D6
                                                SHA-256:A57D9231244C1FBDE58A1BF50CAD3A1E3EA28D042BFA272782B65139446E7C51
                                                SHA-512:3065FE0743AD88E02F8C8FF6CF03B832B616DD08061EAE25A5106422228D45EB999EE2CBE4E9C96D5FFC108CB817766240E27BF97E3E5C2A58081D369E2968F8
                                                Malicious:false
                                                Reputation:low
                                                Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248516514667526","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):296
                                                Entropy (8bit):0.19535324365485862
                                                Encrypted:false
                                                SSDEEP:3:8E:8
                                                MD5:C4DF0FB10C4332150B2C336396CE1B66
                                                SHA1:780A76E101DE3DE2E68D23E64AB1A44D47A73207
                                                SHA-256:18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
                                                SHA-512:51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
                                                Malicious:false
                                                Reputation:low
                                                Preview: .'..(...................................................................................................................................................................................................................................................................................................
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):430
                                                Entropy (8bit):5.284959262829332
                                                Encrypted:false
                                                SSDEEP:6:m3RC+q2Pwkn23iKKdKusNpV/2jMGIFUtpCR9/ZmwPCR2NVkwOwkn23iKKdKusNp+:iTvYf5KkFFUtpS9//PSe5Jf5KkOJ
                                                MD5:05CA519363330775C2F0534838032047
                                                SHA1:E79065A658CABC194504528DF1377075BEC245B6
                                                SHA-256:206757B7E8E6ACBD0212D51AF37B9D962C608487420F9F0629C0AACCB547F527
                                                SHA-512:FB4C33C92B8A5C2FE277615280E9335FE4646AC4047A5EAAB9DD97068B68A3A4B98C1264B99816020FBF6ADF20F18705E288F525590DBE379C6558A4F2BB1B4B
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:14.775 1788 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/07/22-15:54:14.778 1788 Recovering log #3.2021/07/22-15:54:14.779 1788 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):429
                                                Entropy (8bit):5.3050107878698265
                                                Encrypted:false
                                                SSDEEP:6:m3Rpg8NAVq2Pwkn23iKKdKusNpqz4rRIFUtpCRpGuAgZmwPCRp/IkwOwkn23iKKi:iGvYf5KkmiuFUtpSEo/PS65Jf5Kkm2J
                                                MD5:984271C7F0A0FE6EC68FFB46B267D3A2
                                                SHA1:238F90DE3DD3E6549458D37209A14BE3E862E804
                                                SHA-256:864DB7541C71B21928F675DCC8E61F077470A593E921EC2720BDD3212E0A7413
                                                SHA-512:1B6454B55537BB17AFC04FDEF133D2195667BF077BE1C7999345DDACAAC8CEA46D8B59F7FFA7283E87D6F5D5B3D2F9DD9EA1F5F06F5B6B62B008A7CB3A584AF5
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:14.825 614 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/07/22-15:54:14.827 614 Recovering log #3.2021/07/22-15:54:14.828 614 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):19
                                                Entropy (8bit):1.9837406708828553
                                                Encrypted:false
                                                SSDEEP:3:5l:5l
                                                MD5:E556F26DF3E95C19DBAECA8F5DF0C341
                                                SHA1:247A89F0557FC3666B5173833DB198B188F3AA2E
                                                SHA-256:B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
                                                SHA-512:055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
                                                Malicious:false
                                                Reputation:low
                                                Preview: ..&f...............
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):415
                                                Entropy (8bit):5.279962333498485
                                                Encrypted:false
                                                SSDEEP:6:m1qUwVq2Pwkn23iKKdKusNpZQMxIFUtpAMGAgZmwPAM3jwIkwOwkn23iKKdKusNP:QtIvYf5KkMFUtpAMGJ/PAM3P5Jf5KkTJ
                                                MD5:8B274DCEFD9905EA4FB90F246948956B
                                                SHA1:0CA6406237B78C733471DCA8714DB15CAFDE4E19
                                                SHA-256:DAAA65BC7FF6CAB8BD0A8268F1458C7D8A06EB411A3B92BF1B677ACE31B0B2A2
                                                SHA-512:FD56920C232A278489C4D58F7C4DAE93E0ED68AAD7C9B3781EE3C58603EFD2716939014963F10146DF11CCD1E52FBDABCE1FEEA5955536FD30F9D602BA048EE5
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:31.909 614 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/MANIFEST-000001.2021/07/22-15:54:31.910 614 Recovering log #3.2021/07/22-15:54:31.911 614 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):296
                                                Entropy (8bit):0.19535324365485862
                                                Encrypted:false
                                                SSDEEP:3:8E:8
                                                MD5:C4DF0FB10C4332150B2C336396CE1B66
                                                SHA1:780A76E101DE3DE2E68D23E64AB1A44D47A73207
                                                SHA-256:18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
                                                SHA-512:51F0B463E97063A2357285D684FF159FDF6099E57C46F13C83E9D3F09D7A7CF03C1BA684BCCF36232FC50834F95953C3C68675C7B05AB4F84DEF1C566A5F3F5E
                                                Malicious:false
                                                Reputation:low
                                                Preview: .'..(...................................................................................................................................................................................................................................................................................................
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):427
                                                Entropy (8bit):5.235475907527317
                                                Encrypted:false
                                                SSDEEP:12:7QvYf5KkkGHArBFUtpLr/PLh5Jf5KkkGHAryJ:OYf5KkkGgPghJf5KkkGga
                                                MD5:4C07BE4095C666567400EA6AE37DD49C
                                                SHA1:43BD2B6CFF4F3EF2412DDBC02B2763BEA5F89438
                                                SHA-256:1D2D48FA3148306E3EB155FCBB7769515CC928A1B14DD2629F4E591F4D3D844E
                                                SHA-512:9C446A89C57624BE34E3EAFAFDC90C973A7E1C58FE93FEA197E95BC11699139E0CBE150AE1748720AA7B4721B9145F1DDCFA3C30D69A9F942823726F5C67C339
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:21.316 564 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/MANIFEST-000001.2021/07/22-15:54:21.318 564 Recovering log #3.2021/07/22-15:54:21.318 564 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):432
                                                Entropy (8bit):5.244914679830147
                                                Encrypted:false
                                                SSDEEP:12:734vYf5KkkGHArqiuFUtpL/5/PLyT5Jf5KkkGHArq2J:bKYf5KkkGgCg5+Jf5KkkGg7
                                                MD5:C8A15EC6A795F696197CFF73EABB57A3
                                                SHA1:157B3BF64475678C0A4E70A58011E085C28B87B1
                                                SHA-256:F5F4B771305D7CCF74C1EC390572E7C7757A051E706B1908429E115713B8787E
                                                SHA-512:30ACDAA969613A598F4091152CBD3F4E9AEDA1BF601D36F50F6E3C5BA38A57EA3D714086A190ABC41ECDCC9787CF830260E2ADE270691F662925F7ED2682FB63
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:21.309 12b8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/MANIFEST-000001.2021/07/22-15:54:21.312 12b8 Recovering log #3.2021/07/22-15:54:21.313 12b8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):19
                                                Entropy (8bit):1.9837406708828553
                                                Encrypted:false
                                                SSDEEP:3:5l:5l
                                                MD5:E556F26DF3E95C19DBAECA8F5DF0C341
                                                SHA1:247A89F0557FC3666B5173833DB198B188F3AA2E
                                                SHA-256:B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
                                                SHA-512:055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
                                                Malicious:false
                                                Reputation:low
                                                Preview: ..&f...............
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):415
                                                Entropy (8bit):5.216968722644233
                                                Encrypted:false
                                                SSDEEP:12:QTLlvYf5KkkGHArAFUtpATLD/PATLZ5Jf5KkkGHArfJ:GLpYf5KkkGgkgEL6LLJf5KkkGgV
                                                MD5:A89C2E25E7BF43FFF2FC37A135197C33
                                                SHA1:F4BB15F887C58F94C0501EBC30A2BEE1EB96683A
                                                SHA-256:977654AC12F6B01CCB4AF303CB1A3A5DDAF171C21C135D0888FC66EED578FD5C
                                                SHA-512:1CA73DA66EDF53FEE14EBE589A64891CFCC0F6C154439248249B7667BC9AE8D43F30A64FC2E91E00B4C9B3715DAC21029867BEFE6EE8F7FA286F0CAFBFF8972A
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:36.523 614 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/MANIFEST-000001.2021/07/22-15:54:36.524 614 Recovering log #3.2021/07/22-15:54:36.524 614 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\df925a64-fa94-4f61-a53f-53847a4b39f8.tmp
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text, with very long lines, with no line terminators
                                                Category:dropped
                                                Size (bytes):325
                                                Entropy (8bit):4.9616384877719995
                                                Encrypted:false
                                                SSDEEP:6:YHpoNXR8+eq7JdV5pirhsDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdHirhsBdLJlyH7E4f3K33y
                                                MD5:B0429187E1BE99DE4D548DC5B2EDEA0A
                                                SHA1:B3E07BEE5D753BF1B613BD2DE665C7C21E8184F6
                                                SHA-256:D8DABBF936DAB4F17437ECA255020EA847D76D6B789F9486010C95E995CFED03
                                                SHA-512:233F7BDAA848A295E9F58CA52761829FE1044DA1DE1FBCAC407FADC8C7ABA1E4FFD7CA7A4FBE649E83FD1815DC2E3619ACB2A22CE5B2C7241E474CDB9AF2F7ED
                                                Malicious:false
                                                Reputation:low
                                                Preview: {"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248516523181804","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):38
                                                Entropy (8bit):1.9837406708828553
                                                Encrypted:false
                                                SSDEEP:3:sgGg:st
                                                MD5:45A8ECA4E5C4A6B1395080C1B728B6C9
                                                SHA1:8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E
                                                SHA-256:DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
                                                SHA-512:8EE91A3A1E77459273553F6A776C423A8EE95DB9DCFA897771814B7AD13FD84F06BB2B859F22B6DDA384B39EAA91F1819F170BABED6DA16BDBCF5BCB06CF2124
                                                Malicious:false
                                                Reputation:low
                                                Preview: ..F..................F................
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):324
                                                Entropy (8bit):5.2078063333434494
                                                Encrypted:false
                                                SSDEEP:6:m3R+jyq2Pwkn23iKKdKpIFUtpCRalVu1ZmwPCRau9RkwOwkn23iKKdKa/WLJ:iWyvYf5KkmFUtpSalVY/PSau9R5Jf5Ka
                                                MD5:180DBB5466F148B5A42D93D7708B7AF3
                                                SHA1:14F2EA4C00188E51FEB6E11DECC4F66FACF44253
                                                SHA-256:748580C0F1FC1C7ABE5AD9677C80B4B24245E6D9AA3E654EA02C13A850746572
                                                SHA-512:7B338B4BBD4CE0DF2B4F4459B6EC8714A3F6037A120A6CF5BAE4B4EEC9A9FD55C58D8DDFEDB76354BC8403219B8965C7E7B0F69B70F6FD936F4ADFBD24A1F407
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:14.559 1010 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/07/22-15:54:14.561 1010 Recovering log #3.2021/07/22-15:54:14.563 1010 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):399
                                                Entropy (8bit):5.331148997826905
                                                Encrypted:false
                                                SSDEEP:12:qTnvYf5KkkOrsFUtp6D/P6zE5Jf5KkkOrzJ:ovYf5Kk+gRuJf5Kkn
                                                MD5:DAAF8FB366D236819341B22259948173
                                                SHA1:CCF829CD7E94BEEC00CC8D555F0E309008602B1B
                                                SHA-256:C3C7D81104C0356BAEFF87CFF43F40834578E8EB01D76B825D36B95D132A4C04
                                                SHA-512:682AB94D4B9553A857E6385B5816CB10359B00A285DAC70313A8B002A42BCC592918DD1F39597612F2771EF850DBD6938890B1E34B7711EB113EBF2D1742E309
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:22.876 614 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/MANIFEST-000001.2021/07/22-15:54:22.877 614 Recovering log #3.2021/07/22-15:54:22.878 614 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):36
                                                Entropy (8bit):4.266332639970622
                                                Encrypted:false
                                                SSDEEP:3:zfbMncOVxiD:zjqK
                                                MD5:EDC218A16276CAB7EE211EDD20EB793E
                                                SHA1:F58CAFCA1F0BCE3C949357C111683A7D4E7AE19C
                                                SHA-256:DADFD55CACF3A3199A8E005862CCD26306865F6247B62F9968DC2B2341762410
                                                SHA-512:F50E9E22A0536E334BD2F5A3BC4B0A1C4E5822EB9F13EB06918DAC5F0F05677CF6D6706DFBC4EA5FB5FABA69D922C5F4F54408C91D8397C45A3780DE85973CC6
                                                Malicious:false
                                                Reputation:low
                                                Preview: ......<...)....K+&"N2x#.....)#...f
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bd47b2b5-49e6-4f21-99c6-48794c3115b3.tmp
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                                                Category:modified
                                                Size (bytes):22602
                                                Entropy (8bit):5.536417309338856
                                                Encrypted:false
                                                SSDEEP:384:l8xt2LlSSX+1kXqKf/pUZNCgVLH2HfD9rUeHGInZniu4K:hLlb+1kXqKf/pUZNCgVLH2HfxrUOGInp
                                                MD5:BD9D9F2BFC60AA7ADF0CD3F43AFBEDDE
                                                SHA1:473AE90DA615D366C8D26FDC6BF7706A5A1AB072
                                                SHA-256:5A51A0546DF46B8BE2C6C71671856AA8CC5EA0925F9DFD1573A431B19E402E57
                                                SHA-512:C268F0683F64FF0C1C7AF2BF372ED9A5D20AD08004E69DEFE36F2E5504CB32EFC87B14F7A16BA89B98E90A913448C47AAF4BDD00729D21D0668AEA310B86F14F
                                                Malicious:false
                                                Reputation:low
                                                Preview: {"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13271435654536582","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):16
                                                Entropy (8bit):3.2743974703476995
                                                Encrypted:false
                                                SSDEEP:3:1sjgWIV//Rv:1qIFJ
                                                MD5:6752A1D65B201C13B62EA44016EB221F
                                                SHA1:58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B
                                                SHA-256:0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
                                                SHA-512:9CFD838D3FB570B44FC3461623AB2296123404C6C8F576B0DE0AABD9A6020840D4C9125EB679ED384170DBCAAC2FA30DC7FA9EE5B77D6DF7C344A0AA030E0389
                                                Malicious:false
                                                Reputation:low
                                                Preview: MANIFEST-000004.
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):139
                                                Entropy (8bit):4.6261596614289004
                                                Encrypted:false
                                                SSDEEP:3:tUKI2KcLduIEyZmwv322KcLcxQkJ0V8s22KcLcxQkJ0WGv:m32/5ZmwPCh5J0VvCh5J0tv
                                                MD5:FBF7E4ECEA3BEA3ADD912EB085B8A206
                                                SHA1:EB4F679BE342A4FBDD5CEE89FCD877A73031661F
                                                SHA-256:168460EEDB71ACAB9568BEDBE8190C3AA091FBFA52DC67A342ABA1970CA9A183
                                                SHA-512:AECD8E6F62016610B42ED615DFEB82FB3B8F11F643F0E8BC3DB880088F8A018390AFF23B7ACA3AA97E7A0DE72514F1B05DD7C88346A4A089EF02C37241AB94FD
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:19.878 1b64 Recovering log #3.2021/07/22-15:54:19.917 1b64 Delete type=0 #3.2021/07/22-15:54:19.917 1b64 Delete type=3 #2.
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:MPEG-4 LOAS
                                                Category:dropped
                                                Size (bytes):50
                                                Entropy (8bit):5.028758439731456
                                                Encrypted:false
                                                SSDEEP:3:Ukk/vxQRDKIVmt+8jzn:oO7t8n
                                                MD5:031D6D1E28FE41A9BDCBD8A21DA92DF1
                                                SHA1:38CEE81CB035A60A23D6E045E5D72116F2A58683
                                                SHA-256:B51BC53F3C43A5B800A723623C4E56A836367D6E2787C57D71184DF5D24151DA
                                                SHA-512:E994CD3A8EE3E3CF6304C33DF5B7D6CC8207E0C08D568925AFA9D46D42F6F1A5BDD7261F0FD1FCDF4DF1A173EF4E159EE1DE8125E54EFEE488A1220CE85AF904
                                                Malicious:false
                                                Reputation:low
                                                Preview: V........leveldb.BytewiseComparator...#...........
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e3f913ea-1b3c-4f60-b43e-8a8f7af4f596.tmp
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:very short file (no magic)
                                                Category:dropped
                                                Size (bytes):1
                                                Entropy (8bit):0.0
                                                Encrypted:false
                                                SSDEEP:3:L:L
                                                MD5:5058F1AF8388633F609CADB75A75DC9D
                                                SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                Malicious:false
                                                Reputation:low
                                                Preview: .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e92bbe59-ba9d-411e-a4c0-8e601431d490.tmp
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text, with very long lines, with no line terminators
                                                Category:dropped
                                                Size (bytes):5783
                                                Entropy (8bit):5.18171187572005
                                                Encrypted:false
                                                SSDEEP:96:nSLScyMQdkjJVIKIL5k0JCKL8SekAWS11bbOTlVuHn:nSLzyMQd6VI9h4KxekABPF
                                                MD5:41C9DF49DD63FB569EA7407B424D567A
                                                SHA1:2BAE80FEC4922D8184B91BA3A345EF6FE27B0B5F
                                                SHA-256:0855C1B972C0DD1D9FEE4638B23A12A011B907253ACEA01D90EC19224BECAF70
                                                SHA-512:E4ACE2366D3941098CB1434A4C7E37EE239E108EBD206FC27BAE57CBF12B025B3EF5E017409BE9B2526FCA035B84D1225232DC974F814D554C461B3F28508540
                                                Malicious:false
                                                Reputation:low
                                                Preview: {"account_id_migration_state":2,"account_tracker_service_last_update":"13271435654788772","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245924509391818","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"bookmark_bar":{"show_on_all_tabs":false},"browser":{"default_browser_infobar_last_declined":"13245924607060180","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2042016"],"daily_recei
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):338
                                                Entropy (8bit):5.229893609625835
                                                Encrypted:false
                                                SSDEEP:6:mOy+q2Pwkn23iKKdKfrzAdIFUtpNnZZmwPN0VkwOwkn23iKKdKfrzILJ:RvYf5Kk9FUtpP/PS5Jf5Kk2J
                                                MD5:A192F1DEA8738FB9B91CFC6F0EE64BC0
                                                SHA1:EA7F7245776B0258D6B37A50960B9E5D7DC6338E
                                                SHA-256:AF4982EC395B620760D39DAFC5B74965242CF9D75839FCCB869F1B677EAB6411
                                                SHA-512:43ABD1ED4073A22D13D5061296AFA4A4AEDF2A049CF2BD2BB4C005CCD85840E9AFD0A795434B57944BA27757E6290EF005E58A74DFAA24CA9CAEDAA6E778D828
                                                Malicious:false
                                                Reputation:low
                                                Preview: 2021/07/22-15:54:21.544 12b8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2021/07/22-15:54:21.545 12b8 Recovering log #3.2021/07/22-15:54:21.546 12b8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/000003.log .
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):106
                                                Entropy (8bit):3.138546519832722
                                                Encrypted:false
                                                SSDEEP:3:tbloIlrJ5ldQxl7aXVdJiG6R0RlAl:tbdlrnQxZaHIGi0R6l
                                                MD5:DE9EF0C5BCC012A3A1131988DEE272D8
                                                SHA1:FA9CCBDC969AC9E1474FCE773234B28D50951CD8
                                                SHA-256:3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
                                                SHA-512:CEA946EBEADFE6BE65E33EDFF6C68953A84EC2E2410884E12F406CAC1E6C8A0793180433A7EF7CE097B24EA78A1FDBB4E3B3D9CDF1A827AB6FF5605DA3691724
                                                Malicious:false
                                                Reputation:low
                                                Preview: C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text, with no line terminators
                                                Category:dropped
                                                Size (bytes):13
                                                Entropy (8bit):2.8150724101159437
                                                Encrypted:false
                                                SSDEEP:3:Yx7:4
                                                MD5:C422F72BA41F662A919ED0B70E5C3289
                                                SHA1:AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632
                                                SHA-256:02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
                                                SHA-512:86010ED2B2EEBDCC5A8A076B37703669C294C6D1BFAAEA963E26A9C94B81B4C53EC765D9425E5B616159C43923F800A891F9B903659575DF02F8845521F8DC46
                                                Malicious:false
                                                Reputation:low
                                                Preview: 85.0.4183.121
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\b4e49dca-b65a-413b-ba2a-a6aa3f62e1d8.tmp
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):92724
                                                Entropy (8bit):3.745012099104795
                                                Encrypted:false
                                                SSDEEP:384:rX3AIiVzGeJ0LN4rBv0g3r4iTHOnGvir9i0CxrWq+drZ8mtaxyUlgUVLOK+oNV1k:Jex5WCLP8eH2AiwXnqsK+44lY
                                                MD5:E0C4C1256C5BBFA49BA845C0DA226B6B
                                                SHA1:6F9343D613FD63979CFFDC52F773E6CBCE6BF968
                                                SHA-256:7D4B21BEEB3676C9FCB7C84BD9970FC2C14AD7104D385248ACA3BC2B50957B63
                                                SHA-512:8B9CD79363D9EDA1DB95B4FF9279D5BD659ADEB97860D4A07FAD1079A2BE309F5EC0DE609F16D54FEFFF5B6A39F995AAA6BAF57951928DB6F1D8A6CB35391F26
                                                Malicious:false
                                                Reputation:low
                                                Preview: 0j..............*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L..P!...[)...%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .o.f.f.i.c.e.\.o.f.f.i.c.e.1.6.\.......g.r.o.o.v.e.e.x...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .2.0.1.6...*...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .f.o.r. .B.u.s.i.n.e.s.s. .E.x.t.e.n.s.i.o.n.s.....1.6...0...4.7.1.1...1.0.0.0.....*...C.:.\.P.R.O.G.R.A.~.1.\.M.I.C.R.O.S.~.1.\.O.f.f.i.c.e.1.6.\.G.R.O.O.V.E.E.X...D.L.L.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n...m@8.D...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.o.m.m.o.n. .F.i.l.e.s.\.M.i.c.r.o.s.o.f.t. .S.h.a.r.e.d.\.O.F.F.I.C.E.1.6.\.m.s.o.s.h.e.x.t...d.l.l..@.....U/...%.c.o.m.m.o.n.p.r.o.g.r.a.m.f.i.l.e.s.%.\.m.i.c.r.o.s.o.f.t. .s.h.a.r.e.d.\.o.f.f.i.c.e.1.6.\.......m.s.o.s.h.e.x.t...d.l.l.....M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e.)...M.i.c.r.o.s.o.f.t. .O.f.f.i.c.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n. .H.a.n.d.l.e.r.s.......1.6...0...4.2.6.6...1.0.0.1.....D...C.:.\.P.r.o.g.r.a.m.
                                                C:\Users\user\AppData\Local\Google\Chrome\User Data\eecff8cc-b871-43c3-95af-906b4eb1df76.tmp
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text, with very long lines, with no line terminators
                                                Category:dropped
                                                Size (bytes):174555
                                                Entropy (8bit):6.079337287210883
                                                Encrypted:false
                                                SSDEEP:3072:j8V9WW4u2Vl2CViqRnjUkQJUwYMrwjYUEDt5HCzSdFcbXafIB0u1GOJmA3iuRM:IszH2aHRnjOJYMrw8LCzS7aqfIlUOoS+
                                                MD5:D666095B8F599DD8E1744CAFB6307C08
                                                SHA1:8C7E8DD135AFDD79C8CA3349349E2D3EC836FACA
                                                SHA-256:50DF229BF40602CA993E03750A6DDF7B990E8296200DADB86A219751AB1F72EA
                                                SHA-512:E2CB17504530409AC083D6FE8FF1E51F4487A5D0E42C4939C96CA5FD1CD1B818D456E60331C6772A257103484DFFAE1775E66828405C490667CF8AE9A9C14F8E
                                                Malicious:false
                                                Reputation:low
                                                Preview: {"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en-GB"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.626962057446478e+12,"network":1.626962059e+12,"ticks":6728009421.0,"uncertainty":4764579.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABaHlwIoHYlQKZwuwW8V0yxAAAAAAIAAAAAABBmAAAAAQAAIAAAAOT4j8Zm9U1zXX6oEUpPqIYBIjSlOiLGeiMKiIFJZDroAAAAAA6AAAAAAgAAIAAAAFW1OavBhyV7qwszPZbindD+KU2Osh5O7HSmDPpFnuCDMAAAAGEkmqbufgFUSmOzx4cW7Aup7spqps4DvqbPrwRgUGqSpRZvQkbO+yVH56WF9zMTt0AAAAAyRwtYxjf7/AqYrFr0JZ6kbTiUt0/2PKkCw7ntLtbN2qrad7I3MeL4iNGDFgqRlhWgsb/6w0gJzQxAfL6rdzxi"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245922715401452"},"plugins":{"metadata":{"adobe-flash-player":{"
                                                C:\Users\user\AppData\Local\Temp\706f3f2f-aa32-492e-a123-f49993b1a652.tmp
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:very short file (no magic)
                                                Category:dropped
                                                Size (bytes):1
                                                Entropy (8bit):0.0
                                                Encrypted:false
                                                SSDEEP:3:L:L
                                                MD5:5058F1AF8388633F609CADB75A75DC9D
                                                SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                Malicious:false
                                                Reputation:low
                                                Preview: .
                                                C:\Users\user\AppData\Local\Temp\af3dbe2e-a1a6-4c2e-bd4a-a62d486fe056.tmp
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:Google Chrome extension, version 3
                                                Category:dropped
                                                Size (bytes):248531
                                                Entropy (8bit):7.963657412635355
                                                Encrypted:false
                                                SSDEEP:3072:r+nmRykNgoldZ8GjJCiUXZSk+QSVh85PxEalRVHmcld9R6yYfEp4ABUGDcaKklrv:k3oF4Z4h45P99Fld9RBQYBVcaxlnfL
                                                MD5:541F52E24FE1EF9F8E12377A6CCAE0C0
                                                SHA1:189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
                                                SHA-256:81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
                                                SHA-512:D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
                                                Malicious:false
                                                Reputation:low
                                                Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f|.~.c.4.E.......0..0...*.H............0.......).'..b.*$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$|..|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...|!..A..L.+.=...kP.!.1..
                                                C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text
                                                Category:dropped
                                                Size (bytes):7072
                                                Entropy (8bit):4.620784081326109
                                                Encrypted:false
                                                SSDEEP:96:glyIREK+VnUGIE4E4SJwHAe041nO+KPP6U0cwDuAaQbaas7T02vEOL6IXSB3WeVd:VIR7GMtP1O+MvSuAaoaaGT02/L6/eZ8
                                                MD5:578772FA23738463F02C5CE34D88B221
                                                SHA1:859D9954F5A959DBE4530839BA7B52E8B39A5C0F
                                                SHA-256:E15432AFCFA5D50D144708C914A1499812DD7CBD7F7F415EA96BB608CE5965C5
                                                SHA-512:9186DDF9FD5AC4DF8BC406EC83A7FD54FCB8D3E11C0B056DF4DBB74A43069FB90B1DEEA1C9B00540F5AEC636C648020D6D1BA6A5EC13AF40E6A585800A84A517
                                                Malicious:false
                                                Reputation:low
                                                Preview: CLIENT_HANDSHAKE_TRAFFIC_SECRET eb7a1009e2dbc852f0f71d32c3a4cf912ca207e1f9f6ce833c3edc2261def14f ea2476d45de4ececca7a720672ba04d1738513f3d377bc25b653f58782ecade4.SERVER_HANDSHAKE_TRAFFIC_SECRET eb7a1009e2dbc852f0f71d32c3a4cf912ca207e1f9f6ce833c3edc2261def14f f53e48a619f7792cf4ff2d789b8bef4f175a7148d916b2419cec5185e9aa5d5e.CLIENT_HANDSHAKE_TRAFFIC_SECRET 49df06373b4f99dd2d888ac0ece028859cfe12359e1268241eec4bb091605a32 24a4e19c47816f8a56dd92a5c163ede62872e501293c7e1e97a9543ea4500447.SERVER_HANDSHAKE_TRAFFIC_SECRET 49df06373b4f99dd2d888ac0ece028859cfe12359e1268241eec4bb091605a32 e65eb47189b7de12a0dc82791084231cc85369f030a447b8423d5a78acdd67ea.CLIENT_HANDSHAKE_TRAFFIC_SECRET b68554c7e317c42652498f9bf5f90313d79292cfd546f3e786837e1bdb448a6d b2af2af725b44a90fd13b6829dc374a5298cbf47e286f12d3a2d2eb43237a99c.SERVER_HANDSHAKE_TRAFFIC_SECRET b68554c7e317c42652498f9bf5f90313d79292cfd546f3e786837e1bdb448a6d fe02956bd125ee93475b6b5047c297eb37166439f09de3c4cf61882c4e990e25.CLIENT_TRAFFIC_SECRET_0 49df
                                                C:\Users\user\AppData\Local\Temp\e3d748cb-af81-4f08-a031-ccbb78cd9cd1.tmp
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:very short file (no magic)
                                                Category:dropped
                                                Size (bytes):1
                                                Entropy (8bit):0.0
                                                Encrypted:false
                                                SSDEEP:3:L:L
                                                MD5:5058F1AF8388633F609CADB75A75DC9D
                                                SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                Malicious:false
                                                Reputation:low
                                                Preview: .
                                                C:\Users\user\AppData\Local\Temp\e53019ec-f121-43d0-9220-e8ee77436abe.tmp
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:Google Chrome extension, version 3
                                                Category:dropped
                                                Size (bytes):768843
                                                Entropy (8bit):7.992932603402907
                                                Encrypted:true
                                                SSDEEP:12288:cK2ED9wjXNC1Gse83ru82/u0eKhgxuPFrDXgtbPz54Pm1D0fBmfH1sBrJ9mTiDga:cK2ED9I48seur0/uZKCuPNbgtbz6m1ob
                                                MD5:A11D5CAF6BF849AEB84B0C95B1C3B7CF
                                                SHA1:27F410CCBD75852C01C7464A1FD7EF8C29BE3916
                                                SHA-256:D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
                                                SHA-512:086C124DE3A01BE467647F3BCB4EA05105F690AB45417A0E3D38935ABA9E2381DF59AF98D0FFF7823CEFD5390B48807352E135AC70977AED7B413A8CC48FB590
                                                Malicious:false
                                                Reputation:low
                                                Preview: Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........6W..>Nuw9..R{c...Nq.H.K..A!....`v.k+..?.5.>v.....;.._~....tp....x.q.V...7.m.O.~.{!.o/q.'..BK..4./?'.....L..fH&.._<..&.p.k^..\s...:1y..F.N.+...X.PO@Mo....X.G1:..Y.@;..j..........=ae...0.......DU....n...n.;.Ipr..Q....:... <.....a.Y....{ei........0..0...*.H............0.......Mbh=.[O}.+..U.KHF(n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$......l-m.............m....ni...`..W.....R.p.b.+...+.\k.R$e~.J\.&c%.d...M..j..V.%...+1F....D....X\.1ct.<........E.B.+.i@...8..^...&YR...I.o...,.....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. D.'.N@.(..GK....m...A.0.."
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\bg\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):796
                                                Entropy (8bit):4.864931792423268
                                                Encrypted:false
                                                SSDEEP:12:1HEJMLkSlwZGGMLkSlwZ+WYpU34f145Gb+dgoxTyO8ZpU34f1L0frhmJ03OyZnLt:1HE7n4gn8WYpYrbhz8ZpotHOGAOf6aD
                                                MD5:6F8E288A9AD5B1ED8633B430E2B4D4CA
                                                SHA1:F671D3D4BEFA431D1946D706F4192D44E29B6F08
                                                SHA-256:A114E2783D0E9B12155017323BA70838F0F82A71C7EE8DC1F115AE36991241F8
                                                SHA-512:0F87F3F0D115B872288949E59ACD3CD41B1FBC64A622D8FDA6D71FAFC5A900D92ADFBB0E7EB926F2A8759BBAA0896D48728FB719BBF5EF54AC21027328F7700C
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "........ . ... ........ .. Chrome".. },.. "app_name": {.. "message": "........ . ... ........ .. Chrome".. },.. "craw_app_unavailable": {.. "message": "........... .... ...... .. .............".. },.. "craw_connect_to_network": {.. "message": "...., ........ .. . ......".. },.. "iap_unavailable": {.. "message": "........... .... ...... .. .......... ....... .. .........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "...., ...... . Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\ca\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):675
                                                Entropy (8bit):4.536753193530313
                                                Encrypted:false
                                                SSDEEP:12:1HEJ0gbbGG0gbb+WYpU34g3YbiLO+dgyGFoO8ZpU34+puiPmb03OyZnLAOfTYABk:1HE5baib6WYpm31Lt0Z8Zp8pxOGAOfKD
                                                MD5:1FDAFC926391BD580B655FBAF46ED260
                                                SHA1:C95743C3F43B2B099FEBEBC5BD850F0C20E820AC
                                                SHA-256:C67898B67F9C9209EAFDA6532B62D5789863CFB855998DD6A70E7775316CEC20
                                                SHA-512:39D95D45C5746DA3BAA7AE6A3344EA17D7A7C3569C2A56959FF119261DA08C747A320FCF701AC72B8DBDBF8BF06FD8B239017A282CDDA444F3826D4EC672CBB4
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Sistema de pagaments de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagaments de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Ara mateix aquesta aplicaci. no est. disponible.".. },.. "craw_connect_to_network": {.. "message": "Connecteu-vos a una xarxa.".. },.. "iap_unavailable": {.. "message": "La funci. Pagaments a l'aplicaci. no est. disponible actualment.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Inicieu la sessi. a Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\cs\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):641
                                                Entropy (8bit):4.698608127109193
                                                Encrypted:false
                                                SSDEEP:12:1HEJfZGGfZ+WYpU34OBh+dgN/O8ZpU34j05U03OyZnLAOfTYWc:1HEl4G8WYpdt8Zpq5TOGAOfW
                                                MD5:76DEC64ED1556180B452A13C83171883
                                                SHA1:CFB1E56FD587BCDC459C1D9A683B71F9849058F9
                                                SHA-256:32290D69A90E6BAAC428B10382C99221B12773BB9A184F3B93DFB48A4F6D7A40
                                                SHA-512:5230A217968D5DC463E2E92D704544311A721E5CEF65C3125CBD8DEB9C0293D3BFB5C820A6011ABF77095FDEE7DAF67D541DC202B0C9CDB0908CBB85D84885CB
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "app_name": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplikace v sou.asn. dob. nen. dostupn..".. },.. "craw_connect_to_network": {.. "message": "P.ipojte se pros.m k s.ti.".. },.. "iap_unavailable": {.. "message": "Platby v aplikaci aktu.ln. nejsou k dispozici.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "P.ihlaste se do Chromu.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\da\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):624
                                                Entropy (8bit):4.5289746475384565
                                                Encrypted:false
                                                SSDEEP:12:1HEJJMKKFZGGJMKKFZ+WYpU34OHu+dgxlCZO8ZpU34J4Wu03OyZnLAOfTYzD:1HErMKfqMKVWYpM6lL8ZpDNOGAOfiD
                                                MD5:238B97A36E411E42FF37CEFAF2927ED1
                                                SHA1:4E47AC90BA24C8F4724D9293FA40CFD4ADA66FE0
                                                SHA-256:4977D4A053542FF66967FAED6B06585DD70E68E20BFEB533B66FE3287F9655D9
                                                SHA-512:FD0742D47B5F5AB9AAD9B4C3D57F63CB693E060EECE123A72036C6E92156D099495C7E9E9CC6DC83EEBCDDCC4B4C81FB47E4C9559DA3EBA024780FFF10C53E0A
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Betalinger i Chrome Webshop".. },.. "app_name": {.. "message": "Betalinger i Chrome Webshop".. },.. "craw_app_unavailable": {.. "message": "Appen er ikke tilg.ngelig i .jeblikket.".. },.. "craw_connect_to_network": {.. "message": "Opret forbindelse til et netv.rk.".. },.. "iap_unavailable": {.. "message": "Betaling i appen er ikke tilg.ngelig i .jeblikket.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Log ind p. Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\de\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):651
                                                Entropy (8bit):4.583694000020627
                                                Encrypted:false
                                                SSDEEP:12:1HEJQ1ZGGQ1Z+WYpU34pCEMT+dgJMlCTO8ZpU34p6FK603OyZnLAOfTYJ6K:1HEzWWYp3Bewv8Zp7k4OGAOfQj
                                                MD5:6B3E916E8C1991AA0453CBA00FEDCAAA
                                                SHA1:D6366D15912E40CA107FD42BFE9579C3336A51F9
                                                SHA-256:A62FFAB910E31531758EEE48B2CC71A8857BEC3021DEAD50B668CBA3C8667053
                                                SHA-512:87EA4311B61F29543B13F3E17DFA919D0C320B4FE370CC152E0B1514BCA79B0ABB526DDCF08621D6EBFA48923EE8FB4C667EFB120A72BD9583EEBEE7BFB80552
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Chrome Web Store-Zahlungen".. },.. "app_name": {.. "message": "Chrome Web Store-Zahlungen".. },.. "craw_app_unavailable": {.. "message": "Die App ist momentan nicht verf.gbar.".. },.. "craw_connect_to_network": {.. "message": "Bitte stellen Sie eine Verbindung zu einem Netzwerk her.".. },.. "iap_unavailable": {.. "message": "In-App-Zahlungen sind momentan nicht m.glich.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Bitte melden Sie sich in Chrome an.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\el\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):787
                                                Entropy (8bit):4.973349962793468
                                                Encrypted:false
                                                SSDEEP:24:1HEw+aZ+6WYpbWZe80A08ZpCGyDVWlOGAOf+XD:WguYpCZnpEZbGoD
                                                MD5:05C437A322C1148B5F78B2F341339147
                                                SHA1:AB53003A678E44A170E73711FBD9949833BBF3AA
                                                SHA-256:A052C32B4FCAC61152EB0ADB2C260FB6A8256AD104AA0013DB93E9798D41A070
                                                SHA-512:C36CB9202A34356DD06D377E2A088F428D0B8EBE7D2E54F8380485E9D94A0598D7F651C1E7A2FD55BE481D49C02B0812F2BA335E08611EC85EE0BD60784A6B40
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "........ ... Chrome Web Store".. },.. "app_name": {.. "message": "........ ... Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": ". ........ .... .. ..... ... ..... ..........".. },.. "craw_connect_to_network": {.. "message": ".......... .. ... .......".. },.. "iap_unavailable": {.. "message": ".. ........ ..... ......... ... ..... ..... .. ...... ...........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": ".......... ... Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\en\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):593
                                                Entropy (8bit):4.483686991119526
                                                Encrypted:false
                                                SSDEEP:12:1HEJ6GG6+WYpU34OuFpR+dgGfFZO8ZpU34aEGFpR03OyZnLAOfTYdD:1HEVSWYpVp0JS8Zp5KpaOGAOfuD
                                                MD5:91F5BC87FD478A007EC68C4E8ADF11AC
                                                SHA1:D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6
                                                SHA-256:92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
                                                SHA-512:FDC2A29B04E67DDBBD8FB6E8D2443E46BADCB2B2FB3A850BBD6198CDCCC32EE0BD8A9769D929FEEFE84D1015145E6664AB5FEA114DF5A864CF963BF98A65FFD9
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Chrome Web Store Payments".. },.. "app_name": {.. "message": "Chrome Web Store Payments".. },.. "craw_app_unavailable": {.. "message": "App currently unavailable.".. },.. "craw_connect_to_network": {.. "message": "Please connect to a network.".. },.. "iap_unavailable": {.. "message": "In-App Payments is currently unavailable.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Please sign into Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\en_GB\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):593
                                                Entropy (8bit):4.483686991119526
                                                Encrypted:false
                                                SSDEEP:12:1HEJ6GG6+WYpU34OuFpR+dgGfFZO8ZpU34aEGFpR03OyZnLAOfTYdD:1HEVSWYpVp0JS8Zp5KpaOGAOfuD
                                                MD5:91F5BC87FD478A007EC68C4E8ADF11AC
                                                SHA1:D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6
                                                SHA-256:92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
                                                SHA-512:FDC2A29B04E67DDBBD8FB6E8D2443E46BADCB2B2FB3A850BBD6198CDCCC32EE0BD8A9769D929FEEFE84D1015145E6664AB5FEA114DF5A864CF963BF98A65FFD9
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Chrome Web Store Payments".. },.. "app_name": {.. "message": "Chrome Web Store Payments".. },.. "craw_app_unavailable": {.. "message": "App currently unavailable.".. },.. "craw_connect_to_network": {.. "message": "Please connect to a network.".. },.. "iap_unavailable": {.. "message": "In-App Payments is currently unavailable.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Please sign into Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\es\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):661
                                                Entropy (8bit):4.450938335136508
                                                Encrypted:false
                                                SSDEEP:12:1HEJHlbGGHlb+WYpU34ubdDH+dgxbFxTO8ZpU34lPbdlVo03OyZnLAOfTY6xjD:1HEvaC6WYpcDeEFxq8ZpNl5OGAOffD
                                                MD5:82719BD3999AD66193A9B0BB525F97CD
                                                SHA1:41194D511F1ACC16C1CA828AC81C18C8C6B47287
                                                SHA-256:4DB9B2721E625C18B9E05C04B31AF5D9694712F1CAAF6219ABE34BB08E5DB1C7
                                                SHA-512:D4C49B43427799B6292CEED11CACB1D76F7CE43EBF402B43B638A6EB2B414ED0981E386CB8CDF0B51D1BD9552934FE25B2F6392266BB73D8C9A691F65BCE0128
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Esta aplicaci.n no est. disponible en este momento.".. },.. "craw_connect_to_network": {.. "message": "Con.ctate a una red.".. },.. "iap_unavailable": {.. "message": "Los pagos en la aplicaci.n no est.n disponibles en este momento.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Inicia sesi.n en Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\es_419\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):637
                                                Entropy (8bit):4.47253983486615
                                                Encrypted:false
                                                SSDEEP:12:1HEJHlbGGHlb+WYpU34ubdDH+dgxbFxTO8ZpU34GLO03OyZnLAOfTYiJD:1HEvaC6WYpcDeEFxq8Zp4LlOGAOfvD
                                                MD5:6B2583D8D1C147E36A69A88009CBEBC7
                                                SHA1:4D4DEEB4BE6AA0181825F3371A761ABC5B4D5937
                                                SHA-256:6659BC3705311D7641A73995DCFEA80C7734F2F4EBBC3787B3892A240348324F
                                                SHA-512:37F0DBFCC1B5A2B8E4C92C49D2D9DEEF25616421350324F57E0149A45A6CCB437F5E3CBE97412C4B5DBBF2593783C7DF71E9C25A851AEAE6E4764C545723FA53
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "app_name": {.. "message": "Sistema de pagos de Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Esta aplicaci.n no est. disponible en este momento.".. },.. "craw_connect_to_network": {.. "message": "Con.ctate a una red.".. },.. "iap_unavailable": {.. "message": "En este momento, Pagos En-Apps no est. disponible.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Accede a Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\et\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):595
                                                Entropy (8bit):4.467205425399467
                                                Encrypted:false
                                                SSDEEP:12:1HEJfPGGGfPG+WYpU34Ze7z+dgrW9O8ZpU34ZwZz03OyZnLAOfTYgoLIR:1HEdvqlWYpTeObk8ZpT/OGAOfuLIR
                                                MD5:CFF6CB76EC724B17C1BC920726CB35A7
                                                SHA1:14ED068251D65A840F00C05409D705259D329FFC
                                                SHA-256:C85800BF45942FCC7FD6B1DF929C25F9CC2A977A6678966BD03D4B6B69889AFD
                                                SHA-512:53D7D01BB30C0306DE65A79FD9551D2E8C1F71F4F45F71906B009071CB3E0F231E6A50FDD78773E9B4DE94085BC7B97F829842FA21A89A2080D33458B745C46F
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Chrome'i veebipoe maksed".. },.. "app_name": {.. "message": "Chrome'i veebipoe maksed".. },.. "craw_app_unavailable": {.. "message": "Rakendus pole praegu saadaval.".. },.. "craw_connect_to_network": {.. "message": "Looge .hendus v.rguga.".. },.. "iap_unavailable": {.. "message": "Rakendusesisesed maksed ei ole praegu saadaval.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Logige Chrome'i sisse.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\fi\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):647
                                                Entropy (8bit):4.595421267152647
                                                Encrypted:false
                                                SSDEEP:12:1HEJRuzGGRuz+WYpU34ujSBu+dgYO8ZpU34J+Bu03OyZnLAOfTY5HN:1HEFcWYpPNa8ZpD+FOGAOfEHN
                                                MD5:3A01FEE829445C482D1721FF63153D16
                                                SHA1:F3EAAADDC03F943FC88B30B67F534AA13E3336DD
                                                SHA-256:0BDE54B20845124113383B6EB81E43A0F05E4EB0C44BEE3C1DFAC4CC5FEC2836
                                                SHA-512:3B92B6C86D30FD36AA3CEFF8773BA60C3FC5CC19C693540137044C5838A5503895C770C0336A4D0A3DB5E42F3FB36274D8D3F85B9DCA2F3EC0E974FDDB0BEAD8
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Chrome Web Storen maksut".. },.. "app_name": {.. "message": "Chrome Web Storen maksut".. },.. "craw_app_unavailable": {.. "message": "Sovellus ei ole t.ll. hetkell. k.ytett.viss..".. },.. "craw_connect_to_network": {.. "message": "Muodosta verkkoyhteys.".. },.. "iap_unavailable": {.. "message": "Sovelluksen sis.iset maksut eiv.t ole t.ll. hetkell. k.ytett.viss..".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Kirjaudu sis..n Chromeen.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\fil\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):658
                                                Entropy (8bit):4.5231229502550745
                                                Encrypted:false
                                                SSDEEP:12:1HEJADlbGGADlb+WYpU34hTUT+dgHfZAFFZO8ZpU34hTjzeT03OyZnLAOfTYHfvF:1HEYah6WYp7TUSoxOS8Zp7TOsOGAOfqV
                                                MD5:57AF5B654270A945BDA8053A83353A06
                                                SHA1:EEEF7A4F869F97CF471A05D345E74F982D15E167
                                                SHA-256:EC002ED92359F67818B49455DFC579E140368E6A004080AF022FD4F57F6B03F2
                                                SHA-512:5F0AE839FCF3F4EA48FF41A76655AE0F3821564AFD5D42FBB9FBB9A38E8D8F7BB5E9B6F71064588CD441261F644095A44A755C134CE546D506D9A21E488BAF52
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Mga Pagbabayad sa Chrome Web Store".. },.. "app_name": {.. "message": "Mga Pagbabayad sa Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Kasalukuyang hindi available ang app.".. },.. "craw_connect_to_network": {.. "message": "Mangyaring kumonekta sa isang network.".. },.. "iap_unavailable": {.. "message": "Kasalukuyang hindi available ang Mga Pagbabayad na In-App.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Mangyaring mag-sign in sa Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\fr\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):677
                                                Entropy (8bit):4.552569602149629
                                                Encrypted:false
                                                SSDEEP:12:1HEJALf/nbGGALf/nb+WYpU34Owdgbyb+dgdQjO8ZpU34ITQpGnbyb03OyZnLAO8:1HE4Hna1Hn6WYpNdgpY8ZpSTQwnBOGAh
                                                MD5:8D11C90F44A6585B57B933AB38D1FFF8
                                                SHA1:3F9D44EA8807069A32AACA2AAAD02FD892E6CC90
                                                SHA-256:599491F8C52B945C16C441ADF45BFD45AFAE046DA07757D97C56AF4DE75ED3B5
                                                SHA-512:D7EF7F5AD7EF1A1595825D79B69E2B1E988AD3CF1F3881496FCCD30F241E4E9C6E457F9F5D0F855DE3536DB7A40C3E1C55946B50D3F556F4A35285066A0CD6F7
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Paiements via le Chrome.Web.Store".. },.. "app_name": {.. "message": "Paiements via le Chrome.Web.Store".. },.. "craw_app_unavailable": {.. "message": "Application indisponible pour le moment.".. },.. "craw_connect_to_network": {.. "message": "Veuillez vous connecter . un r.seau.".. },.. "iap_unavailable": {.. "message": "Les paiements via l'application ne sont pas disponibles pour le moment.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Veuillez vous connecter . Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\hi\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):835
                                                Entropy (8bit):4.791154467711985
                                                Encrypted:false
                                                SSDEEP:24:1HEs07J0JWYp9vnCSVLP8Zp6CsOGAOf8SLm:Wh7qgYp1CMLUph1GiSLm
                                                MD5:E376D757C8FD66AC70A7D2D49760B94E
                                                SHA1:1525C5B1312D409604F097768503298EC440CC4D
                                                SHA-256:8106D98C4F8DA16DB698444409558E29CC96735E188BFA303C333A5D99231C1D
                                                SHA-512:673F3F259AF2946E4F49BBED14A2A70D44BF9FDA9D7A71DC9172BA9B7B3C7F7062B16D29682B638D485B0520ED6F99E7A735F28C7C719B539559005B69FA7555
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Chrome ... ..... ......".. },.. "app_name": {.. "message": "Chrome ... ..... ......".. },.. "craw_app_unavailable": {.. "message": "......... .. ... ...... .... ...".. },.. "craw_connect_to_network": {.. "message": "..... ....... .. ...... .....".. },.. "iap_unavailable": {.. "message": "..-.. ...... ... ...... .... ...".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "..... Chrome ... .... .. .....".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\hr\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):618
                                                Entropy (8bit):4.56999230891419
                                                Encrypted:false
                                                SSDEEP:12:1HEJGiimxmbZGGGiimxmbZ+WYpU34OBOEuhopIO+dgcapZO8ZpU34GiiZrMrQphK:1HE4H4TH8WYpNjTta28ZpQVLP0SOGAOK
                                                MD5:8185D0490C86363602A137F9A261CC50
                                                SHA1:5BD933B874441CEACB9201CCC941FF67BAED6DC0
                                                SHA-256:A2B2EC359A9DD9DCCCE02859CE1E738BD30FAA4A05F1DC522893FFDF722BBC15
                                                SHA-512:D7629978FC031EA5F716F9C1065FB2FEAB48C15F10CD68830DC966FA1002C03DDC7ACDE314C7D075F9F3A0A68552A6ACBCCDEE24CF20B6C3DD1BCE6562D0396E
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Pla.anja u web-trgovini Chrome".. },.. "app_name": {.. "message": "Pla.anja u web-trgovini Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplikacija trenuta.no nije dostupna.".. },.. "craw_connect_to_network": {.. "message": "Pove.ite se s mre.om.".. },.. "iap_unavailable": {.. "message": "Pla.anje u aplikaciji trenuta.no nije dostupno.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prijavite se na Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\hu\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):683
                                                Entropy (8bit):4.675370843321512
                                                Encrypted:false
                                                SSDEEP:12:1HEJVJiGGVJi+WYpU34Hpo9O+dgMmfgijO8ZpU34Huo9O03OyZnLAOfTYBIAYm:1HEVrk5WYpQzTUg/8ZpwoXOGAOfYIAd
                                                MD5:85609CF8623582A8376C206556ED2131
                                                SHA1:1E16EB70DB5E59BB684866FF3E3925C2DEF25A12
                                                SHA-256:32A249749F12ADB6A220BF9ADC272C7E5D9AD5497A38B0086D961E3ABA17FBC6
                                                SHA-512:27883430865D3CFA6EDFE8C6CE1442BD96150B5CE520CCF7D556A330CAA6392C712B47BD86F7350E174876BC681F6DEC94D1312402655B0AF90883A2899EC78B
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Chrome Internetes .ruh.z Fizet.si rendszere".. },.. "app_name": {.. "message": "Chrome Internetes .ruh.z Fizet.si rendszere".. },.. "craw_app_unavailable": {.. "message": "Az alkalmaz.s jelenleg nem .rhet. el.".. },.. "craw_connect_to_network": {.. "message": "K.rj.k, csatlakozzon egy h.l.zathoz.".. },.. "iap_unavailable": {.. "message": "Az alkalmaz.son bel.li fizet.s jelenleg nem .rhet. el.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Jelentkezzen be a Chrome-ba.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\id\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):604
                                                Entropy (8bit):4.465685261172395
                                                Encrypted:false
                                                SSDEEP:12:1HEJs25bGGs25b+WYpU34ORBHAeSJ+dgkmO8ZpU34s22C/SzFAs03OyZnLAOfTYR:1HEBaA6WYpaHFH8ZptOYOGAOf2D
                                                MD5:EAB2B946D1232AB98137E760954003AA
                                                SHA1:60BDC2937905B311D2C9844DF2D639D7AC9F7F67
                                                SHA-256:C6E8800450602DE0F39FE9F6854472383813FB454B08ABAE7E25A9167CE004C3
                                                SHA-512:970FEC9A9EF0BAF7F693C4C5977F3B47914579C5B5414FCE9DBB5E4574659A5BB9AD2DE0CC886B368F49C019785AF7D2D7FE82F71341F039EADC399ED776CA12
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Pembayaran Chrome Webstore".. },.. "app_name": {.. "message": "Pembayaran Chrome Webstore".. },.. "craw_app_unavailable": {.. "message": "Aplikasi tidak tersedia saat ini.".. },.. "craw_connect_to_network": {.. "message": "Sambungkan ke jaringan.".. },.. "iap_unavailable": {.. "message": "Pembayaran Dalam Aplikasi saat ini tidak tersedia.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Harap masuk ke Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\it\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):603
                                                Entropy (8bit):4.479418964635223
                                                Encrypted:false
                                                SSDEEP:12:1HEJsqd/bGGsqd/b+WYpU34OcX4+dgUvIO8ZpU34vq703OyZnLAOfTYsD:1HEXd/aKd/6WYpZrv58ZpskOGAOfzD
                                                MD5:A328EEF5E841E0C72D3CD7366899C5C8
                                                SHA1:2851ED658385804E87911643F5A4200B1FB26E13
                                                SHA-256:CD891C45F7586FB4A2514205A11F260E4A6D4482FA03D901909DD9F57BE0536D
                                                SHA-512:E47297896E981774EC3B59D41B89D6BA9333F6B4435EB9727D8645A46B10C7D408ADE06844871FA757382FBE7E645276449DB7B1B23BC59C9A71A5CB5A5ECC57
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Pagamenti Chrome Web Store".. },.. "app_name": {.. "message": "Pagamenti Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "App al momento non disponibile.".. },.. "craw_connect_to_network": {.. "message": "Collegati a una rete.".. },.. "iap_unavailable": {.. "message": "La funzione Pagamenti In-App non . al momento disponibile.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Accedi a Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\ja\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):697
                                                Entropy (8bit):5.20469020877498
                                                Encrypted:false
                                                SSDEEP:12:1HEJ07uGG07u+WYpU34DB+dgnsVztO8ZpU34MwiB03OyZnLAOfTYmSH:1HEcnDNWYp1kxU8Zp2wiqOGAOfpSH
                                                MD5:9B3A5D473C3F2BBFAEECE94A07A940B8
                                                SHA1:61BACA342CF766BBA15C7B4D892A0E7DAC9405AA
                                                SHA-256:706312A4A2AEF3317223F141EB2B82685345B7EED444F16BB4DF3A272716DA1F
                                                SHA-512:94F6FEE9A11BD890AB8211C98D1CC142348961EBCF756F66477A3E3A76519804B70BE0AE4E551739F8AFE32D7ADE6EDE04EF6B9B9EED03E3A857E6058EEDD4C6
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Chrome ........".. },.. "app_name": {.. "message": "Chrome ........".. },.. "craw_app_unavailable": {.. "message": ".................".. },.. "craw_connect_to_network": {.. "message": "................".. },.. "iap_unavailable": {.. "message": ".......................".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Chrome ............".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\ko\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):631
                                                Entropy (8bit):5.160315577642469
                                                Encrypted:false
                                                SSDEEP:12:1HEJ1GG1+WYpU34K3aT+dgh8d0HTO8ZpU34KaNkaT03OyZnLAOfTY/YeHx:1HEajWYpc3aSl0Hq8Zpc6kasOGAOfyYA
                                                MD5:9F6B4D82A70C74CA751E2EAE70FAB5CF
                                                SHA1:0534F125FFCE8222277CF2BE3401C59DAF9217F8
                                                SHA-256:D1467B8D037114403E8F4EFC52E88C4A7FEB96126BE4CFF883FEFF1084EF7E68
                                                SHA-512:ED9319830314385D09C06F62EE34186E8CA576C857981205E4468A28B3ACD2AB03384E77B866032C324ABDD97A56EFD08E2D6E0C79D563578B3EC52517819BD8
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Chrome . ... ..".. },.. "app_name": {.. "message": "Chrome . ... ..".. },.. "craw_app_unavailable": {.. "message": ".. .. ... . .....".. },.. "craw_connect_to_network": {.. "message": "..... ......".. },.. "iap_unavailable": {.. "message": ".. .. ... ... . .....".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Chrome. .......".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\lt\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):665
                                                Entropy (8bit):4.66839186029557
                                                Encrypted:false
                                                SSDEEP:12:1HEJpqHnkGGpqHnk+WYpU346M+dgV6O8ZpU34WzSWz03OyZnLAOfTYx:1HELqHtKqHPWYpM3A8ZpwGzOGAOfg
                                                MD5:4CA644F875606986A9898D04BDAE3EA5
                                                SHA1:722A10569E93975129D67FBDB75B537D9D622AD1
                                                SHA-256:7C311AB751D840D750C11553C083785813E079C1D464FE568A98C9E3EF3DB96C
                                                SHA-512:E575E3D0622F5BD4B6C0EE79128A1B1F1882195670139D1983F4377D847141B8FB8EBB8BCED82AF3A220ED07D3577AFBE085BADC0E9C7678292B80E3EC5D3444
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": ".Chrome. internetin.s parduotuv.s mok.jimo sistema".. },.. "app_name": {.. "message": ".Chrome. internetin.s parduotuv.s mok.jimo sistema".. },.. "craw_app_unavailable": {.. "message": "Programa .iuo metu negalima.".. },.. "craw_connect_to_network": {.. "message": "Prisijunkite prie tinklo.".. },.. "iap_unavailable": {.. "message": "Mok.jimai programoje .iuo metu negalimi.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prisijunkite prie .Chrome..".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\lv\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):671
                                                Entropy (8bit):4.631774066483956
                                                Encrypted:false
                                                SSDEEP:12:1HEJFhVbGGFhVb+WYpU34wDoz+dgGedBO8ZpU34wF03OyZnLAOfTYGYID:1HENQKkWYp2Doy/em8Zp2WOGAOfRYID
                                                MD5:C5CE2C51391EAFD3DA9E4C71549A3C28
                                                SHA1:1F67FF6EF6E90C0CE3AAF56ED543A3EFD381574D
                                                SHA-256:1FA1DF2CA8516DEF490FB8484E9AA498ACFF80EEF5C9258FFE42D3678E6C7DED
                                                SHA-512:C85F6281E682F52BC2147DEA7E2F3BB4DC48D98BADA8687B05C6C7271C78EA7F5431CD51671A4184C9AE004FC53C016E3C594697F483195CCBA08A93821EEF70
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Chrome interneta veikala maks.jumu sist.ma".. },.. "app_name": {.. "message": "Chrome interneta veikala maks.jumu sist.ma".. },.. "craw_app_unavailable": {.. "message": "Lietotne pagaid.m nav pieejama.".. },.. "craw_connect_to_network": {.. "message": "L.dzu, izveidojiet savienojumu ar t.klu.".. },.. "iap_unavailable": {.. "message": "Maks.jumi lietotn.s pa.laik nav pieejami.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "L.dzu, pierakstieties p.rl.k. Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\nb\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):624
                                                Entropy (8bit):4.555032032637389
                                                Encrypted:false
                                                SSDEEP:12:1HEJhiOGGhiO+WYpU34OHSN+dgFjdGFZO8ZpU34JgdN03OyZnLAOfTYiD:1HEDiHIitWYpCYJ8ZpD1OGAOfRD
                                                MD5:93C459A23BC6953FF744C35920CD2AF9
                                                SHA1:162F884972103A08ADB616A7EB3598431A2924C5
                                                SHA-256:2CD700AEB57D89C2E73333D0702556EE3FF3863516170F85669BC680FCBDC4E0
                                                SHA-512:F76E6E8D8499306883C3EC1E774F7E8BB6B601096DA5A14D17D3E7D5732829542041E42B7350466589291ADCC83FB065FD591B4E20CFCF8EDC586E128ECBFCB5
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Chrome Nettmarked-betalinger".. },.. "app_name": {.. "message": "Chrome Nettmarked-betalinger".. },.. "craw_app_unavailable": {.. "message": "Appen er utilgjengelig for .yeblikket.".. },.. "craw_connect_to_network": {.. "message": "Du m. koble til et nettverk.".. },.. "iap_unavailable": {.. "message": "Betaling i app er ikke tilgjengelig for .yeblikket.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Du m. logge p. Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\nl\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:ASCII text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):615
                                                Entropy (8bit):4.4715318546237315
                                                Encrypted:false
                                                SSDEEP:12:1HEJJQGkbGGJQGkb+WYpU34OQKJT+dgiXUmvFZO8ZpU34g7JT03OyZnLAOfTYMD:1HErxkaqxk6WYptndXI8ZpTOGAOfbD
                                                MD5:7A8F9D0249C680F64DEC7650A432BD57
                                                SHA1:53477198AEE389F6580921B4876719B400A23CA1
                                                SHA-256:92BE7C2DC9CFBE5A65E9CE6488D364C8D7EC19E7B67A31E4D43C1CB2B169671C
                                                SHA-512:969AB979546A741C0F3EDBEEB21BABA375FA8870D4FB9248CDD4C305736E332E10CAB7B64C5C078E60EC0CD73848101B390BE8F44B89C310058AF4C1CA3C8AA7
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Betalingen via Chrome Web Store".. },.. "app_name": {.. "message": "Betalingen via Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "App momenteel niet beschikbaar.".. },.. "craw_connect_to_network": {.. "message": "Maak verbinding met een netwerk.".. },.. "iap_unavailable": {.. "message": "In-app-betalingen is momenteel niet beschikbaar.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Log in bij Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\pl\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):636
                                                Entropy (8bit):4.646901997539488
                                                Encrypted:false
                                                SSDEEP:12:1HEJbiVbGGbiVb+WYpU34OBHlBi9+dgQUg6O8ZpU34bdbfiIu03OyZnLAOfTYR5k:1HE5iVauiV6WYpIAYr8ZpxFiaOGAOfIC
                                                MD5:0E6194126AFCCD1E3098D276A7400175
                                                SHA1:E8127B905A640B1C46362FA6E1127BE172F4A40F
                                                SHA-256:E2699F98C511B18A2AFB82EAE9A4804B646C4FF1077D80E77C17A3943A6373C2
                                                SHA-512:A71F7C7BFBBF1E37E699601AF2E095C56CBA91F90CB7556477DF31D01B83ADFB1271E1775C9BA299FF6875BBFC2B6AB47488CC88E33DEF2F6F2E0E5AC687B777
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "P.atno.ci w sklepie Chrome Web Store".. },.. "app_name": {.. "message": "P.atno.ci w sklepie Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Aplikacja jest obecnie niedost.pna.".. },.. "craw_connect_to_network": {.. "message": "Po..cz si. z sieci..".. },.. "iap_unavailable": {.. "message": "P.atno.ci w ramach aplikacji s. teraz niedost.pne.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Zaloguj si. w Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\pt_BR\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):636
                                                Entropy (8bit):4.515158874306633
                                                Encrypted:false
                                                SSDEEP:12:1HEJsc/bGGsc/b+WYpU34OLw+dgn/KzO8ZpU34FjIBMwGRO03OyZnLAOfTYN+KcY:1HEb/a8/6WYp4mZ8Zp7cKlOGAOf2tD
                                                MD5:86A2B91FA18B867209024C522ED665D5
                                                SHA1:63DEC245637818C76655E01FCB6D59784BC7184E
                                                SHA-256:6374880FDD1F8AF1EE8AEA6A06B73BE0AB265AFCEB4FE6F08BDE3B3989264B21
                                                SHA-512:DA6DBDE5028756421C2904F605632EE98831A25A1247E6238A931629B94CE8A00FD76F4235F118D2167304BD60F2C06B2AD78E54FF6CE53F8C38DF8C7B5AFCE4
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Pagamentos da Chrome Web Store".. },.. "app_name": {.. "message": "Pagamentos da Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Aplicativo indispon.vel no momento.".. },.. "craw_connect_to_network": {.. "message": "Conecte-se a uma rede.".. },.. "iap_unavailable": {.. "message": "No momento, os Pagamentos no aplicativo n.o est.o dispon.veis.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Fa.a login no Google Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\pt_PT\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):622
                                                Entropy (8bit):4.526171498622949
                                                Encrypted:false
                                                SSDEEP:12:1HEJsZUkbGGsZUkb+WYpU34OAE+dgqxKzO8ZpU34rEpBfvPO03OyZnLAOfTYLD:1HEmUka5Uk6WYpFvdxZ8ZpSTnPlOGAOS
                                                MD5:750A4800EDB93FBE56495963F9FB3B94
                                                SHA1:8BFB915488A4EB3CB33D68E2E59F1F8447DB7D61
                                                SHA-256:C1C94F65FABAF17DEF98A8587711A56D61B1E5607500E9B01F2824DB109F9E83
                                                SHA-512:2AEDEF5793406221BE76AF22031CE8C30AB5FAEAED09BB394C153E2EBE990C89C1A2A73B40D8A92842641AFCA8C77FFD808A2058602D3646FD8DAE2844406F24
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Pagamentos via Chrome Web Store".. },.. "app_name": {.. "message": "Pagamentos via Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Aplica..o atualmente indispon.vel.".. },.. "craw_connect_to_network": {.. "message": "Ligue-se a uma rede.".. },.. "iap_unavailable": {.. "message": "Os Pagamentos na app est.o atualmente indispon.veis.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Inicie sess.o no Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\ro\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):641
                                                Entropy (8bit):4.61125938671415
                                                Encrypted:false
                                                SSDEEP:12:1HEJqJrJZGGqJrJZ+WYpU344HIx2Z+dgrVPlZO8ZpU34qT7hI3O03OyZnLAOfTYU:1HEC4D8WYpKow8WV68ZpKhoOGAOfoVGD
                                                MD5:98D43E4B1054A65DF3FA3CC40AB6FB6D
                                                SHA1:46E0A21C4DA2BB5D4D8F837AE211C1B6FA26E7E2
                                                SHA-256:113A13900CBA62FE8AED06751971C23A80A99B47F9BE219CF884D57DB19611D9
                                                SHA-512:A76DC53912A4F46714926B9EA2B22E909540E447F61F6DD72607AB7B3BB5D4A9B39E525B04C33AEC53BA813D14AC1FB5827275B2524E52B693E83171E1CD1466
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Pl..i prin Magazinul web Chrome".. },.. "app_name": {.. "message": "Pl..i prin Magazinul web Chrome".. },.. "craw_app_unavailable": {.. "message": ".n prezent, aplica.ia nu este disponibil..".. },.. "craw_connect_to_network": {.. "message": "Conecteaz.-te la o re.ea.".. },.. "iap_unavailable": {.. "message": "Pl..ile .n aplica.ie nu sunt disponibile momentan.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Conecteaz.-te la Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\ru\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):744
                                                Entropy (8bit):4.918620852166656
                                                Encrypted:false
                                                SSDEEP:12:1HEJ7OJHZMSl3ZGG7OJHZMSl3Z+WYpU34zWJ2F+dgVtLSv/TO8ZpU347NWjT03On:1HElOJHZMq4uOJHZMq8WYpdWJ/YGHq8m
                                                MD5:DB2EDF1465946C06BD95C71A1E13AE64
                                                SHA1:FB4F3ECE9ECECEBBC6CA2A592A15FB9C1FDFB811
                                                SHA-256:FBAF22CE6E16DE174CED8CB5EA3098CCA1C3426A2111FF33BD3E64DA64ED67AB
                                                SHA-512:4E0CF00BAEF1757548DEB17BBE1AF55770A0A0F7351779EF55C7DEFA6D112D0227B8865C2C22E0EC62E6E2F1C8E1632A2D0CE6828D25C5ABBF143C990116F632
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "......... ....... ........-........ Chrome".. },.. "app_name": {.. "message": "......... ....... ........-........ Chrome".. },.. "craw_app_unavailable": {.. "message": ".......... ...........".. },.. "craw_connect_to_network": {.. "message": "............ . .....".. },.. "iap_unavailable": {.. "message": "....... ..... .......... ...........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "....... . Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\sk\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):647
                                                Entropy (8bit):4.640777810668463
                                                Encrypted:false
                                                SSDEEP:12:1HEJfZGGfZ+WYpU34ORO+dgmmCO8ZpU34yH7u2Z03OyZnLAOfTYCUAi0D:1HEl4G8WYpetPmD8ZpcH7aOGAOfzUeD
                                                MD5:8DF215D1EFBDABB175CCDD68ED8DCB0A
                                                SHA1:2B374462137A38589A73FDD00A84CBDC7E50F9F4
                                                SHA-256:7FA16AF97E6CFC52EC6008EB679D3F30E7E0C24F9EF2D18A9228EAF4DED9D63B
                                                SHA-512:C0E623343BDAEB4731800D183B59F2FCFE285F0C7153EC99641FD84F2F2DCFE47D21E73F3D28B1240340453C5668EB0AFFBE087AAB62F1C88CD2A40CC44E599D
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "app_name": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplik.cia moment.lne nie je dostupn..".. },.. "craw_connect_to_network": {.. "message": "Pripojte sa k sieti.".. },.. "iap_unavailable": {.. "message": "Platby v aplik.cii moment.lne nie s. k dispoz.cii.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prihl.ste sa do prehliada.a Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\sl\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):617
                                                Entropy (8bit):4.5101656584816885
                                                Encrypted:false
                                                SSDEEP:12:1HEJGcyvmbZGGGcyvmbZ+WYpU34OBOEtf+dgca1ZO8ZpU34GcQArERff03OyZnLh:1HE4cyY4TcyY8WYpNoWa1w8ZpQcQ6AfK
                                                MD5:3943FA2A647AECEDFD685408B27139EE
                                                SHA1:0129DD19D28373359530B3B477FE8A9279DABB7D
                                                SHA-256:18AFF072EE0DF7C3495045435C752A805606E6D5D462EF2321C443F1773F4B3A
                                                SHA-512:42E62B3855611FF2E1D39C11404CB1A09825EE4CA6A8ACB3FF538B4574388F549E3BD79137DD4DC128A8DC44DD270D7D878E4AAD20DA8250A5C25297B0DEC09D
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Pla.ila v spletni trgovini Chrome".. },.. "app_name": {.. "message": "Pla.ila v spletni trgovini Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplikacija trenutno ni na voljo.".. },.. "craw_connect_to_network": {.. "message": "Pove.ite se z omre.jem.".. },.. "iap_unavailable": {.. "message": "Pla.ila v aplikacijah trenutno niso na voljo.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prijavite se v Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\sr\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):743
                                                Entropy (8bit):4.913927107235852
                                                Encrypted:false
                                                SSDEEP:12:1HEJssbdOGGssbdO+WYpU347xBP+dgcucO8ZpU34s1muP03OyZnLAOfTYzDYD:1HEKsb59sbTWYplx4Xud8Zpy1mNOGAOv
                                                MD5:D485DF17F085B6A37125694F85646FD0
                                                SHA1:24D51D8642CDC6EFD5D8D7A4430232D8CDE25108
                                                SHA-256:7FFDE34C58E7C376C042DE64DEF6481DAE32BE8B70F0B18EDF536290CBE0C818
                                                SHA-512:0DDECFD860E99290B6C3AAA04F510272AE081CF2D93ED5832D9D6378EC9D36177FFBE213471247FB94721EA34A83E7665669200047091D0FDE134E3D763217E7
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "....... . Chrome ...-..........".. },.. "app_name": {.. "message": "....... . Chrome ...-..........".. },.. "craw_app_unavailable": {.. "message": ".......... .. ........ ...........".. },.. "craw_connect_to_network": {.. "message": "........ .. .......".. },.. "iap_unavailable": {.. "message": "....... . .......... .. ........ ...........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "......... .. . Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\sv\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):630
                                                Entropy (8bit):4.52964089437422
                                                Encrypted:false
                                                SSDEEP:12:1HEJJMkbGGJMkb+WYpU34OACwz+dgNPGFZO8ZpU34JgpXLSb03OyZnLAOfTYLdID:1HErMkaqMk6WYpTOcb8ZpDgdZOGAOf8Y
                                                MD5:D372B8204EB743E16F45C7CBD3CAAF37
                                                SHA1:C96C57219D292B01016B37DCF82E7C79AD0DD1E8
                                                SHA-256:B8BA77E0089B0676545EC16D32468B727812B444F90B33A7A5B748E6C36C4388
                                                SHA-512:33640529E0D5DCC5CA4BDB0615A2818E8D26C6FCB7B3474C08AC3EB67B9DB40E1F0A79954ED20728CD47A686D2533DCBC76ABCBDB917F8530C8DE8BBA687352E
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Betalning via Chrome Web Store".. },.. "app_name": {.. "message": "Betalning via Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Appen .r inte tillg.nglig f.r tillf.llet.".. },.. "craw_connect_to_network": {.. "message": "Anslut till ett n.tverk.".. },.. "iap_unavailable": {.. "message": "Betalning i appen .r inte tillg.ngligt f.r n.rvarande.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Logga in i Chrome.".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\th\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):945
                                                Entropy (8bit):4.801079428724355
                                                Encrypted:false
                                                SSDEEP:24:1HEKa1dDa1/WYp6UFi72SmlG8ZpyactrW2SAOGAOfvSLD:WK2DNYp6U4y3bpyLxwGFW
                                                MD5:83E2D1E97791A4B2C5C69926EFB629C9
                                                SHA1:429600425CB0F196DDD717F940E94DBD8BFF2837
                                                SHA-256:2FECA577F43D97BAEEA464741D585892103585208FD0A935B810A03BDCE83C88
                                                SHA-512:60A5928DAA8CB4341487F477C56B5A98B83EDE50E5F4F55A802E01FDDAB86F3E795D391953D3D9214552D14D3F58C5A183693C613720FC12FC387D7B8F9B9AB6
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "............... Chrome .........".. },.. "app_name": {.. "message": "............... Chrome .........".. },.. "craw_app_unavailable": {.. "message": ".............................".. },.. "craw_connect_to_network": {.. "message": ".........................".. },.. "iap_unavailable": {.. "message": "...............................................".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "................. Chrome".. }..}..
                                                C:\Users\user\AppData\Local\Temp\scoped_dir5512_559641907\CRX_INSTALL\_locales\tr\messages.json
                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                File Type:UTF-8 Unicode text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):631
                                                Entropy (8bit):4.710869622361971
                                                Encrypted:false
                                                SSDEEP:12:1HEJ9Y8GG9Y8+WYpU34wWT+dgGb0GO8ZpU34wryd7T03OyZnLAOfTYGbPKG:1HE0jWYpyRnG8Zpyr/OGAOfFPn
                                                MD5:2CEAE0567B6BB1D240BBAD690A98CA3B
                                                SHA1:5944346FBD4A0797B13223895995CAB58E9ECD23
                                                SHA-256:A7CB86F30C9C31FE5540282C308BA96ADB4EC16EF98C87129EB88105E5BEF5FC
                                                SHA-512:108A07C6D03D7178E8D0FFEF5349E0249A898D864964FED8757BD8A08BC1C6D9613F2A6C01AA34A6606127D1C6CE14C229FA02586677DBB060B85E3E845950E1
                                                Malicious:false
                                                Reputation:low
                                                Preview: {.. "app_description": {.. "message": "Chrome Web Ma.azas. .demeleri".. },.. "app_name": {.. "message": "Chrome Web Ma.azas. .demeleri".. },.. "craw_app_unavailable": {.. "message": "Uygulama .u anda kullan.lam.yor.".. },.. "craw_connect_to_network": {.. "message": "L.tfen bir a.a ba.lan.n.".. },.. "iap_unavailable": {.. "message": "Uygulama ..i .demeler .u anda kullan.lamaz.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "L.tfen Chrome'da oturum a..n.".. }..}..

                                                Static File Info

                                                No static file info

                                                Network Behavior

                                                Network Port Distribution

                                                TCP Packets

                                                TimestampSource PortDest PortSource IPDest IP
                                                Jul 22, 2021 15:54:19.114315987 CEST49733443192.168.2.4172.217.168.45
                                                Jul 22, 2021 15:54:19.114588022 CEST49734443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:19.167002916 CEST44349734142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:19.167138100 CEST49734443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:19.168131113 CEST44349733172.217.168.45192.168.2.4
                                                Jul 22, 2021 15:54:19.168240070 CEST49733443192.168.2.4172.217.168.45
                                                Jul 22, 2021 15:54:19.170461893 CEST49734443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:19.177721977 CEST49733443192.168.2.4172.217.168.45
                                                Jul 22, 2021 15:54:19.220998049 CEST44349734142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:19.229172945 CEST44349733172.217.168.45192.168.2.4
                                                Jul 22, 2021 15:54:19.234138012 CEST44349734142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:19.234159946 CEST44349734142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:19.234184027 CEST44349734142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:19.234205008 CEST44349734142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:19.234330893 CEST49734443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:19.240287066 CEST49737443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.241796970 CEST49738443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.242362022 CEST44349733172.217.168.45192.168.2.4
                                                Jul 22, 2021 15:54:19.242403030 CEST44349733172.217.168.45192.168.2.4
                                                Jul 22, 2021 15:54:19.242451906 CEST49733443192.168.2.4172.217.168.45
                                                Jul 22, 2021 15:54:19.291627884 CEST49739443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.407264948 CEST44349737162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.407442093 CEST49737443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.407738924 CEST49737443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.407951117 CEST44349738162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.408085108 CEST49738443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.408329964 CEST49738443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.457391977 CEST44349739162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.457560062 CEST49739443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.457873106 CEST49739443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.469763041 CEST49733443192.168.2.4172.217.168.45
                                                Jul 22, 2021 15:54:19.470628977 CEST49734443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:19.471225977 CEST49733443192.168.2.4172.217.168.45
                                                Jul 22, 2021 15:54:19.471355915 CEST49734443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:19.471712112 CEST49733443192.168.2.4172.217.168.45
                                                Jul 22, 2021 15:54:19.471761942 CEST49733443192.168.2.4172.217.168.45
                                                Jul 22, 2021 15:54:19.471848965 CEST49734443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:19.520889044 CEST44349733172.217.168.45192.168.2.4
                                                Jul 22, 2021 15:54:19.521230936 CEST44349734142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:19.521347046 CEST49733443192.168.2.4172.217.168.45
                                                Jul 22, 2021 15:54:19.521524906 CEST44349734142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:19.521591902 CEST49734443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:19.521713018 CEST49734443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:19.522838116 CEST44349733172.217.168.45192.168.2.4
                                                Jul 22, 2021 15:54:19.523370028 CEST44349733172.217.168.45192.168.2.4
                                                Jul 22, 2021 15:54:19.527005911 CEST44349734142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:19.538378000 CEST44349734142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:19.538407087 CEST44349734142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:19.538435936 CEST44349734142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:19.538495064 CEST49734443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:19.538527012 CEST44349734142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:19.538567066 CEST49734443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:19.541265011 CEST49734443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:19.543870926 CEST44349733172.217.168.45192.168.2.4
                                                Jul 22, 2021 15:54:19.543894053 CEST44349733172.217.168.45192.168.2.4
                                                Jul 22, 2021 15:54:19.543905020 CEST44349733172.217.168.45192.168.2.4
                                                Jul 22, 2021 15:54:19.543922901 CEST44349733172.217.168.45192.168.2.4
                                                Jul 22, 2021 15:54:19.543939114 CEST44349733172.217.168.45192.168.2.4
                                                Jul 22, 2021 15:54:19.543983936 CEST49733443192.168.2.4172.217.168.45
                                                Jul 22, 2021 15:54:19.544039965 CEST49733443192.168.2.4172.217.168.45
                                                Jul 22, 2021 15:54:19.552659035 CEST49733443192.168.2.4172.217.168.45
                                                Jul 22, 2021 15:54:19.570184946 CEST44349737162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.570254087 CEST44349738162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.570615053 CEST44349737162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.570637941 CEST44349737162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.570653915 CEST44349737162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.570669889 CEST44349737162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.570693970 CEST44349738162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.570713043 CEST44349738162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.570729017 CEST44349738162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.570779085 CEST49737443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.570812941 CEST49737443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.570817947 CEST49738443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.570822001 CEST44349738162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.570908070 CEST49738443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.571835995 CEST44349737162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.573952913 CEST44349738162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.576011896 CEST44349734142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:19.576673031 CEST44349733172.217.168.45192.168.2.4
                                                Jul 22, 2021 15:54:19.590881109 CEST44349734142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:19.602854013 CEST49737443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.603596926 CEST44349733172.217.168.45192.168.2.4
                                                Jul 22, 2021 15:54:19.603763103 CEST49738443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.604892969 CEST49737443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.621948004 CEST44349739162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.621968985 CEST44349739162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.621980906 CEST44349739162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.622025967 CEST44349739162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.622040033 CEST44349739162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.622054100 CEST44349739162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.622112989 CEST49739443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.623780966 CEST49739443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.766133070 CEST44349737162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.766196966 CEST44349738162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.767631054 CEST44349737162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.767781973 CEST49737443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.782805920 CEST49737443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.785891056 CEST44349739162.241.29.157192.168.2.4
                                                Jul 22, 2021 15:54:19.814176083 CEST49738443192.168.2.4162.241.29.157
                                                Jul 22, 2021 15:54:19.983387947 CEST49739443192.168.2.4162.241.29.157

                                                UDP Packets

                                                TimestampSource PortDest PortSource IPDest IP
                                                Jul 22, 2021 15:54:06.585002899 CEST5372353192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:06.617711067 CEST6464653192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:06.637197971 CEST53537238.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:06.684072971 CEST53646468.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:07.533442974 CEST6529853192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:07.590735912 CEST53652988.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:08.287132025 CEST5912353192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:08.345841885 CEST53591238.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:08.512098074 CEST5453153192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:08.572382927 CEST53545318.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:09.289496899 CEST4971453192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:09.340161085 CEST53497148.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:10.443084955 CEST5802853192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:10.503202915 CEST53580288.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:11.408162117 CEST5309753192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:11.464931011 CEST53530978.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:12.494951963 CEST4925753192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:12.543926001 CEST53492578.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:13.449280024 CEST6238953192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:13.498683929 CEST53623898.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:15.637043953 CEST4991053192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:15.689479113 CEST53499108.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:18.142548084 CEST5653453192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:18.194614887 CEST53565348.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:19.046715975 CEST5662753192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:19.047283888 CEST5662153192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:19.047931910 CEST6311653192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:19.051064014 CEST6407853192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:19.104460001 CEST53566218.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:19.104737043 CEST53631168.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:19.116532087 CEST53640788.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:19.124804974 CEST6480153192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:19.187299967 CEST53648018.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:19.234085083 CEST53566278.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:19.621341944 CEST6172153192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:19.670476913 CEST53617218.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:20.128905058 CEST5125553192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:20.143429995 CEST51256443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:20.181663990 CEST53512558.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:20.206248999 CEST44351256142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:20.206401110 CEST44351256142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:20.206475973 CEST44351256142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:20.206762075 CEST51256443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:20.208267927 CEST51256443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:20.208781958 CEST51256443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:20.283719063 CEST44351256142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:20.294039011 CEST44351256142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:20.296499014 CEST51256443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:20.296613932 CEST51256443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:20.346292973 CEST44351256142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:20.362891912 CEST44351256142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:20.362950087 CEST44351256142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:20.363611937 CEST51256443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:20.377260923 CEST44351256142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:20.379127979 CEST44351256142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:20.379235983 CEST44351256142.250.203.110192.168.2.4
                                                Jul 22, 2021 15:54:20.383084059 CEST51256443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:20.410413027 CEST51256443192.168.2.4142.250.203.110
                                                Jul 22, 2021 15:54:20.687561035 CEST6152253192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:20.729702950 CEST5233753192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:20.752767086 CEST53615228.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:20.787492990 CEST53523378.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:20.810571909 CEST5504653192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:20.882286072 CEST53550468.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:22.866857052 CEST6087553192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:22.958216906 CEST5644853192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:23.021671057 CEST53564488.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:23.067173958 CEST53608758.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:23.561034918 CEST5917253192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:23.610569000 CEST53591728.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:25.486754894 CEST6242053192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:25.539091110 CEST53624208.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:26.846381903 CEST6057953192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:26.904947996 CEST53605798.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:30.588478088 CEST5979453192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:30.640595913 CEST53597948.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:32.021447897 CEST5591653192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:32.078649998 CEST53559168.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:32.988790989 CEST5275253192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:33.064735889 CEST53527528.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:34.312284946 CEST6054253192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:34.361387014 CEST53605428.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:35.288228989 CEST6068953192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:35.339401960 CEST53606898.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:37.137566090 CEST6420653192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:37.194576979 CEST53642068.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:40.868665934 CEST5090453192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:40.936275005 CEST53509048.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:57.595604897 CEST5752553192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:57.707403898 CEST53575258.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:58.369569063 CEST5381453192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:58.496501923 CEST53538148.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:58.956393003 CEST5341853192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:59.025983095 CEST53534188.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:59.245384932 CEST6283353192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:59.304063082 CEST53628338.8.8.8192.168.2.4
                                                Jul 22, 2021 15:54:59.774646997 CEST5926053192.168.2.48.8.8.8
                                                Jul 22, 2021 15:54:59.833333969 CEST53592608.8.8.8192.168.2.4
                                                Jul 22, 2021 15:55:00.412154913 CEST4994453192.168.2.48.8.8.8
                                                Jul 22, 2021 15:55:00.469993114 CEST53499448.8.8.8192.168.2.4
                                                Jul 22, 2021 15:55:01.096201897 CEST6330053192.168.2.48.8.8.8
                                                Jul 22, 2021 15:55:01.146141052 CEST6144953192.168.2.48.8.8.8
                                                Jul 22, 2021 15:55:01.156065941 CEST53633008.8.8.8192.168.2.4
                                                Jul 22, 2021 15:55:01.206620932 CEST53614498.8.8.8192.168.2.4
                                                Jul 22, 2021 15:55:01.849286079 CEST5127553192.168.2.48.8.8.8
                                                Jul 22, 2021 15:55:01.906475067 CEST53512758.8.8.8192.168.2.4
                                                Jul 22, 2021 15:55:03.114274025 CEST6349253192.168.2.48.8.8.8
                                                Jul 22, 2021 15:55:03.171677113 CEST53634928.8.8.8192.168.2.4

                                                DNS Queries

                                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                                Jul 22, 2021 15:54:19.046715975 CEST192.168.2.48.8.8.80xb1baStandard query (0)gios.co.inA (IP address)IN (0x0001)
                                                Jul 22, 2021 15:54:19.047283888 CEST192.168.2.48.8.8.80xb723Standard query (0)accounts.google.comA (IP address)IN (0x0001)
                                                Jul 22, 2021 15:54:19.047931910 CEST192.168.2.48.8.8.80xaec8Standard query (0)clients2.google.comA (IP address)IN (0x0001)
                                                Jul 22, 2021 15:54:20.687561035 CEST192.168.2.48.8.8.80x2c74Standard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)
                                                Jul 22, 2021 15:54:20.810571909 CEST192.168.2.48.8.8.80xa1a0Standard query (0)www.ericsson.comA (IP address)IN (0x0001)
                                                Jul 22, 2021 15:54:22.866857052 CEST192.168.2.48.8.8.80x8585Standard query (0)gios.co.inA (IP address)IN (0x0001)

                                                DNS Answers

                                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                                Jul 22, 2021 15:54:19.104460001 CEST8.8.8.8192.168.2.40xb723No error (0)accounts.google.com172.217.168.45A (IP address)IN (0x0001)
                                                Jul 22, 2021 15:54:19.104737043 CEST8.8.8.8192.168.2.40xaec8No error (0)clients2.google.comclients.l.google.comCNAME (Canonical name)IN (0x0001)
                                                Jul 22, 2021 15:54:19.104737043 CEST8.8.8.8192.168.2.40xaec8No error (0)clients.l.google.com142.250.203.110A (IP address)IN (0x0001)
                                                Jul 22, 2021 15:54:19.234085083 CEST8.8.8.8192.168.2.40xb1baNo error (0)gios.co.in162.241.29.157A (IP address)IN (0x0001)
                                                Jul 22, 2021 15:54:20.752767086 CEST8.8.8.8192.168.2.40x2c74No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)
                                                Jul 22, 2021 15:54:20.752767086 CEST8.8.8.8192.168.2.40x2c74No error (0)googlehosted.l.googleusercontent.com142.250.203.97A (IP address)IN (0x0001)
                                                Jul 22, 2021 15:54:20.882286072 CEST8.8.8.8192.168.2.40xa1a0No error (0)www.ericsson.comwww.ericsson.com.edgekey.netCNAME (Canonical name)IN (0x0001)
                                                Jul 22, 2021 15:54:23.067173958 CEST8.8.8.8192.168.2.40x8585No error (0)gios.co.in162.241.29.157A (IP address)IN (0x0001)

                                                HTTPS Packets

                                                TimestampSource IPSource PortDest IPDest PortSubjectIssuerNot BeforeNot AfterJA3 SSL Client FingerprintJA3 SSL Client Digest
                                                Jul 22, 2021 15:54:19.571835995 CEST162.241.29.157443192.168.2.449737CN=gios.co.in CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=USCN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.Wed May 26 03:37:14 CEST 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021Tue Aug 24 03:37:14 CEST 2021 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-13-18-51-45-43-27-21,29-23-24,0b32309a26951912be7dba376398abc3b
                                                CN=R3, O=Let's Encrypt, C=USCN=ISRG Root X1, O=Internet Security Research Group, C=USFri Sep 04 02:00:00 CEST 2020Mon Sep 15 18:00:00 CEST 2025
                                                CN=ISRG Root X1, O=Internet Security Research Group, C=USCN=DST Root CA X3, O=Digital Signature Trust Co.Wed Jan 20 20:14:03 CET 2021Mon Sep 30 20:14:03 CEST 2024
                                                Jul 22, 2021 15:54:19.573952913 CEST162.241.29.157443192.168.2.449738CN=gios.co.in CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=USCN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.Wed May 26 03:37:14 CEST 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021Tue Aug 24 03:37:14 CEST 2021 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-13-18-51-45-43-27-21,29-23-24,0b32309a26951912be7dba376398abc3b
                                                CN=R3, O=Let's Encrypt, C=USCN=ISRG Root X1, O=Internet Security Research Group, C=USFri Sep 04 02:00:00 CEST 2020Mon Sep 15 18:00:00 CEST 2025
                                                CN=ISRG Root X1, O=Internet Security Research Group, C=USCN=DST Root CA X3, O=Digital Signature Trust Co.Wed Jan 20 20:14:03 CET 2021Mon Sep 30 20:14:03 CEST 2024
                                                Jul 22, 2021 15:54:19.622054100 CEST162.241.29.157443192.168.2.449739CN=gios.co.in CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=USCN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.Wed May 26 03:37:14 CEST 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021Tue Aug 24 03:37:14 CEST 2021 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-13-18-51-45-43-27-21,29-23-24,0b32309a26951912be7dba376398abc3b
                                                CN=R3, O=Let's Encrypt, C=USCN=ISRG Root X1, O=Internet Security Research Group, C=USFri Sep 04 02:00:00 CEST 2020Mon Sep 15 18:00:00 CEST 2025
                                                CN=ISRG Root X1, O=Internet Security Research Group, C=USCN=DST Root CA X3, O=Digital Signature Trust Co.Wed Jan 20 20:14:03 CET 2021Mon Sep 30 20:14:03 CEST 2024
                                                Jul 22, 2021 15:54:23.406089067 CEST162.241.29.157443192.168.2.449757CN=gios.co.in CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=USCN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.Wed May 26 03:37:14 CEST 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021Tue Aug 24 03:37:14 CEST 2021 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,037f463bf4616ecd445d4a1937da06e19
                                                CN=R3, O=Let's Encrypt, C=USCN=ISRG Root X1, O=Internet Security Research Group, C=USFri Sep 04 02:00:00 CEST 2020Mon Sep 15 18:00:00 CEST 2025
                                                CN=ISRG Root X1, O=Internet Security Research Group, C=USCN=DST Root CA X3, O=Digital Signature Trust Co.Wed Jan 20 20:14:03 CET 2021Mon Sep 30 20:14:03 CEST 2024

                                                Code Manipulations

                                                Statistics

                                                Behavior

                                                Click to jump to process

                                                System Behavior

                                                Analysis Process: chrome.exe PID: 5512 Parent PID: 4692

                                                General

                                                Start time:15:54:13
                                                Start date:22/07/2021
                                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                Wow64 process (32bit):false
                                                Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://gios.co.in/dalube'
                                                Imagebase:0x7ff609c80000
                                                File size:2150896 bytes
                                                MD5 hash:C139654B5C1438A95B321BB01AD63EF6
                                                Has elevated privileges:true
                                                Has administrator privileges:true
                                                Programmed in:C, C++ or other language
                                                Reputation:low

                                                Analysis Process: chrome.exe PID: 984 Parent PID: 5512

                                                General

                                                Start time:15:54:15
                                                Start date:22/07/2021
                                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                Wow64 process (32bit):false
                                                Commandline:'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1504,162524958323097783,14263672154630043900,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1832 /prefetch:8
                                                Imagebase:0x7ff609c80000
                                                File size:2150896 bytes
                                                MD5 hash:C139654B5C1438A95B321BB01AD63EF6
                                                Has elevated privileges:true
                                                Has administrator privileges:true
                                                Programmed in:C, C++ or other language
                                                Reputation:low

                                                Disassembly

                                                Reset < >