Automated Malware Analysis Management Report for https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHXksBwm1GIMZZGE28lbrnQ?e=lnJa6i

Overview

General Information

Sample URL:	https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHXksBwm1GIMZZGE28lbrnQ?e=lnJa6i
Analysis ID:	483675
Infos:
Most interesting Screenshot:

Detection

HTMLPhisher

Score:	64
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish10

Antivirus detection for URL or domain

Phishing site detected (based on logo template match)

Phishing site detected (based on image similarity)

HTML body contains low number of good links

No HTML title found

Classification

Signatures

AV Detection:

Antivirus detection for URL or domain

Source: https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d

SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

Yara detected HtmlPhish10

Source: Yara match

File source: 79809.4.pages.csv, type: HTML

Phishing site detected (based on logo template match)

Source: https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d

Matcher: Template: microsoft matched

Phishing site detected (based on image similarity)

Source: https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d

Matcher: Found strong image similarity, brand: Microsoft image: 79809.4.img.1.gfk.csv EF884BDEDEF280DF97A4C5604058D8DB

HTML body contains low number of good links

Source: https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d	HTTP Parser: Number of links: 0
Source: https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d	HTTP Parser: Number of links: 0

No HTML title found

Source: https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d	HTTP Parser: HTML title missing
Source: https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d	HTTP Parser: HTML title missing

Source: https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d	HTTP Parser: No <meta name="author".. found
Source: https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d	HTTP Parser: No <meta name="author".. found

Source: https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d	HTTP Parser: No <meta name="copyright".. found
Source: https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\3580_1821779964\LICENSE.txt

Jump to behavior

Source: unknown	HTTPS traffic detected: 192.185.177.233:443 -> 192.168.2.3:49978 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.185.177.233:443 -> 192.168.2.3:49979 version: TLS 1.2

Source: unknown

DNS traffic detected: queries for: clients2.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965

Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfmX-Goog-Update-Updater: chromecrx-85.0.4183.121Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHXksBwm1GIMZZGE28lbrnQ?e=lnJa6i HTTP/1.1Host: aabsi-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /personal/fruelda_am_acmotors_com_ph/_layouts/15/Doc.aspx?sourcedoc=%7B42ee999d-a1c5-4e61-a417-0bf2147c1468%7D&action=default&slrid=39afef9f-a044-0000-bb8a-3a5fb92c10ce&originalPath=aHR0cHM6Ly9hYWJzaS1teS5zaGFyZXBvaW50LmNvbS86bzovZy9wZXJzb25hbC9mcnVlbGRhX2FtX2FjbW90b3JzX2NvbV9waC9FcDJaN2tMRm9XRk9wQmNMOGhSOEZHZ0JIWGtzQndtMUdJTVpaR0UyOGxicm5RP3J0aW1lPXZ6cjV5aXA0MlVn&cid=dee58779-8263-48d9-84ec-030f00145d89 HTTP/1.1Host: aabsi-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjExLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2NjYjg0MTEwYTQ0YWI5ZDgwZWM2MWQyZWIzY2RhNjhiZTVmOTFhZGIzMDNjMGViYjBiYTU1MDYyZDNhNmRmNTYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jY2NiODQxMTBhNDRhYjlkODBlYzYxZDJlYjNjZGE2OGJlNWY5MWFkYjMwM2MwZWJiMGJhNTUwNjJkM2E2ZGY1NiwxMzI3NjE3MTg0MzAwMDAwMDAsMCwxMzI3NjI1Nzk0Mzg2MTM5MjcsMC4wLjAuMCwyNTgsYjEzYWY3MGItY2Q2Ni00ZDQ5LTk4YmQtYTUyMzMxNDJlNDUyLCwsMzlhZmVmOWYtYTA0NC0wMDAwLWJiOGEtM2E1ZmI5MmMxMGNlLDM5YWZlZjlmLWEwNDQtMDAwMC1iYjhhLTNhNWZiOTJjMTBjZSxSckFraVZxVVVFbXp0UTdmN0JOUkd3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLFZDcDZXVjJyOW5EQkliMmE3Ny9GSTFjNkhMR1J6NVJHUndxME1zZFY2Q2d3YnYvV1dWVXBTeEJnVXFtNy9hK1hXdEIyYVN2T0s2ZmNOKzUydGVFSExJemk3Q0p5TURFeXA1OHE4RHFVNkZpTlVKUDBkSjAyVE91MzhVbUQxc3VwOWd0ZGY5bG5XYk5tanNuREFlbDZVL2V1Ukd1dHZkWlhkVm82QlpkMkNoRnlJYitjS29HZlhZWmE1ZWx0NlFLd1V2OG4yclpSWXpsMDl3VDMvSVUvOUpCZEVJaXhFM2tvYmUxeTBRMEdVWnJkNWVXSm5yeDNZQTlGU2twU3ROUVh4NEhoWUJWekNKd0MzT2JKL0h3QnNjb0ROL1puRCtsUlhQbXMrMjF0Q1hVaStvRTBYUURVUUxUNWxWeEpXcUNxYkVOTVpwbDg0MGhBTllZUURaeHZGQT09PC9TUD4=
Source: global traffic	HTTP traffic detected: GET /crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1631730357439 HTTP/1.1Host: storage.live.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onenote.officeapps.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /xil/vew/latest HTTP/1.1Host: grudigital.com.brConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /xil/vew/latest/ HTTP/1.1Host: grudigital.com.brConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d HTTP/1.1Host: grudigital.com.brConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=1b42ef3c7572d9d1cb6acf8a49b11434
Source: global traffic	HTTP traffic detected: GET /xil/vew/latest/one/files/css.css HTTP/1.1Host: grudigital.com.brConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287dAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=1b42ef3c7572d9d1cb6acf8a49b11434
Source: global traffic	HTTP traffic detected: GET /xil/vew/latest/one/files/logo.png HTTP/1.1Host: grudigital.com.brConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287dAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=1b42ef3c7572d9d1cb6acf8a49b11434
Source: global traffic	HTTP traffic detected: GET /xil/vew/latest/one/files/pdf.png HTTP/1.1Host: grudigital.com.brConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287dAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=1b42ef3c7572d9d1cb6acf8a49b11434
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: grudigital.com.brConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287dAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=1b42ef3c7572d9d1cb6acf8a49b11434
Source: global traffic	HTTP traffic detected: GET /xil/vew/latest/one/files/logo.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: grudigital.com.br
Source: global traffic	HTTP traffic detected: GET /xil/vew/latest/one/files/pdf.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: grudigital.com.br

Source: Ruleset Data.0.dr	String found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: Ruleset Data.0.dr	String found in binary or memory: www.facebook.com/ajax/ads/ equals www.facebook.com (Facebook)

Source: Current Session.0.dr	String found in binary or memory: https://aabsi-my.sharepoint.com
Source: 000003.log0.0.dr	String found in binary or memory: https://aabsi-my.sharepoint.com/
Source: History-journal.0.dr, Favicons-journal.0.dr, Favicons.0.dr	String found in binary or memory: https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHX
Source: History-journal.0.dr, Favicons.0.dr	String found in binary or memory: https://aabsi-my.sharepoint.com/personal/fruelda_am_acmotors_com_ph/_layouts/15/Doc.aspx?sourcedoc=
Source: History-journal.0.dr, Favicons-journal.0.dr	String found in binary or memory: https://aabsi-my.sharepoint.com/personal/fruelda_am_acmotors_com_ph/_layouts/15/Doc.aspx?sourcedoc=%
Source: manifest.json0.0.dr, 767113b0-fa79-4190-8639-732872c4e600.tmp.1.dr, f0c90e10-8517-4cc4-916b-23a398f50858.tmp.1.dr	String found in binary or memory: https://accounts.google.com
Source: 7444ea2da1317cfb_0.0.dr	String found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.1.3.min.js
Source: f7dd50aa7b62010a_0.0.dr	String found in binary or memory: https://amcdn.msftauth.net/me?partner=OneNoteOnline&version=10.21153.1&market=EN-US&wrapperId=suites
Source: 000003.log5.0.dr	String found in binary or memory: https://apc01.oscs.protection.outlook.com/api/SafeLinksApi/
Source: 000003.log5.0.dr	String found in binary or memory: https://apc01.safelinks.protection.outlook.com/GetUrlReputation
Source: manifest.json0.0.dr, 767113b0-fa79-4190-8639-732872c4e600.tmp.1.dr, f0c90e10-8517-4cc4-916b-23a398f50858.tmp.1.dr	String found in binary or memory: https://apis.google.com
Source: 90b75c1a333fbe5d_0.0.dr	String found in binary or memory: https://c1-officeapps-15.cdn.office.net/o/s/161450541015_App_Scripts/Feedback/latest/Intl/en/officeb
Source: 3341dc8ccaa38e24_0.0.dr	String found in binary or memory: https://c1-officeapps-15.cdn.office.net/o/s/161450541015_App_Scripts/Feedback/latest/officebrowserfe
Source: 74dda42491470d94_0.0.dr	String found in binary or memory: https://c1-officeapps-15.cdn.office.net/o/s/161450541015_App_Scripts/wacairspaceanimationlibrary.js
Source: fa1d01002fa990ce_0.0.dr	String found in binary or memory: https://c1-officeapps-15.cdn.office.net/o/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js
Source: 2f093249a8f8bca4_0.0.dr	String found in binary or memory: https://c1-officeapps-15.cdn.office.net/o/s/h86134E806FB32D83_App_Scripts/1033/CommonIntl.js
Source: Favicons.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/resources/1033/FavIcon_OneNote.ico
Source: 281a196a87838cee_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/1033/OneNoteSimplified.Wac.TellMeM
Source: 1bcd0439134a3715_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/1033/onenote-intl-mlr.min.js
Source: e5fee07f85dd431e_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/1033/onenote-navpane-strings.min.j
Source: 02c7e165ebc7c9de_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/1033/onenote-ribbon-intl.min.js
Source: 1d5a541437e1e052_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/1033/onenote-ribbon-sprite-lazy.mi
Source: e78b87c38b36287e_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/1033/osfruntime_strings.js
Source: 37f28228f077dd16_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/OfficeExtension.WacRuntime.js
Source: d0654debbe0752ab_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/OneNote.box4.dll2.js?retries=1
Source: a7116b5a814c13d9_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/OneNoteSimplified.Wac.TellMeSugges
Source: 49e154754a1b515c_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/OsfRuntimeOneNoteWAC.js
Source: 9f4474a9eac49cfc_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/appChrome.min.js
Source: a99544b9320222ee_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/appChromeLazy.min.js
Source: 2310e2ec0ef84354_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/appIconsLazy.min.js
Source: 8c527f7c99a46d20_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/common.min.js
Source: ee2f7dc01c580763_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/common50.min.js
Source: b8d6903289bdf5e5_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/navigation.min.js
Source: 47a77da855f57cf8_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/onenoteloadingspinner.min.js
Source: aa4a263f93dfaac5_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/oreolazy.min.js
Source: e513ed8e4730e1c9_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/oreonavpane.min.js
Source: fd818ce584f1de3a_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/oreonotebookpane.min.js
Source: 7e3b21fda9937990_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/oreosearchpane.min.js
Source: 859faf000b5b27df_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/otelFull.min.js
Source: 64ad52f359b9abdc_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/suiteux-shell/js/suiteux.shell.con
Source: ace05e7cac6c477f_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/suiteux-shell/js/suiteux.shell.cor
Source: e4f97bb7584c4d55_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/suiteux-shell/js/suiteux.shell.plu
Source: bb7b434ae64a8b31_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161450541015_App_Scripts/uiFabricLazy.min.js
Source: 7cd4eb7d184ef6b5_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h06FE78141D1F3A43_App_Scripts/Compat.js
Source: 253ada26cb26b6aa_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h207E6AA8E669E1DB_App_Scripts/common.min.js
Source: 387591b72ede2a53_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h29DB8AD8C3F08967_App_Scripts/1033/WoncaIntl.js
Source: 1bc1b686e63f82ff_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h343F8D452E239C63_App_Scripts/onenoteSync.min.js
Source: 047447b274c22c54_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h4553A1519A41E5EA_App_Scripts/1033/OneNoteIntl.js
Source: af5c3b38004ce8f5_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h5277160D6043DE10_App_Scripts/OneNote.js
Source: 8e1634acc9edb463_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/hB4C30F06EFC8E468_App_Scripts/OneNote.box4.dll1.js
Source: 3da036a9ad3ac2b3_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/hCBE3A397F2722612_App_Scripts/wacBoot.min.js
Source: d68c2e39091fecb5_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/hCC5AD0FD2CE48E17_App_Scripts/onenote-boot.min.js
Source: 089da834c75847e1_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/hCF8E38AF39F430EA_App_Scripts/jSanity.js
Source: a4e4f981b679f738_0.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/hDDF49EC81121027B_App_Scripts/1033/Box4Intl.js
Source: 000003.log5.0.dr	String found in binary or memory: https://c1-onenote-15.cdn.office.net:443/o/s/161450541015_
Source: 5eb56a63fca89ad6_0.0.dr	String found in binary or memory: https://cdn.onenote.net/officeaddins/161451440452_Scripts/BrowserUls.js
Source: 6671f4ecda0f6e11_0.0.dr	String found in binary or memory: https://cdn.onenote.net/officeaddins/161451440452_Scripts/CommonDiagnostics.js
Source: 88d4628693712bea_0.0.dr	String found in binary or memory: https://cdn.onenote.net/officeaddins/161451440452_Scripts/ExternalResources/js-cookie.js
Source: a496b5ea39da3bad_0.0.dr	String found in binary or memory: https://cdn.onenote.net/officeaddins/161451440452_Scripts/Instrumentation.js
Source: b9a0c0163bb1d181_0.0.dr	String found in binary or memory: https://cdn.onenote.net/officeaddins/161451440452_Scripts/LearningTools/LearningTools.js
Source: e99eb54082532864_0.0.dr	String found in binary or memory: https://cdn.onenote.net/officeaddins/161451440452_Scripts/aria-web-telemetry-2.9.0.min.js
Source: 8e8c910519af4dd5_0.0.dr	String found in binary or memory: https://cdn.onenote.net/officeaddins/161451440452_Scripts/pickadate.min.js
Source: 767113b0-fa79-4190-8639-732872c4e600.tmp.1.dr, f0c90e10-8517-4cc4-916b-23a398f50858.tmp.1.dr	String found in binary or memory: https://clients2.google.com
Source: manifest.json0.0.dr	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 767113b0-fa79-4190-8639-732872c4e600.tmp.1.dr, f0c90e10-8517-4cc4-916b-23a398f50858.tmp.1.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: 767113b0-fa79-4190-8639-732872c4e600.tmp.1.dr	String found in binary or memory: https://content-autofill.googleapis.com
Source: manifest.json0.0.dr	String found in binary or memory: https://content.googleapis.com
Source: 000003.log5.0.dr	String found in binary or memory: https://content.growth.office.net/mirrored/resources/programmablesurfaces/prod/officewebsurfaces.cor
Source: 3aaa2944-8951-4c74-abc1-0b23dc427151.tmp.1.dr, 767113b0-fa79-4190-8639-732872c4e600.tmp.1.dr, 8e8a42b1-7ae1-4122-907b-bf6b5084b7b5.tmp.1.dr, f0c90e10-8517-4cc4-916b-23a398f50858.tmp.1.dr	String found in binary or memory: https://dns.google
Source: manifest.json0.0.dr	String found in binary or memory: https://feedback.googleusercontent.com
Source: 767113b0-fa79-4190-8639-732872c4e600.tmp.1.dr, f0c90e10-8517-4cc4-916b-23a398f50858.tmp.1.dr	String found in binary or memory: https://fonts.googleapis.com
Source: Network Action Predictor.0.dr	String found in binary or memory: https://fonts.googleapis.com/
Source: manifest.json0.0.dr	String found in binary or memory: https://fonts.googleapis.com;
Source: 767113b0-fa79-4190-8639-732872c4e600.tmp.1.dr, f0c90e10-8517-4cc4-916b-23a398f50858.tmp.1.dr	String found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.0.dr	String found in binary or memory: https://fonts.gstatic.com;
Source: Network Action Predictor.0.dr	String found in binary or memory: https://grudigital.com.br/
Source: Current Session.0.dr	String found in binary or memory: https://grudigital.com.br/xil/vew/latest
Source: History.0.dr	String found in binary or memory: https://grudigital.com.br/xil/vew/latest/
Source: History.0.dr	String found in binary or memory: https://grudigital.com.br/xil/vew/latest/OneDrive
Source: History.0.dr	String found in binary or memory: https://grudigital.com.br/xil/vew/latest/OneDrive/
Source: Current Session.0.dr	String found in binary or memory: https://grudigital.com.br/xil/vew/latest/one/#
Source: History.0.dr	String found in binary or memory: https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906
Source: History.0.dr	String found in binary or memory: https://grudigital.com.br/xil/vew/latestOneDrive
Source: History.0.dr	String found in binary or memory: https://grudigital.com.br/xil/vew/latestOneDrive/
Source: manifest.json0.0.dr	String found in binary or memory: https://hangouts.google.com/
Source: a7116b5a814c13d9_0.0.dr	String found in binary or memory: https://live.com/
Source: 49e154754a1b515c_0.0.dr	String found in binary or memory: https://live.com/%V
Source: 1d5a541437e1e052_0.0.dr	String found in binary or memory: https://live.com/&Hd
Source: 2310e2ec0ef84354_0.0.dr	String found in binary or memory: https://live.com/3Bd
Source: 253ada26cb26b6aa_0.0.dr	String found in binary or memory: https://live.com/:
Source: 2f093249a8f8bca4_0.0.dr	String found in binary or memory: https://live.com/?&$
Source: 7e3b21fda9937990_0.0.dr	String found in binary or memory: https://live.com/A
Source: 387591b72ede2a53_0.0.dr	String found in binary or memory: https://live.com/JF%
Source: 3341dc8ccaa38e24_0.0.dr	String found in binary or memory: https://live.com/LbV
Source: f7dd50aa7b62010a_0.0.dr	String found in binary or memory: https://live.com/Lp
Source: af5c3b38004ce8f5_0.0.dr	String found in binary or memory: https://live.com/Y
Source: ace05e7cac6c477f_0.0.dr	String found in binary or memory: https://live.com/Z
Source: 8c527f7c99a46d20_0.0.dr	String found in binary or memory: https://live.com/a
Source: a4e4f981b679f738_0.0.dr	String found in binary or memory: https://live.com/e
Source: e5fee07f85dd431e_0.0.dr	String found in binary or memory: https://live.com/f=
Source: aa4a263f93dfaac5_0.0.dr	String found in binary or memory: https://live.com/i
Source: fd818ce584f1de3a_0.0.dr	String found in binary or memory: https://live.com/r
Source: 8e1634acc9edb463_0.0.dr	String found in binary or memory: https://live.com/~
Source: 4b94406e6b437b96_0.0.dr	String found in binary or memory: https://modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2021-08-27.003/odsp.aria/odsp.aria.li
Source: e11bcdafaaa75eb5_0.0.dr	String found in binary or memory: https://modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2021-08-27.003/odsp.react/odsp.react.
Source: c81e6b4ad9136b7e_0.0.dr	String found in binary or memory: https://modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2021-08-27.003/require.js
Source: 6b1462b985c4cc1a_0.0.dr	String found in binary or memory: https://modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2021-08-27.003/wachostwebpack/en-us/p
Source: 72c14961ecbda7e1_0.0.dr	String found in binary or memory: https://modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2021-08-27.003/wachostwebpack/wachost
Source: 767113b0-fa79-4190-8639-732872c4e600.tmp.1.dr, f0c90e10-8517-4cc4-916b-23a398f50858.tmp.1.dr	String found in binary or memory: https://ogs.google.com
Source: 8e8c910519af4dd5_0.0.dr, 88d4628693712bea_0.0.dr	String found in binary or memory: https://onenote.com/
Source: e99eb54082532864_0.0.dr	String found in binary or memory: https://onenote.com/:
Source: 6671f4ecda0f6e11_0.0.dr	String found in binary or memory: https://onenote.com/v
Source: Current Session.0.dr, 000003.log0.0.dr	String found in binary or memory: https://onenote.officeapps.live.com
Source: QuotaManager.0.dr, index.txt.tmp.0.dr, 000003.log0.0.dr	String found in binary or memory: https://onenote.officeapps.live.com/
Source: QuotaManager.0.dr	String found in binary or memory: https://onenote.officeapps.live.com//
Source: Current Session.0.dr	String found in binary or memory: https://onenote.officeapps.live.com/o/onenoteframe.aspx?ui=en%2DUS&rs=en%2DUS&wopisrc=https%3A%2F%2F
Source: manifest.json.0.dr	String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: 767113b0-fa79-4190-8639-732872c4e600.tmp.1.dr, f0c90e10-8517-4cc4-916b-23a398f50858.tmp.1.dr	String found in binary or memory: https://play.google.com
Source: 767113b0-fa79-4190-8639-732872c4e600.tmp.1.dr	String found in binary or memory: https://r4---sn-5hnekn7z.gvt1.com
Source: 767113b0-fa79-4190-8639-732872c4e600.tmp.1.dr	String found in binary or memory: https://redirector.gvt1.com
Source: manifest.json.0.dr	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: d68c2e39091fecb5_0.0.dr	String found in binary or memory: https://sharepoint.com/
Source: 72c14961ecbda7e1_0.0.dr	String found in binary or memory: https://sharepoint.com/.
Source: Reporting and NEL.1.dr	String found in binary or memory: https://spo.nel.measure.office.net/api/report?tenantId=b13af70b-cd66-4d49-98bd-a5233142e452&destinat
Source: 767113b0-fa79-4190-8639-732872c4e600.tmp.1.dr, f0c90e10-8517-4cc4-916b-23a398f50858.tmp.1.dr	String found in binary or memory: https://ssl.gstatic.com
Source: messages.json41.0.dr	String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.dr	String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: manifest.json0.0.dr, 767113b0-fa79-4190-8639-732872c4e600.tmp.1.dr, f0c90e10-8517-4cc4-916b-23a398f50858.tmp.1.dr	String found in binary or memory: https://www.google.com
Source: manifest.json.0.dr	String found in binary or memory: https://www.google.com/
Source: manifest.json0.0.dr	String found in binary or memory: https://www.google.com;
Source: 767113b0-fa79-4190-8639-732872c4e600.tmp.1.dr, f0c90e10-8517-4cc4-916b-23a398f50858.tmp.1.dr	String found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: 767113b0-fa79-4190-8639-732872c4e600.tmp.1.dr, f0c90e10-8517-4cc4-916b-23a398f50858.tmp.1.dr	String found in binary or memory: https://www.gstatic.com
Source: manifest.json0.0.dr	String found in binary or memory: https://www.gstatic.com;
Source: 000003.log5.0.dr	String found in binary or memory: https://www.onenote.com
Source: 000003.log0.0.dr	String found in binary or memory: https://www.onenote.com/
Source: Current Session.0.dr	String found in binary or memory: https://www.onenote.com/officeaddins/learningtools/?et=

Source: unknown

HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: unknown	HTTPS traffic detected: 192.185.177.233:443 -> 192.168.2.3:49978 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.185.177.233:443 -> 192.168.2.3:49979 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\69cf9e52-5ff9-48ab-a9ec-fb9915337642.tmp

Jump to behavior

Source: classification engine

Classification label: mal64.phis.win@35/290@13/13

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHXksBwm1GIMZZGE28lbrnQ?e=lnJa6i'
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1540,1268193445037471289,14806505453039523653,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1792 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1540,1268193445037471289,14806505453039523653,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1792 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: QuotaManager.0.dr

Binary or memory string: CREATE TABLE HostQuotaTable(host TEXT NOT NULL, type INTEGER NOT NULL, quota INTEGER DEFAULT 0, UNIQUE(host, type));

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-61423AA0-DFC.pma

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\3580_1821779964\LICENSE.txt

Jump to behavior

Domain

Country

Flag

ASN

ASN Name

Malicious

52.105.226.27

196000-ipv4.farm.dprodmgd106.aa-rt.sharepoint.com

United States

8075

MICROSOFT-CORP-MSN-AS-BLOCKUS

false

172.217.168.65

googlehosted.l.googleusercontent.com

United States

15169

GOOGLEUS

false

172.217.168.13

accounts.google.com

United States

15169

GOOGLEUS

false

172.217.168.78

clients.l.google.com

United States

15169

GOOGLEUS

false

239.255.255.250

unknown

Reserved

unknown

false

192.185.177.233

grudigital.com.br

United States

46606

UNIFIEDLAYER-AS-1US

false

40.90.128.17

i-dub01p-cor001.api.p001.1drv.com

United States

8075

MICROSOFT-CORP-MSN-AS-BLOCKUS

false

216.58.212.163

gstaticadssl.l.google.com

United States

15169

GOOGLEUS

false

192.168.2.1

192.168.2.7

192.168.2.4

192.168.2.6

127.0.0.1

Name

Active

grudigital.com.br

192.185.177.233

true

gstaticadssl.l.google.com

216.58.212.163

true

i-dub01p-cor001.api.p001.1drv.com

40.90.128.17

true

accounts.google.com

172.217.168.13

true

196000-ipv4.farm.dprodmgd106.aa-rt.sharepoint.com

52.105.226.27

true

clients.l.google.com

172.217.168.78

true

googlehosted.l.googleusercontent.com

172.217.168.65

true

clients2.googleusercontent.com

unknown

clients2.google.com

unknown

onenoteonlinesync.onenote.com

unknown

messaging.office.com

unknown

amcdn.msftauth.net

unknown

www.onenote.com

unknown

aabsi-my.sharepoint.com

unknown

storage.live.com

unknown

ajax.aspnetcdn.com

unknown

Name

Malicious

Antivirus Detection

Reputation

https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d

true

SlashNext: Fake Login Page type: Phishing & Social Engineering

unknown

https://grudigital.com.br/favicon.ico

false

Avira URL Cloud: safe

unknown

https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx

false

high

https://grudigital.com.br/xil/vew/latest

false

Avira URL Cloud: safe

unknown

https://aabsi-my.sharepoint.com/personal/fruelda_am_acmotors_com_ph/_layouts/15/Doc.aspx?sourcedoc={42ee999d-a1c5-4e61-a417-0bf2147c1468}&action=view&wd=target%28Van%20Wijnen%20Groep.one%7Cb783389e-3e4b-4814-8143-833c15ff1f84%2FVan%20Wijnen%20Groep%7C871fc38f-fac1-41b4-912a-fc211c24c4f2%2F%29

true

unknown

https://grudigital.com.br/xil/vew/latest/one/?signin=d41d8cd98f00b204e9800998ecf8427e&auth=5633e9906f55d776262de17a41bb0b082352d38aff081b43d08a398ac99d49f1aa73287d

true

SlashNext: Fake Login Page type: Phishing & Social Engineering

unknown

https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHXksBwm1GIMZZGE28lbrnQ?e=lnJa6i

false

unknown

https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1

false

high

https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard

false

high

https://grudigital.com.br/xil/vew/latest/one/files/css.css

false

Avira URL Cloud: safe

unknown

https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHXksBwm1GIMZZGE28lbrnQ?rtime=vzr5yip42Ug

true

unknown

https://grudigital.com.br/xil/vew/latest/one/files/pdf.png

false

Avira URL Cloud: safe

unknown

https://aabsi-my.sharepoint.com/personal/fruelda_am_acmotors_com_ph/_layouts/15/Doc.aspx?sourcedoc=%7B42ee999d-a1c5-4e61-a417-0bf2147c1468%7D&action=default&slrid=39afef9f-a044-0000-bb8a-3a5fb92c10ce&originalPath=aHR0cHM6Ly9hYWJzaS1teS5zaGFyZXBvaW50LmNvbS86bzovZy9wZXJzb25hbC9mcnVlbGRhX2FtX2FjbW90b3JzX2NvbV9waC9FcDJaN2tMRm9XRk9wQmNMOGhSOEZHZ0JIWGtzQndtMUdJTVpaR0UyOGxicm5RP3J0aW1lPXZ6cjV5aXA0MlVn&cid=dee58779-8263-48d9-84ec-030f00145d89

false

Avira URL Cloud: safe

unknown

https://grudigital.com.br/xil/vew/latest/one/files/logo.png

false

Avira URL Cloud: safe

unknown

https://grudigital.com.br/xil/vew/latest/

false

Avira URL Cloud: safe

unknown

Name	Type	MD5	SHA1	SHA256
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic	data	A78AD14E77147E7DE3647E61964C0335	CECC3DD41F4CEA0192B24300C71E1911BD4FCE45	0D6803758FF8F87081FAFD62E90F0950DFB2DD7991E9607FE76A8F92D0E893FA
C:\Users\user\AppData\Local\Google\Chrome\User Data\32f6406c-b1f3-4042-8c49-fae4567f89a5.tmp	SysEx File -	A9339F44920B8F9890F364B125385914	CBE6A7E77B45575733344D32AAECFDC7E69524B8	3FF1C7ABE2F591887BBC4F605CEE794EB3DC515452F27DA51C56278F31CCF3B9
C:\Users\user\AppData\Local\Google\Chrome\User Data\46a02d36-28f0-458e-84b5-033d791db3ff.tmp	ASCII text, with very long lines, with no line terminators	FEE8B9DFDDD1EA47AC63802D13CED720	B7571E22EDAF452B9E53EF167E592A534C78201D	2865977825B1B38646386B1E02C27D2A0CA10880AEA00F7F5FF70E5A4250A9FD
C:\Users\user\AppData\Local\Google\Chrome\User Data\604261d8-7d32-48f4-8c55-7395998e6393.tmp	ASCII text, with very long lines, with no line terminators	B7F3D3752A7C77335831323CF6390124	4CE87F3A707456B4F6C4B0CA6BADEC5A17022762	09BE1F41517EC4A59C401F0EEA3EB448C0D91513F3636EFED62BE5BD89DB0A17
C:\Users\user\AppData\Local\Google\Chrome\User Data\9dd49299-13d7-4a14-82d3-93e485763911.tmp	ASCII text, with very long lines, with no line terminators	9142E32E9B071D682481F259219B20BD	92E9E34467908A9F7A06220B37DD81645420884D	6FC36F05589BF4FDD868B34D27673CCE7D04EF740972CBC60EFF9FF29CEA2673
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	E9224A19341F2979669144B01332DF59	F7F760C7104457DF463306A7F7BAE0142EFCEB5B	47DD519C226D23F203ACAE0EC44DF9BB6208828E24F726E1602EA52F63C3E2BE
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\32f58287-2d64-4526-90ec-bde30d70d7bb.tmp	ASCII text, with very long lines, with no line terminators	861787448AFD8D8D9AF66B9D8F1E87E7	6E4639437EFAB963C126D4E76E3E6D704420F17B	FED69BF7A95C8C0B4EEFDA7182CFD54AE2D752783E5948F1E254A39C217AB2E9
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\48413a29-5c8a-4bc5-a70f-a1507c5c3ab4.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	8B51AB7789766690B97D5E95740BB38C	19C5B13CA6C80DA2C07AC5C38518BE58B708D868	6CF0362EC37052498B0C691483A6A570E94E94AEB1F190F7E545AFE64ABA71F1
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\572ad7e7-aefe-4527-a630-538e3e81399e.tmp	ASCII text, with very long lines, with no line terminators	A13364322366743A7C711E5AC10AE9FD	54E2C0AF1A8C123A2C4C7DABCC81F83C60E65877	F5C0CA3BC22AB92B18D9AEEBBC26887693B8F52DE3D818F84DC39062049C5409
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\59540b27-c3cd-4fba-a91e-d713daf58a79.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	6CA274AABD0D8EFE1EB9671722400714	F6EEF887E276162A92D009258B1F69438A091B40	0C93D385F05D1A84A744A7FC33194341B8D80A8AB6B53D023CBF126B0E079681
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6f1caa90-217e-45f8-b3d2-5dbabf7eca45.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\712b253f-24e9-483c-9ccd-4fdeb4d60a86.tmp	ASCII text, with very long lines, with no line terminators	BC40B29994257BCB0ED3610331F28656	A52AD891F58EADC970EF0434FAF9BFE69D4CA7C9	9A5C6C5627485B323D3A9D6C518B9B6A0907FBFB25EC73E5EB7028FAD588B03E
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\767113b0-fa79-4190-8639-732872c4e600.tmp	ASCII text, with very long lines, with no line terminators	13477A2ED989EBFEA422613985D473A1	8514D2987AEDC03A6DFFE0EA5E10D74069FAD640	A7E9EE1C0A26475BCB57C991B5D234589D55B12381DDA969C837B42963739C50
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\85731e52-2030-48ab-938d-a8ef359b73f5.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	AA7A346E9547E9C460078B659E16E27D	0BF55D2A09ED5011D4FE12A66DF67EC48C1874D2	81C3F8CF48A1FA1B20DDF28695E67D63187494C63C2E554717B003689B9A7856
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG	ASCII text	403459E744F68F9FA0D60B7923658A60	ECC9C3D24B81AC7A53DEA8C54968DE28B9964FB5	F08D80E582773A663CB612A7FD2D91B80C8D05C3D8C9E81015B0C8847AA92BCC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old+r (copy)	ASCII text	403459E744F68F9FA0D60B7923658A60	ECC9C3D24B81AC7A53DEA8C54968DE28B9964FB5	F08D80E582773A663CB612A7FD2D91B80C8D05C3D8C9E81015B0C8847AA92BCC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG	ASCII text	7D200BD59287987F299C95A040E41379	A71196DB0DAAF69273B35516B3AE6A42B6E7F0F4	EC2ABCC0C6916CF405AD59FAD43DC5E4F2CEB415E1A23DAEA8AF333362B19EF7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old (copy)	ASCII text	7D200BD59287987F299C95A040E41379	A71196DB0DAAF69273B35516B3AE6A42B6E7F0F4	EC2ABCC0C6916CF405AD59FAD43DC5E4F2CEB415E1A23DAEA8AF333362B19EF7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\02c7e165ebc7c9de_0	data	4E42111808C6AED0ED7606A7564F1729	B363FDA756CA0E52344B5949FF914D65896F5EDA	1158C48634447AF1B49F92B8426E0516F9F8F3B449C47A9DF12A059C5648337D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\047447b274c22c54_0	data	90E0BEBD14F5AB7BB734D7B094A71AD3	9250733CC4B2817B60CF7381C01DA6F02888A807	0FBD4B219A98A9C2155D52A108E765A9DDD21EBAF5B87BBB86410112DD807D92
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\089da834c75847e1_0	data	D4CD6E093F15C9BFD0A9440111F4792D	1F853A030403C5673F191BE5F830EF606C59673B	40F564D4B20E826177A4A6859CAA96AE7CD4202F4F51F046CE12195D56763631
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1bc1b686e63f82ff_0	data	A65AAC63AA50B55EBFF89A7A7B050289	2AD1B1C587C9E42F02ACCEBED32263028B37F402	0BF5CB69FAD05F917D1C6FFFA51F195D6A25445211CAB2F1FEB0166CF2A3CBE0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1bcd0439134a3715_0	data	EF5E33476FF4B87520C892AC73E08165	B18562EFA73FCB268C84DCBD4CA9FAF51A35D35C	CF7B65CC7BD728FA566C7C76275C2A702C002CDA55A5F9C56507E161B9BE7507
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1d5a541437e1e052_0	data	4AC37385CA63BE54D563D7E57A78E30C	1432290B130E7C5DE1253FBDFAA42043C2F11AC0	CB8EAF412F61DD2274CDC60243905825E043BE0833F44BA4FECA927780E25E4F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2310e2ec0ef84354_0	data	54F7F68D8E4EDDF76C4CB0DB9454B940	44C03A51227FDD807B55E8F010052A81AD7A3244	71CC0730B914ED50A471E8B4D04F19ADE74F04F24CE6B3437BD84F26D6A2D5FD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\253ada26cb26b6aa_0	data	587729ED2C6742B07FF0910EAD7BF066	41754F2454CA50E6210234C4A946151A57F34C85	8595C03E2475A648AEF596DDB616C9ED387821EBBE58214437F1F0BA34CF3BBC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\281a196a87838cee_0	data	006833A15926C8DFF85971D142140189	F0E96C5D575333519F95C3C26099082D925314EB	8A8F1ECEC08B5F8EA77562B553472ADAD26BB7E7C2758341C80AFBD93A499DE9
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2f093249a8f8bca4_0	data	9D7D78BCA15F4254525D9D71F0346BB1	BF50609553577EE7210440DCF9C1864F5B107C17	4C302A1A2A5E7CA2564E3C6F7A2E5B79235FF7BFFC415F15E1876C3C10502396
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3341dc8ccaa38e24_0	data	2A919C02D743FE3150075714D66CA02A	FEDB2C7215837C3DF70D7CF1AC0FAF9E1FFE7F00	B1F4B3DB258CC740799EB8E130B113D38F841CC681EF490334A45E54A4F17C7F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\37f28228f077dd16_0	data	3B0FF59B4B60A4CB59017E7B7007EAA1	F7BC2A31CDA742EB2EA4538882E298D5F6C17E57	9BB1770246AD125E547BF0059994B6E5C673174D897C24F1B73F4FF36E467476
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\387591b72ede2a53_0	data	30F48267560603D3E07EECCF0852C55D	CADF631FBB5BA9D0CF3AE39B75DF207DB18D0ED6	4B07200A6CDFBAEA5AC731C76A5B1CD91A6964DB282480E8CCD57127682CFAC7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3da036a9ad3ac2b3_0	data	212AD8D22F45C16694441981BADF040B	FC04EFA1B2040DE3DF041FE204168F7ACBC05AFD	749A57C38E508FAFF14193E3637E4897D720F4193110EF2947BF7F0FE5BD2BA9
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\47a77da855f57cf8_0	data	156A7B736C9C2FF6BBE6E4C9ED1AC26B	0ABD4DF9379F90E68FDF0F68A1452563521ABA3B	0B05B5087F671AB4E2233F8D495C38B624409DE0D91487DB0C305BD0E76DF19E
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\49e154754a1b515c_0	data	EE35163318E4E0752F5AF34F23078E0D	9097AEF53DF8F939712D3C33F66511B7A896C5C2	BAC26EB2F6B26C71AA48248992B1F1498BC7A980115C84A74F3F1EDE6F98BCB1
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4b94406e6b437b96_0	data	3FF51C1EA47DF6BF4AA808805EEFA158	BCB65CA4CD0520D43B9BBEF9E8E858978DAEA38D	9EDED93982FAB5F02DEED26F39E1779A372DB0BD70CA6FC626265E4AAD4950B0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\511f06892f5a721b_0	data	3CAF17C827AC519B3C3B59315E0607FA	ABCA1098295EFDA9757513209702AF72A229961F	D3C410609A76AFFB152EABA9DD880CAAD5B9E393B2309C58301E7A4AC9AC30EC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5eb56a63fca89ad6_0	data	2E730EB3D9962C308C64D738978BBA54	CE37A026EE1CE2CE760113694DFC44CA2D002254	581C0C7CDAA4A7FC74DC30D9477F93D0611B1CB866419BA205AC49ED0863EAA1
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\64ad52f359b9abdc_0	data	4130B98EA48DB7D1AF01FFC530BA4AA4	B17B3F4789C297CF421FFBE33D5B2BCE74D4BA1D	AF837A6F8D09404561FE058913E78ABA3290565D78D2AA610F70161FBCEDD560
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6671f4ecda0f6e11_0	data	D9EF307AFC7A7FA5341C866EDBD740CE	1F6A9E9E9B1E43A2F869D9BCCA6C8C9FB1D606C9	FEE1AFAEA57FCEB40D7E275815F13859BFAADD9A7399F435CEE8459DC065CC4E
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6b1462b985c4cc1a_0	data	932D409CA79E3F4FFEE90ED27CE5E863	9465149E2D7D2632279466F5A70B72D3FD5D9372	2703DE613DD967464E596769DB706D5B26EF5BFC8A895E4101D34BDE758330DF
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\72c14961ecbda7e1_0	data	D00FE11B1D71E2E35666AD5C4537C747	9DF0CF3BBE3613C216B7C7494E236392CB0D7A06	5218EC0AEAAD891FFD3FD9AA28BC994D846BEFBD34C3BF89E8A8561A9AAF1BE4
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7444ea2da1317cfb_0	data	E10C233321EC62ECC71870662D716014	B261286F4BF3FFEA92A741903D555F27383A3B71	0AA139DD2BE4D99EE501D11E8C795CDB65453287FBD1F5639B968061687881BA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\74dda42491470d94_0	data	ACEC5073D18613644D6626D3A28A9038	6DDE3EC8E2564FD21E6AC987D0D64A5F3C794693	3F55DA0130EA02583233E6C7CFBF0F1C04761C0A6FE351C493FC29B3572A4F40
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7cd4eb7d184ef6b5_0	data	E5FCF1550626227687C5DB21D0A69861	184D820922795B49F3D69D4598A8A113423964A8	8FABF509945B9ED65775AA0F2CD1460F517BA1B14EB5670F15BACC52CBDF23AA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7e3b21fda9937990_0	data	2BCF8539607F2C022A3A2107F7ED30FA	5110609AE4F6C25D07A5BD2F41A12508BC0CBE0B	7005518FDF24C3D67F26DF8C2E938A836372079914AB9046CEA02255DB768BFC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\810e53cf61aed9ba_0	data	5081B951C3E1CE94A42822DEFD460D4A	69942DDCD93C539869B2F9F37C469966E65D997C	97A3BAB79591C8FAC973C8DA75B7BA2D161908FC4289979B70B566D7D55CC784
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\859faf000b5b27df_0	data	95D8C818E789D49D2E7163D1803B72F9	9453EC0FE7144BAE09587F6C26859C76EE531C96	0511EC58AA018C22B48C941C8FD4981A0304E943911836BD1E35595409523F40
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\88d4628693712bea_0	data	A6248C1E512229CDD85A4B7C85FF198B	D3F34AF6F532D1767729D3F3D42623BFDA419E82	717A2F9810087844A1041AAEFDEDCA3CD5455F8CBCBD8A4EBD4F584C7677B172
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8c527f7c99a46d20_0	data	AB64FC747E8BACC7759C552AC19D1EDC	4EAAC7B74B9AF363FB87DE6FC478571B83A10A28	24A15A1F38ED27BE62A019D7B8BA9B65BA4EF5413BE71BFA6A61845BBF770941
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8e1634acc9edb463_0	data	0783040EBF54F069AF923EA533D5312C	BF4D674212D9DC728FF19238161EFCD5314A87A9	400A5DF39D95325B9CF6634C13F1491B92D665B4B1F873BAA0305603299F37D7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8e8c910519af4dd5_0	data	0449DAE3BCDD749A14435DFFE0E24858	A07A6473E4913DAEEA9108B95848A17CD4507AE6	EF035F5C6DCA0F9E3AD2D3ED35D9AA54902A533A83409021CF19E374073BB2D0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\90b75c1a333fbe5d_0	data	65EB99D41A81E93BEC4F76D7A5D65046	78D3B9DBB52714573A63A50722BAF096A2C8EBBE	3C72F24CB92D24D19BCB6CAA27BFFD7C5DCB3673382CFDD1E87EC6F0CFC7F37F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9f4474a9eac49cfc_0	data	CCC6005705DC836BFC0C4567848D1B64	B4151021A173F257BCC862D92319CBC2E3B25132	F6F985D69F89E2F80EA4FF2177300ADF61B016CBA2B1824CFA994AC5885EB69A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a496b5ea39da3bad_0	data	F1696F40BBEB878132E4FC2AAA811892	E678B638F50FC6BD04F9D14E6689B447DBDB005F	A9B8B81A23B3325958A6C07129AE36845A69D51C8801390186BC99273CC3F955
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a4e4f981b679f738_0	data	DB24BE4EF3DE7D516132209FD1C134AD	FB537FF117EC968E15FEB6850CCCAA904EA57A3F	807806FC7A986D8905AC640AC91427475F2A45F003D6D59AFAE4931C75D10F07
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a7116b5a814c13d9_0	data	73ECFA7979DDA88D7E30AEFA0C65FC01	13A65397DBBAC241F9FCA1EB89D1CE2E3B6D7079	C97F4B93D16228D976DD201D645C3CC2EA3A00E692A16CF1299E5F703CA6CC84
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a99544b9320222ee_0	data	F15087AF6A9FABDE7259496DE42F8F84	C086F5DFF1698257BA262499C48641242F1F3D89	0CD3675D09499030069453D2140A9F09CBB32B8849ADD14C59170FB88CF55BC0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\aa4a263f93dfaac5_0	data	92DA9F4751E8B765B751E113F70DE4BC	A744510B1C461EEC1737FA615DFDA9AD518F6C4D	3B676132E3AFCEC36243841DAF9B463773FA6C63779C2891459A2CC9F162D235
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ace05e7cac6c477f_0	data	54F48145FFDD12396E954EFDF0E67E32	AE358682AFA7F276E8FA6B760E6EEB98EC41AF59	49A23698AFCEB62C14C49E1EDAAA33265D550DCB24E2C327FAB2D784C0B0E85A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\af5c3b38004ce8f5_0	data	FA24D4B1A6D0F28A810BD506A9E699FF	576B7AC3E4E27F2E72728D4410365EEDD28181B1	5844808FAA066C8943497DE36A5F70F74749574C56F0D6EE3E3CEF1048D1F0CC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b8d6903289bdf5e5_0	data	0636813034036A05C55D145DE0EFFF64	E38B79C251C347DA2D6D30815DA278FA28E9CDB3	CAA924FE3E9B0972F73B293104D84CEC59870C0FA561D98C6608CABDE70AEACA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b9a0c0163bb1d181_0	data	09D28887D267B8A8B53968060A788473	EB7FE6554DD7595FB41DB03A253322EF343694DF	7D15D81DBC4623B9469FCE1EBB25134FD7903D1195F24D8A6A430B561A08D1FD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bb7b434ae64a8b31_0	data	AE06C8D9F28FBE1B6C43695FBEC305F5	C9F3D26B3184FB0D35D8AAFA1F74643C5BC2255F	6F96CC349F48DCA190399D202A464E83E7DF5FCEE963929B55A9F5E618711CDE
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c81e6b4ad9136b7e_0	data	08096128F8443440D65F7F1723EC3FBB	63053DC03184BC32638DD4A9F9F9A2F653F40DAC	FF8A8AC7BDD40BEBE900073CA80FE7A993DBC32B382D58B909AD2E1671663E78
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d0654debbe0752ab_0	data	7F0F9FA242518E446D7EF19C0C94D6F1	F0450C3120E542E860157099D04E91E6FF33492C	5D17B2630FD15F5E07304CF9C4922AD561505694DBF139FEA330765EFFFC4038
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d68c2e39091fecb5_0	data	8112C22FDFA5D5B3E32C79F3E6BF751B	FEE513DB1CF2F57127B9474CB6F12BBF7F594536	20B1145EAE997D9F35F553802ADF78616FD499A4447B1F6279B36397C996CDFC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e11bcdafaaa75eb5_0	data	56AED61DA76E0FCD120FC1E3E2DF0798	B5C3893325FE065A30BAFDAB6D435D64791DDB9A	1F0FACEF55FFAF77064643B5909DD31C71BF31A6F33B81699843A9C689D71924
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e2fa7340d4950923_0	data	D879BD68D36C23355F57565AB57A24A0	F2B64AB1EDC5F345E9D765234FE262A1C57BC311	1869F2CEE1310A3EBF9FCCE7732FA3FF105EEB44CB9CB5368D67D231BBF747AB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4f97bb7584c4d55_0	data	2A3C486C1A729E4783A52A31E9B44DC6	19B1E24A5A75B6B642974BB1099ADAE1A9558627	FB8B3C7D9202E0463540D7D7CBBAA4D777D33E3B58424D05EAFCEBB5CEAA2CD1
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e513ed8e4730e1c9_0	data	E3964B249B087A775CB3D7C8CDCCB41E	D7444325E6A080F1356E763FFD9223ACA74366FD	AF3398CE148EDD1CDCB788166ADF8314E48A9E419803E18B306406D14A9B163A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e5fee07f85dd431e_0	data	5805FC92EC66B60E3225A8E9065B34C7	D33629310BA31D16F25DCE6834FCFBB1E42E1A99	E2D615A3A0E15A3F2E31AA45A96FBD0963A0F6AB926313CC54B8270970E4E229
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e78b87c38b36287e_0	data	86CEA17D82BE884F660945E382D042C0	03236ECFB7871571DC471E43025B2044B8495FDA	50EDD1D8FACFA1464FFD496D5863FB2A68BFABD93F22E0030C22D3B46352B3F1
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e96383cd4fdf8308_0	data	7D28EBA50FC42D583CEF8C81853A01BB	CAD844C73AF5DB7D54FE415709B40AD968603BB6	082DF5D46C50661FA9576878A8D221A0743C9A17F025730B8BB6529F81DE527E
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e99eb54082532864_0	data	04FB3239117D0686F7FDC9A9F69F3FB1	3E1934FA0AD8FA5926352F83A1854D016FE247BB	511F030F74AB1777D3509862DDDBCC53622D99A320651C635ABA1E4EC9F23F13
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ee2f7dc01c580763_0	data	9F8490F80E762D2853BBC3ED5833D26D	9A49858DBD87F2ABF444F51F154BEE9A5BFEC5A3	A7C4232F4DD0EB58187186B4C9830EB8C1F7B1256C12E171C68E8BC032724DBA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f7dd50aa7b62010a_0	data	BD48755EB84AC523A45245840895AA43	01F9CD0C60114CF9E2F2B1ED8BA494A8352E7C38	78661D6F300874E81453BC6CDC54937E9CA169AC921E1882E7EAF5C3292D3C45
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fa1d01002fa990ce_0	data	F5C2043D11982FB33EF2C741E20CCAD6	F031CFF4E6D62EE5879E3D008A4F14F968F7DDED	C5C99CED7AABFBCCC9BF9A2799BE6C1F4E6CF92F7007AC76166AF24988FA5FB8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fd818ce584f1de3a_0	data	62ACCD1A3B5B3E7DE11F9BCBF98BC09B	ADC106D5B2B6FBAC5FBCC0D0B32D69C86998C100	8F7560984B6FAB1DBB521E7EC977518AE1ACAA80FC2670B9E00B6587C63E3F83
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index	data	A6F67970F9304972BF3E221A3347BC18	A428373D356D426BE6613FE1DBF6F40D2E77AB66	8CA228245AB9B66FA71F9FDC31CBF34649730B265E1266CD1CDD3EFCE8634BAE
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-indexle (copy)	data	A6F67970F9304972BF3E221A3347BC18	A428373D356D426BE6613FE1DBF6F40D2E77AB66	8CA228245AB9B66FA71F9FDC31CBF34649730B265E1266CD1CDD3EFCE8634BAE
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies	SQLite 3.x database, last written using SQLite version 3032001	59DEF656FB8129139DA748DE7F2C0C4E	5A22502C566AFD22E856EB29BE619C81EA039AA9	5BE6CABC9540DA2B38D05A3468BFCBD01778619B90FC1922A1A9D16B8DAB52CC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal	data	2FF3150E6C6D406E05BAF03E391E1197	7925CE7CC055058CE11F73923C5D6137C7CA2FF3	5D7E58BFDB373EE1634707EA0D8FC9C424FB44DAB901BB89160BDFFFFC90EE40
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session	data	E49A9B29C7E86E980ED08C4B562690B0	F334BE9E6862DBD8A36EE68372571DC0E9CA8AE1	243953C8CAA1DE70EC7031523D353A100FECBB30921585F635E0FC0980790D3B
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs	data	0686D6159557E1162D04C44240103333	053E9DB58E20A67D1E158E407094359BF61D0639	3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log	data	0A906A9A542CDF08FF50DAAF1D1E596E	B97D6274196F40874A368C265799F5FA78C52893	EB9CABBF5FDA1AD535300B0110EAA4068A083248BA928A631C9278545935426D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG	ASCII text	8C609729AEE6727985EDB96D70FC066D	97A33777028F17768C1EBF06A7B920108ED60796	B69986246BC3918BFA4E1BDE55BB8738B63B9AD535E537977A4DCF5603628060
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)	ASCII text	8C609729AEE6727985EDB96D70FC066D	97A33777028F17768C1EBF06A7B920108ED60796	B69986246BC3918BFA4E1BDE55BB8738B63B9AD535E537977A4DCF5603628060
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log	data	D4BA0AE0BB0B9FAFF3DA6F35FDBC3C8A	FB3E9DEC7F35A9B1D94E54A5659DD0DE484055E7	99DEF1B557F19F04C1AFFC6F247D0451F33FC10EC42E73792223C3215AC98BE6
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG	ASCII text	98B4D017455BB467286632C57EA9599A	5A6CC1C4A589D406AF7154E984E9EECB8367DAFF	893853518EB90826952C5F6957A88E93188605A177D49698CEC268C648A2FA44
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old. (copy)	ASCII text	98B4D017455BB467286632C57EA9599A	5A6CC1C4A589D406AF7154E984E9EECB8367DAFF	893853518EB90826952C5F6957A88E93188605A177D49698CEC268C648A2FA44
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	90F880064A42B29CCFF51FE5425BF1A3	6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF	965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	6AE2135EA4583C2F06CDEBEA4AE70FA4	DCEB26C7F02D53B5F214305F4C75B4A33A79CDC2	03AA1944CB3C4F39E20B6361571BC45DFBEBD3FFDA3D8F148CC6ECB29958F903
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons	SQLite 3.x database, last written using SQLite version 3032001	11CAC4522B912997FE550E16940769EA	D661188436FA439883DDAD1B7241A0737A084657	BC85F7D9DEDA71E6067BF58589E45E962CE564880F437D8E10F44AEEF0E1E874
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal	data	DA805AB5C3565C9F7C3678FD5D30914B	AE7F0B399E7370D292D6EA4B5512961DB6A83A2B	46D1196E2FE228DD64BABC932FFC3AFC6723305807177C1964159B230037FC36
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log	data	0407B455F23E3655661BA46A574CFCA4	855CB7CC8EAC30458B4207614D046CB09EE3A591	AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG	ASCII text	7875091CD5EF9D02BE729D10F8858184	2A21F99592AB7F4600CCC24E0C4A0C24690890EE	582FD85103A669A6DE43369AE8B982AF05888E88DDBF9D7734D902F7AD535C2A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldUM (copy)	ASCII text	7875091CD5EF9D02BE729D10F8858184	2A21F99592AB7F4600CCC24E0C4A0C24690890EE	582FD85103A669A6DE43369AE8B982AF05888E88DDBF9D7734D902F7AD535C2A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG	ASCII text	0FA10881C471775C86672F8B92FA77A0	BA872FE5CF0A8D8187721DED09BA5AF1DE31E8E1	5388EF9D3C885C107421FD54CC8FE2E4005C0E9FE642584784C1B0EC7F503778
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)	ASCII text	0FA10881C471775C86672F8B92FA77A0	BA872FE5CF0A8D8187721DED09BA5AF1DE31E8E1	5388EF9D3C885C107421FD54CC8FE2E4005C0E9FE642584784C1B0EC7F503778
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG	ASCII text	CA1F19F9DFC7BF1BD2E0A8AE35D5EB41	F618585D7BDCD66BDCBBC664B19E2F6F42985B69	8DB8DB522B2ABDEDCECF7C68A0E3849D0C3D020B11A74A047E0A8ACAF96554E7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old (copy)	ASCII text	CA1F19F9DFC7BF1BD2E0A8AE35D5EB41	F618585D7BDCD66BDCBBC664B19E2F6F42985B69	8DB8DB522B2ABDEDCECF7C68A0E3849D0C3D020B11A74A047E0A8ACAF96554E7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History	SQLite 3.x database, last written using SQLite version 3032001	41AC7740D65671637CD742A00EBA5520	88DEBE1AF3C7DC22B22579895636B47C2E6619E2	5A8F8C9D885C74C4B381915F2CF5EBDF04CCDF834372D909BA5722D4CA28D886
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache	data	EAEEE528D8B9EFD0A16AF60BF599491C	AEC1073D621BA63CD87A506B5298C0C91C693866	864D0838449D60C762CC706722768136393DAD8F23E4786DFB86E2EE3A08364B
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal	data	9C605DE9573C249CA467BEE23DFD626F	97BC665CED423C6AE0B1DD2CD23D431011126EF8	B1740F0902F1730800149ECAC62D42BF1CDFE9E47E3E5756B82A07CAA09FE24A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\000001.dbtmp	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\000003.log	data	5ABF3B1932ACB0CF9E738E98670488AF	5323CCC8C09D102BA8F37CF02A1A525625695536	684EEAD80792D156C61679A4079715ABDB4E13295A390037A7E54134FE0B1C97
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\CURRENT. (copy)	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\LOG	ASCII text	4CC58BE825EBEEE4A6437E55E2808CD0	3E9172257BC6EC28FC8316229A721189E572F562	8981856CAF99D68BA29EC9B2B567883A06A1FBB711D4B95D411F43973B29544C
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\MANIFEST-000001	data	3FD11FF447C1EE23538DC4D9724427A3	1335E6F71CC4E3CF7025233523B4760F8893E9C9	720A78803B84CBCC8EB204D5CF8EA6EE2F693BE0AB2124DDF2B81455DE02A3ED
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy)	data	E49A9B29C7E86E980ED08C4B562690B0	F334BE9E6862DBD8A36EE68372571DC0E9CA8AE1	243953C8CAA1DE70EC7031523D353A100FECBB30921585F635E0FC0980790D3B
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last TabsNT (copy)	data	0686D6159557E1162D04C44240103333	053E9DB58E20A67D1E158E407094359BF61D0639	3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log	data	16054465EF201B7CE9F030E0A5A46FC4	D0612F3BFBCDF493DD5F9DAF7F1A0B3CF209A482	98D7904D3A188265199A8181030088647E067662D10AA8CAA35DB28C91F2D3DA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG	ASCII text	3731660BF3A2053DCC311AB9B5E9A65C	8AA89EF810DE11351D3A8616C285A39C53FC5FEE	BE16B6F1D31515DD1042D37B9D6B59E43D08178F7FF2EBBE6BBC82599C1C6526
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)	ASCII text	3731660BF3A2053DCC311AB9B5E9A65C	8AA89EF810DE11351D3A8616C285A39C53FC5FEE	BE16B6F1D31515DD1042D37B9D6B59E43D08178F7FF2EBBE6BBC82599C1C6526
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor	SQLite 3.x database, last written using SQLite version 3032001	B029308CDE7DA6F477C5DA4C24AD2912	B8BC01046462BDA2D960166C5D4F79F9D25396CA	3FE409D71C2A06E1342D477DE04AD75A5D1CA94D653E75C9D8CCEE2F35FCA3FC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal	data	BCEAE8473CC4EC56041AC0421A5637BF	ABFE708DAFC04ACB223545307B13A1BE51DD0F86	6D2C687682674E0DB92A391C7F43F9380D26F06F6A99844283A27F0EEB485875
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)	ASCII text, with very long lines, with no line terminators	13477A2ED989EBFEA422613985D473A1	8514D2987AEDC03A6DFFE0EA5E10D74069FAD640	A7E9EE1C0A26475BCB57C991B5D234589D55B12381DDA969C837B42963739C50
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent StateTM (copy)	ASCII text, with very long lines, with no line terminators	EDC4A4E22003A711AEF67FAED28DB603	977E551B9ED5F60D018C030B0B4AA2E33B954556	DD2C9F43F622F801FCC213CDE8E3E90EF1D0D26665AE675449A94CEC7EB1D453
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG	ASCII text	A072EB43BDB4BCD537A6371FF7ABF156	1B3BE4514F198887E20A1D58144DF2FD78E42801	A30F81A9F0566917EC9366BF53E0CE147AB042A9B0FE3CB4868943788EDF07B0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)	ASCII text	A072EB43BDB4BCD537A6371FF7ABF156	1B3BE4514F198887E20A1D58144DF2FD78E42801	A30F81A9F0566917EC9366BF53E0CE147AB042A9B0FE3CB4868943788EDF07B0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)	ASCII text, with very long lines, with no line terminators	62ABE8E106284BDCE1D371953286E9A5	701FF9F5A8525DD275336EC928C6D065CE10E709	90CC353C50D5CF5A68A8A42FCF4253DCF3E6E9A44356A6DE4877FD3A9832C679
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager	SQLite 3.x database, last written using SQLite version 3032001	A76D4867AE2AD15AF2CE7FE6454A15CF	230487788860BEBBC0EB457765586D528E900E59	783801ABBA424B5F9D465A7442A8500D683D8595229054F3A2C0BF1B35C6F97A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal	data	3F405C3855B1A1F4E6EADB35707C274B	F4C5EDAF1377E473AC19933593A32FE5F9E6F99A	A1F50A99FAF19B93E24E488144C694380771880ACD734F198CF83E824A22EAEB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL	SQLite 3.x database, last written using SQLite version 3032001	657540D0773DDF86E0E8994D2EA9DAF4	2BAE36F4708456F26B29D21F997EF4CFDF30ACB0	23782E5919087CA37411B070A42F01BB6F4D18C294E96CAA513888AE95ACDCE5
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal	data	84A15A2E0FCCDA120CB84876485C1AF0	137CD0BA1F1AFE58E6E22A1CC1FF3DB2E145305E	A48CC995FA61774835FDAEEC15F10D71EA51D403A021541F90909DBFFF894978
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)	UTF-8 Unicode text, with very long lines, with no line terminators	8B51AB7789766690B97D5E95740BB38C	19C5B13CA6C80DA2C07AC5C38518BE58B708D868	6CF0362EC37052498B0C691483A6A570E94E94AEB1F190F7E545AFE64ABA71F1
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences. (copy)	UTF-8 Unicode text, with very long lines, with no line terminators	AA7A346E9547E9C460078B659E16E27D	0BF55D2A09ED5011D4FE12A66DF67EC48C1874D2	81C3F8CF48A1FA1B20DDF28695E67D63187494C63C2E554717B003689B9A7856
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\a9f3e705-0c6a-4b88-a0a5-440bf28251c9\index	ISO-8859 text, with no line terminators, with escape sequences	54CB446F628B2EA4A5BCE5769910512E	C27CA848427FE87F5CF4D0E0E3CD57151B0D820D	FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\a9f3e705-0c6a-4b88-a0a5-440bf28251c9\index-dir\temp-index	data	FDC92132300176B69558141C71212A94	2AAF808E598ABAEA1528ABE168DE65576AE3131A	195330E64A4CB0A976F908AA01E6E4C0CD6F73030CD277A3B75D1131382601BA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\a9f3e705-0c6a-4b88-a0a5-440bf28251c9\index-dir\the-real-index. (copy)	data	FDC92132300176B69558141C71212A94	2AAF808E598ABAEA1528ABE168DE65576AE3131A	195330E64A4CB0A976F908AA01E6E4C0CD6F73030CD277A3B75D1131382601BA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\index.txt (copy)	data	411224661C39FD0A71EDD17B288AF098	5ABA7AB5AC5782D779551EFB40626D5AA2FDDCA0	DC774D7B5E5BDD10B754B21F733AE7D1EFB28686D6FD6F5615316E5FE5359C04
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\index.txt.tmp	data	411224661C39FD0A71EDD17B288AF098	5ABA7AB5AC5782D779551EFB40626D5AA2FDDCA0	DC774D7B5E5BDD10B754B21F733AE7D1EFB28686D6FD6F5615316E5FE5359C04
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\index.txts, (copy)	data	411224661C39FD0A71EDD17B288AF098	5ABA7AB5AC5782D779551EFB40626D5AA2FDDCA0	DC774D7B5E5BDD10B754B21F733AE7D1EFB28686D6FD6F5615316E5FE5359C04
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log	data	977CDEA13F209DC66FD876CE93713B62	036B3A0B56DCFB3D13BC735AB6EEE4FBBF350409	3714A7A9930452469F281F205FC99888CD25CD3D63CA0A65683A82BC6B05B328
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG	ASCII text	0EFD3EFC61A9B45A318D2A9043468682	E9BA696C39F15C636C0B19B84AB113D4B660EC42	E36CB2586F207E27017537BA6530EBB60B11AEB27E1134F71A7DF997F09339D1
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)	ASCII text	0EFD3EFC61A9B45A318D2A9043468682	E9BA696C39F15C636C0B19B84AB113D4B660EC42	E36CB2586F207E27017537BA6530EBB60B11AEB27E1134F71A7DF997F09339D1
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG	ASCII text	67DD7B9CD86B013043CA2FECB7E5DBC7	21800A7D81C0344216DF122A80373EA54A945FB1	0B593B9331622C90393C436D12A8E160EB4998AB0EB6328DEAA4A51EE264FA88
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)	ASCII text	67DD7B9CD86B013043CA2FECB7E5DBC7	21800A7D81C0344216DF122A80373EA54A945FB1	0B593B9331622C90393C436D12A8E160EB4998AB0EB6328DEAA4A51EE264FA88
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\3aaa2944-8951-4c74-abc1-0b23dc427151.tmp	ASCII text, with very long lines, with no line terminators	C401B619D9D8E0ADABC25A47EE49CFBA	C9D3B816DD3FBCD98E9C0A32CEC7B501EFC0BBDA	8F5D75F5EF9876E8D30CE477509F735B50C4D87DBEDB433BE8EDBE6D4B3CB82F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1	data	C4DF0FB10C4332150B2C336396CE1B66	780A76E101DE3DE2E68D23E64AB1A44D47A73207	18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG	ASCII text	F73E2CB21FF375C90336059B699BFA77	6C68E29F623F7C7F53A3591D6088FAE7DFCD65A3	7A4898797E046D703D27CF349C38DFC9A6DFC87389EC4125F1A4CBCF50DFE1D8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old (copy)	ASCII text	F73E2CB21FF375C90336059B699BFA77	6C68E29F623F7C7F53A3591D6088FAE7DFCD65A3	7A4898797E046D703D27CF349C38DFC9A6DFC87389EC4125F1A4CBCF50DFE1D8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State.. (copy)	ASCII text, with very long lines, with no line terminators	C401B619D9D8E0ADABC25A47EE49CFBA	C9D3B816DD3FBCD98E9C0A32CEC7B501EFC0BBDA	8F5D75F5EF9876E8D30CE477509F735B50C4D87DBEDB433BE8EDBE6D4B3CB82F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG	ASCII text	407EEC677D5DE18817947BDF96B2B518	AD7EDEAD1085B3ADE18AF232C2E67E6A82899122	4C31F2A4536A6F4859820AB80AAC62C18E406E0FF782286B86E22BF37CB9E3C9
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old (copy)	ASCII text	407EEC677D5DE18817947BDF96B2B518	AD7EDEAD1085B3ADE18AF232C2E67E6A82899122	4C31F2A4536A6F4859820AB80AAC62C18E406E0FF782286B86E22BF37CB9E3C9
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log	data	E556F26DF3E95C19DBAECA8F5DF0C341	247A89F0557FC3666B5173833DB198B188F3AA2E	B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG	ASCII text	74D98CE8B6F07D9B51911E4EF318D66A	8A84C419DAFB159309DFD3EE3161052CCFCBEC9F	F7DC703C20E3294BF8575DFBBF70DDFEB89B84D0197FEBB5477759F6B410038A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old. (copy)	ASCII text	74D98CE8B6F07D9B51911E4EF318D66A	8A84C419DAFB159309DFD3EE3161052CCFCBEC9F	F7DC703C20E3294BF8575DFBBF70DDFEB89B84D0197FEBB5477759F6B410038A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\8e8a42b1-7ae1-4122-907b-bf6b5084b7b5.tmp	ASCII text, with very long lines, with no line terminators	F4FEFEEEC722772F9DC0FCE1B52D79B5	00EECFA3B37113D30E7D43BE4383C540F3D93D4D	D33E13C12004A700F246D8C73709114A881609D658E045D54DE36874728D07F0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1	data	C4DF0FB10C4332150B2C336396CE1B66	780A76E101DE3DE2E68D23E64AB1A44D47A73207	18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG	ASCII text	1ED46FB1225F8EFE98222A58FF359F59	1CDDEF752F3FA1A5E7A7EF3BF593CD118F519DC8	15687D2BC2506B13656BA8A0ED17907F58102813D96A4B94F2A1E75E5E6D68A3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old (copy)	ASCII text	1ED46FB1225F8EFE98222A58FF359F59	1CDDEF752F3FA1A5E7A7EF3BF593CD118F519DC8	15687D2BC2506B13656BA8A0ED17907F58102813D96A4B94F2A1E75E5E6D68A3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent StateTM (copy)	ASCII text, with very long lines, with no line terminators	F4FEFEEEC722772F9DC0FCE1B52D79B5	00EECFA3B37113D30E7D43BE4383C540F3D93D4D	D33E13C12004A700F246D8C73709114A881609D658E045D54DE36874728D07F0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG	ASCII text	2AE453EDDC92E4AFCD000973F7642E87	A841816A13EC5637551EA331E038AFFD2827681E	575C283CF376AF56772661EF9DA9CF3482580CB7A35AE3E4BF97DF15BE447344
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old (copy)	ASCII text	2AE453EDDC92E4AFCD000973F7642E87	A841816A13EC5637551EA331E038AFFD2827681E	575C283CF376AF56772661EF9DA9CF3482580CB7A35AE3E4BF97DF15BE447344
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log	data	E556F26DF3E95C19DBAECA8F5DF0C341	247A89F0557FC3666B5173833DB198B188F3AA2E	B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG	ASCII text	D9ED73F73F6DBCB1E5302BBB4E3047AC	FE336A972EF900F1ADD8479AC86A3301F47FD4FA	961CB73F5FA4B64C4CC8AD72F41650C4318078CD0CDAA27D73BBC7115CD6B338
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old. (copy)	ASCII text	D9ED73F73F6DBCB1E5302BBB4E3047AC	FE336A972EF900F1ADD8479AC86A3301F47FD4FA	961CB73F5FA4B64C4CC8AD72F41650C4318078CD0CDAA27D73BBC7115CD6B338
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log	data	45A8ECA4E5C4A6B1395080C1B728B6C9	8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E	DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG	ASCII text	20C4F87B3BD7442C46355C2D5E456196	1962A7D17210C615CAEEFD33B1FC77731A1AA464	06FBDA7FB289AA1204A23C001B2A2D93DF7B5BB1CA4AD71274140E5B65AF2258
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.oldy) (copy)	ASCII text	20C4F87B3BD7442C46355C2D5E456196	1962A7D17210C615CAEEFD33B1FC77731A1AA464	06FBDA7FB289AA1204A23C001B2A2D93DF7B5BB1CA4AD71274140E5B65AF2258
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG	ASCII text	173D6130EABF473486E024326F8BE92C	BCB54DEBA5B20EF056591F8BDC8142D05C3BC60E	F028AAC89FF3B942682350F6D48E51ACA028A418B5B66C93F642F61CBF1A255D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old. (copy)	ASCII text	173D6130EABF473486E024326F8BE92C	BCB54DEBA5B20EF056591F8BDC8142D05C3BC60E	F028AAC89FF3B942682350F6D48E51ACA028A418B5B66C93F642F61CBF1A255D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links	data	B44E2B31C8BAF9E27750BE5277850DF8	95C67C432F753E0D252CC3E318157EE5B413CF96	C0F5F7AFFD697DC00C9EC111520391142A74DA5B92894B1E0E02379265E06CC7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cb4e7738-841e-44ce-83a6-e5d683ed2a69.tmp	ASCII text, with very long lines, with no line terminators	2EC2B0D97ED867F6983B6274CCD9E74F	6C5569296056A8BC1D61CC16C56AB11A5AA51F38	3A4F279A728F34E6D73FB636A16CD1DAF8FB22139BE352643E85D1E8CE732477
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp	ASCII text	6752A1D65B201C13B62EA44016EB221F	58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B	0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)	ASCII text	6752A1D65B201C13B62EA44016EB221F	58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B	0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG	ASCII text	C5189B19DAF5DF2C922D678C182FC05D	2358E931D3630F282C93639850F703E22260F74A	3C5E574044722E6696CCEC5478CA3D1A62736AF6EAC4DC87FCFA8D93F4E134F4
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)	ASCII text	C5189B19DAF5DF2C922D678C182FC05D	2358E931D3630F282C93639850F703E22260F74A	3C5E574044722E6696CCEC5478CA3D1A62736AF6EAC4DC87FCFA8D93F4E134F4
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004	MPEG-4 LOAS	031D6D1E28FE41A9BDCBD8A21DA92DF1	38CEE81CB035A60A23D6E045E5D72116F2A58683	B51BC53F3C43A5B800A723623C4E56A836367D6E2787C57D71184DF5D24151DA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\dc60dd86-bdc3-4a74-afb5-4ecfc845917c.tmp	ASCII text, with very long lines, with no line terminators	62ABE8E106284BDCE1D371953286E9A5	701FF9F5A8525DD275336EC928C6D065CE10E709	90CC353C50D5CF5A68A8A42FCF4253DCF3E6E9A44356A6DE4877FD3A9832C679
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f0c90e10-8517-4cc4-916b-23a398f50858.tmp	ASCII text, with very long lines, with no line terminators	EDC4A4E22003A711AEF67FAED28DB603	977E551B9ED5F60D018C030B0B4AA2E33B954556	DD2C9F43F622F801FCC213CDE8E3E90EF1D0D26665AE675449A94CEC7EB1D453
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG	ASCII text	86E4953FAEFBB709CB772FA84D459938	55812A3C3A40D99B645B63E10B603C514DABD403	2A7DD2AAAAE33630EB5DF90DA3F76B98D5FDB35DFDE859EAFF05B90222E41639
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.oldn (copy)	ASCII text	86E4953FAEFBB709CB772FA84D459938	55812A3C3A40D99B645B63E10B603C514DABD403	2A7DD2AAAAE33630EB5DF90DA3F76B98D5FDB35DFDE859EAFF05B90222E41639
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser	data	DE9EF0C5BCC012A3A1131988DEE272D8	FA9CCBDC969AC9E1474FCE773234B28D50951CD8	3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version	ASCII text, with no line terminators	C422F72BA41F662A919ED0B70E5C3289	AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632	02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State. (copy)	ASCII text, with very long lines, with no line terminators	FEE8B9DFDDD1EA47AC63802D13CED720	B7571E22EDAF452B9E53EF167E592A534C78201D	2865977825B1B38646386B1E02C27D2A0CA10880AEA00F7F5FF70E5A4250A9FD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateTM (copy)	ASCII text, with very long lines, with no line terminators	9142E32E9B071D682481F259219B20BD	92E9E34467908A9F7A06220B37DD81645420884D	6FC36F05589BF4FDD868B34D27673CCE7D04EF740972CBC60EFF9FF29CEA2673
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)	SysEx File -	A9339F44920B8F9890F364B125385914	CBE6A7E77B45575733344D32AAECFDC7E69524B8	3FF1C7ABE2F591887BBC4F605CEE794EB3DC515452F27DA51C56278F31CCF3B9
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info CacheTM (copy)	data	19D7FC695F1ACA65A9FA5424E4263C57	5088AE9C7E38B2B63F4CE47DC4A8F71E8213F475	426127D7BC417D0BDAA1204290BB7766C673168BAB0A00E19626B40E03E62B1C
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cached (copy)	data	C220B33BFCA8129DFCDE311F86191BE6	7AEA8C99835A8241027FE5D2E38073924426C27C	1456F0DE5A3BBDC6902BB15E828D2EB2257E5C81F607D9915046D4F54FFDAA6E
C:\Users\user\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1	data	6E081CDBE49A0B082F498DC9D7FA0E21	2382359445C4E72487C2560B7076A18280D9F61A	B8CC88DADA17955E40BBF29613715464FE9061D12D879E23711C796E942D6975
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\9.29.4\Indexing in Progress	empty	D41D8CD98F00B204E9800998ECF8427E	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir3580_387309016\Ruleset Data	data	3A5AEBAF630E27C3F01A2D346CD9FEBC	CC5C596D2E87365A61534464E2673FD5361A1AFF	6BA1B0DDFC423800683B3CE0D60BAB4AA14FFE35B2B1A394FABD499CE5AFBF39
C:\Users\user\AppData\Local\Google\Chrome\User Data\a60736e4-bcc5-46d4-9f07-e94ec3ba6d77.tmp	ASCII text, with very long lines, with no line terminators	598D8EA09E2C0CDABDB5415647ABD0C4	B95FE1AED71D778A55EB452CD5367F182F84E288	28A7ECC30276B613186BCA49F92A5FEF207110836FB998D215FA0FBDAF924E0C
C:\Users\user\AppData\Local\Google\Chrome\User Data\b78349bd-0202-492a-93e9-0cbe74db3a4e.tmp	ASCII text, with very long lines, with no line terminators	9142E32E9B071D682481F259219B20BD	92E9E34467908A9F7A06220B37DD81645420884D	6FC36F05589BF4FDD868B34D27673CCE7D04EF740972CBC60EFF9FF29CEA2673
C:\Users\user\AppData\Local\Google\Chrome\User Data\d7a6a5c0-a5eb-419b-9f08-944bd4de42b7.tmp	data	C220B33BFCA8129DFCDE311F86191BE6	7AEA8C99835A8241027FE5D2E38073924426C27C	1456F0DE5A3BBDC6902BB15E828D2EB2257E5C81F607D9915046D4F54FFDAA6E
C:\Users\user\AppData\Local\Google\Chrome\User Data\e4dd2ba7-b4b3-4e57-9f6d-d109d89578b5.tmp	ASCII text, with very long lines, with no line terminators	34AB31974184D7457FCA7042C4470C7C	3EE81BECB98AAF98B6FE9EE32FDADDE4ED5D7CA6	BE075EAD8E8EF4405785270436AD33112E7D9E3A6CDB4481FA0161CF2E5CF453
C:\Users\user\AppData\Local\Google\Chrome\User Data\f9441318-d946-4688-b47c-9c85ee1c4ab8.tmp	data	19D7FC695F1ACA65A9FA5424E4263C57	5088AE9C7E38B2B63F4CE47DC4A8F71E8213F475	426127D7BC417D0BDAA1204290BB7766C673168BAB0A00E19626B40E03E62B1C
C:\Users\user\AppData\Local\Temp\0c5f1a49-cc2d-4e47-a56f-38deb8725377.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Temp\3580_1821779964\manifest.fingerprint	ASCII text, with no line terminators	65FB5567E005DA75F5685DC4D852C4F1	1E825C378CB10F91279338E8FFF822291984FF6C	FD3317D5171F4C516C7DB089DDF5DD75B6BDD0BE45446507751AF55B78B7E728
C:\Users\user\AppData\Local\Temp\4d85b644-ed44-4cc6-9726-56a6f74ab3fd.tmp	Google Chrome extension, version 3	A11D5CAF6BF849AEB84B0C95B1C3B7CF	27F410CCBD75852C01C7464A1FD7EF8C29BE3916	D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
C:\Users\user\AppData\Local\Temp\69cf9e52-5ff9-48ab-a9ec-fb9915337642.tmp	Google Chrome extension, version 3	541F52E24FE1EF9F8E12377A6CCAE0C0	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log	ASCII text	4B8C66525E8EBA91B246B10F4A2408FB	0845436300B035504593B5BC7BCB2E58AA996986	0CC5C674197E5E83E1C04AE045BEA27CF1852831D471B78B7CE836A84813846B
C:\Users\user\AppData\Local\Temp\c613cc0e-40ea-4d2d-96f7-31e862d99f67.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\4d85b644-ed44-4cc6-9726-56a6f74ab3fd.tmp	Google Chrome extension, version 3	A11D5CAF6BF849AEB84B0C95B1C3B7CF	27F410CCBD75852C01C7464A1FD7EF8C29BE3916	D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\am\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	26330929DF0ED4E86F06C00C03F07CE3	478F3B7E7A7E007BEE182B89C2EF6FFE6045E92C	621B5139ED199022BB6529AF18ED4DC312AE9F3E90ECAF3B2C9E1D12114F5B22
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\ar\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	44325A88063573A4C77F6EF943B0FC3E	78908D766F3E7A0E4545E7BD823C8ED47C7164EB	67A439A08804EF4BEF261BDBADD8F0FEFD51729167D01EDCA99DD4AF57D6108B
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\bg\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	6911CE87E8C47223F33BEF9488272E40	980398F076BB7D451B18D7FDE2DE09041B1F55AD	273DEF0F67F0FA080802B85EF6F334DE50A19408F46BDF41F0F099B1F5501EEA
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\bn\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	F9DDF525C07251282A3BFFCEE9A09ABB	A343A078E804AF400A8F3E1891E3390DA754A5CD	C69C6C90F7EB8F10685CD815AF1F6F1B87CF30C4E8D95DF1D577DE1105AAD227
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\ca\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	A90CF7930E7C3BEC61EE252DEFAD574A	F630CA01114A7BDD39607CB84B8280CCE218A5C6	A533740E17559E2ADF40B4555C60F21EEC84E92C09CDBC19EED033A0B4DD2474
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\cs\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	17E753EE877FDED25886D5F7925CA652	8E4EC969777CC0CEB7C12D0C1B9D87EBBB9C4678	C562FCCFCE374D446BFAC30AC9B18FF17E7A3EF101C919FF857104917F300382
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\da\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	F08A313C78454109B629B37521959B33	3D585D52EC8B4399F66D4BE88CED10F4A034FCCC	23BF7E5EDF70291CA6D8F4A64788C5B86379EECB628E3DFA7DD83344612F7564
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\de\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	980FB419ED6ED94AD75686AFFB4E4C2E	871BFBCA6BCBA9197811883A93C50C0716562D57	585C7814AFD2453232BC940252D4AE821D6E6CBCFD74A793F78E5DB8BA5342F1
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\el\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	40EB778339005A24FF9DA775D56E02B7	B00561CC7020F7FE717B5F692884253C689A7C61	F56BF7C171AA20038EE30B754478B69A98F3014C89362779B0A8788C7B9BEEE1
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\en\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	8351AF4EA9BDD9C09019BC85D25B0016	F6EC1FFD291C8632758E01C9EE837B1AD18D4DCF	F41C82D8A4F0E9B645656D630C882BE94A0FB7F8CEC0FE864B57298F0312B212
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\es\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	8A70C18BB1090AA4D500DE9E8E4A00EF	8AFC097FA956C1317DB0835348B2DA19F0789669	FF173D1CEF665B1234E02F11070ABD2B65230318150734579A03C7F31B4AE3F4
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\et\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	A62F12BCBA6D2C579212CA2FF90F8266	F7E964A2D9BBDA364252BCE5CFBA3FD34FDD825E	3EB3EB0B3B4A8E5A477D1B3C3A3891CCC7DC6B8879ECE243A7BD7C478068273D
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\fa\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	852BD3CFF960F1BC3A2AAB3CB3874EF9	C9F6F3C776542889FE3B67971D65ACFE048A3A0A	D87597B6C10364501B98AA42524843F109009CCEF022D8E0170440D7F144F4C6
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\fi\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	3902581B6170D0CEA9B1ECF6CC82D669	C8208AC2B1DD6D4F8BDAAE01C8BD71FFFA5A732B	D2A8180225A83A423BB6E17343DFA8F636D517154944002ED9240411B8C0C5E1
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\fil\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	59483AD798347B291363327D446FA107	C069F29BB68FA7BA2631B0BF5BBF313346AC6736	DD47530EAE96346CD4DC3267A0BB1091BB17B704803A93CDA2E3E81551B94F12
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\fr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	9B416146FE4F1403C2AACAC4DCF1A5C3	616F055C9FAD4CE972DF82EC8A9B2F4EDA3E7FAD	7C7F5758F54008190ACCDDBD1761CBD980FB5FE0847E992874498228D2571DBC
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\gu\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	68B03519786F71A426BAC24DECA2DD52	B8E6608932EC5CEC4BC3C5475BFC3E312D2E2E7D	C77A4D27E9E6CA25B9290056D93A656E3EBE975957E4C2EE9F0FB11B133D5CD4
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\hi\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	20C86E04B1833EA7F21C07361061420A	617C0D70E162CF380005E9780B61F650B7A39F9B	C2C27CA242DBDE600BA3AA7782156BC2B190A64D8A1B51EDC8007BDECA139553
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\hr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	3ED90E66789927D80B42346BB431431E	2B061E3271DF4255B1FFC47BDB207CDEC0D9724F	0B41E3C42414F72C9A12C05F8772597F9685115366A774C66018467AD4B71A74
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\hu\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	8E9FF7E49473C5734A2F6F0812E12EB3	A4F10DDD1580582533D5EB59EDF6D8048F887C81	6CDD2FB39ADECE00E88B989E464B05ED1414092D0492F6D0AE58D549BFD1A46A
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\id\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	7ADF9F2048944821F93879336EB61A78	C3DA74FB544684D5B250767BB0CB66FFB7C58963	3630947E1075E3663AD3E4824D0BE42CB47C0D615D8053E83B9595047C8BA9BE
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\it\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	BB3041A2B485B900F623E57459AE698A	502F5EA89F9FB0287E864B240EA39889D72053A4	025737EF8FA06706B3F26D0F52B4844244A6D33DAE1D82FEF2931A14C003D57E
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\ja\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	6F2CC1A6B258DF45F519BA24149FABDC	8A58C7880C6D22765DCBB6BCE22A192C1B109AE1	42ECFEE727CFC4F2845FEFDACE5EDC2E0A40AFAD69973A3B950CE653A7633342
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\kn\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	2E3239FC277287810BC88D93A6691B09	FC5D585DA00ADC90BF79109C7377BD55E6653569	5FC705AD19761204D8604EA069936A23731B055D51E7836CAAF16AC7719FBEEA
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\ko\messages.json	UTF-8 Unicode text, with CRLF line terminators	E303CD63AD00EB3154431DED78E871C4	3B1E5B8E2CF5EBDF5D33656EF80A46563F751783	FDE602BFDB1AFD282682DA5338C4F91D8A2F6CB5411DB8F62F4583D629CE67A6
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\lt\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	93BBBE82F024FBCB7FB18E203F253429	83F4D80F64FA2ADCE6C515C5F663BD38A76C51DB	E7A8570922CCC4F2CA3721C4E61F426158C4E7BC90274FBC8BE4040FF8B6CA9B
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\lv\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	388590CE5E144AE5467FD6585073BD11	61228673A400A98D5834389C06127589F19D3A30	05CA14196CA5D90B228C0F03684E03EBE403A3E7B513AE0A059244AE12B51164
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\ml\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	2AF93901DE80CA49DA869188BCDA9495	E60DF4F2FB12BD3F1CA869DAD9F6BDE0C17CEB11	329E80AEE1212F634E180DEF7E16D6E38D9C9FDA9AC9DB1D99B8AE1626EF304E
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\mr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	659F5B4ACA112D3ECBB6EC1613DDE824	5DEE35FCD260554999F8DDEC489FBA9F81FA8EEE	C8B765E7A07578BC078A952E151E3B866506959E15E79E9E5E1DBB98F9C4008F
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\ms\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	09D75141E0D80FBD3E9E92CE843DA986	B24EAB4B1242C31B69514D77BC1DB36A3F648F40	8F1DBDEFD910AD88BEEC7956619CDB34391D6E69254C3A7497E8F87134AE8B5C
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\nb\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	ED99169537909291BCC1ED1EA7BB63F0	5F72D51B6DBE8C622EF33D2B2AEBD7E9E20DAFB3	65B6598225ADA1E14EE9CB76CA863708E8F9EE0724B4EDC8F9508532BD631BAB
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\nl\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	E9236F0B36764D22EEC86B717602241E	DE82B804B18933907095DEF3F2EF164C1BB5F9B6	300F4F7C45EBE39EAAF40776C28D0A399A710699AAB58E9A8D43A6FD2DD00376
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\pl\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	8254020C39A5F6C1716639CC530BB0D6	A97A70427581ADA902CA73C898825F7B4B4FAC8F	2F4E4FC6AEB4A8E7F0E0DCE220D66E763F4EBF1FA79985834D636C6692FEA3E8
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\pt\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	FABD5D64267F0E6D7BE6983AB8704F8C	D4DAAD0FF5C461C51E6C1FD22B86AFC5B13E123F	D82DCA262FF005668B252B478DEDAAC4A5C1E417AF9DE57C22F169A6680183AE
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\ro\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	75E16A8FB75A9A168CFF86388F190C99	C27CE4C1DB3DF2D232925C73DC9AC1FA24DAD396	9C4716FF42A730F1E7725F0D9E703F311E79FDA31F85B4BB0B8863FC3C27AB9D
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\ru\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	8EF94823972EA8D2FC9BB7EC09AB1846	4171DC9CE9D82FDA5A280517A1FE58C907D75CE3	1009DB9FFA64E411B31E0780EBA43B9C9F8B05B5AC8CCA9A38514650261ABB0A
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\sk\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	C314FAC15AFF6A2EE9C732C64AB5A66D	D51F3362B5FDD2F3756DE42D7D6227DC818C6344	8EE2A25A09D6D0F89063FAA34BA2BC4DB505DD31FE6D5064C5D6E1E153721484
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\sl\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	F60AB4E9A79FD6F32909AFAC226446B3	07C9E383D4488BEBE316CA86966FC728F55A2E32	CDE581E6E7CF0136B003B45549E3BBEE7B67B74ADD786A8D5607BFDAD1DE7B87
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\sr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	4E233461D805CA7E54B0B394FFF42CAB	77F30833FC73A4C02C652C9E5A6EAFE9C3988A30	E1E1C64213EBF2CFEB7BA83E51B697CEA449B3A8B279B1024B859228DE869879
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\sv\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	897DAE6B0CF0FDE42648F0B47CB26E06	E1F5F5F65AF34FF9484AB2B01E571EAF19BA23D0	52656C24F6F6D0F3B3FC01E9504C4D5CEB85624F1B22E974CA675DD0E94EB82D
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\sw\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	EC233129047C1202D87DC140F7BA266D	537E4C887428081365D028F32C53E3C92F29AAA6	28EDBC5C4858217811D45CAA215710E452C8926E4DE99F810001AD664D08BE0D
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\ta\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	C50C5D2EDFC79DBDCBD5A58A027A3231	14314D760A18C39F06CD072CF5843832AFB86689	EEB0E89D5AD92B80FF08F88533A111DB3416D7C3860C64227D1CC8B7C2B58298
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\te\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	F740F25488BE253FCF5355D5A7022CEE	203A8DF19BA5A602A43DE18E99A6615D950C450E	5B9C96CB5D62510836B321EB9CEEF23865BB9D4DC4DE7716E90A858E00701FDF
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\th\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	9F926FCB8BAEA23453B99EA162CCDEA1	04D1E45591C0435A39DCA00A81E83E68585E8B64	100463C587F549C964A4EB21EA38EA1B4ADEF11E927FAC8FF884623B77202C02
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\tr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	B0420F071E7C6C2DE11715A0BF026C63	F41CC696786B18805DB8DC9E1E476146C0D6BE90	309F946F753DF6AF5C255D772EA0D429462152F78ABA4A96A2E369707A2C6B67
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\uk\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	FF06E78C06E8DFF4A422EA24F0AB3760	A434D1CE22DE0D2FD1842E94F5815F7B1972D1EE	E209FDEF12CCEC03B4E0D5B9464F90D527E62C5BC4DD565C680661D7F282AB02
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\vi\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	C3A40E8433D96D7E766C011D9EC7502B	EAB7BFAE48B1D29B95A8AE040DE94D3500824EE3	BD3D0F8CF100C96415B224011F550082D4516593CBD3631347748B7D6AD5B85A
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\zh\messages.json	UTF-8 Unicode text, with CRLF line terminators	D4513639FFC58664556B4607BF8A3F19	65629BC4CBBACA498F4082DD5884C8D3D7DDDC8A	C6D49997A9B4FF7FE701EC3644B1A523679A27778FB4BD39B7DBCA9F1ACCE595
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\_locales\zh_TW\messages.json	UTF-8 Unicode text, with CRLF line terminators	494CE2ACB21A426E051C146E600E7564	D045ECC2A69C963D5D34A148FE4A7939DE6A1322	A1053F9496ED7FA3C625C94347F07A5E760F514FD8EE142EC9EE64E86B9C063D
C:\Users\user\AppData\Local\Temp\scoped_dir3580_584551212\CRX_INSTALL\manifest.json	ASCII text, with very long lines, with CRLF line terminators	F76238944C3D189174DD74989CF1C0C6	85CE141EC8867B699668A5F5A48F404C84FCEB04	2EF48A1CF322DE356E8844DD2FD3431E8E7ACD04770649B6507EACA5ABDB53A7
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\69cf9e52-5ff9-48ab-a9ec-fb9915337642.tmp	Google Chrome extension, version 3	541F52E24FE1EF9F8E12377A6CCAE0C0	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\bg\messages.json	UTF-8 Unicode text, with CRLF line terminators	6F8E288A9AD5B1ED8633B430E2B4D4CA	F671D3D4BEFA431D1946D706F4192D44E29B6F08	A114E2783D0E9B12155017323BA70838F0F82A71C7EE8DC1F115AE36991241F8
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\ca\messages.json	UTF-8 Unicode text, with CRLF line terminators	1FDAFC926391BD580B655FBAF46ED260	C95743C3F43B2B099FEBEBC5BD850F0C20E820AC	C67898B67F9C9209EAFDA6532B62D5789863CFB855998DD6A70E7775316CEC20
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\cs\messages.json	UTF-8 Unicode text, with CRLF line terminators	76DEC64ED1556180B452A13C83171883	CFB1E56FD587BCDC459C1D9A683B71F9849058F9	32290D69A90E6BAAC428B10382C99221B12773BB9A184F3B93DFB48A4F6D7A40
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\da\messages.json	UTF-8 Unicode text, with CRLF line terminators	238B97A36E411E42FF37CEFAF2927ED1	4E47AC90BA24C8F4724D9293FA40CFD4ADA66FE0	4977D4A053542FF66967FAED6B06585DD70E68E20BFEB533B66FE3287F9655D9
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\de\messages.json	UTF-8 Unicode text, with CRLF line terminators	6B3E916E8C1991AA0453CBA00FEDCAAA	D6366D15912E40CA107FD42BFE9579C3336A51F9	A62FFAB910E31531758EEE48B2CC71A8857BEC3021DEAD50B668CBA3C8667053
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\el\messages.json	UTF-8 Unicode text, with CRLF line terminators	05C437A322C1148B5F78B2F341339147	AB53003A678E44A170E73711FBD9949833BBF3AA	A052C32B4FCAC61152EB0ADB2C260FB6A8256AD104AA0013DB93E9798D41A070
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\en\messages.json	ASCII text, with CRLF line terminators	91F5BC87FD478A007EC68C4E8ADF11AC	D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6	92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\en_GB\messages.json	ASCII text, with CRLF line terminators	91F5BC87FD478A007EC68C4E8ADF11AC	D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6	92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\es\messages.json	UTF-8 Unicode text, with CRLF line terminators	82719BD3999AD66193A9B0BB525F97CD	41194D511F1ACC16C1CA828AC81C18C8C6B47287	4DB9B2721E625C18B9E05C04B31AF5D9694712F1CAAF6219ABE34BB08E5DB1C7
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\es_419\messages.json	UTF-8 Unicode text, with CRLF line terminators	6B2583D8D1C147E36A69A88009CBEBC7	4D4DEEB4BE6AA0181825F3371A761ABC5B4D5937	6659BC3705311D7641A73995DCFEA80C7734F2F4EBBC3787B3892A240348324F
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\et\messages.json	UTF-8 Unicode text, with CRLF line terminators	CFF6CB76EC724B17C1BC920726CB35A7	14ED068251D65A840F00C05409D705259D329FFC	C85800BF45942FCC7FD6B1DF929C25F9CC2A977A6678966BD03D4B6B69889AFD
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\fi\messages.json	UTF-8 Unicode text, with CRLF line terminators	3A01FEE829445C482D1721FF63153D16	F3EAAADDC03F943FC88B30B67F534AA13E3336DD	0BDE54B20845124113383B6EB81E43A0F05E4EB0C44BEE3C1DFAC4CC5FEC2836
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\fil\messages.json	ASCII text, with CRLF line terminators	57AF5B654270A945BDA8053A83353A06	EEEF7A4F869F97CF471A05D345E74F982D15E167	EC002ED92359F67818B49455DFC579E140368E6A004080AF022FD4F57F6B03F2
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\fr\messages.json	UTF-8 Unicode text, with CRLF line terminators	8D11C90F44A6585B57B933AB38D1FFF8	3F9D44EA8807069A32AACA2AAAD02FD892E6CC90	599491F8C52B945C16C441ADF45BFD45AFAE046DA07757D97C56AF4DE75ED3B5
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\hi\messages.json	UTF-8 Unicode text, with CRLF line terminators	E376D757C8FD66AC70A7D2D49760B94E	1525C5B1312D409604F097768503298EC440CC4D	8106D98C4F8DA16DB698444409558E29CC96735E188BFA303C333A5D99231C1D
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\hr\messages.json	UTF-8 Unicode text, with CRLF line terminators	8185D0490C86363602A137F9A261CC50	5BD933B874441CEACB9201CCC941FF67BAED6DC0	A2B2EC359A9DD9DCCCE02859CE1E738BD30FAA4A05F1DC522893FFDF722BBC15
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\hu\messages.json	UTF-8 Unicode text, with CRLF line terminators	85609CF8623582A8376C206556ED2131	1E16EB70DB5E59BB684866FF3E3925C2DEF25A12	32A249749F12ADB6A220BF9ADC272C7E5D9AD5497A38B0086D961E3ABA17FBC6
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\id\messages.json	ASCII text, with CRLF line terminators	EAB2B946D1232AB98137E760954003AA	60BDC2937905B311D2C9844DF2D639D7AC9F7F67	C6E8800450602DE0F39FE9F6854472383813FB454B08ABAE7E25A9167CE004C3
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\it\messages.json	UTF-8 Unicode text, with CRLF line terminators	A328EEF5E841E0C72D3CD7366899C5C8	2851ED658385804E87911643F5A4200B1FB26E13	CD891C45F7586FB4A2514205A11F260E4A6D4482FA03D901909DD9F57BE0536D
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\ja\messages.json	UTF-8 Unicode text, with CRLF line terminators	9B3A5D473C3F2BBFAEECE94A07A940B8	61BACA342CF766BBA15C7B4D892A0E7DAC9405AA	706312A4A2AEF3317223F141EB2B82685345B7EED444F16BB4DF3A272716DA1F
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\ko\messages.json	UTF-8 Unicode text, with CRLF line terminators	9F6B4D82A70C74CA751E2EAE70FAB5CF	0534F125FFCE8222277CF2BE3401C59DAF9217F8	D1467B8D037114403E8F4EFC52E88C4A7FEB96126BE4CFF883FEFF1084EF7E68
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\lt\messages.json	UTF-8 Unicode text, with CRLF line terminators	4CA644F875606986A9898D04BDAE3EA5	722A10569E93975129D67FBDB75B537D9D622AD1	7C311AB751D840D750C11553C083785813E079C1D464FE568A98C9E3EF3DB96C
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\lv\messages.json	UTF-8 Unicode text, with CRLF line terminators	C5CE2C51391EAFD3DA9E4C71549A3C28	1F67FF6EF6E90C0CE3AAF56ED543A3EFD381574D	1FA1DF2CA8516DEF490FB8484E9AA498ACFF80EEF5C9258FFE42D3678E6C7DED
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\nb\messages.json	UTF-8 Unicode text, with CRLF line terminators	93C459A23BC6953FF744C35920CD2AF9	162F884972103A08ADB616A7EB3598431A2924C5	2CD700AEB57D89C2E73333D0702556EE3FF3863516170F85669BC680FCBDC4E0
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\nl\messages.json	ASCII text, with CRLF line terminators	7A8F9D0249C680F64DEC7650A432BD57	53477198AEE389F6580921B4876719B400A23CA1	92BE7C2DC9CFBE5A65E9CE6488D364C8D7EC19E7B67A31E4D43C1CB2B169671C
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\pl\messages.json	UTF-8 Unicode text, with CRLF line terminators	0E6194126AFCCD1E3098D276A7400175	E8127B905A640B1C46362FA6E1127BE172F4A40F	E2699F98C511B18A2AFB82EAE9A4804B646C4FF1077D80E77C17A3943A6373C2
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\pt_BR\messages.json	UTF-8 Unicode text, with CRLF line terminators	86A2B91FA18B867209024C522ED665D5	63DEC245637818C76655E01FCB6D59784BC7184E	6374880FDD1F8AF1EE8AEA6A06B73BE0AB265AFCEB4FE6F08BDE3B3989264B21
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\pt_PT\messages.json	UTF-8 Unicode text, with CRLF line terminators	750A4800EDB93FBE56495963F9FB3B94	8BFB915488A4EB3CB33D68E2E59F1F8447DB7D61	C1C94F65FABAF17DEF98A8587711A56D61B1E5607500E9B01F2824DB109F9E83
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\ro\messages.json	UTF-8 Unicode text, with CRLF line terminators	98D43E4B1054A65DF3FA3CC40AB6FB6D	46E0A21C4DA2BB5D4D8F837AE211C1B6FA26E7E2	113A13900CBA62FE8AED06751971C23A80A99B47F9BE219CF884D57DB19611D9
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\ru\messages.json	UTF-8 Unicode text, with CRLF line terminators	DB2EDF1465946C06BD95C71A1E13AE64	FB4F3ECE9ECECEBBC6CA2A592A15FB9C1FDFB811	FBAF22CE6E16DE174CED8CB5EA3098CCA1C3426A2111FF33BD3E64DA64ED67AB
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\sk\messages.json	UTF-8 Unicode text, with CRLF line terminators	8DF215D1EFBDABB175CCDD68ED8DCB0A	2B374462137A38589A73FDD00A84CBDC7E50F9F4	7FA16AF97E6CFC52EC6008EB679D3F30E7E0C24F9EF2D18A9228EAF4DED9D63B
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\sl\messages.json	UTF-8 Unicode text, with CRLF line terminators	3943FA2A647AECEDFD685408B27139EE	0129DD19D28373359530B3B477FE8A9279DABB7D	18AFF072EE0DF7C3495045435C752A805606E6D5D462EF2321C443F1773F4B3A
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\sr\messages.json	UTF-8 Unicode text, with CRLF line terminators	D485DF17F085B6A37125694F85646FD0	24D51D8642CDC6EFD5D8D7A4430232D8CDE25108	7FFDE34C58E7C376C042DE64DEF6481DAE32BE8B70F0B18EDF536290CBE0C818
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\sv\messages.json	UTF-8 Unicode text, with CRLF line terminators	D372B8204EB743E16F45C7CBD3CAAF37	C96C57219D292B01016B37DCF82E7C79AD0DD1E8	B8BA77E0089B0676545EC16D32468B727812B444F90B33A7A5B748E6C36C4388
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\th\messages.json	UTF-8 Unicode text, with CRLF line terminators	83E2D1E97791A4B2C5C69926EFB629C9	429600425CB0F196DDD717F940E94DBD8BFF2837	2FECA577F43D97BAEEA464741D585892103585208FD0A935B810A03BDCE83C88
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\tr\messages.json	UTF-8 Unicode text, with CRLF line terminators	2CEAE0567B6BB1D240BBAD690A98CA3B	5944346FBD4A0797B13223895995CAB58E9ECD23	A7CB86F30C9C31FE5540282C308BA96ADB4EC16EF98C87129EB88105E5BEF5FC
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\uk\messages.json	UTF-8 Unicode text, with CRLF line terminators	AB0B56120E6B38C42CC3612BE948EF50	8B3F520E5713D9F116D68E71DAEED1F6E8D74629	68ABA284751EB9C856032062EF9B1651E2A1E5CE5FDA0977FFC97D63BA7BED9E
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\vi\messages.json	UTF-8 Unicode text, with CRLF line terminators	7EBB677FEAD8557D3676505225A7249A	F161B4B6001AEAEAB246FF8987F4D992B48D47BE	051F96ED874C11C4A13589B5F68964E4F5B03B52DDA223D56524F2CA23760C04
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\zh_CN\messages.json	UTF-8 Unicode text, with CRLF line terminators	BB73BF561BB79F89D9BF7C67C5AE5C65	2FADD3A1959B29C44830033A35C637D0311A8C9C	D804F2A040D21D7511EFD5213D8E1721D64964A1A0DBB48E21622CEEDC9D967E
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\_locales\zh_TW\messages.json	UTF-8 Unicode text, with CRLF line terminators	5FF50C673CC0C661D615F0CFD0E6DCA0	60DFF98DEAB9C4746B288BDD9C94B3BCAE5EAA85	C6F8C640F3353A7B9B1432A0C139C1AEEC40133800E6C9B467B63991AD660308
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\images\icon_128.png	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	4DBC9F9E6F5A08D299BAC9E54DF07694	BB38F5DE34B1E0BE1109220BA55271087A4D9EA5	91C2718DD23B4356D71F88F6146868369033291086DF327534546DFA459BEB0E
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\images\icon_16.png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	FB9C46EA81AD3E456D90D58697C12C06	5FC450F7D73CCFAC8F0D818CB3392BA4D91B69DE	016CA659BA080E194FBFC0929602B16506ED60AA6019FAA51410C4FD93B583E8
C:\Users\user\AppData\Local\Temp\scoped_dir3580_755026883\CRX_INSTALL\manifest.json	ASCII text, with CRLF line terminators	01334FB9D092AF2AA46C4185E405C627	47AD3C0E82362FFE5B881DF8D71D6F79AB7F5796	F52714812D68C577A445169D11E84DF6751C2D6886BC429643072BB5D61C6C27

ID:	483675
Product:	CloudBasic
Start time:	11:24:41
Start date:	15.09.2021
Cookbook:	browseurl.jbs
System description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Architecture:	WINDOWS

Windows Analysis Report https://aabsi-my.sharepoint.com/:o:/g/personal/fruelda_am_acmotors_com_ph/Ep2Z7kLFoWFOpBcL8hR8FGgBHXksBwm1GIMZZGE28lbrnQ?e=lnJa6i

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection:

Phishing:

Compliance:

Networking:

System Summary:

Persistence and Installation Behavior:

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs