Play interactive tour

Edit tour

Windows Analysis Report https://brazen-fragrance-732.notion.site/Anchor-Associates-Shared-Document-a4d1f8d7fb1844e5a2dc23b7052de8d7

Overview

General Information

Sample URL:	https://brazen-fragrance-732.notion.site/Anchor-Associates-Shared-Document-a4d1f8d7fb1844e5a2dc23b7052de8d7
Analysis ID:	532127
Most interesting Screenshot:

Detection

HTMLPhisher

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Phishing site detected (based on favicon image match)

Yara detected HtmlPhish10

HTML body contains low number of good links

No HTML title found

Classification

Process Tree

System is start

chrome.exe (PID: 4648 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation --single-argument https://brazen-fragrance-732.notion.site/Anchor-Associates-Shared-Document-a4d1f8d7fb1844e5a2dc23b7052de8d7 MD5: 74859601FB4BEEA84B40D874CCB56CAB)

chrome.exe (PID: 1928 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1720,9822164152030246903,13514851213017893151,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 /prefetch:8 MD5: 74859601FB4BEEA84B40D874CCB56CAB)

cleanup

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Jbx Signature Overview

Click to jump to signature section

Show All Signature Results

Phishing:

Phishing site detected (based on favicon image match)

Show sources

Source: https://anchorassociates.z6.web.core.windows.net/

Matcher: Template: microsoft matched with high similarity

Yara detected HtmlPhish10

Show sources

Source: Yara match

File source: 58111.2.pages.csv, type: HTML

Source: https://anchorassociates.z6.web.core.windows.net/	HTTP Parser: Number of links: 0
Source: https://anchorassociates.z6.web.core.windows.net/	HTTP Parser: Number of links: 0
Source: https://login.microsoftonline.com/common/login	HTTP Parser: Number of links: 1
Source: https://login.microsoftonline.com/common/login	HTTP Parser: Number of links: 1

Source: https://anchorassociates.z6.web.core.windows.net/	HTTP Parser: HTML title missing
Source: https://anchorassociates.z6.web.core.windows.net/	HTTP Parser: HTML title missing
Source: https://login.microsoftonline.com/common/login	HTTP Parser: HTML title missing
Source: https://login.microsoftonline.com/common/login	HTTP Parser: HTML title missing

Source: https://anchorassociates.z6.web.core.windows.net/	HTTP Parser: No <meta name="author".. found
Source: https://anchorassociates.z6.web.core.windows.net/	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/login	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/login	HTTP Parser: No <meta name="author".. found

Source: https://anchorassociates.z6.web.core.windows.net/	HTTP Parser: No <meta name="copyright".. found
Source: https://anchorassociates.z6.web.core.windows.net/	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/login	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/login	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 20.190.159.138:443 -> 192.168.2.3:49775 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.8:443 -> 192.168.2.3:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.134:443 -> 192.168.2.3:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.8:443 -> 192.168.2.3:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.21.140.114:443 -> 192.168.2.3:53697 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.21.140.114:443 -> 192.168.2.3:60817 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.8.31:443 -> 192.168.2.3:61536 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.152.110.14:443 -> 192.168.2.3:52440 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.3:50801 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.82.210.154:443 -> 192.168.2.3:52306 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.82.210.154:443 -> 192.168.2.3:52305 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.82.210.154:443 -> 192.168.2.3:52304 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.199.120.85:443 -> 192.168.2.3:52271 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.54.110.249:443 -> 192.168.2.3:61996 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.54.110.249:443 -> 192.168.2.3:61997 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.54.110.249:443 -> 192.168.2.3:61998 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.199.120.182:443 -> 192.168.2.3:61999 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.54.110.249:443 -> 192.168.2.3:62000 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.54.110.249:443 -> 192.168.2.3:62002 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.54.110.249:443 -> 192.168.2.3:62003 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.112.88.60:443 -> 192.168.2.3:58671 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 92.123.195.67:443 -> 192.168.2.3:63240 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 92.123.195.67:443 -> 192.168.2.3:63239 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 92.123.195.67:443 -> 192.168.2.3:63242 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 92.123.195.67:443 -> 192.168.2.3:63243 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 92.123.195.67:443 -> 192.168.2.3:53262 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.199.120.182:443 -> 192.168.2.3:64216 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.199.120.85:443 -> 192.168.2.3:54720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.109.8.21:443 -> 192.168.2.3:54723 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 0MB later: 26MB

Source: unknown

DNS traffic detected: queries for: brazen-fragrance-732.notion.site

Source: unknown	Network traffic detected: HTTP traffic on port 63239 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50733
Source: unknown	Network traffic detected: HTTP traffic on port 64209 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 64513 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51948
Source: unknown	Network traffic detected: HTTP traffic on port 61998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64220
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59308
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55747
Source: unknown	Network traffic detected: HTTP traffic on port 58403 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61282 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64221 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64219
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64218
Source: unknown	Network traffic detected: HTTP traffic on port 51176 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55326 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61407 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63243
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64211
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63242
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64210
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64213
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64212
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64215
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64214
Source: unknown	Network traffic detected: HTTP traffic on port 54711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64217
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64216
Source: unknown	Network traffic detected: HTTP traffic on port 53265 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55518
Source: unknown	Network traffic detected: HTTP traffic on port 62000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53697
Source: unknown	Network traffic detected: HTTP traffic on port 65060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53696
Source: unknown	Network traffic detected: HTTP traffic on port 53271 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52306 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57144
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61997
Source: unknown	Network traffic detected: HTTP traffic on port 60105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53460
Source: unknown	Network traffic detected: HTTP traffic on port 59127 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64221
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63377
Source: unknown	Network traffic detected: HTTP traffic on port 64215 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52305 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49301 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65450
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49165
Source: unknown	Network traffic detected: HTTP traffic on port 59070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61768
Source: unknown	Network traffic detected: HTTP traffic on port 58402 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61407
Source: unknown	Network traffic detected: HTTP traffic on port 58662 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52559 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 60884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 63240 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53460 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65221
Source: unknown	Network traffic detected: HTTP traffic on port 59157 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63458 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49165 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51176
Source: unknown	Network traffic detected: HTTP traffic on port 58427 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64220 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61535
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61536
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63959
Source: unknown	Network traffic detected: HTTP traffic on port 60816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52271
Source: unknown	Network traffic detected: HTTP traffic on port 54712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62501
Source: unknown	Network traffic detected: HTTP traffic on port 58711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64211 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52559
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49301
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 62001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52673
Source: unknown	Network traffic detected: HTTP traffic on port 53270 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58662
Source: unknown	Network traffic detected: HTTP traffic on port 61449 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55368 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59070
Source: unknown	Network traffic detected: HTTP traffic on port 51523 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 52440 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61282
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52440
Source: unknown	Network traffic detected: HTTP traffic on port 58404 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58309
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58427
Source: unknown	Network traffic detected: HTTP traffic on port 53275 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58671
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63573
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62000
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62003
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64665
Source: unknown	Network traffic detected: HTTP traffic on port 54718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63458
Source: unknown	Network traffic detected: HTTP traffic on port 53264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52626 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62151 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61472 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63341
Source: unknown	Network traffic detected: HTTP traffic on port 58309 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64216 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53263 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53269 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62151
Source: unknown	Network traffic detected: HTTP traffic on port 51380 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63241
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63240
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54645
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59422
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64208
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63239
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50290
Source: unknown	Network traffic detected: HTTP traffic on port 65221 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58151 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64209
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51380
Source: unknown	Network traffic detected: HTTP traffic on port 63377 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60885
Source: unknown	Network traffic detected: HTTP traffic on port 55747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65172 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60817
Source: unknown	Network traffic detected: HTTP traffic on port 54645 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56317
Source: unknown	Network traffic detected: HTTP traffic on port 54725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51413 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55105
Source: unknown	Network traffic detected: HTTP traffic on port 53274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56110 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59157
Source: unknown	Network traffic detected: HTTP traffic on port 64763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59422 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62501 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64218 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61463
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63242 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61376 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64665 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54393
Source: unknown	Network traffic detected: HTTP traffic on port 64819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55518 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52665 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62667 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61472
Source: unknown	Network traffic detected: HTTP traffic on port 53268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65172
Source: unknown	Network traffic detected: HTTP traffic on port 62003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54714
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65297
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61370
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54718
Source: unknown	Network traffic detected: HTTP traffic on port 61996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55368
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54710
Source: unknown	Network traffic detected: HTTP traffic on port 55219 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58401
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61009
Source: unknown	Network traffic detected: HTTP traffic on port 57807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56317 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59308 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64513
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54728
Source: unknown	Network traffic detected: HTTP traffic on port 64212 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52305
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52306
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54725
Source: unknown	Network traffic detected: HTTP traffic on port 57144 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58403
Source: unknown	Network traffic detected: HTTP traffic on port 61009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52304
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58402
Source: unknown	Network traffic detected: HTTP traffic on port 53273 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52665
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58404
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56110
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64763
Source: unknown	Network traffic detected: HTTP traffic on port 63243 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64217 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61376
Source: unknown	Network traffic detected: HTTP traffic on port 53262 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52271 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63241 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59904
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64819
Source: unknown	Network traffic detected: HTTP traffic on port 63341 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 53261 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64214 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61535 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53267 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64208 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59127
Source: unknown	Network traffic detected: HTTP traffic on port 58401 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53264
Source: unknown	Network traffic detected: HTTP traffic on port 64219 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53263
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53262
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53261
Source: unknown	Network traffic detected: HTTP traffic on port 58671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58151
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60105
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62644
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61463 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54393 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55326
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53268
Source: unknown	Network traffic detected: HTTP traffic on port 53272 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53267
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53266
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53265
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51523
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53269
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53271
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53270
Source: unknown	Network traffic detected: HTTP traffic on port 63573 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61449
Source: unknown	Network traffic detected: HTTP traffic on port 63714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53275
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53274
Source: unknown	Network traffic detected: HTTP traffic on port 49937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53273
Source: unknown	Network traffic detected: HTTP traffic on port 61370 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53272
Source: unknown	Network traffic detected: HTTP traffic on port 65297 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58171 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52304 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52626
Source: unknown	Network traffic detected: HTTP traffic on port 65450 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62644 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55219
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51413
Source: unknown	Network traffic detected: HTTP traffic on port 54722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62667
Source: unknown	Network traffic detected: HTTP traffic on port 50290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58171
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64213 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53266 -> 443

Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.220.29
Source: unknown	TCP traffic detected without corresponding DNS query: 209.197.3.8
Source: unknown	TCP traffic detected without corresponding DNS query: 209.197.3.8
Source: unknown	TCP traffic detected without corresponding DNS query: 209.197.3.8
Source: unknown	TCP traffic detected without corresponding DNS query: 8.238.32.126
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.8
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.8
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.8
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.8
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.8
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.8
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.8
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.8
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.8
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.8
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.8
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.8
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.8
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.134
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.134
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.134
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.134
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.134
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.134
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.134
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.160.134

Source: unknown	HTTPS traffic detected: 20.190.159.138:443 -> 192.168.2.3:49775 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.8:443 -> 192.168.2.3:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.134:443 -> 192.168.2.3:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.160.8:443 -> 192.168.2.3:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.21.140.114:443 -> 192.168.2.3:53697 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.21.140.114:443 -> 192.168.2.3:60817 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.8.31:443 -> 192.168.2.3:61536 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.152.110.14:443 -> 192.168.2.3:52440 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.199.120.151:443 -> 192.168.2.3:50801 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.82.210.154:443 -> 192.168.2.3:52306 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.82.210.154:443 -> 192.168.2.3:52305 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.82.210.154:443 -> 192.168.2.3:52304 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.199.120.85:443 -> 192.168.2.3:52271 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.54.110.249:443 -> 192.168.2.3:61996 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.54.110.249:443 -> 192.168.2.3:61997 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.54.110.249:443 -> 192.168.2.3:61998 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.199.120.182:443 -> 192.168.2.3:61999 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.54.110.249:443 -> 192.168.2.3:62000 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.54.110.249:443 -> 192.168.2.3:62002 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.54.110.249:443 -> 192.168.2.3:62003 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.112.88.60:443 -> 192.168.2.3:58671 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 92.123.195.67:443 -> 192.168.2.3:63240 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 92.123.195.67:443 -> 192.168.2.3:63239 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 92.123.195.67:443 -> 192.168.2.3:63242 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 92.123.195.67:443 -> 192.168.2.3:63243 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 92.123.195.67:443 -> 192.168.2.3:53262 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.199.120.182:443 -> 192.168.2.3:64216 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.199.120.85:443 -> 192.168.2.3:54720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.109.8.21:443 -> 192.168.2.3:54723 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\alfredo\AppData\Local\Temp\f6cb3c36-eaaf-4e3d-906a-5845f3375ccc.tmp

Source: classification engine

Classification label: mal56.phis.win@33/100@23/282

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation --single-argument https://brazen-fragrance-732.notion.site/Anchor-Associates-Shared-Document-a4d1f8d7fb1844e5a2dc23b7052de8d7
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1720,9822164152030246903,13514851213017893151,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1720,9822164152030246903,13514851213017893151,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-61A833B3-1228.pma

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading1	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Extra Window Memory Injection1	Process Injection1	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol1	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Extra Window Memory Injection1	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol2	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://brazen-fragrance-732.notion.site/Anchor-Associates-Shared-Document-a4d1f8d7fb1844e5a2dc23b7052de8d7	0%	Avira URL Cloud	safe

Dropped Files

Source	Detection	Scanner	Label	Link
C:\Users\alfredo\AppData\Local\Temp\4648_1163975000\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe	0%	Metadefender		Browse
C:\Users\alfredo\AppData\Local\Temp\4648_1163975000\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe	0%	ReversingLabs

Unpacked PE Files

No Antivirus matches

Domains

Source	Detection	Scanner	Label	Link
api.statsig.com	0%	Virustotal		Browse

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
cs1100.wpc.omegacdn.net	152.199.23.37	true	false		unknown
accounts.google.com	142.250.185.205	true	false		high
analytics.pgncs.notion.so	13.224.193.109	true	false		high
widget.intercom.io	143.204.98.128	true	false		high
azgtcoop.com	51.89.153.93	true	false		unknown
api-iam.intercom.io	99.83.219.81	true	false		high
brazen-fragrance-732.notion.site	104.18.8.31	true	false		unknown
o324374.ingest.sentry.io	34.120.195.249	true	false		high
logs-01.loggly.com	54.164.8.26	true	false		high
msgstore.www.notion.so	104.18.23.110	true	false		high
api.statsig.com	20.93.97.18	true	false	0%, Virustotal, Browse	unknown
nexus-websocket-a.intercom.io	35.170.0.145	true	false		high
clients.l.google.com	142.250.186.142	true	false		high
googlehosted.l.googleusercontent.com	142.250.185.97	true	false		high
js.intercomcdn.com	143.204.98.70	true	false		high
api.pgncs.notion.so	52.32.46.219	true	false		high
ka-f.fontawesome.com	unknown	unknown	false		high
aadcdn.msftauth.net	unknown	unknown	false		unknown
aadcdn.msauth.net	unknown	unknown	false		unknown
clients2.googleusercontent.com	unknown	unknown	false		high
clients2.google.com	unknown	unknown	false		high
git-cont0123.azurewebsites.net	unknown	unknown	false		unknown
login.microsoftonline.com	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://login.microsoftonline.com/common/login	false		high
https://brazen-fragrance-732.notion.site/Anchor-Associates-Shared-Document-a4d1f8d7fb1844e5a2dc23b7052de8d7	true		unknown

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
13.224.193.109	analytics.pgncs.notion.so	United States	16509	AMAZON-02US	false
172.67.161.47	unknown	United States	13335	CLOUDFLARENETUS	false
35.170.0.145	nexus-websocket-a.intercom.io	United States	14618	AMAZON-AESUS	false
142.250.185.205	accounts.google.com	United States	15169	GOOGLEUS	false
51.89.153.93	azgtcoop.com	France	16276	OVHFR	false
54.164.8.26	logs-01.loggly.com	United States	14618	AMAZON-AESUS	false
143.204.98.70	js.intercomcdn.com	United States	16509	AMAZON-02US	false
20.40.202.29	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.107.213.45	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
143.204.98.128	widget.intercom.io	United States	16509	AMAZON-02US	false
142.250.74.195	unknown	United States	15169	GOOGLEUS	false
34.104.35.123	unknown	United States	15169	GOOGLEUS	false
52.32.46.219	api.pgncs.notion.so	United States	16509	AMAZON-02US	false
104.18.8.31	brazen-fragrance-732.notion.site	United States	13335	CLOUDFLARENETUS	false
20.93.97.18	api.statsig.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.18.23.110	msgstore.www.notion.so	United States	13335	CLOUDFLARENETUS	false
99.83.219.81	api-iam.intercom.io	United States	16509	AMAZON-02US	false
40.126.31.8	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.181.227	unknown	United States	15169	GOOGLEUS	false
142.251.36.42	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
169.254.68.153	unknown	Reserved	6966	USDOSUS	false
20.60.222.132	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.186.142	clients.l.google.com	United States	15169	GOOGLEUS	false
216.58.212.163	unknown	United States	15169	GOOGLEUS	false
142.250.186.42	unknown	United States	15169	GOOGLEUS	false
34.120.195.249	o324374.ingest.sentry.io	United States	15169	GOOGLEUS	false
142.250.185.97	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.1
192.168.2.3
127.0.0.1

General Information

Joe Sandbox Version:	34.0.0 Boulder Opal
Analysis ID:	532127
Start date:	01.12.2021
Start time:	18:46:42
Joe Sandbox Product:	CloudBasic
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://brazen-fragrance-732.notion.site/Anchor-Associates-Shared-Document-a4d1f8d7fb1844e5a2dc23b7052de8d7
Number of analysed new started processes analysed:	10
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Detection:	MAL
Classification:	mal56.phis.win@33/100@23/282
Cookbook Comments:	Adjust boot time Enable AMSI
Warnings:	Show All Exclude process from analysis (whitelisted): CompPkgSrv.exe, svchost.exe Excluded IPs from analysis (whitelisted): 2.21.142.245, 142.250.74.195, 34.104.35.123, 142.250.186.42 Excluded domains from analysis (whitelisted): e12564.dspb.akamaiedge.net, fs.microsoft.com, edgedl.me.gvt1.com, content-autofill.googleapis.com, login.live.com, store-images.s-microsoft.com, store-images.s-microsoft.com-c.edgekey.net, clientservices.googleapis.com Not all processes where analyzed, report is missing behavior information Report size getting too big, too many NtOpenFile calls found. Report size getting too big, too many NtSetInformationFile calls found. VT rate limit hit for: git-cont0123.azurewebsites.net

Created / dropped Files

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\024c0e64-5de6-4f65-8fa3-3677a4d17fa9.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	97528
Entropy (8bit):	3.76050407000305
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	.\|..............T...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\.F.i.l.e.S.y.n.c.S.h.e.l.l.6.4...d.l.l.......puA...c.:.\.p.r.o.g.r.a.m. .f.i.l.e.s. .(.x.8.6.).\.m.i.c.r.o.s.o.f.t. .o.n.e.d.r.i.v.e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\.......f.i.l.e.s.y.n.c.s.h.e.l.l.6.4...d.l.l.......M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e."...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n.....2.1...0.8.3...0.4.2.5...0.0.0.3.....T...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\.F.i.l.e.S.y.n.c.S.h.e.l.l.6.4...d.l.l.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....L8. ...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.7.-.Z.i.p.\.7.-.z.i.p...d.l.l.......n\....%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.7.-.z.i.p.\.......7.-.z.i.p...d.l.l.......7.-.Z.i.p.......7.-.Z.i.p. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n.......1.9...0.0................L8.....

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\568b048a-2f91-4b54-baf8-7325ceef50e4.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	93024
Entropy (8bit):	6.038277519636853
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"91.0.4472.77"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.638413237836743e+12,"network":1.638380839e+12,"ticks":943708566.0,"uncertainty":3587907.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABBQ7WxpM2gT7fMNkY5iRxkAAAAAAIAAAAAABBmAAAAAQAAIAAAALDWDwoLRYqp0NkiPsTxUN2QcOPsitaJrdacpo+ULE2PAAAAAA6AAAAAAgAAIAAAAOIeKQBWbQSCqXv1OSNS2lIZGHfAdJRwvbkapN4/FWvwMAAAAPz8I/w07KQb4Ut8ObsBGVgFwbuU88R362cCGZpNEtOEILJDMaKWOA4Y9ejBRTt5kEAAAADq8RkIezfgqGPgEaEMkhoGd9qhyBeyucXcRUPEI7mgYIxaDt8C5FJrjkEhV5EOUcUmR2SCzqYelImLnfOlbhRQ"},"policy":{"last_statistics_update":"13282886835504663"},"profile":{"info_cache":{"Default":{"active_time":1638413236.517441,"avatar_icon":"chrom

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	40
Entropy (8bit):	3.254162526001658
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	sdPC.....................A.>'..M..,.,.-.

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\07a8ac9e-2357-4681-8039-d6132f51a2d0.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	modified
Size (bytes):	15868
Entropy (8bit):	5.577584739283
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13282886835762640","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\3df915a0-691e-44c6-b481-5f94d0f37253.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
Category:	dropped
Size (bytes):	181072
Entropy (8bit):	5.774426487043815
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	............ .H............. ............... .p............. .h...n......... ............... ......... .... .....n...((.... .h.......00.... ..%..~H..@@.... .(B..&n..``.... .....N......... .(....D........ .2v...M..(............. .................................]..X\.).H...>..Z............\..._...V...F...A...A.......^..Wb...f.)...l...v.M...B...@..Wc...[.....z...`...J.....9...E...k...R.D.......G...A.....;...E...h..XKd..KW..........D...>...=..X....GQ.JW..;M..8K..@H..=;.............JV.YKV.IT.BS.Y........................................(............. .....................................[..TZ.5.B...@..T................X...]...`...\...K...D...A...;.......3...\...e...V...h.).d.G.<...F...@...3...^..Td...X.....e....v.....:...E...=..T`...d...h.B.....?...;...O...B...A...b.!.g...Ru......9...8...P...C...C...l..U].M.5@..............6...C...@..T....EW..LX..=K..Ob..Me..5R..AX..;V..++......BL..KW..KW..DO..BL..EN..AJ..;1..................HT.UIV.FT.BQ.U..............................

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\48cc3944-4a15-4d70-af8c-4631658a17db.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3343
Entropy (8bit):	4.945222848960228
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3-29"],"expiration":"13270230891381309","port":443,"protocol_str":"quic"},{"advertised_alpns":["h3-Q050"],"expiration":"13270230891381310","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":39697},"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3-29"],"expiration":"13270230887958662","port":443,"protocol_str":"quic"},{"advertised_alpns":["h3-Q050"],"expiration":"13270230887958664","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":52163},"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3-29"],"expiration":"13270230886326794","port":443,"protocol_str":"quic"},{"advertised_alpns":["h3-Q050"],"expiration":"13270230886326795","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://clients2.google.com","supports_spdy

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\6b35dffc-af5c-4fa3-ab31-f61b5e942fa1.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	15154
Entropy (8bit):	5.580522378212096
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13282886835762640","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\836e8355-cb89-4baf-8627-512648e3e07e.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	17958
Entropy (8bit):	5.565230872082018
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13282886835762640","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	11336
Entropy (8bit):	6.0707244876366575
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"file_hashes":[{"block_hashes":["8D+nOE33nrpuAnTVcJlgMPWVo79reBkp3Z22WTJi5B8="],"block_size":4096,"path":"_locales/nb/messages.json"},{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\9221.427.0.1_0\_metadata\computed_hashes.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	26178
Entropy (8bit):	6.060546316291638
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"file_hashes":[{"block_hashes":["DOZdV3jFvk12AM2JNDYKo3KZrIVRprmJ+sVGWkqqE4Q=","rVElW3Hu3T52SzDDUqGT5YiJTBGUv2h3pNuBKFlhZ1U=","X/3fg4KZxgQ1jBr5QGq0F5JnflgE27UErd88mrxTcxs=","VibLbpy0ig+5INMOU71fTYN76iaka2XVpmm1qAKYsX8=","EChCwCbQHbHQ7oDdGT2qNyiRJ0yck2YC2emNGq4whtE="],"block_size":4096,"path":"_locales/iw/messages.json"},{"block_hashes":["fM6wUoU96QmdAMMJqhyPQdILY6QXE2cfpXivMNd/kSg=","GmZUfDhlvU+1ByKQxZIcQZm+8bSFENyNk79q9fsZu3o=","X0hU8nolnxRmTiwIKtHtUeSjEP4YaSRtnpXvJQrqg8I="],"block_size":4096,"path":"_locales/nb/messages.json"},{"block_hashes":["/0XLYLvR7GDi1lXEsqI5OOorLaHGVkQU9sW9wrxd/qs=","ugdSYfR9jET/5OpIYWZUycWy9FcBX/jb/7/hmW5DVR0=","Z2vShQRg9avHHQwTkYjAyfnFnhHQ6Ce+ob00hRV0V2Q=","lIb7yaoAR7pQ0ZDpBU1ZzIKa+hURf3edJBILNvUO6lk=","5mpQSSRBXvBC9O0QpFoDxFGOcDS5Iua0gICy3D+t0UM=","EkWgzDTb1zblDgz7APE/G19fsHn/TJJuw3JbNsqGNCY=","Mb/n/cgw5oibXHqBfMwXremke8GY9oWJPhuY1Y2CrpQ=","cb+9vKl/3iDYu97Gc5yEsJnJ2QWd4dpd1E3pt/3yaqQ=","17+40sjnss/mFRm6idVmlEZTl+kWrR1GSzedHRD8yZI=","fTKSj8L49Jxlk/4helP5XYq

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Google Profile.icoso (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
Category:	dropped
Size (bytes):	181072
Entropy (8bit):	5.774426487043815
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	............ .H............. ............... .p............. .h...n......... ............... ......... .... .....n...((.... .h.......00.... ..%..~H..@@.... .(B..&n..``.... .....N......... .(....D........ .2v...M..(............. .................................]..X\.).H...>..Z............\..._...V...F...A...A.......^..Wb...f.)...l...v.M...B...@..Wc...[.....z...`...J.....9...E...k...R.D.......G...A.....;...E...h..XKd..KW..........D...>...=..X....GQ.JW..;M..8K..@H..=;.............JV.YKV.IT.BS.Y........................................(............. .....................................[..TZ.5.B...@..T................X...]...`...\...K...D...A...;.......3...\...e...V...h.).d.G.<...F...@...3...^..Td...X.....e....v.....:...E...=..T`...d...h.B.....?...;...O...B...A...b.!.g...Ru......9...8...P...C...C...l..U].M.5@..............6...C...@..T....EW..LX..=K..Ob..Me..5R..AX..;V..++......BL..KW..KW..DO..BL..EN..AJ..;1..................HT.UIV.FT.BQ.U..............................

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_brazen-fragrance-732.notion.site_0.indexeddb.leveldb\000001.dbtmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	16
Entropy (8bit):	3.2743974703476995
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	MANIFEST-000001.

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_brazen-fragrance-732.notion.site_0.indexeddb.leveldb\CURRENT (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	16
Entropy (8bit):	3.2743974703476995
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	MANIFEST-000001.

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_brazen-fragrance-732.notion.site_0.indexeddb.leveldb\MANIFEST-000001 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	23
Entropy (8bit):	4.142914673354254
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	........idb_cmp1......

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3343
Entropy (8bit):	4.945222848960228
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3-29"],"expiration":"13270230891381309","port":443,"protocol_str":"quic"},{"advertised_alpns":["h3-Q050"],"expiration":"13270230891381310","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":39697},"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3-29"],"expiration":"13270230887958662","port":443,"protocol_str":"quic"},{"advertised_alpns":["h3-Q050"],"expiration":"13270230887958664","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":52163},"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3-29"],"expiration":"13270230886326794","port":443,"protocol_str":"quic"},{"advertised_alpns":["h3-Q050"],"expiration":"13270230886326795","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://clients2.google.com","supports_spdy

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Preferencese (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3488
Entropy (8bit):	4.9412457224962685
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13282886836584295","alternate_error_pages":{"backup":true},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2709},"default_apps_install_state":2,"domain_diversity":{"last_reporting_timestamp":"13282886836577748"},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chrome_version":"92.0.4515.107"},"gcm":{"product_category_for_subtypes":"com.chrome.windows"},"google":{"services":{"signin_scoped_device_id":"2bc5dea9-98c9-402e-863a-7384b16fca1c"}},"intl":{"selected_languages":"en-US,en"},"invalidation":{"per_sender_topics_to_handler":{"1013309121859":{},"8181035976":{}}},"media":{"device_id_salt":"8848606DC693E151C75CA329009819AC","engagement":{"schema_version":4}},

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Preferencesk\ (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4912
Entropy (8bit):	5.068287906968426
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13282886836584295","alternate_error_pages":{"backup":true},"autocomplete":{"retention_policy_last_version":92},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2709,"this_week_services_downstream_foreground_kb":{"112189210":79,"115188287":42,"21145003":1051,"35565745":1,"49601082":3,"5151071":2,"54845618":26,"88863520":1}},"default_apps_install_state":2,"domain_diversity":{"last_reporting_timestamp":"13282886836577748"},"download":{"directory_upgrade":true},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chrome_version":"92.0.4515.107"},"gaia_cookie":{"changed_time":1638413239.06975,"hash":"2jmj7l5rSw0yVb/vlWAYkK/YBwk=","last_list_accounts_data":"[\"gaia.l.a

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.t (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	17958
Entropy (8bit):	5.565230872082018
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13282886835762640","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	15868
Entropy (8bit):	5.577584739283
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13282886835762640","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent StateMP (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	139
Entropy (8bit):	4.762700853527964
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\f752c48f-9b1e-439e-b2f0-dd98aa790dcf.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	139
Entropy (8bit):	4.762700853527964
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\b8af5926-e9c6-4b9c-898c-48b49964e7ff.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4912
Entropy (8bit):	5.068287906968426
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13282886836584295","alternate_error_pages":{"backup":true},"autocomplete":{"retention_policy_last_version":92},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2709,"this_week_services_downstream_foreground_kb":{"112189210":79,"115188287":42,"21145003":1051,"35565745":1,"49601082":3,"5151071":2,"54845618":26,"88863520":1}},"default_apps_install_state":2,"domain_diversity":{"last_reporting_timestamp":"13282886836577748"},"download":{"directory_upgrade":true},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chrome_version":"92.0.4515.107"},"gaia_cookie":{"changed_time":1638413239.06975,"hash":"2jmj7l5rSw0yVb/vlWAYkK/YBwk=","last_list_accounts_data":"[\"gaia.l.a

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\c0ab9a8b-7568-44dc-b1b8-b567a984cd7f.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3488
Entropy (8bit):	4.9412457224962685
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13282886836584295","alternate_error_pages":{"backup":true},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2709},"default_apps_install_state":2,"domain_diversity":{"last_reporting_timestamp":"13282886836577748"},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chrome_version":"92.0.4515.107"},"gcm":{"product_category_for_subtypes":"com.chrome.windows"},"google":{"services":{"signin_scoped_device_id":"2bc5dea9-98c9-402e-863a-7384b16fca1c"}},"intl":{"selected_languages":"en-US,en"},"invalidation":{"per_sender_topics_to_handler":{"1013309121859":{},"8181035976":{}}},"media":{"device_id_salt":"8848606DC693E151C75CA329009819AC","engagement":{"schema_version":4}},

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\c879fd31-d964-4ab5-b513-839f293fb390.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	.

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000006.dbtmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	16
Entropy (8bit):	3.2743974703476995
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	MANIFEST-000006.

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	16
Entropy (8bit):	3.2743974703476995
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	MANIFEST-000006.

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\eaeb93ee-df0a-4f60-8952-0ff37385a8dd.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	3488
Entropy (8bit):	4.941075074723662
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13282886836584295","alternate_error_pages":{"backup":true},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2709},"default_apps_install_state":2,"domain_diversity":{"last_reporting_timestamp":"13282886836577748"},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chrome_version":"92.0.4515.107"},"gcm":{"product_category_for_subtypes":"com.chrome.windows"},"google":{"services":{"signin_scoped_device_id":"2bc5dea9-98c9-402e-863a-7384b16fca1c"}},"intl":{"selected_languages":"en-US,en"},"invalidation":{"per_sender_topics_to_handler":{"1013309121859":{},"8181035976":{}}},"media":{"device_id_salt":"8848606DC693E151C75CA329009819AC","engagement":{"schema_version":4}},

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Browser Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	106
Entropy (8bit):	3.138546519832722
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Version Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	13
Entropy (8bit):	2.873140679513133
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	92.0.4515.107

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Local State (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	93024
Entropy (8bit):	6.038277519636853
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"91.0.4472.77"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.638413237836743e+12,"network":1.638380839e+12,"ticks":943708566.0,"uncertainty":3587907.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABBQ7WxpM2gT7fMNkY5iRxkAAAAAAIAAAAAABBmAAAAAQAAIAAAALDWDwoLRYqp0NkiPsTxUN2QcOPsitaJrdacpo+ULE2PAAAAAA6AAAAAAgAAIAAAAOIeKQBWbQSCqXv1OSNS2lIZGHfAdJRwvbkapN4/FWvwMAAAAPz8I/w07KQb4Ut8ObsBGVgFwbuU88R362cCGZpNEtOEILJDMaKWOA4Y9ejBRTt5kEAAAADq8RkIezfgqGPgEaEMkhoGd9qhyBeyucXcRUPEI7mgYIxaDt8C5FJrjkEhV5EOUcUmR2SCzqYelImLnfOlbhRQ"},"policy":{"last_statistics_update":"13282886835504663"},"profile":{"info_cache":{"Default":{"active_time":1638413236.517441,"avatar_icon":"chrom

C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	97528
Entropy (8bit):	3.76050407000305
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	.\|..............T...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\.F.i.l.e.S.y.n.c.S.h.e.l.l.6.4...d.l.l.......puA...c.:.\.p.r.o.g.r.a.m. .f.i.l.e.s. .(.x.8.6.).\.m.i.c.r.o.s.o.f.t. .o.n.e.d.r.i.v.e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\.......f.i.l.e.s.y.n.c.s.h.e.l.l.6.4...d.l.l.......M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e."...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n.....2.1...0.8.3...0.4.2.5...0.0.0.3.....T...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\.F.i.l.e.S.y.n.c.S.h.e.l.l.6.4...d.l.l.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n....L8. ...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.7.-.Z.i.p.\.7.-.z.i.p...d.l.l.......n\....%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.7.-.z.i.p.\.......7.-.z.i.p...d.l.l.......7.-.Z.i.p.......7.-.Z.i.p. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n.......1.9...0.0................L8.....

C:\Users\alfredo\AppData\Local\Temp\161ca8bd-c393-485b-9fa9-e2ef5aa21530.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Google Chrome extension, version 3
Category:	dropped
Size (bytes):	248531
Entropy (8bit):	7.963657412635355
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	Cr24..............0.."0....H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L\|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.\|1..n.<Fb..f..Q1.....s..2..{.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f\|.~.c.4.E.......0..0....H............0.......).'..b.$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.\|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$\|..\|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0....H.=.....H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...\|!..A..L.+.=...kP.!.1..

C:\Users\alfredo\AppData\Local\Temp\4648_1163975000\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	current ar archive
Category:	dropped
Size (bytes):	13514
Entropy (8bit):	3.8217211433441904
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	!<arch>./ 0 0 0 0 94 `................._pnacl_wrapper_start.__pnacl_real_irt_query_func.__pnacl_wrap_irt_query_func..shim_entry.o/ 0 0 0 644 7392 `..ELF..............>..................... ...........@.....@.........................NaCl....x86-64..................................A.L....A.L...D...........D....A.....t+.. u..t"..A.D..........A... .....A.D...........f..D..<.......................Q.......................V.......................clang version 3.7.0 (https://chromium.googlesource.com/a/native_client/pnacl-clang.git ce163fdd0f16b4481e5cf77a16d45e9b4dc8300e) (https://chromium.googlesource.com/a/native_client/pnacl-llvm.git 7251d5b59fca15195c94a3a7da70f0081724448f).../../ppapi/native_client/src/untrusted/pnacl_irt_shim/shim_entry.c./mnt/data/b/build/slave/sdk/build/src/out_pnacl/x64.NACL_STARTUP_FINI.NACL_STARTUP_ENVC.NACL_STARTUP_ARGC.NACL_STARTUP_ARGV.NaClStartupInfoIndex.unsigned int.size_t.char.TYPE_na

C:\Users\alfredo\AppData\Local\Temp\4648_1163975000\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9, stripped
Category:	dropped
Size (bytes):	1901720
Entropy (8bit):	5.955741933854651
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Reputation:	low
Preview:	.ELF..............>..... .......@...................@.8...@.............................................................................................0.......0................................................Y......................................................@.......@...............P.td....t^......t^......t^.......W.......W..............Q.td................................................................NaCl....x86-64..............GNU.K..J.'..b......<S...`...`... ...@...@.......@.............................................Y@......................p................@.......?..............?.......A.........5.....?5.5...?.5.....?......P9..............PC.......?......0@................aCoc...?..`.(..?.y.P.D.?<.s..O.u......$@.......@...............@`...`.......@.................................................. ...`... ... .......`................... ... ...@...`.......................@... Z...[...[...e.......... ...@... ...@...`........0...0...2..`4.. 6...7...9...~...~...z...{...{..

C:\Users\alfredo\AppData\Local\Temp\686e3cc6-6362-41dd-ac3a-a23a0ded63f6.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Google Chrome extension, version 3
Category:	dropped
Size (bytes):	826470
Entropy (8bit):	7.993386298864445
Encrypted:	true
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	Cr24..............0.."0....H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L\|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.\|1..n.<Fb..f..Q1.....s..2..{.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-eu...b.........b.._..+.........e..'.q<.iJ............]m.......L.3..O....u{..+..&..;....]..)....b._.Ut._........B.Q.X.C.._....,...x.^........8B..n....}. Q.u;..>6....B......a...Y..j1.<..b...m..@...y..&.".7..+a%{`..\|...).:.7j.k.0...(7...U.4Q.b'.._;.e.z...v.......0..0....H............0.......Mbh=.[O}.+..U.KHF(n3.\"...,g.c...6)..(.E...U...#.i.a..:...N.....P...x.O...(mC;\|.5.S.{m.aEx...[..fP.i`.y..5..R....v.$......l-m...........e8....:._i..4.r#...@3.F.:...!0...{..s............)v3-....S.G.I.;......c$.......-...p&..,.......i){G....6.L?.....c............[0Y0....H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...H0F.!..\...`.M..\..3......2g.7.

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\ja\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	16519
Entropy (8bit):	5.675556017051063
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "...".. },.. "1213957982723875920": {.. "message": "................................".. },.. "128276876460319075": {.. "message": "......".. },.. "1428448869078126731": {.. "message": ".......".. },.. "1522140683318860351": {.. "message": ".......................".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": "$START_LINK$Google Home ...$END_LINK$. Chromecast .........$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\kn\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	20406
Entropy (8bit):	5.312117131662377
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "....... .........".. },.. "1213957982723875920": {.. "message": "...... ...... ..... ........... ..... ......... ............?".. },.. "128276876460319075": {.. "message": "..... ........".. },.. "1428448869078126731": {.. "message": "........ .......".. },.. "1522140683318860351": {.. "message": "...... ........... ........ ..... ...........".. },.. "1550904064710828958": {.. "message": ".....".. },.. "1636686747687494376": {.. "message": ".....".. },.. "1802762746589457177": {.. "message": "........".. },.. "1850397500312020388": {.. "message": ".... $

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\ko\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	15480
Entropy (8bit):	5.617756574352461
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "...".. },.. "1213957982723875920": {.. "message": ".. . .. .. ..... .. . .... ... .....?".. },.. "128276876460319075": {.. "message": ".. ..".. },.. "1428448869078126731": {.. "message": "... ..".. },.. "1522140683318860351": {.. "message": ".... ...... .. ... ....".. },.. "1550904064710828958": {.. "message": "...".. },.. "1636686747687494376": {.. "message": "...".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": "$START_LINK$Google Home .$END_LINK$. Chromecast. .....? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\lt\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15802
Entropy (8bit):	5.354550839818046
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Stringa".. },.. "1213957982723875920": {.. "message": "Kuris i. toliau pateikt. teigini. geriausiai apib.dina j.s. tinkl.?".. },.. "128276876460319075": {.. "message": ".renginio suradimas".. },.. "1428448869078126731": {.. "message": "Vaizdo .ra.o sklandumas".. },.. "1522140683318860351": {.. "message": ".vyko ry.io klaida. Bandykite dar kart..".. },.. "1550904064710828958": {.. "message": "Leid.iama skland.iai".. },.. "1636686747687494376": {.. "message": "Puiki".. },.. "1802762746589457177": {.. "message": "Garsumas".. },.. "1850397500312020388": {.. "message": "Ar .Chromecast. rodomas $START_LINK$programoje .Google Home.$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\lv\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15891
Entropy (8bit):	5.36794040601742
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".Iesald.ts. att.ls".. },.. "1213957982723875920": {.. "message": "Kur. no t.l.k min.tajiem apgalvojumiem vislab.k raksturo j.su t.klu?".. },.. "128276876460319075": {.. "message": "Ier.ces atra.ana".. },.. "1428448869078126731": {.. "message": "Video vienm.r.ba".. },.. "1522140683318860351": {.. "message": "Neizdev.s izveidot savienojumu. L.dzu, m..iniet v.lreiz.".. },.. "1550904064710828958": {.. "message": "Vienm.r.gs att.ls".. },.. "1636686747687494376": {.. "message": "Nevainojama".. },.. "1802762746589457177": {.. "message": "Ska.ums".. },.. "1850397500312020388": {.. "message": "Vai j.su Chromecast ier.ce ir redzama $START_LINK$lietotn. Google.Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2"..

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\ml\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	20995
Entropy (8bit):	5.346788032166745
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "...........".. },.. "1213957982723875920": {.. "message": "................ ..... ....... ...... ....... ......... ............. .................?".. },.. "128276876460319075": {.. "message": "...... .........".. },.. "1428448869078126731": {.. "message": "...... ...............".. },.. "1522140683318860351": {.. "message": "...... .............. ....... ...........".. },.. "1550904064710828958": {.. "message": ".........".. },.. "1636686747687494376": {.. "message": "........".. },.. "1802762746589457177": {.. "message"

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\mr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	19625
Entropy (8bit):	5.311040089989635
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "......".. },.. "1213957982723875920": {.. "message": "......... ..... ...... ......... ............ ..... ....?".. },.. "128276876460319075": {.. "message": "........ ...".. },.. "1428448869078126731": {.. "message": "....... .......".. },.. "1522140683318860351": {.. "message": "....... ....... ..... ..... ...... ....... ....".. },.. "1550904064710828958": {.. "message": ".... ..... .....".. },.. "1636686747687494376": {.. "message": "....".. },.. "1802762746589457177": {.. "message": ".........".. },.. "1850397500312020388": {.. "message": "...... $START_LINK$ Goo

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\ms\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15330
Entropy (8bit):	5.193447909498091
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Tidak bergerak".. },.. "1213957982723875920": {.. "message": "Antara yang berikut, manakah yang terbaik menggambarkan rangkaian anda?".. },.. "128276876460319075": {.. "message": "Penemuan Peranti".. },.. "1428448869078126731": {.. "message": "Kelancaran Video".. },.. "1522140683318860351": {.. "message": "Sambungan gagal. Sila cuba lagi.".. },.. "1550904064710828958": {.. "message": "Lancar".. },.. "1636686747687494376": {.. "message": "Sempurna".. },.. "1802762746589457177": {.. "message": "Kelantangan".. },.. "1850397500312020388": {.. "message": "Adakah anda dapat melihat Chromecast anda dalam $START_LINK$ apl Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content":

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\nb\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	12194
Entropy (8bit):	5.525086072392163
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"1018984561488520517": {"message": "Fryser"}, "1213957982723875920": {"message": "Hvilket av f\u00f8lgende eksempler beskriver nettverket ditt best?"}, "128276876460319075": {"message": "Enhetsgjenkjenning"}, "1428448869078126731": {"message": "Videojevnhet"}, "1522140683318860351": {"message": "Tilkoblingen mislyktes. Pr\u00f8v p\u00e5 nytt."}, "1550904064710828958": {"message": "Jevn"}, "1636686747687494376": {"message": "Perfekt"}, "1802762746589457177": {"message": "Volum"}, "1850397500312020388": {"message": "Ser du Chromecasten din i $START_LINK$Google Home-appen$END_LINK$? $START_SPAN$*$END_SPAN$", "placeholders": {"END_LINK": {"content": "$1"}, "END_SPAN": {"content": "$2"}, "START_LINK": {"content": "$3"}, "START_SPAN": {"content": "$4"}}}, "1850397500312020388_ph": {"message": "</a>\ue000</span>\ue000<a href=\"https://support.google.com/chromecast/answer/2998456\" target=\"_blank\">\ue000<span class=\"required-message\" ng-show=\"!top.sufficientFeedback\">"}, "21457524299732

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\nl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15321
Entropy (8bit):	5.221228928144735
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Loopt vast".. },.. "1213957982723875920": {.. "message": "Welke beschrijving past het beste bij je netwerk?".. },.. "128276876460319075": {.. "message": "Apparaatdetectie".. },.. "1428448869078126731": {.. "message": "Vloeiendheid van de video".. },.. "1522140683318860351": {.. "message": "Kan geen verbinding maken. Probeer het opnieuw.".. },.. "1550904064710828958": {.. "message": "Vloeiend".. },.. "1636686747687494376": {.. "message": "Perfect".. },.. "1802762746589457177": {.. "message": "Volume".. },.. "1850397500312020388": {.. "message": "Zie je je Chromecast in de $START_LINK$Google Home app$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },..

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\pl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15418
Entropy (8bit):	5.346020722930065
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Zatrzymuje si.".. },.. "1213957982723875920": {.. "message": "Kt.ra z tych opcji najlepiej opisuje Twoj. sie.?".. },.. "128276876460319075": {.. "message": "Wykrywanie urz.dze.".. },.. "1428448869078126731": {.. "message": "P.ynno.. obrazu".. },.. "1522140683318860351": {.. "message": "Nie uda.o si. nawi.za. po..czenia. Spr.buj ponownie.".. },.. "1550904064710828958": {.. "message": "P.ynna".. },.. "1636686747687494376": {.. "message": "Idealna".. },.. "1802762746589457177": {.. "message": "G.o.no..".. },.. "1850397500312020388": {.. "message": "Czy Chromecasta wida. w.$START_LINK$aplikacji Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\pt\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	12702
Entropy (8bit):	5.486564182495903
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"1018984561488520517": {"message": "Congela"}, "1213957982723875920": {"message": "Qual das seguintes alternativas melhor descreve sua rede?"}, "128276876460319075": {"message": "Detec\u00e7\u00e3o de dispositivos"}, "1428448869078126731": {"message": "Suavidade da reprodu\u00e7\u00e3o do v\u00eddeo"}, "1522140683318860351": {"message": "Falha na conex\u00e3o. Tente novamente."}, "1550904064710828958": {"message": "Suave"}, "1636686747687494376": {"message": "Perfeita"}, "1802762746589457177": {"message": "Volume"}, "1850397500312020388": {"message": "\u00c9 poss\u00edvel encontrar seu Chromecast no $START_LINK$app Google Home$END_LINK$? $START_SPAN$*$END_SPAN$", "placeholders": {"END_LINK": {"content": "$1"}, "END_SPAN": {"content": "$2"}, "START_LINK": {"content": "$3"}, "START_SPAN": {"content": "$4"}}}, "1850397500312020388_ph": {"message": "</a>\ue000</span>\ue000<a href=\"https://support.google.com/chromecast/answer/2998456\" target=\"_blank\">\ue000<span class=\"required-messag

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\ro\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	13100
Entropy (8bit):	5.509584023785383
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"1018984561488520517": {"message": "Redare cu bloc\u0103ri"}, "1213957982723875920": {"message": "Care dintre urm\u0103toarele descrie cel mai bine re\u021beaua ta?"}, "128276876460319075": {"message": "Descoperirea dispozitivelor"}, "1428448869078126731": {"message": "Calitatea red\u0103rii videoclipului"}, "1522140683318860351": {"message": "Conexiunea nu s-a stabilit. \u00cencerca\u021bi din nou."}, "1550904064710828958": {"message": "Redare lin\u0103"}, "1636686747687494376": {"message": "Redare perfect\u0103"}, "1802762746589457177": {"message": "Volum"}, "1850397500312020388": {"message": "Chromecastul dvs. apare \u00een $START_LINK$ aplica\u021bia Google Home$END_LINK$? $START_SPAN$*$END_SPAN$", "placeholders": {"END_LINK": {"content": "$1"}, "END_SPAN": {"content": "$2"}, "START_LINK": {"content": "$3"}, "START_SPAN": {"content": "$4"}}}, "1850397500312020388_ph": {"message": "</a>\ue000</span>\ue000<a href=\"https://support.google.com/chromecast/answer/2998456\" target=\"_bla

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\ru\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	23847
Entropy (8bit):	4.610175243425282
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"1018984561488520517": {"message": "\u0417\u0430\u0432\u0438\u0441\u0430\u043d\u0438\u044f"}, "1213957982723875920": {"message": "\u041a\u0430\u043a\u043e\u0439 \u0438\u0437 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u043d\u0438\u0436\u0435 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0432\u0430\u0448\u0435\u0439 \u0441\u0435\u0442\u0438?"}, "128276876460319075": {"message": "\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432"}, "1428448869078126731": {"message": "\u0412\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u0432\u0438\u0434\u0435\u043e"}, "1522140683318860351": {"message": "\u041d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u043e\u0435\u0

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\sk\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	13824
Entropy (8bit):	5.519914295493972
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"1018984561488520517": {"message": "Zam\u0155za"}, "1213957982723875920": {"message": "Ktor\u00e9 z nasleduj\u00facich skuto\u010dnost\u00ed najlep\u0161ie popisuj\u00fa va\u0161u sie\u0165?"}, "128276876460319075": {"message": "Vyh\u013ead\u00e1vanie zariaden\u00ed"}, "1428448869078126731": {"message": "Plynulos\u0165 videa"}, "1522140683318860351": {"message": "Pripojenie zlyhalo. Sk\u00faste to znova."}, "1550904064710828958": {"message": "Plynul\u00e1"}, "1636686747687494376": {"message": "V\u00fdborn\u00e1"}, "1802762746589457177": {"message": "Hlasitos\u0165"}, "1850397500312020388": {"message": "Vid\u00edte svoj Chromecast v\u00a0$START_LINK$aplik\u00e1cii Google Home$END_LINK$? $START_SPAN$*$END_SPAN$", "placeholders": {"END_LINK": {"content": "$1"}, "END_SPAN": {"content": "$2"}, "START_LINK": {"content": "$3"}, "START_SPAN": {"content": "$4"}}}, "1850397500312020388_ph": {"message": "</a>\ue000</span>\ue000<a href=\"https://support.google.com/chromecast/answer/2998456\" targ

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\sl\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	12760
Entropy (8bit):	5.563792591460369
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"1018984561488520517": {"message": "Zamrzne"}, "1213957982723875920": {"message": "Kaj od tega najbolje opi\u0161e va\u0161e omre\u017eje?"}, "128276876460319075": {"message": "Odkrivanje naprav"}, "1428448869078126731": {"message": "Teko\u010de predvajanje videoposnetka"}, "1522140683318860351": {"message": "Vzpostavitev povezave ni uspela. Poskusite znova."}, "1550904064710828958": {"message": "Teko\u010de"}, "1636686747687494376": {"message": "Odli\u010dno"}, "1802762746589457177": {"message": "Glasnost"}, "1850397500312020388": {"message": "Ali je Chromecast viden v $START_LINK$aplikaciji Google Home$END_LINK$? $START_SPAN$*$END_SPAN$", "placeholders": {"END_LINK": {"content": "$1"}, "END_SPAN": {"content": "$2"}, "START_LINK": {"content": "$3"}, "START_SPAN": {"content": "$4"}}}, "1850397500312020388_ph": {"message": "</a>\ue000</span>\ue000<a href=\"https://support.google.com/chromecast/answer/2998456\" target=\"_blank\">\ue000<span class=\"required-message\" ng-show=\"!top.suff

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\sr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	23953
Entropy (8bit):	4.595522286714664
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"1018984561488520517": {"message": "\u0417\u0430\u0443\u0441\u0442\u0430\u0432\u0459\u0430 \u0441\u0435"}, "1213957982723875920": {"message": "\u041a\u043e\u0458\u0430 \u043e\u0434 \u0441\u043b\u0435\u0434\u0435\u045b\u0438\u0445 \u043e\u043f\u0446\u0438\u0458\u0430 \u043d\u0430\u0458\u0431\u043e\u0459\u0435 \u043e\u043f\u0438\u0441\u0443\u0458\u0435 \u043c\u0440\u0435\u0436\u0443?"}, "128276876460319075": {"message": "\u041e\u0442\u043a\u0440\u0438\u0432\u0430\u045a\u0435 \u0443\u0440\u0435\u0452\u0430\u0458\u0430"}, "1428448869078126731": {"message": "\u041a\u0432\u0430\u043b\u0438\u0442\u0435\u0442 \u0440\u0435\u043f\u0440\u043e\u0434\u0443\u043a\u0446\u0438\u0458\u0435 \u0432\u0438\u0434\u0435\u043e \u0441\u043d\u0438\u043c\u043a\u0430"}, "1522140683318860351": {"message": "\u041f\u043e\u0432\u0435\u0437\u0438\u0432\u0430\u045a\u0435 \u043d\u0438\u0458\u0435 \u0443\u0441\u043f\u0435\u043b\u043e. \u041f\u0440\u043e\u0431\u0430\u0458\u0442\u0435 \u043f\u043e\u043d\u043e\u0432\u043e.

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\sv\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	12297
Entropy (8bit):	5.535298556322212
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"1018984561488520517": {"message": "Fastnar tillf\u00e4lligt"}, "1213957982723875920": {"message": "Vilket av f\u00f6ljande beskriver ditt n\u00e4tverk b\u00e4st?"}, "128276876460319075": {"message": "Enhetsidentifiering"}, "1428448869078126731": {"message": "J\u00e4mn videouppspelning"}, "1522140683318860351": {"message": "Det gick inte att ansluta. F\u00f6rs\u00f6k igen."}, "1550904064710828958": {"message": "Flyter p\u00e5"}, "1636686747687494376": {"message": "Perfekt"}, "1802762746589457177": {"message": "Volym"}, "1850397500312020388": {"message": "Visas din Chromecast i $START_LINK$ Google Home-appen$END_LINK$? $START_SPAN$*$END_SPAN$", "placeholders": {"END_LINK": {"content": "$1"}, "END_SPAN": {"content": "$2"}, "START_LINK": {"content": "$3"}, "START_SPAN": {"content": "$4"}}}, "1850397500312020388_ph": {"message": "</a>\ue000</span>\ue000<a href=\"https://support.google.com/chromecast/answer/2998456\" target=\"_blank\">\ue000<span class=\"required-message\" ng-show=\"!top.s

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\sw\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	11969
Entropy (8bit):	5.537528751199469
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"1018984561488520517": {"message": "Inasita kucheza"}, "1213957982723875920": {"message": "Ni gani kati ya zifuatazo inaelezea mtandao wako vizuri?"}, "128276876460319075": {"message": "Kupata Kifaa"}, "1428448869078126731": {"message": "Ulaini wa Kutiririsha Video"}, "1522140683318860351": {"message": "Imeshindwa kuunganisha. Tafadhali jaribu tena."}, "1550904064710828958": {"message": "Laini"}, "1636686747687494376": {"message": "Bora"}, "1802762746589457177": {"message": "Sauti"}, "1850397500312020388": {"message": "Je, unaweza kuona Chromecast yako katika $START_LINK$ programu ya Google Home$END_LINK$? $START_SPAN$*$END_SPAN$", "placeholders": {"END_LINK": {"content": "$1"}, "END_SPAN": {"content": "$2"}, "START_LINK": {"content": "$3"}, "START_SPAN": {"content": "$4"}}}, "1850397500312020388_ph": {"message": "</a>\ue000</span>\ue000<a href=\"https://support.google.com/chromecast/answer/2998456\" target=\"_blank\">\ue000<span class=\"required-message\" ng-show=\"!top.sufficientFee

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\ta\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	24958
Entropy (8bit):	4.714036570264917
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"1018984561488520517": {"message": "\u0b89\u0bb1\u0bc8\u0ba8\u0bcd\u0ba4\u0bc1 \u0ba8\u0bbf\u0bb1\u0bcd\u0b95\u0bbf\u0bb1\u0ba4\u0bc1"}, "1213957982723875920": {"message": "\u0baa\u0bbf\u0ba9\u0bcd\u0bb5\u0bb0\u0bc1\u0bb5\u0ba9\u0bb5\u0bb1\u0bcd\u0bb1\u0bbf\u0bb2\u0bcd \u0b8e\u0ba4\u0bc1 \u0b89\u0b99\u0bcd\u0b95\u0bb3\u0bcd \u0ba8\u0bc6\u0b9f\u0bcd\u0bb5\u0bca\u0bb0\u0bcd\u0b95\u0bcd\u0b95\u0bc8\u0b9a\u0bcd \u0b9a\u0bbf\u0bb1\u0ba8\u0bcd\u0ba4 \u0bae\u0bc1\u0bb1\u0bc8\u0baf\u0bbf\u0bb2\u0bcd \u0bb5\u0bbf\u0bb5\u0bb0\u0bbf\u0b95\u0bcd\u0b95\u0bc1\u0bae\u0bcd?"}, "128276876460319075": {"message": "\u0b9a\u0bbe\u0ba4\u0ba9\u0b95\u0bcd \u0b95\u0ba3\u0bcd\u0b9f\u0bc1\u0baa\u0bbf\u0b9f\u0bbf\u0baa\u0bcd\u0baa\u0bc1"}, "1428448869078126731": {"message": "\u0bb5\u0bc0\u0b9f\u0bbf\u0baf\u0bcb\u0bb5\u0bbf\u0ba9\u0bcd \u0b9a\u0bc0\u0bb0\u0bbe\u0ba9 \u0ba4\u0ba9\u0bcd\u0bae\u0bc8"}, "1522140683318860351": {"message": "\u0b87\u0ba3\u0bc8\u0b95\u0bcd\u0b95 \u0bae\u0bc1\u0b9f\u0bbf\u0baf\u0bb5\u0bbf

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\te\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	24836
Entropy (8bit):	4.708797879946253
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"1018984561488520517": {"message": "\u0c38\u0c4d\u0c24\u0c02\u0c2d\u0c28\u0c32\u0c41"}, "1213957982723875920": {"message": "\u0c26\u0c3f\u0c17\u0c41\u0c35 \u0c09\u0c28\u0c4d\u0c28\u0c35\u0c3e\u0c1f\u0c3f\u0c32\u0c4b \u0c0f\u0c26\u0c3f \u0c2e\u0c40 \u0c28\u0c46\u0c1f\u0c4d\u200c\u0c35\u0c30\u0c4d\u0c15\u0c4d\u200c \u0c17\u0c41\u0c30\u0c3f\u0c02\u0c1a\u0c3f \u0c09\u0c24\u0c4d\u0c24\u0c2e\u0c02\u0c17\u0c3e \u0c35\u0c3f\u0c35\u0c30\u0c3f\u0c38\u0c4d\u0c24\u0c41\u0c02\u0c26\u0c3f?"}, "128276876460319075": {"message": "\u0c2a\u0c30\u0c3f\u0c15\u0c30 \u0c06\u0c1a\u0c42\u0c15\u0c40 \u0c36\u0c4b\u0c27\u0c28"}, "1428448869078126731": {"message": "\u0c35\u0c40\u0c21\u0c3f\u0c2f\u0c4b \u0c2a\u0c4d\u0c30\u0c38\u0c3e\u0c30 \u0c28\u0c3e\u0c23\u0c4d\u0c2f\u0c24"}, "1522140683318860351": {"message": "\u0c15\u0c28\u0c46\u0c15\u0c4d\u0c37\u0c28\u0c4d \u0c35\u0c3f\u0c2b\u0c32\u0c2e\u0c48\u0c02\u0c26\u0c3f. \u0c26\u0c2f\u0c1a\u0c47\u0c38\u0c3f \u0c2e\u0c33\u0c4d\u0c32\u0c40 \u0c2a\u0c4d\u0c30\u0c2f\u0c24\

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\th\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	18849
Entropy (8bit):	5.3815746250038305
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "....".. },.. "1213957982723875920": {.. "message": ".............................................".. },.. "128276876460319075": {.. "message": "...............".. },.. "1428448869078126731": {.. "message": "....................".. },.. "1522140683318860351": {.. "message": "................... ...............".. },.. "1550904064710828958": {.. "message": ".......".. },.. "1636686747687494376": {.. "message": "..........".. },.. "1802762746589457177": {.. "message": "..........".. },.. "1850397500312020388": {.. "message": ".......... Chromecast ..... $

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\tr\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	15542
Entropy (8bit):	5.336342457334077
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "Donuyor".. },.. "1213957982723875920": {.. "message": "A..n.z. a.a..dakilerden hangisi en iyi .ekilde tan.mlar?".. },.. "128276876460319075": {.. "message": "Cihaz Bulma".. },.. "1428448869078126731": {.. "message": "Videonun D.zg.n Oynat.lmas.".. },.. "1522140683318860351": {.. "message": "Ba.lant. ba.ar.s.z oldu. L.tfen tekrar deneyin.".. },.. "1550904064710828958": {.. "message": "D.zg.n".. },.. "1636686747687494376": {.. "message": "M.kemmel".. },.. "1802762746589457177": {.. "message": "Ses d.zeyi".. },.. "1850397500312020388": {.. "message": "Chromecast'inizi $START_LINK$Google Home uygulamas.nda$END_LINK$ g.rebiliyor musunuz? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {..

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\uk\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	17539
Entropy (8bit):	5.492873573147444
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": ".......".. },.. "1213957982723875920": {.. "message": ".. . ............ ..... ........ ...... .... ......?".. },.. "128276876460319075": {.. "message": "......... ........".. },.. "1428448869078126731": {.. "message": "......... ........... .....".. },.. "1522140683318860351": {.. "message": ".. ....... ............. ......... ........".. },.. "1550904064710828958": {.. "message": "...... ...........".. },.. "1636686747687494376": {.. "message": "......".. },.. "1802762746589457177": {.. "message": "........".. },.. "1850397500312020388": {.. "message": ".. ...... .. .... ........ Chromecast . $START_LINK$....... Google Home$END_LINK$? $START_SPAN$*$END_SPAN$",.. "placeho

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\vi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	16011
Entropy (8bit):	5.466848470908827
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "D.ng h.nh".. },.. "1213957982723875920": {.. "message": "Tr..ng h.p n.o sau ..y m. t. ..ng nh.t m.ng c.a b.n?".. },.. "128276876460319075": {.. "message": "Kh.m ph. thi.t b.".. },.. "1428448869078126731": {.. "message": ".. m..t c.a video".. },.. "1522140683318860351": {.. "message": "K.t n.i kh.ng th.nh c.ng. Vui l.ng th. l.i.".. },.. "1550904064710828958": {.. "message": "M..t m.".. },.. "1636686747687494376": {.. "message": "Ho.n h.o".. },.. "1802762746589457177": {.. "message": ".m l..ng".. },.. "1850397500312020388": {.. "message": "B.n c. th. nh.n th.y Chromecast c.a m.nh trong $START_LINK$.ng d.ng Google Home$END_LINK$ kh.ng? $START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "conte

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\zh\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	modified
Size (bytes):	14773
Entropy (8bit):	5.670562029027517
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "..".. },.. "1213957982723875920": {.. "message": "..................".. },.. "128276876460319075": {.. "message": "....".. },.. "1428448869078126731": {.. "message": ".....".. },.. "1522140683318860351": {.. "message": ".........".. },.. "1550904064710828958": {.. "message": "..".. },.. "1636686747687494376": {.. "message": "..".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": "... $START_LINK$Google Home ..$END_LINK$...... Chromecast ..$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "START_SPAN": {.

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\_locales\zh_TW\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	14981
Entropy (8bit):	5.7019494203747865
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "1018984561488520517": {.. "message": "....".. },.. "1213957982723875920": {.. "message": "................".. },.. "128276876460319075": {.. "message": "....".. },.. "1428448869078126731": {.. "message": ".....".. },.. "1522140683318860351": {.. "message": "...........".. },.. "1550904064710828958": {.. "message": "..".. },.. "1636686747687494376": {.. "message": "..".. },.. "1802762746589457177": {.. "message": "..".. },.. "1850397500312020388": {.. "message": ".... $START_LINK$Google Home ....$END_LINK$...... Chromecast ..$START_SPAN$*$END_SPAN$",.. "placeholders": {.. "END_LINK": {.. "content": "$1".. },.. "END_SPAN": {.. "content": "$2".. },.. "START_LINK": {.. "content": "$3".. },.. "

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_2136186457\CRX_INSTALL\manifest.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines
Category:	dropped
Size (bytes):	1980
Entropy (8bit):	4.855422406261543
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{."update_url": "https://clients2.google.com/service/update2/crx",.. "background": {. "persistent": false,. "scripts": [. "common.js",. "mirroring_common.js",. "background_script.js". ]. },. "content_security_policy": "default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src 'self' https://apis.google.com https://feedback.googleusercontent.com https://www.google.com https://www.gstatic.com; child-src https://accounts.google.com https://content.googleapis.com https://www.google.com; connect-src 'self' http://: https://:; font-src https://fonts.gstatic.com;",. "default_locale": "en",. "description": "Provider for discovery and services for mirroring of Chrome Media Router",. "externally_connectable": {. "ids": [. "idmofbkcelhplfjnmmdolenpigiiiecc",. "ggedfkijiiammpnbdadhllnehapomdge",. "njjegkblellcjnakomndbaloifhcoccg". ]. },. "manifest_version": 2,. "minimum_chrome_version": "37",. "name": "

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\_locales\bg\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines
Category:	dropped
Size (bytes):	1293
Entropy (8bit):	4.132566655778463
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"craw_app_unavailable":{"message":"\u041f\u043e\u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c \u043d\u044f\u043c\u0430 \u0434\u043e\u0441\u0442\u044a\u043f \u0434\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435\u0442\u043e."},"craw_connect_to_network":{"message":"\u041c\u043e\u043b\u044f, \u0441\u0432\u044a\u0440\u0436\u0435\u0442\u0435 \u0441\u0435 \u0441 \u043c\u0440\u0435\u0436\u0430."},"app_name":{"message":"\u041f\u043b\u0430\u0449\u0430\u043d\u0438\u044f \u0432 \u0443\u0435\u0431 \u043c\u0430\u0433\u0430\u0437\u0438\u043d\u0430 \u043d\u0430 Chrome"},"app_description":{"message":"\u041f\u043b\u0430\u0449\u0430\u043d\u0438\u044f \u0432 \u0443\u0435\u0431 \u043c\u0430\u0433\u0430\u0437\u0438\u043d\u0430 \u043d\u0430 Chrome"},"iap_unavailable":{"message":"\u041f\u043e\u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c \u043d\u044f\u043c\u0430 \u0434\u043e\u0441\u0442\u044a\u043f \u0434\u043e \u0432\u0433\u0440\u0430\u0434\u0435\u043d\u0430\u0442\u0430 \

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\_locales\ca\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines
Category:	dropped
Size (bytes):	556
Entropy (8bit):	4.768628082639434
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"craw_app_unavailable":{"message":"Ara mateix aquesta aplicaci\u00f3 no est\u00e0 disponible."},"craw_connect_to_network":{"message":"Connecteu-vos a una xarxa."},"app_name":{"message":"Sistema de pagaments de Chrome Web Store"},"app_description":{"message":"Sistema de pagaments de Chrome Web Store"},"iap_unavailable":{"message":"La funci\u00f3 Pagaments a l'aplicaci\u00f3 no est\u00e0 disponible actualment."},"please_sign_in":{"message":"Inicieu la sessi\u00f3 a Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\_locales\cs\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines
Category:	dropped
Size (bytes):	550
Entropy (8bit):	4.905634822460801
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"craw_app_unavailable":{"message":"Aplikace v sou\u010dasn\u00e9 dob\u011b nen\u00ed dostupn\u00e1."},"craw_connect_to_network":{"message":"P\u0159ipojte se pros\u00edm k s\u00edti."},"app_name":{"message":"Platby Internetov\u00e9ho obchodu Chrome"},"app_description":{"message":"Platby Internetov\u00e9ho obchodu Chrome"},"iap_unavailable":{"message":"Platby v aplikaci aktu\u00e1ln\u011b nejsou k dispozici."},"please_sign_in":{"message":"P\u0159ihlaste se do Chromu."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\_locales\da\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines
Category:	dropped
Size (bytes):	505
Entropy (8bit):	4.795529861403324
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"craw_app_unavailable":{"message":"Appen er ikke tilg\u00e6ngelig i \u00f8jeblikket."},"craw_connect_to_network":{"message":"Opret forbindelse til et netv\u00e6rk."},"app_name":{"message":"Betalinger i Chrome Webshop"},"app_description":{"message":"Betalinger i Chrome Webshop"},"iap_unavailable":{"message":"Betaling i appen er ikke tilg\u00e6ngelig i \u00f8jeblikket."},"please_sign_in":{"message":"Log ind p\u00e5 Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\_locales\de\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines
Category:	dropped
Size (bytes):	516
Entropy (8bit):	4.809852395188501
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{"craw_app_unavailable":{"message":"Die App ist momentan nicht verf\u00fcgbar."},"craw_connect_to_network":{"message":"Bitte stellen Sie eine Verbindung zu einem Netzwerk her."},"app_name":{"message":"Chrome Web Store-Zahlungen"},"app_description":{"message":"Chrome Web Store-Zahlungen"},"iap_unavailable":{"message":"In-App-Zahlungen sind momentan nicht m\u00f6glich."},"please_sign_in":{"message":"Bitte melden Sie sich in Chrome an."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\_locales\uk\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	720
Entropy (8bit):	4.977397623063544
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "....... ...-........ Chrome".. },.. "app_name": {.. "message": "....... ...-........ Chrome".. },.. "craw_app_unavailable": {.. "message": "........ ......... ...........".. },.. "craw_connect_to_network": {.. "message": "............. .. .......".. },.. "iap_unavailable": {.. "message": "....... ..... ........ ..... .. .........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "........ . Chrome.".. }..}..

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\_locales\vi\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	695
Entropy (8bit):	4.855375139026009
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Thanh to.n tr.n c.a h.ng Chrome tr.c tuy.n".. },.. "app_name": {.. "message": "Thanh to.n tr.n c.a h.ng Chrome tr.c tuy.n".. },.. "craw_app_unavailable": {.. "message": ".ng d.ng hi.n kh.ng kh. d.ng.".. },.. "craw_connect_to_network": {.. "message": "Vui l.ng k.t n.i v.i m.ng.".. },.. "iap_unavailable": {.. "message": "Thanh to.n trong .ng d.ng hi.n kh.ng kh. d.ng.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Vui l.ng ..ng nh.p v.o Chrome.".. }..}..

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\_locales\zh_CN\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	595
Entropy (8bit):	5.210259193489374
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome .........".. },.. "app_name": {.. "message": "Chrome .........".. },.. "craw_app_unavailable": {.. "message": ".........".. },.. "craw_connect_to_network": {.. "message": ".......".. },.. "iap_unavailable": {.. "message": "............".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "... Chrome.".. }..}..

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\_locales\zh_TW\messages.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	634
Entropy (8bit):	5.386215984611281
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "app_description": {.. "message": "Chrome ............".. },.. "app_name": {.. "message": "Chrome ............".. },.. "craw_app_unavailable": {.. "message": ".............".. },.. "craw_connect_to_network": {.. "message": "......".. },.. "iap_unavailable": {.. "message": "................".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "... Chrome.".. }..}..

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\_metadata\verified_contents.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	7780
Entropy (8bit):	5.791315351651491
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiJfbG9jYWxlcy9iZy9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiZHUtdGRPdUNWcmxDY254Q0poRkg2NXpLU05vb1RiUE56bDNHbzdRMGJ3SSJ9LHsicGF0aCI6Il9sb2NhbGVzL2NhL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJ6ZGtWaF9XdkxJWlhkck5xWHBvSHNRMGh1ZGtSM2d1QlMzb2VsTEZLNklVIn0seyJwYXRoIjoiX2xvY2FsZXMvY3MvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6Ik9nUkNIZlVoam9xOU93NHFfaEhvTTQxNzNMelJyYkVpUVdsRXNRSzhscFkifSx7InBhdGgiOiJfbG9jYWxlcy9kYS9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiN2JVWW1LYkhQUUNRMXBGcmUzTHJySEhwWk9xN1c2Zk5hT0laWmdKUERTTSJ9LHsicGF0aCI6Il9sb2NhbGVzL2RlL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJOV3FkU3Rfc1NFMm9KT2VuSUZtM0pMRm9iOGtBZ3ZTa3RtZGpCRGJWazdBIn0seyJwYXRoIjoiX2xvY2FsZXMvZWwvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6ImgyaEZ0YUJoLXJQUEtoUm00QkFWM0VEZmhFbnh5MElGOVhYT3Z0aHhlNjAifSx7InBhdGgiOiJfbG9jYWxlcy9lbi9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoid0pSZDFmM3NxMERFVTJHLXd

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\craw_background.js Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines
Category:	dropped
Size (bytes):	544643
Entropy (8bit):	5.385396177420207
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var d,e=e\|\|{};e.scope={};e.arrayIteratorImpl=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};e.arrayIterator=function(a){return{next:e.arrayIteratorImpl(a)}};e.ASSUME_ES5=!1;e.ASSUME_NO_NATIVE_MAP=!1;e.ASSUME_NO_NATIVE_SET=!1;e.SIMPLE_FROUND_POLYFILL=!1;e.ISOLATE_POLYFILLS=!1;e.FORCE_POLYFILL_PROMISE=!1;e.FORCE_POLYFILL_PROMISE_WHEN_NO_UNHANDLED_REJECTION=!1;.e.defineProperty=e.ASSUME_ES5\|\|"function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a};e.getGlobal=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");};e.global=e.getGlobal(this);.e.IS_SYMBOL_NATIVE="func

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\craw_window.js Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines
Category:	dropped
Size (bytes):	261316
Entropy (8bit):	5.444466092380538
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	/.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0./.var b,k=k\|\|{};k.scope={};k.createTemplateTagFirstArg=function(a){return a.raw=a};k.createTemplateTagFirstArgWithRaw=function(a,c){a.raw=c;return a};k.arrayIteratorImpl=function(a){var c=0;return function(){return c<a.length?{done:!1,value:a[c++]}:{done:!0}}};k.arrayIterator=function(a){return{next:k.arrayIteratorImpl(a)}};k.makeIterator=function(a){var c="undefined"!=typeof Symbol&&Symbol.iterator&&a[Symbol.iterator];return c?c.call(a):k.arrayIterator(a)};.k.arrayFromIterator=function(a){for(var c,d=[];!(c=a.next()).done;)d.push(c.value);return d};k.arrayFromIterable=function(a){return a instanceof Array?a:k.arrayFromIterator(k.makeIterator(a))};k.ASSUME_ES5=!1;k.ASSUME_NO_NATIVE_MAP=!1;k.ASSUME_NO_NATIVE_SET=!1;k.SIMPLE_FROUND_POLYFILL=!1;k.ISOLATE_POLYFILLS=!1;k.FORCE_POLYFILL_PROMISE=!1;k.FORCE_POLYFILL_PROMISE_WHEN_NO_UNHANDLED_REJECTION=!1;.k.objectCreate=k.ASSUME_ES5\|\|"function"==typeof Object.cre

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\css\craw_window.css Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	1741
Entropy (8bit):	4.912380256743454
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	html, body {. margin: 0;. overflow: hidden;.}..webview {. width: 100%;. height: 100%;. min-height: 100%;. position: absolute;.}...craw_overlay {. position: absolute;.. left: 0;. top: 0;. right: 0;. bottom: 0;.. background-color: white;.. -webkit-transition: opacity 250ms linear;.. display: -webkit-flex;. -webkit-flex-direction: column;. -webkit-flex: 1 0%;. -webkit-align-items: center;. -webkit-justify-content: center;.. -webkit-app-region: drag;.}...craw_overlay img {. margin: 16px;.}..#loading_overlay {. opacity: 1;.}..#offline_overlay {. opacity: 0;. display: none;.}..#offline_overlay > img {. -webkit-filter: saturate(0%);.}..#offline_overlay > span {. font-family: 'Open Sans', 'Deja Vu Sans', Arial, sans-serif;. font-size: 15px;. line-height: 21px;. color: #8d8d8d;. display: block;.}..#loading_splash {. width: 128px;. height: 128px;.}..#drag_overlay {. position: absolute;. left: 0;. top: 0;. right: 0;. bottom: 0;. pointer-events: none;. -webkit

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\html\craw_window.html Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text
Category:	dropped
Size (bytes):	810
Entropy (8bit):	4.723481385335562
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE html>.<html>. <head>. <link href="/css/craw_window.css" rel="stylesheet">. <script src="/craw_window.js"></script>. </head>. <body>. <webview></webview>. <div class="craw_overlay" id="loading_overlay">. <img src="/images/icon_128.png" />. <img src="/images/flapper.gif" />. </div>. <div class="craw_overlay" id="offline_overlay">. <img src="/images/icon_128.png" />. <span id="app_unavailable"></span>. <span id="connect_to_network"></span>. </div>. <div id="drag_overlay"></div>. <div id="top_bar">. <div id='close_button'>. <img src='/images/topbar_floating_button_close.png'/>. </div>. <div id='maximize_button'>. <img src='/images/topbar_floating_button_maximize.png'/>. </div>. </div>. </body>.</html>.

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\images\flapper.gif Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 30 x 30
Category:	dropped
Size (bytes):	70364
Entropy (8bit):	7.119902236613185
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	GIF89a.......................................................!.......!..NETSCAPE2.0.....,.............9.:.h0.bT(6.!l.&..("gk..JL1.[....o. .(:..B(.6."...Z.CUyh0.....j.C.z8..S....2.T'...Q..4 g\|]$ueW.NyQ.IoL!AoF#9h>7.0t..%..,.@.m4..7..!.......,.............9.:.h0.bT(6.!l.&..("gk..JL1.[....o. .(:..B(.6."...Z.CUyh0.....j.C.z8..S....2.T'...Q..4 g\|]$ueW.NyQ.IoL!AoF#9h>7.0t..%..,.@.m4..7..!.......,............................................................................................................'..w=.....\.)._6.k..OF...n.#\~"....2b3..I.)..eu.Q.`.e......gr.?>.s.I0.....@.~.Tr.[8.+.,.;..EE....S.*f.....,.....B8/D..;.9.q......ukC...r.I.....j......BGY...o2J....+O4....X4.....cH%7....I.....0H!.!.....!.,.............................................................................................................................................................................................................p8.a$....hh@.4....X,A.0L..(....JX.j...,..........z.X.Q....jB.d....B..

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\images\icon_128.png Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	4364
Entropy (8bit):	7.915848007375225
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............>a.....IDATx..yp.....gF#.:,[H.l.l..8...`/.k....,!a7Km...E...Te..T.....J...p....%.(....+...3....eY.e...L.o...5....h4...\....{?....~.u.`0.....`0.....`0.....`.Y......[(.......).4....ai..w38.+....Bf././..]...{......8...3.....3W~OJ.. /...u6V.C..U.0.+._=.c..9.X.?....L....S@.L...m.0..>.C...L\|TF.p5..f4M.,.V....8..a.<...RP..@)E,..E"...h.....!...-....,I..T..........m..._[[{w{{....{.^......M.x..h4.h.....\.R.E....j).7.....h4.A.E....,. ...iii.Vj?2...=/.B.FK9P..@)=Rj..D".Y...2.B..x.}0...&J...2.......f.O..e.H.....!.J)'I..R....B............QJ;K..L...L.l".L~mhh.R.@).FFF~.L&...~.B.......u.........}.....~.....f..yUU...........^M...6......].,w.e..~.!$.C.R.....E(%e9.,....k..@...W8.........@...........O..@%.~..@.S..P.....`Tp...."...?ME..c......s...`..S1...7.b..aNE..k...3.yP.}.Ch.}......B..........IPE..C.<....T....k......Z..o_......g........P..A=y.J.)h..@.q.-.].AU.4...F.M.....y%B]+ .\.~..9......:..=...r.....E].o...F..P........i...\|....

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\images\icon_16.png Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	558
Entropy (8bit):	7.505638146035601
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR................a....IDAT8...Mk.Q...;... .....F..QW.....F....J.?.w..7~......'.Q..B]... .QS...M&_w..b&.\|`......p...f.?.D$.y^..........y...\..Z..t6..oRj.@&.u..G.qN).t.-V.>(.N.Ep]wFk.60o.]0.`Y..cT..Y.Tb.`DF.d..s.Z..E..9.4._C.._...%..*.^....4.l...Y..X..R..../...Wj+w0[.].._B.k.${.\.>.%...........lz .w.ALxo.2;..a...".p..S..&..uXS...<..6..[..zD.._.N+w.WbM7ye6X<...'(,=.r}........$f..5..P....k..."..8.s.<zgSm@.....).Y.....:e..\|.....F...I..A$.....T?.....m....8.........N...z.....V..vd.h'....C.?.....H.;]..C.M.....9.b......IEND.B`.

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\images\topbar_floating_button.png Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	160
Entropy (8bit):	5.475799237015411
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR... ... .....szz.....tEXtSoftware.Adobe ImageReadyq.e<...BIDATx...Q..0......2...(p...~Z.}'.>I%O...V!s..................../...`.<..`.....IEND.B`.

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\images\topbar_floating_button_close.png Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	252
Entropy (8bit):	6.512071394066515
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR... ... .....szz.....tEXtSoftware.Adobe ImageReadyq.e<....IDATx...... ..Pp.X....H...b@...\|.^LC_.E.BP+......X.P..........q..~..p/. ..s.....%D^...$......@.!...<...).?.4{.k.G3...4..[cH..0..l.8.!r..m.R..{..........`.f...#.x.....IEND.B`.

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\images\topbar_floating_button_hover.png Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	160
Entropy (8bit):	5.423186859407619
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR... ... .....szz.....tEXtSoftware.Adobe ImageReadyq.e<...BIDATx...A..0...+B.z.s...*.....$.<u..[...................h.......C.CA).....IEND.B`.

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\images\topbar_floating_button_maximize.png Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	166
Entropy (8bit):	5.8155898293424775
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR... ... .....szz.....tEXtSoftware.Adobe ImageReadyq.e<...HIDATx......0.CQS.......~..."..........m.v+Sq....<!...M8m...'...@$..0....E........IEND.B`.

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\images\topbar_floating_button_pressed.png Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	160
Entropy (8bit):	5.46068685940762
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR... ... .....szz.....tEXtSoftware.Adobe ImageReadyq.e<...BIDATx...A..0...+B..@wu...*.....$.<u..[...................h.........M..x(....IEND.B`.

C:\Users\alfredo\AppData\Local\Temp\scoped_dir4648_777088485\CRX_INSTALL\manifest.json Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	1322
Entropy (8bit):	5.449026004350873
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	{.. "app": {.. "background": {.. "scripts": [ "craw_background.js" ].. }.. },.. "default_locale": "en",.. "description": "__MSG_APP_DESCRIPTION__",.. "display_in_launcher": false,.. "display_in_new_tab_page": false,.. "icons": {.. "128": "images/icon_128.png",.. "16": "images/icon_16.png".. },.. "key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrKfMnLqViEyokd1wk57FxJtW2XXpGXzIHBzv9vQI/01UsuP0IV5/lj0wx7zJ/xcibUgDeIxobvv9XD+zO1MdjMWuqJFcKuSS4Suqkje6u+pMrTSGOSHq1bmBVh0kpToN8YoJs/P/yrRd7FEtAXTaFTGxQL4C385MeXSjaQfiRiQIDAQAB",.. "manifest_version": 2,.. "minimum_chrome_version": "29",.. "name": "__MSG_APP_NAME__",.. "oauth2": {.. "auto_approve": true,.. "client_id": "203784468217.apps.googleusercontent.com",.. "scopes": [ "https://www.googleapis.com/auth/sierra", "https://www.googleapis.com/auth/sierrasandbox", "https://www.googleapis.com/auth/chromewebstore", "https://www.googleapis.com/auth/chromewebstore.readonly" ].. },.

C:\Users\alfredo\AppData\Roaming\Microsoft\Spelling\en-US\default.dic Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Little-endian UTF-16 Unicode text, with no line terminators
Category:	dropped
Size (bytes):	2
Entropy (8bit):	1.0
Encrypted:	false
SSDEEP:
MD5:	D41D8CD98F00B204E9800998ECF8427E
SHA1:	DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA-256:	E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855
SHA-512:	CF83E1357EEFB8BDF1542850D66D8007D620E4050B5715DC83F4A921D36CE9CE47D0D13C5D85F2B0FF8318D2877EEC2F63B931BD47417A81A538327AF927DA3E
Malicious:	false
Reputation:	low
Preview:	..

Static File Info

No static file info

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject malicious code into process via Extra Window Memory (EWM) in order to evade process-based defenses as well as possibly elevate privileges. EWM injection is a method of executing arbitrary code in the address space of a separate live process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, Process monitoring
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Windows Analysis Report https://brazen-fragrance-732.notion.site/Anchor-Associates-Shared-Document-a4d1f8d7fb1844e5a2dc23b7052de8d7

Overview

General Information

Detection

Signatures

Classification

Process Tree

Yara Overview

Sigma Overview

Jbx Signature Overview

Phishing:

Compliance:

Software Vulnerabilities:

Networking:

System Summary:

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

Contacted IPs

Public

Private

General Information

Created / dropped Files

Static File Info

No static file info