Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

https://quip.com/OWCGAwI8CpAi

Status: finished
Submission Time: 2021-01-27 18:22:08 +01:00
Malicious
Phishing
HTMLPhisher

Comments

Tags

Details

  • Analysis ID:
    345125
  • API (Web) ID:
    592165
  • Analysis Started:
    2021-01-27 18:22:08 +01:00
  • Analysis Finished:
    2021-01-27 18:29:25 +01:00
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 72
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

malicious

IPs

IP Country Detection
52.39.66.75
 United States
52.49.193.31
 United States
54.170.19.229
 United States
Click to see the 25 hidden entries
34.98.64.218
 United States
162.241.120.76
 United States
87.248.118.23
 United Kingdom
34.120.207.148
 United States
18.195.193.185
 United States
99.86.154.45
 United States
172.217.20.226
 United States
143.204.11.81
 United States
99.86.154.21
 United States
18.185.170.181
 United States
141.226.228.48
 Israel
99.86.154.35
 United States
64.202.112.159
 United States
34.254.169.151
 United States
172.217.22.225
 United States
172.217.22.227
 United States
3.126.56.137
 United States
239.255.255.250
 Reserved
172.217.22.194
 United States
185.63.144.5
 United States
44.238.32.151
 United States
35.156.106.231
 United States
185.64.190.80
 United Kingdom
185.33.221.13
 Netherlands
108.177.15.157
 United States

Domains

Name IP Detection
sync.taboola.com
 0.0.0.0
adserver-vpc-alb-0-1578609942.eu-west-1.elb.amazonaws.com
 54.170.19.229
d.adroll.mgr.consensu.org
 0.0.0.0
Click to see the 50 hidden entries
d.adroll.com
 0.0.0.0
ups.analytics.yahoo.com
 0.0.0.0
assets.onestore.ms
 0.0.0.0
ajax.aspnetcdn.com
 0.0.0.0
stats.g.doubleclick.net
 0.0.0.0
static.sharepointonline.com
 0.0.0.0
clients2.googleusercontent.com
 0.0.0.0
ads.yahoo.com
 0.0.0.0
cm.g.doubleclick.net
 0.0.0.0
pixel.advertising.com
 0.0.0.0
sync.outbrain.com
 0.0.0.0
googlehosted.l.googleusercontent.com
 172.217.22.225
x.bidswitch.net
 0.0.0.0
www.linkedin.com
 0.0.0.0
pixel.rubiconproject.com
 0.0.0.0
s.adroll.com
 0.0.0.0
px.ads.linkedin.com
 0.0.0.0
simage2.pubmatic.com
 0.0.0.0
dsum-sec.casalemedia.com
 0.0.0.0
googleads.g.doubleclick.net
 0.0.0.0
snap.licdn.com
 0.0.0.0
ib.adnxs.com
 0.0.0.0
spoprod-a.akamaihd.net
 0.0.0.0
eb2.3lift.com
 0.0.0.0
us-u.openx.net
 34.98.64.218
segments.company-target.com
 99.86.154.45
listenweb4.quip.com
 52.39.66.75
dough-bolts.com
 162.241.120.76
idsync.rlcdn.com
 34.120.207.148
quip.com
 44.238.32.151
pagead.l.doubleclick.net
 172.217.22.194
quip-cdn.com
 99.86.154.21
id.rlcdn.com
 34.120.207.148
am-vip001.taboola.com
 141.226.228.48
match.prod.bidr.io
 52.49.193.31
pagead46.l.doubleclick.net
 172.217.20.226
nydc1.outbrain.org
 64.202.112.159
pug-lhr.pubmatic.com
 185.64.190.80
stats.l.doubleclick.net
 108.177.15.157
prod.ups-eu-central-1.aolp-ds-prd.aws.oath.cloud
 35.156.106.231
alb-aws-fr-bswx-1-445786803.eu-central-1.elb.amazonaws.com
 18.195.193.185
dualstack.engagement-bus-prod-641612343.eu-central-1.elb.amazonaws.com
 18.185.170.181
pop-tln1-alpha.mix.linkedin.com
 185.63.144.5
www.google.co.uk
 172.217.22.227
api.company-target.com
 99.86.154.35
ib.anycast.adnxs.com
 185.33.221.13
prod.ups-ats.eu-central-1.aolp-ds-prd.aws.oath.cloud
 3.126.56.137
scripts.demandbase.com
 143.204.11.81
adserver-vpc-alb-3-890571764.eu-west-1.elb.amazonaws.com
 34.254.169.151
edge.gycpi.b.yahoodns.net
 87.248.118.23

URLs

Name Detection
https://analytics.twitter.com
http://fontfabrik.com
http://www.typography.netD
Click to see the 97 hidden entries
https://www-onepick-opensocial.googleusercontent.com
https://quip.com/OWCGAwI8CpAi0
https://autocomplete.demandbase.com
https://quip.com/OWCGAwI8CpAi2
https://quip.com/OWCGAwI8CpAi/
https://rubiconproject.com/
https://quip.com/-/blob/QQAAAAnpLQ3/PB3ZFz0vmgmKAdDnt9w3MA?s=OWCGAwI8CpAi
https://www.ecosia.org/search?q=&addon=opensearch
https://www.gic.c
https://googleads.g.doubleclick.net/
https://quip.com/OWCGAwI8CpAig
https://openx.net/
https://quip.com/OWCGAwI8CpAiF
https://quip-cdn.com/LAf64rubV-Hr3Ux_DVJKkwo
http://www.unicode.org/copyright.html
https://quip.com/OWCGAwI8CpAiA
https://px.ads.linkedin.com/
https://adnxs.com/
https://quip.com/OWCGAwI8CpAiC
https://quip-cdn.com/LAf64rubV-Hr3Ux_DVJKkwt)me=?ryW-
https://doubleclick.net/
https://autocomplete.dmandbase.com
https://quip.com/OWCGAwI8CpAiR
https://quip.com/OWCGAwI8CpAiome
https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
https://org62.my.salesforce.com
https://quip.com/OWCGAwI8CpAi
https://quip.com/OWCGAwI8CpAiSyncService
https://company-target.com/
https://www.gsttic.com;
https://bidswitch.net/
https://quip-cdn.com
https://scripts.demandbase.com
https://quip.com/OWCGAwI8CpAiT
https://quip.com/OWCGAwI8CpAiP
http://www.founder.com.cn/cn/bThe
http://www.sandoll.co.kr
http://www.fonts.com
https://quip.com/OWCGAwI8CpAiI
https://quip.com/OWCGAwI8CpAientState
https://quip.com/OWCGAwI8CpAiK
https://quip.com/OWCGAwI8CpAiwo
http://safebrowsing.googleusercontent.com/safebrowsing/clientreport/chrome-certs
https://www.youtube.com;
https://quip.com/OWCGAwI8CpAid
https://m.addthisedge.com
https://m.addthis.com
https://quip.com/
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
https://duckduckgo.com/?q=
http://ocsp.sca1b.amazontrust.com06
https://dough-bolts.com/coonghghg/deweereer/vf006ts4xrh7xcmju9u3q08m.php?0DC5K4161176820821429d65ed0
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
https://quip-cdn.com/LAf64rubV-Hr3Ux_DVJKkwble(origin)
http://www.zhongyicts.com.cn
https://quip.com/OWCGAwI8CpAi..Z
https://quip.comC
https://feedback.go
http://www.galapagosdesign.com/DPlease
https://cdn.cookielaw.org/consent/4a3b4a16-9af0-4726-976d-39737fb16905.js
https://search.yahoo.com/search?ei=&fr=crmas&p=searchTerms
https://bugs.chromium.org/p/chromium/issues/entry?template=Safety
https://quip.com/OWCGAwI8CpAitatushtmldOff_Saf
https://s.adroll.com/pixel/VNM53VCKEFACRMFQE65VV4/IB7LZPOS3RCN3J2MSNRBFC/X27ESS35BFE4LKRZIE373P.js
https://checkout.stripe.com
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
https://quip.com/OWCGAwI8CpAilid
http://www.fontbureau.com/designers
https://casalemedia.com/
https://ups.analytics.yahoo.com/ups/55980/sync?uid=MGM3MzhlYzI3NTk4YjY1MjA3MzI0MTY5OGFmMTI5ODE&_orig
https://search.yahoo.com/search?ei=&fr=crmas&p=
https://duckduckgo.com/ac/?q=
https://geolocation.onetrust.com
https://autocomplete.d
https://adroll.com/
https://content.googleapww.googl
https://feedback.googleusercontent.com
https://taboola.com/
https://content.googleap
https://quip-marketing.com
https://3lift.com/
https://quip.com/OWCGAwI8CpAi#QQAACAoBxV4;
https://quip.com/OWCGAwI8CpAi69ccd1
http://tools.ietf.org/html/rfc1950
https://demdex.com
https://duckduckgo.com/chrome_newtab
http://crl.rootg2.amazontrust.com/rootg2.crl0
http://www.carterandcone.coml
https://quip.com/OWCGAwI8CpAi#QQAACA2P7Po
https://quip-cdn.com/LAf64rubV-Hr3Ux_DVJKkwble
https://duckduckgo.com/favicon.ico
https://quip.com/OWCGAwI8CpAiv
http://ocsp.rootca1.amazontrust.com0:
https://cdn.ecosia.org/assets/images/ico/favicon.icot
https://quip.com/OWCGAwI8CpAiilter
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
https://cdn.ecosia.org/assets/images/ico/favicon.ico

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
 ASCII text
 #
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\8122d15e-f303-4746-8426-87f6586aafee.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\2fd3e0cf-e507-483c-81b6-f3e988000ef0.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
 SQLite 3.x database, last written using SQLite version 3032001
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_quip.com_0.indexeddb.leveldb\MANIFEST-000001
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_quip.com_0.indexeddb.leveldb\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_quip.com_0.indexeddb.leveldb\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_quip.com_0.indexeddb.leveldb\000001.dbtmp
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
 MPEG-4 LOAS
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{CCED0D34-610F-11EB-90E4-ECF4BB862DED}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{CCED0D32-610F-11EB-90E4-ECF4BB862DED}.dat
 Microsoft Word Document
 #
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\78UZHHEC\dough-bolts[1].xml
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\e2cc4708-c326-40e4-ac23-62c2e6059909.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\e20777de-d3c7-4e5c-a273-661c6bf2fe86.tmp
 SysEx File -
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir6132_2135469203\Ruleset Data
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\9.18.0\Indexing in Progress
 empty
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
 ASCII text, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e8d35ddb-9a8d-4495-9588-7aabd118ab15.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e63f3b59-4081-494e-b1b3-dfab30b6ef23.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
 SQLite 3.x database, last written using SQLite version 3032001
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d7bbbe3d-52f1-4da2-a570-0962e9789276.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b2529cfa-d554-496d-bd85-fc1e794239d9.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\Chrome Web Store Payments.ico.md5
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\1468c75f-58fc-42d0-a2c0-5df3eaa768f0.tmp
 MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0526a56c7251902d_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9de9dd0b-107e-4eee-b8df-0e0e3eb51129.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\814b6adb-ec34-4624-940e-e1a9053c6587.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\79321b5b-0327-43c0-b414-2a3116a7cd3d.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4c236923-159d-4571-afab-c94df53abe9e.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3fbd5d14-fcf8-4a8d-94ae-32b21da9794e.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\397cde4b-9cac-407f-b085-2446c5db82ac.tmp
 very short file (no magic)
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\38f445d3-869b-4cab-b7de-cf17796946e2.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\17e52a83-3fa6-4817-beb1-ddc7f856c0cb.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\134f162b-a9d1-4a25-930e-9a6b889c78f0.tmp
 UTF-8 Unicode text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0c0c9f7a3d839981_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\8bd31d0d-1e76-4b4d-9e93-12884cb63548.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\8084aeae-8429-43f3-a620-cc677bffb762.tmp
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\7d61d366-6692-43f4-8447-b508a8a15d6f.tmp
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\52071df9-6c45-4818-8295-c13cec1da427.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\342ed5ef-a2fc-4e76-b001-8d8bcafb43ed.tmp
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EB2C4AB8B68FFA4B7733A9139239A396_D76DB901EE986B889F30D8CC06229E2D
 data
 #
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
 data
 #
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\223DE96EE265046957A660ED7C9DD9E7_EFF9B9BA98DEAA773F261FA85A0B1771
 data
 #
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EB2C4AB8B68FFA4B7733A9139239A396_D76DB901EE986B889F30D8CC06229E2D
 data
 #
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
 Microsoft Cabinet archive data, 59134 bytes, 1 file
 #
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\223DE96EE265046957A660ED7C9DD9E7_EFF9B9BA98DEAA773F261FA85A0B1771
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
 SQLite 3.x database, last written using SQLite version 3032001
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_2\_metadata\computed_hashes.json
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_1\_metadata\computed_hashes.json
 ASCII text, with very long lines, with no line terminators
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
 ASCII text
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
 ASCII text
 #
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
 SQLite 3.x database, last written using SQLite version 3032001
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ec99ea3009e95d65_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d978b0efc727804e_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c9226d7c7cc7ba4b_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b38fff78a48142d9_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\44a148030134590f_0
 data
 #
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3267e7daf16fbf9a_0
 data
 #