Windows Analysis Report
https://sites.google.com/view/jrsdprecision/

Overview

General Information

Sample URL:	https://sites.google.com/view/jrsdprecision/
Analysis ID:	612082

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Multi AV Scanner detection for domain / URL

Classification

Signatures

AV Detection

Multi AV Scanner detection for domain / URL

Source: lively-field-031627803.1.azurestaticapps.net	Virustotal: Detection: 16%			Perma Link
Source: https://lively-field-031627803.1.azurestaticapps.net/	Virustotal: Detection: 17%			Perma Link

Source: unknown	HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.3:54924 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.3:54925 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 5MB later: 27MB

Source: unknown

DNS traffic detected: queries for: sites.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52319
Source: unknown	Network traffic detected: HTTP traffic on port 60166 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51320
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53785
Source: unknown	Network traffic detected: HTTP traffic on port 54924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58119
Source: unknown	Network traffic detected: HTTP traffic on port 56471 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58002
Source: unknown	Network traffic detected: HTTP traffic on port 50301 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54925
Source: unknown	Network traffic detected: HTTP traffic on port 51739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54924
Source: unknown	Network traffic detected: HTTP traffic on port 55878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52405
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55878
Source: unknown	Network traffic detected: HTTP traffic on port 57087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50301
Source: unknown	Network traffic detected: HTTP traffic on port 59421 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59421
Source: unknown	Network traffic detected: HTTP traffic on port 51320 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60166
Source: unknown	Network traffic detected: HTTP traffic on port 54253 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54253
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56471
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57087
Source: unknown	Network traffic detected: HTTP traffic on port 60975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58119 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52405 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52319 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62743

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.99
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.99
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.99
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.99
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.99
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.99
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.99
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.99
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.99
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.99
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.99
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.184.234
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.184.234
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.184.234
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.184.234
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.184.234
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.184.234
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.184.234
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.184.234
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.184.234
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.184.234

Source: unknown	HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.3:54924 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.3:54925 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\alfredo\AppData\Local\Temp\ddf7949b-a07b-4506-8604-9294e7f2129f.tmp

Source: classification engine

Classification label: mal48.win@32/73@12/198

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation --single-argument https://sites.google.com/view/jrsdprecision/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1732,8493929056398251142,18182367843663010915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1732,8493929056398251142,18182367843663010915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-62607FDD-1E44.pma

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.184.195	unknown	United States	15169	GOOGLEUS	false
20.50.153.39	waws-prod-am2-5ecab9f3.sip.p.azurewebsites.windows.net	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.185.78	plus.l.google.com	United States	15169	GOOGLEUS	false
142.250.185.206	sites.google.com	United States	15169	GOOGLEUS	false
142.250.185.228	www.google.com	United States	15169	GOOGLEUS	false
152.199.19.161	unknown	United States	15133	EDGECASTUS	false
152.199.19.160	unknown	United States	15133	EDGECASTUS	false
173.194.187.10	unknown	United States	15169	GOOGLEUS	false
142.250.185.205	accounts.google.com	United States	15169	GOOGLEUS	false
142.250.185.202	unknown	United States	15169	GOOGLEUS	false
142.250.186.106	unknown	United States	15169	GOOGLEUS	false
172.217.23.97	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.195	unknown	United States	15169	GOOGLEUS	false
142.250.186.142	unknown	United States	15169	GOOGLEUS	false
142.250.184.238	clients.l.google.com	United States	15169	GOOGLEUS	false
142.250.74.195	gstaticadssl.l.google.com	United States	15169	GOOGLEUS	false
142.250.186.99	unknown	United States	15169	GOOGLEUS	false
142.250.184.234	unknown	United States	15169	GOOGLEUS	false
142.250.185.65	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.1
127.0.0.1

Contacted Domains

Name	IP	Active
gstaticadssl.l.google.com	142.250.74.195	true
accounts.google.com	142.250.185.205	true
plus.l.google.com	142.250.185.78	true
waws-prod-am2-5ecab9f3.sip.p.azurewebsites.windows.net	20.50.153.39	true
sites.google.com	142.250.185.206	true
www.google.com	142.250.185.228	true
clients.l.google.com	142.250.184.238	true
googlehosted.l.googleusercontent.com	142.250.185.65	true
clients2.googleusercontent.com	unknown	unknown
lh5.googleusercontent.com	unknown	unknown
clients2.google.com	unknown	unknown
lively-field-031627803.1.azurestaticapps.net	unknown	unknown
ajax.aspnetcdn.com	unknown	unknown
apis.google.com	unknown	unknown
lh4.googleusercontent.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.google.com/url?q=https%3A%2F%2Flively-field-031627803.1.azurestaticapps.net%2F&sa=D&sntz=1&usg=AOvVaw1FCGTlHeY_IG3uPBB2uOGm	false		high
https://lively-field-031627803.1.azurestaticapps.net/	true	17%, Virustotal, Browse	unknown
https://sites.google.com/view/jrsdprecision/	false		high

ID:	612082
Product:	CloudBasic
Start time:	14:48:42
Start date:	20.04.2022
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:
Architecture:	WINDOWS

Name	Type	MD5	SHA1	SHA256
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\9695e3c4-56db-4cc7-992a-45713eb00888.tmp	ASCII text, with very long lines, with no line terminators	AD4AB88173AE19A8D7D56F145E29E960	FA207E7995A5B02CBC4EF1B793D11C050868B467	1CB69CAF63A46C2F4F0D713135022613C218D94744AFC92C4DE88088C2E60F90
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	FA7200D6F80CD1757911C45559E59C0E	89C6E99BAEC4EBB3E9A97B928FB473D1498EBA88	D9779EA4D6DD544A23C2A1C53146B6A4E596927F47DFA0680B0A7EE751D43BB2
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\161e6ebd-0964-45b3-80a3-af19e4bb1e75.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\469fbbcb-77ca-4e71-946f-c05cb4ea6336.tmp	MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel	1B40AC9ABB964672109D49ABFCFE2717	966E224F2887075825D42D2E7E0063BFAA81A99C	503149B1B47F8296DEDB800251DBD9AF614856F0D7E6AB1C03DBC90EBCE53674
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\4b055950-271c-4d74-a193-0dc12f543316.tmp	ASCII text, with very long lines, with no line terminators	E1918D61209AE6F53A03A9FCC0C76D21	7A2CDE0C55D09A8502BF81DE4DB3ADDA63EAD401	2F29400F8CBE9AE83904C34E24DEA79A0C7192FB117AC75F4F28C45F831F0F4F
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\9f0933e2-de68-4d1c-8c9e-2fed691b823b.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	E57899E0E8BFD5FA0020DA4832D4FF9E	56A01EA7B995FAD40DC0E3263FA6B197F5393261	34661BF5C7D6BD16955B42F5322B93B223A8AA1AF588BF4521A09A3B8F06E997
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	2E2110A99AD3AE9721A458C95C64C868	72AE17599EDC0B2DC61C41D946E3E296864F2CBA	BB46BA705D5F6F43F66B07EA5DA4CC7CC0BF8FE635CCC4EBBA30A5D4A54158DE
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\9221.427.0.1_0\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	E7FC5462366916AA507D0D350BF1BE86	0D250D97A4FAA070DCE2BE246F14656800EE6561	84F230EAF1D18C25F8336F3ADEB490847D2ABFF6D4B30E7744C0D2B5790F84F6
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico (copy)	MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel	1B40AC9ABB964672109D49ABFCFE2717	966E224F2887075825D42D2E7E0063BFAA81A99C	503149B1B47F8296DEDB800251DBD9AF614856F0D7E6AB1C03DBC90EBCE53674
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)	ASCII text, with very long lines, with no line terminators	CAB8BEABE7E66A4015C98A3C77B3698B	C960AAAEA7014E105290C7D0F09BFCA837C8E8CC	75431010BFE77818B8BEF4B0C4B328C00668DC6B13C09AAB769EBF58BDA4EDF7
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)	ASCII text, with very long lines, with no line terminators	FEFAA6678A43550781F1164BE58FD855	C333BD4F0DDFB545D50CF128F00761EC0E9F1342	C01D5F0A535D06FE04E58A453D7D2C49FFC108A7E4EE63069D5C246B78332B37
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)	UTF-8 Unicode text, with very long lines, with no line terminators	E57899E0E8BFD5FA0020DA4832D4FF9E	56A01EA7B995FAD40DC0E3263FA6B197F5393261	34661BF5C7D6BD16955B42F5322B93B223A8AA1AF588BF4521A09A3B8F06E997
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\b3c90246-77bd-47f0-8977-1ced11f1db4f.tmp	ASCII text, with very long lines, with no line terminators	FEFAA6678A43550781F1164BE58FD855	C333BD4F0DDFB545D50CF128F00761EC0E9F1342	C01D5F0A535D06FE04E58A453D7D2C49FFC108A7E4EE63069D5C246B78332B37
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\c1178d0d-9d91-49fa-98ab-d6260f75eda0.tmp	ASCII text, with very long lines, with no line terminators	CAB8BEABE7E66A4015C98A3C77B3698B	C960AAAEA7014E105290C7D0F09BFCA837C8E8CC	75431010BFE77818B8BEF4B0C4B328C00668DC6B13C09AAB769EBF58BDA4EDF7
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\c8bb9053-4812-4961-87c6-2a46025a1966.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	E7EDA950949825F231A110EA343A0F66	95B9701C4CCAEE15E102DB72F0DA62071C5FA778	BEA96051DDD994E8C2EE944B00230D406B95063026A8039150430FF5192AF24D
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000006.dbtmp	ASCII text	AEFD77F47FB84FAE5EA194496B44C67A	DCFBB6A5B8D05662C4858664F81693BB7F803B82	4166BF17B2DA789B0D0CC5C74203041D98005F5D4EF88C27E8281E00148CD611
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)	ASCII text	AEFD77F47FB84FAE5EA194496B44C67A	DCFBB6A5B8D05662C4858664F81693BB7F803B82	4166BF17B2DA789B0D0CC5C74203041D98005F5D4EF88C27E8281E00148CD611
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Browser	data	DE9EF0C5BCC012A3A1131988DEE272D8	FA9CCBDC969AC9E1474FCE773234B28D50951CD8	3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Version	ASCII text, with no line terminators	3A0E5D4F452CF99191634D0FFAB744A0	F115BBB898EEFF640D8D19AD44A86C3FCDFFC0AD	B9D528D3AE283039F4700C7E4E790744C58A26353A91B536DD91CBA4F648A35F
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Local State (copy)	ASCII text, with very long lines, with no line terminators	517703416513B89BDD69F435CBBF23F7	FACD8114B88FC11737088A713AA891EC6FA169DD	E9F99398B89834F9C783B7EE711D11AE0A7F3CED3EDFC052364C93694DEBC097
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\bf2272fb-bcd7-437c-ba8e-7aaad0ed459f.tmp	data	524A7C231BB2CD0FF09F4E85CA296B53	7FF2D4C1E9E86DAF19A3B5DF9CE8E01BE1D41D3A	D683902320B8E4F13854B39097800C2B929F463945C6DF3AD365E2014CF36642
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\c3dc22aa-a5e4-4a42-bcfa-b281a0b5c11a.tmp	ASCII text, with very long lines, with no line terminators	517703416513B89BDD69F435CBBF23F7	FACD8114B88FC11737088A713AA891EC6FA169DD	E9F99398B89834F9C783B7EE711D11AE0A7F3CED3EDFC052364C93694DEBC097
C:\Users\alfredo\AppData\Local\Temp\049638ac-3685-4c42-a568-2ed63fd69a27.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)	173CA02E5B06065771DEB2F28E4E5A9E	20F1774FB280C94C13082A255C27D7A786EFD5C7	634557AE2916F2FAA0CBF2557F8F96E26845ABE94D2784FD73B169EC5618B186
C:\Users\alfredo\AppData\Local\Temp\1f43297c-be93-4252-860f-1a5fa54dd691.tmp	Google Chrome extension, version 3	541F52E24FE1EF9F8E12377A6CCAE0C0	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
C:\Users\alfredo\AppData\Local\Temp\3309d7c3-39e0-4234-9afb-e778f5a58874.tmp	Google Chrome extension, version 3	BB2058E728F79C67137BDFCFCEEC72D4	0AE586E5DD08EA7BECD5618DA868E7FA94910F60	9107E42F7F892FECD9A0A8CB05FEDAE7D9E045442FB17AF11A77F6F7253B66B7
C:\Users\alfredo\AppData\Local\Temp\7748_1216091046\_metadata\verified_contents.json	ASCII text, with very long lines, with no line terminators	8B6C3E16DFBF5FD1C9AC2267801DB38E	F5CADC5914DF858C96C189B092BC89C29407BBAA	FD986A547D9585E98F451B87CA85DEB4B61EE540C6FAC678D7BEDABF04653095
C:\Users\alfredo\AppData\Local\Temp\7748_1216091046\_platform_specific\x86_64\pnacl_public_pnacl_json	ASCII text	35D5F285F255682477F4C50E93299146	FB58813C4D785412F05962CD379434669DE79C2B	5424C7B084EC4C8BA0A9C69683E5EE88C325BA28564112CC941CD22E392D8433
C:\Users\alfredo\AppData\Local\Temp\7748_1216091046\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o	ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped	604FF8F351A88E7A1DBD7C836378AE86	9D8D89AE9F13D6306E619A4EAAD51EDE91A5F9F3	947E64BE43E821562CE894F1AFCC3D09CD7FF614C107FC94250CD3EA5C943302
C:\Users\alfredo\AppData\Local\Temp\7748_1216091046\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o	ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped	88C08CD63DE9EA244F70BFC53BBCADF6	8F38A113A66B18BAA02E2C995099CF1145A29DAA	127F903CC986466AA5A13C17DFDD37AC99762F81A794180339069F48986BC7A3
C:\Users\alfredo\AppData\Local\Temp\7748_1216091046\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o	ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped	75E79F5DB777862140B04CC6861C84A7	4DB7BDC80206765461AC68CEC03CE28689BBEE0C	74E8885B87ED185E6811C23942FD9BD1FBAC9115768849AF95A9DECF6644B2EA
C:\Users\alfredo\AppData\Local\Temp\7748_1216091046\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377, stripped	0BB967D2E99BE65C05A646BC67734833	220A41A326F85081A74C4BB7C5F4E115D1B4B960	C6C2D0C2FC3E38A9BFA19C78066439C2F745393F1FD1C49C3C6777F697222C76
C:\Users\alfredo\AppData\Local\Temp\7748_1216091046\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a	current ar archive	0CE951B216FCF76F754C9A845700F042	6F99A259C0C8DAD5AD29EE983D35B6A0835D8555	7A1852EA4BB14A2A623521FA53F41F02F8BA3052046CF1AA0903CFAD0D1E1A7B
C:\Users\alfredo\AppData\Local\Temp\7748_1216091046\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a	current ar archive	C37CA2EB468E6F05A4E37DF6E6020D0F	EA787E5EADFB488632EC60D8B80B555796FA9FE9	C1483ED423FEE15D86E8B5D698B2CDAB89186CE7FF9C4E3D5F3F961FD80D7C6E
C:\Users\alfredo\AppData\Local\Temp\7748_1216091046\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a	current ar archive	4E8BEDA73EB7BD99528BF62B7835A3FA	DC0F263A7B2A649D11FF7B56FE9CFAC44F946036	6B835FD48DF505EB336FF6518CE7B93BB0ED854DADAA5C1EEED48D420291F62C
C:\Users\alfredo\AppData\Local\Temp\7748_1216091046\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a	current ar archive	F950F89D06C45E63CE9862BE59E937C9	9CFAD34139CC428CE0C07A869C15B71A9632365D	945B1C8A1666CBF05E8B8941B70D9D044BAAFB59B006F728F8995072DE7C4C40
C:\Users\alfredo\AppData\Local\Temp\7748_1216091046\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce, stripped	9B159191C29E766EBBF799FA951C581B	D1D4BBC63AB5FC1E4A54EB7B82095A6F2CE535EE	2F4A3A0730142C5EE4FA2C05D27A5DEFC18886A382D45F5DB254B61B28ED642B
C:\Users\alfredo\AppData\Local\Temp\7748_1216091046\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9, stripped	9DC3172630E525854B232FF71499D77C	0082C58EDCE3769E90DB48E7C26090CE706AD434	6AA1DA6C264E0AF4E32A004F4076C7557C6AC6D9C38B0C5DE97302D83FA248C3
C:\Users\alfredo\AppData\Local\Temp\7748_1216091046\manifest.fingerprint	ASCII text, with no line terminators	C00BCE97F21B1AD61EB9B8CD001795EE	8E0392FF3DB267D847711C3F4E0D7468060E1535	59F06F04230E32E8BC839F45B984D31D611930427B631C963D09E7064A602363
C:\Users\alfredo\AppData\Local\Temp\7748_1216091046\manifest.json	ASCII text	1863B86D0863199AFDA179482032945F	36F56692E12F2A1EFCA7736C236A8D776B627A86	F14E451CE2314D29087B8AD0309A1C8B8E81D847175EF46271E0EB49B4F84DC5
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_206036005\CRX_INSTALL\_locales\th\messages.json	UTF-8 Unicode text, with CRLF line terminators	83E2D1E97791A4B2C5C69926EFB629C9	429600425CB0F196DDD717F940E94DBD8BFF2837	2FECA577F43D97BAEEA464741D585892103585208FD0A935B810A03BDCE83C88
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_206036005\CRX_INSTALL\_locales\tr\messages.json	UTF-8 Unicode text, with CRLF line terminators	2CEAE0567B6BB1D240BBAD690A98CA3B	5944346FBD4A0797B13223895995CAB58E9ECD23	A7CB86F30C9C31FE5540282C308BA96ADB4EC16EF98C87129EB88105E5BEF5FC
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_206036005\CRX_INSTALL\_locales\uk\messages.json	UTF-8 Unicode text, with CRLF line terminators	AB0B56120E6B38C42CC3612BE948EF50	8B3F520E5713D9F116D68E71DAEED1F6E8D74629	68ABA284751EB9C856032062EF9B1651E2A1E5CE5FDA0977FFC97D63BA7BED9E
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_206036005\CRX_INSTALL\_locales\vi\messages.json	UTF-8 Unicode text, with CRLF line terminators	7EBB677FEAD8557D3676505225A7249A	F161B4B6001AEAEAB246FF8987F4D992B48D47BE	051F96ED874C11C4A13589B5F68964E4F5B03B52DDA223D56524F2CA23760C04
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_206036005\CRX_INSTALL\_locales\zh_CN\messages.json	UTF-8 Unicode text, with CRLF line terminators	BB73BF561BB79F89D9BF7C67C5AE5C65	2FADD3A1959B29C44830033A35C637D0311A8C9C	D804F2A040D21D7511EFD5213D8E1721D64964A1A0DBB48E21622CEEDC9D967E
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_206036005\CRX_INSTALL\_locales\zh_TW\messages.json	UTF-8 Unicode text, with CRLF line terminators	5FF50C673CC0C661D615F0CFD0E6DCA0	60DFF98DEAB9C4746B288BDD9C94B3BCAE5EAA85	C6F8C640F3353A7B9B1432A0C139C1AEEC40133800E6C9B467B63991AD660308
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_206036005\CRX_INSTALL\manifest.json	ASCII text	6CA25F3EF585B63F01BCDF8635120704	00C063811E31EA5F9A00F175A71EA25E7821F621	49D9DE983F7436BA786E6E04A5A20C10F41687AE06B266B1B6553F696719563D
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\kn\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	2E3239FC277287810BC88D93A6691B09	FC5D585DA00ADC90BF79109C7377BD55E6653569	5FC705AD19761204D8604EA069936A23731B055D51E7836CAAF16AC7719FBEEA
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\ko\messages.json	UTF-8 Unicode text, with CRLF line terminators	E303CD63AD00EB3154431DED78E871C4	3B1E5B8E2CF5EBDF5D33656EF80A46563F751783	FDE602BFDB1AFD282682DA5338C4F91D8A2F6CB5411DB8F62F4583D629CE67A6
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\lt\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	93BBBE82F024FBCB7FB18E203F253429	83F4D80F64FA2ADCE6C515C5F663BD38A76C51DB	E7A8570922CCC4F2CA3721C4E61F426158C4E7BC90274FBC8BE4040FF8B6CA9B
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\lv\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	388590CE5E144AE5467FD6585073BD11	61228673A400A98D5834389C06127589F19D3A30	05CA14196CA5D90B228C0F03684E03EBE403A3E7B513AE0A059244AE12B51164
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\ml\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	0CBE2A5C0798516F665F06BC46373B6D	12AE7DDF4BA59B0324DE1E2EA10BBDCEC1495753	41179A3582BE3DE2CB8A569AF22EC97AF2A42403D75E250BCAE853DBF7DDE598
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\mr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	E4D38794005291B3AB72389F7C959E8C	D19AAAAC79EF703FFE78371B44D9F3681414E1EA	915D323B9F7DB9E13BD50A75426B750C93EBC8699C523E72A37CB818CC33292B
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\ms\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	09D75141E0D80FBD3E9E92CE843DA986	B24EAB4B1242C31B69514D77BC1DB36A3F648F40	8F1DBDEFD910AD88BEEC7956619CDB34391D6E69254C3A7497E8F87134AE8B5C
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\nl\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	6DDB73E39B89687181221341448D2365	FA71231ACE49AEBAD99AF747E173CCC6C7FF0126	21CAB8AF7F2ABF337CC33C51E9F4FD33A3AF08603CDDB74A30D4A05654F020FF
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\pl\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	8254020C39A5F6C1716639CC530BB0D6	A97A70427581ADA902CA73C898825F7B4B4FAC8F	2F4E4FC6AEB4A8E7F0E0DCE220D66E763F4EBF1FA79985834D636C6692FEA3E8
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\pt\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	FABD5D64267F0E6D7BE6983AB8704F8C	D4DAAD0FF5C461C51E6C1FD22B86AFC5B13E123F	D82DCA262FF005668B252B478DEDAAC4A5C1E417AF9DE57C22F169A6680183AE
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\ro\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	75E16A8FB75A9A168CFF86388F190C99	C27CE4C1DB3DF2D232925C73DC9AC1FA24DAD396	9C4716FF42A730F1E7725F0D9E703F311E79FDA31F85B4BB0B8863FC3C27AB9D
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\ru\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	8EF94823972EA8D2FC9BB7EC09AB1846	4171DC9CE9D82FDA5A280517A1FE58C907D75CE3	1009DB9FFA64E411B31E0780EBA43B9C9F8B05B5AC8CCA9A38514650261ABB0A
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\sk\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	9FDFFDD627F96DF699EC9F9D3625502F	04B830F3C7DA394EEA6063B7405FA12B23E151CA	73B21C2BD165AA33724EABF134AF52ADD9A7C202A1462F0BEDEA3BC6701DD470
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\sl\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	F60AB4E9A79FD6F32909AFAC226446B3	07C9E383D4488BEBE316CA86966FC728F55A2E32	CDE581E6E7CF0136B003B45549E3BBEE7B67B74ADD786A8D5607BFDAD1DE7B87
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\sr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	127A5422BE8B58668A9502DC03C1639C	77603F93079A203D104CFF2806C55330658578FC	C7B9ECE155924B9FA60662CDC1D1736A210018BD16E4B3E3613A2EE17782F0D6
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\sv\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	897DAE6B0CF0FDE42648F0B47CB26E06	E1F5F5F65AF34FF9484AB2B01E571EAF19BA23D0	52656C24F6F6D0F3B3FC01E9504C4D5CEB85624F1B22E974CA675DD0E94EB82D
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\sw\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	EC233129047C1202D87DC140F7BA266D	537E4C887428081365D028F32C53E3C92F29AAA6	28EDBC5C4858217811D45CAA215710E452C8926E4DE99F810001AD664D08BE0D
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\ta\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	C50C5D2EDFC79DBDCBD5A58A027A3231	14314D760A18C39F06CD072CF5843832AFB86689	EEB0E89D5AD92B80FF08F88533A111DB3416D7C3860C64227D1CC8B7C2B58298
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\te\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	28425862224952A50E881BFA19475ECC	BDAEC83C2988AFE15D886FE5428FA7870FF1FAF4	793A422E88496566E3EF1E22F30784268716613EBB56C58DC5C0F4B5344F87BF
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\th\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	9F926FCB8BAEA23453B99EA162CCDEA1	04D1E45591C0435A39DCA00A81E83E68585E8B64	100463C587F549C964A4EB21EA38EA1B4ADEF11E927FAC8FF884623B77202C02
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\tr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	B0420F071E7C6C2DE11715A0BF026C63	F41CC696786B18805DB8DC9E1E476146C0D6BE90	309F946F753DF6AF5C255D772EA0D429462152F78ABA4A96A2E369707A2C6B67
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\uk\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	FF06E78C06E8DFF4A422EA24F0AB3760	A434D1CE22DE0D2FD1842E94F5815F7B1972D1EE	E209FDEF12CCEC03B4E0D5B9464F90D527E62C5BC4DD565C680661D7F282AB02
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\vi\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	05A2C5EED47B155AA9EC9BC3DC15D6A5	09E795DC1FDF80B5E96728C8B1C701B8194DCF97	EE794AD0D6BAD28C783962EA92CA2E7CDA8E374FFDF083711B03149EFB2A7D32
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\zh\messages.json	UTF-8 Unicode text, with CRLF line terminators	D4513639FFC58664556B4607BF8A3F19	65629BC4CBBACA498F4082DD5884C8D3D7DDDC8A	C6D49997A9B4FF7FE701EC3644B1A523679A27778FB4BD39B7DBCA9F1ACCE595
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\_locales\zh_TW\messages.json	UTF-8 Unicode text, with CRLF line terminators	494CE2ACB21A426E051C146E600E7564	D045ECC2A69C963D5D34A148FE4A7939DE6A1322	A1053F9496ED7FA3C625C94347F07A5E760F514FD8EE142EC9EE64E86B9C063D
C:\Users\alfredo\AppData\Local\Temp\scoped_dir7748_327753163\CRX_INSTALL\manifest.json	ASCII text, with very long lines	30B78A52B000FF35C18C3D435CA15075	3DEB89546193DA52C8843D90325290496C6E47DD	0A20B0B88FEBE7464BC199663D5DBC2BEA252394C69D352C091E0C7C1538E90F
C:\Users\alfredo\AppData\Roaming\Microsoft\Spelling\en-US\default.dic	Little-endian UTF-16 Unicode text, with no line terminators	F3B25701FE362EC84616A93A45CE9998	D62636D8CAEC13F04E28442A0A6FA1AFEB024BBB	B3D510EF04275CA8E698E5B3CBB0ECE3949EF9252F0CDC839E9EE347409A2209

Windows Analysis Report
https://sites.google.com/view/jrsdprecision/

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Compliance

Software Vulnerabilities

Networking

System Summary

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://sites.google.com/view/jrsdprecision/

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Compliance

Software Vulnerabilities

Networking

System Summary

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://sites.google.com/view/jrsdprecision/