Windows Analysis Report
https://w2globaldata.cabildodeagayu.com/1/?e=bGVzLmZyZWVsYW5kQHcyZ2xvYmFsZGF0YS5jb20=

Overview

General Information

Sample URL:	https://w2globaldata.cabildodeagayu.com/1/?e=bGVzLmZyZWVsYW5kQHcyZ2xvYmFsZGF0YS5jb20=
Analysis ID:	626005

Detection

HTMLPhisher

Score:	60
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish10

Yara detected Captcha Phish

Phishing site detected (based on image similarity)

HTML body contains low number of good links

Invalid T&C link found

Suspicious form URL found

No HTML title found

Classification

Signatures

Phishing

Yara detected HtmlPhish10

Source: Yara match

File source: 30849.3.pages.csv, type: HTML

Yara detected Captcha Phish

Source: Yara match

File source: 58601.1.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	Matcher: Found strong image similarity, brand: Microsoft image: 30849.3.img.4.gfk.csv 7916A894EBDE7D29C2CC29B267F1299F
Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	Matcher: Found strong image similarity, brand: Microsoft image: 30849.3.img.4.gfk.csv 7916A894EBDE7D29C2CC29B267F1299F
Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	Matcher: Found strong image similarity, brand: Microsoft image: 30849.3.img.4.gfk.csv 7916A894EBDE7D29C2CC29B267F1299F
Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	Matcher: Found strong image similarity, brand: Microsoft image: 30849.3.img.4.gfk.csv 7916A894EBDE7D29C2CC29B267F1299F
Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	Matcher: Found strong image similarity, brand: Microsoft image: 30849.3.img.4.gfk.csv 7916A894EBDE7D29C2CC29B267F1299F
Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	Matcher: Found strong image similarity, brand: Microsoft image: 30849.3.img.4.gfk.csv 7916A894EBDE7D29C2CC29B267F1299F
Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	Matcher: Found strong image similarity, brand: Microsoft image: 30849.3.img.4.gfk.csv 7916A894EBDE7D29C2CC29B267F1299F
Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	Matcher: Found strong image similarity, brand: Microsoft image: 30849.3.img.4.gfk.csv 7916A894EBDE7D29C2CC29B267F1299F
Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	Matcher: Found strong image similarity, brand: Microsoft image: 30849.3.img.4.gfk.csv 7916A894EBDE7D29C2CC29B267F1299F

HTML body contains low number of good links

Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	HTTP Parser: Number of links: 0
Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	HTTP Parser: Number of links: 0

Invalid T&C link found

Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	HTTP Parser: Invalid link: Terms of use
Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	HTTP Parser: Invalid link: Privacy & cookies
Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	HTTP Parser: Invalid link: Terms of use
Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	HTTP Parser: Invalid link: Privacy & cookies

Suspicious form URL found

Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	HTTP Parser: Form action: action.php
Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	HTTP Parser: Form action: action.php

No HTML title found

Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	HTTP Parser: HTML title missing
Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	HTTP Parser: HTML title missing

Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	HTTP Parser: No <meta name="author".. found
Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	HTTP Parser: No <meta name="author".. found

Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	HTTP Parser: No <meta name="copyright".. found
Source: https://w2globaldata.cabildodeagayu.com/1/main/main.php	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 190.8.176.18:443 -> 192.168.2.3:52246 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 190.8.176.18:443 -> 192.168.2.3:52245 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 5MB later: 10MB

Source: unknown

DNS traffic detected: queries for: w2globaldata.cabildodeagayu.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53329
Source: unknown	Network traffic detected: HTTP traffic on port 52246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62406 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52133 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53329 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63184 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55787
Source: unknown	Network traffic detected: HTTP traffic on port 57585 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60559 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62203 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52245 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62291
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63184
Source: unknown	Network traffic detected: HTTP traffic on port 65060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52245
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52248
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52246
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52247
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57585
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62406
Source: unknown	Network traffic detected: HTTP traffic on port 59341 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62203
Source: unknown	Network traffic detected: HTTP traffic on port 57502 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52657
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52619
Source: unknown	Network traffic detected: HTTP traffic on port 52248 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52133
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57502
Source: unknown	Network traffic detected: HTTP traffic on port 50879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52896
Source: unknown	Network traffic detected: HTTP traffic on port 58854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60559
Source: unknown	Network traffic detected: HTTP traffic on port 56036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65060
Source: unknown	Network traffic detected: HTTP traffic on port 52247 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62291 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62386 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56036
Source: unknown	Network traffic detected: HTTP traffic on port 63356 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59341
Source: unknown	Network traffic detected: HTTP traffic on port 52657 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62386
Source: unknown	Network traffic detected: HTTP traffic on port 52619 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63356

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.67
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.67
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.67
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.67
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.67
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.67
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.67
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.67
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.67
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.67
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.67
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.67
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163
Source: unknown	TCP traffic detected without corresponding DNS query: 216.58.212.163

Source: unknown	HTTPS traffic detected: 190.8.176.18:443 -> 192.168.2.3:52246 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 190.8.176.18:443 -> 192.168.2.3:52245 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\alfredo\AppData\Local\Temp\025fff9c-c297-4571-bcca-e6d9246a2e28.tmp

Source: classification engine

Classification label: mal60.phis.win@25/83@10/199

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation --single-argument https://w2globaldata.cabildodeagayu.com/1/?e=bGVzLmZyZWVsYW5kQHcyZ2xvYmFsZGF0YS5jb20=
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1724,7817853625496071747,17956484230927524192,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1724,7817853625496071747,17956484230927524192,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-627EBAB9-17A8.pma

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.186.35	unknown	United States	15169	GOOGLEUS	false
142.250.203.106	unknown	United States	15169	GOOGLEUS	false
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
142.250.186.67	unknown	United States	15169	GOOGLEUS	false
104.18.10.207	stackpath.bootstrapcdn.com	United States	13335	CLOUDFLARENETUS	false
216.58.215.238	clients.l.google.com	United States	15169	GOOGLEUS	false
216.58.215.227	gstaticadssl.l.google.com	United States	15169	GOOGLEUS	false
142.250.203.110	unknown	United States	15169	GOOGLEUS	false
104.18.11.207	maxcdn.bootstrapcdn.com	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.181.228	www.google.com	United States	15169	GOOGLEUS	false
190.8.176.18	w2globaldata.cabildodeagayu.com	Colombia	52335	ColombiaHostingCO	false
216.58.212.163	unknown	United States	15169	GOOGLEUS	false
142.250.203.99	unknown	United States	15169	GOOGLEUS	false
74.125.162.166	unknown	United States	15169	GOOGLEUS	false
142.250.203.109	accounts.google.com	United States	15169	GOOGLEUS	false
108.157.4.80	d26p066pn2w0s0.cloudfront.net	United States	16509	AMAZON-02US	false

Private

IP
192.168.2.1
127.0.0.1

Contacted Domains

Name	IP	Active
stackpath.bootstrapcdn.com	104.18.10.207	true
gstaticadssl.l.google.com	216.58.215.227	true
d26p066pn2w0s0.cloudfront.net	108.157.4.80	true
accounts.google.com	142.250.203.109	true
cdnjs.cloudflare.com	104.17.24.14	true
maxcdn.bootstrapcdn.com	104.18.11.207	true
www.google.com	142.250.181.228	true
clients.l.google.com	216.58.215.238	true
w2globaldata.cabildodeagayu.com	190.8.176.18	true
clients2.google.com	unknown	unknown
logo.clearbit.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://www.google.com/recaptcha/api2/bframe?hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&k=6LcJNLsfAAAAAFLIycbaJnhsCkE1TOU4w9VVo21f	false	high
https://w2globaldata.cabildodeagayu.com/1/main/	true	unknown
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJNLsfAAAAAFLIycbaJnhsCkE1TOU4w9VVo21f&co=aHR0cHM6Ly93Mmdsb2JhbGRhdGEuY2FiaWxkb2RlYWdheXUuY29tOjQ0Mw..&hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=normal&cb=v5xgy7uvez7y	false	high
https://w2globaldata.cabildodeagayu.com/1/main/main.php	true	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\1376a610-eb79-4288-a37f-9a0ef8114425.tmp	ASCII text, with very long lines, with no line terminators	5BC478B0AEC61308306723722FD8D99D	E7B6FDAD7B2042A1EC15910989222D27A636CFD1	8552FF542E8BA217B3E96A4E3E63E94C4075009369AB8DEECA81333DAABE8488
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\30cca6b5-d4a3-4dff-bb50-6f64e731fe53.tmp	ASCII text, with very long lines, with no line terminators	972AE4DF7A210BECCCB13C7026A8EDFE	8C2C04FC6338C4E6330EDE969C02F710DA210AF7	D5BF787DCE8A40BFA689BBA3E365F949BB139C7378011E5E5CAEE2CBB4018522
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\4779d722-47ff-4cac-84f3-b70b408a52ab.tmp	data	FE3E5EDA036BAF27D961C9F1F8935D37	3AAB6A76400C8E5D0094D78770B5ECCFD84A779E	7870B7C716325E080E2B20854E8EAD06E5276B438E87F2C5C92FFA3B9E5CA4F0
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	FA7200D6F80CD1757911C45559E59C0E	89C6E99BAEC4EBB3E9A97B928FB473D1498EBA88	D9779EA4D6DD544A23C2A1C53146B6A4E596927F47DFA0680B0A7EE751D43BB2
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\0cc94e7a-de06-4234-884b-2a82d8de767c.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	2DE5FAFD79D9A0397A6CA7F0141F6B5D	FBDACFCF52AE2E6B4BD1B2D4CBE2D2F6125E5C1B	E1FC51A25D9597CE51295FD0F7AE162887CC927768288AC1A22866AD02BDF76F
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\4211a6e2-b66c-47cf-ac26-337c04e54cd3.tmp	ASCII text, with very long lines, with no line terminators	AC77A2EAEE403E67AFD2D6E0796B0EF7	030396DA547C35543328F9CE9DB2F4BB9B346997	8A0004CB33004DC98915F65547E594818DA9AE86F22545D0FC9C0D0A5E3F76B2
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\5408dd04-4dbd-4df3-bc58-35c35ab41195.tmp	ASCII text, with very long lines, with no line terminators	658E52B384460C57ADF550C6E4E99FE1	1359AD651AE206A1BD6B279AD5A6FF6A9DEA92F4	D6043BAE80959079D01D6953431DFE5663E42EA4D640F22FB0AA9681993E3032
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\5593a912-6ca8-4130-a0d9-665bb3897600.tmp	ASCII text, with very long lines, with no line terminators	CAB8BEABE7E66A4015C98A3C77B3698B	C960AAAEA7014E105290C7D0F09BFCA837C8E8CC	75431010BFE77818B8BEF4B0C4B328C00668DC6B13C09AAB769EBF58BDA4EDF7
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\64f747cf-adb3-4802-8299-08dd540e42b5.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	BD4369708C3EBA66AFFFBF1730EFBC32	DBE77BD571E998BB35097C85AE7A5CE5C8173537	91B889278886075046881CF9A9C0BFB5863268BF0EEB566AC04076859A13DD5A
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\9e1ad480-47ee-4981-a32f-fd3f17437585.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico (copy)	MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel	1B40AC9ABB964672109D49ABFCFE2717	966E224F2887075825D42D2E7E0063BFAA81A99C	503149B1B47F8296DEDB800251DBD9AF614856F0D7E6AB1C03DBC90EBCE53674
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache	data	F4BBB20AAA18FF1A31153362BF57E6D3	B3BA88556B7190C25421B80F36C15AB91F0AA3F6	9E51CCAF74D40B1CAAA574A49EAE97F3D954CC08E4FC00B9AB498325EC38FF78
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)	ASCII text, with very long lines, with no line terminators	AC77A2EAEE403E67AFD2D6E0796B0EF7	030396DA547C35543328F9CE9DB2F4BB9B346997	8A0004CB33004DC98915F65547E594818DA9AE86F22545D0FC9C0D0A5E3F76B2
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)	UTF-8 Unicode text, with very long lines, with no line terminators	9055578429E4FF876B3F0BF2C546938F	24AC42DFB1FD4E36003AAD81D1A5B2183E117480	EE28B7BA7D71878DA8C415D23A4F5AE1ACD2DCAA9BAB6720F30A5F978C2269C3
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\21aa054b-8738-44c1-8590-64fef0b597b5.tmp	ASCII text, with no line terminators	038931FF72A0C6AA0695A404960B1B22	90802F36B75C3CA70FC8CD1CF8BDFBAE0E8723A4	BEF93811AE263E2E9145A44205340015843B1D4485D084BB642EAEB500FE564C
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1	data	F50F89A0A91564D0B8A211F8921AA7DE	112403A17DD69D5B9018B8CEDE023CB3B54EAB7D	B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000001.dbtmp	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\CURRENT (copy)	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\MANIFEST-000001	PGP\011Secret Key -	5AF87DFD673BA2115E2FCF5CFDB727AB	D5B5BBF396DC291274584EF71F444F420B6056F1	F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\ada08d48-c51a-4a2a-b730-ed268f2148bb.tmp	ASCII text, with very long lines, with no line terminators	948ACE18CB71B6A62602D2B6C081D7BB	BDD228F41E423B648048922EFCFF85C983C95117	125D501B2465374DC13E493EAD7A88505691EE937C0178E1F4844187C091BC7B
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\c2e482cc-4d9a-47a8-9020-70249b71de23.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	9055578429E4FF876B3F0BF2C546938F	24AC42DFB1FD4E36003AAD81D1A5B2183E117480	EE28B7BA7D71878DA8C415D23A4F5AE1ACD2DCAA9BAB6720F30A5F978C2269C3
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000006.dbtmp	ASCII text	AEFD77F47FB84FAE5EA194496B44C67A	DCFBB6A5B8D05662C4858664F81693BB7F803B82	4166BF17B2DA789B0D0CC5C74203041D98005F5D4EF88C27E8281E00148CD611
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)	ASCII text	AEFD77F47FB84FAE5EA194496B44C67A	DCFBB6A5B8D05662C4858664F81693BB7F803B82	4166BF17B2DA789B0D0CC5C74203041D98005F5D4EF88C27E8281E00148CD611
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\e6c22bc6-bbd0-4263-b773-4659c280863b.tmp	MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel	1B40AC9ABB964672109D49ABFCFE2717	966E224F2887075825D42D2E7E0063BFAA81A99C	503149B1B47F8296DEDB800251DBD9AF614856F0D7E6AB1C03DBC90EBCE53674
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Browser	data	DE9EF0C5BCC012A3A1131988DEE272D8	FA9CCBDC969AC9E1474FCE773234B28D50951CD8	3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Version	ASCII text, with no line terminators	3A0E5D4F452CF99191634D0FFAB744A0	F115BBB898EEFF640D8D19AD44A86C3FCDFFC0AD	B9D528D3AE283039F4700C7E4E790744C58A26353A91B536DD91CBA4F648A35F
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Local State (copy)	ASCII text, with very long lines, with no line terminators	972AE4DF7A210BECCCB13C7026A8EDFE	8C2C04FC6338C4E6330EDE969C02F710DA210AF7	D5BF787DCE8A40BFA689BBA3E365F949BB139C7378011E5E5CAEE2CBB4018522
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)	data	FE3E5EDA036BAF27D961C9F1F8935D37	3AAB6A76400C8E5D0094D78770B5ECCFD84A779E	7870B7C716325E080E2B20854E8EAD06E5276B438E87F2C5C92FFA3B9E5CA4F0
C:\Users\alfredo\AppData\Local\Temp\025fff9c-c297-4571-bcca-e6d9246a2e28.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)	9E9448CCCD4177DA32537DA5E1FEE943	36DBC442E38AB0E09D9F72FB3100D84B38EFDE14	1DCC5690B7DBFE737270E9BAE36B2C0F6A3E20010333D44BE6F4829839CB253D
C:\Users\alfredo\AppData\Local\Temp\1282e184-3a87-4aeb-8e3d-b4db6e66228b.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)	A83A2746B84F1CF573B02965B72ED592	85CC572D6F90029EB99AAFA56297D1BCA494313A	DF4B53C1C7C48E80753D4945E6EC7847084F51BF57F0ED9D341326C74651D6EC
C:\Users\alfredo\AppData\Local\Temp\85cd035a-be3f-4977-b1bb-77ebe810d65f.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)	3E5CCD9B583763AF68E28C5101373167	2005CDC0A8070B65E321A197D576698ECC267496	41412C0863920BA95E9FDBD3AF000CBE926A73C078997A233DF55379A5C4D274
C:\Users\alfredo\AppData\Local\Temp\9e13677c-be93-4c97-93d6-7fb8f39c84d6.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)	7F0FCE2F184F63FED8E9929FB106C282	0582EB5BFC7FCCCC1C77A860F00E351E61F5DC67	7C33F333216849E50AFC9550DA7DA4450D221B837340716ACCEE3766FFD4A62B
C:\Users\alfredo\AppData\Local\Temp\b9b1b15d-bc49-4060-b484-e7ebfd19d88b.tmp	Google Chrome extension, version 3	541F52E24FE1EF9F8E12377A6CCAE0C0	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
C:\Users\alfredo\AppData\Local\Temp\c7a406f7-7b53-4664-9889-b4891eda9a6a.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)	2A37AD0EC191D53104BB46953AC6C43C	FD23FFC5B7E4A6B45FBD88A486D15FAA51DC07AE	51F075EB69486CB23B32A0776782B4A1B2AF204429AB94510469E02B115E56CC
C:\Users\alfredo\AppData\Local\Temp\da35b806-cd0a-4d60-b750-7dfcb192a0bc.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)	173CA02E5B06065771DEB2F28E4E5A9E	20F1774FB280C94C13082A255C27D7A786EFD5C7	634557AE2916F2FAA0CBF2557F8F96E26845ABE94D2784FD73B169EC5618B186
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\bg\messages.json	ASCII text, with very long lines	D7A97183BCBD5FB677AA84D464F0C564	CDBB279B864E2C0A51E0892B8714131802586506	76EFAD74EB8256B942727C42261147EB9CCA48DA284DB3CDCE5DC6A3B4346F02
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\ca\messages.json	ASCII text, with very long lines	58BA5F65ED971591D1F9D81848EE31D0	BDA3C8B74653334FC8F060CAFBCEA58DF0113AB7	CDD91587F5AF2C865776B36A5E9A07B10D21B9D911DE0B814B7A1E94B14AE885
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\cs\messages.json	ASCII text, with very long lines	43161EFFA28A0DBFC67B8F7DBE1B5184	FE0A9235A59B51B7F564F14FF564344927F035B8	3A04421DF5218E8ABD3B0E2AFE11E8338D7BDCBCD1ADB122416944B102BC9696
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\da\messages.json	ASCII text, with very long lines	31264DDBF251A95DE82D0A67FA47DB3A	3A48DC7AF26A153594C7849E1D92AAC31296459B	EDB51898A6C73D0090D6916B7B72EBAC71E964EABB5BA7CD68E21966024F0D23
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\de\messages.json	ASCII text, with very long lines	7639B300B40DDAF95318D2177D3265F9	BF9EFDF073231CB3FCFCA5CCCA25B079ECFC45BD	356A9D4ADFEC484DA824E7A72059B724B1686FC90082F4A4B667630436D593B0
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\el\messages.json	ASCII text, with very long lines	3026E922B17DBEE2674FDAEE960DF584	76602B1E3449F1B67DE42FD31A581B0821BFEFF0	876845B5A061FAB3CF2A1466E01015DC40DF8449F1CB4205F575CEBED8717BAD
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\en\messages.json	ASCII text, with very long lines	DBEDF86FA9AFB3A23DBB126674F166D2	5628AFFBCF6F897B9D7FD9C17DEB9AA75036F1CC	C0945DD5FDECAB40C45361BEC068D1996E6AE01196DCE524266D740808F753FE
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\es\messages.json	ASCII text, with very long lines	3F4B0F56C2839839FC3E3270ED4CB7B6	0D74EA655EAE3990E95BD26F6E1467EDF3EB3478	1912EA5E0A62BBC669DC14AB5A5BD5514B0502C483EE1F27C3F8834384187079
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\es_419\messages.json	ASCII text, with very long lines	1FD5DAF46C4D7C4F571C263EC37B943B	A57EE5EF6861F88005C2230EA3D633A1B4CA105A	BCC2CF06F66E9E3BB4B7887D0EE0AE4A72A6C49F4B2A578A7733B78208984417
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\et\messages.json	ASCII text, with very long lines	0293A7BAE6EEE62C4067A80E262D6A2D	E76B07BD49FFBBFB6841B7335CBE7A9620714402	D06F20D4D68D1DBB89EF7D8E405D9499CB2EB2560217CD5B4A51AB1DD50CAB44
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\fi\messages.json	ASCII text, with very long lines	E5BBE7DBBE75F45BDCD49DB8C797106E	0F069D7D19768180945F0D8B67DC71262FD586A2	BFFB2248B4C66306133FA6ECBB1541F44B3BE22CC8D9A338D690E0B1D0C85532
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\fil\messages.json	ASCII text, with very long lines	658DAD2AF2DC3AC1567D84E8B95F68B0	EE1121215960EC5ED5F7B6BDB8E4680731EBF83D	978BA6D814CF290016833BBAC22DC7C05C2C575B1D6429B9BB14F8C2156BCF29
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\fr\messages.json	ASCII text, with very long lines	1E32A78526E3AC8108E73D384F17450B	BFE2E47D888BA530A27DD1BDE25C46433C2A545C	80F6EE69F1E022812BCCC1DE1CDC53772CDF90F4E93224161B23FA607D45136A
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\hi\messages.json	ASCII text, with very long lines	B739E3B798D3EEB8AFB3E368455A8E97	56E206DD0AC7EB7B179911BE3F7DD78059CBD4F3	BA7A53A1398168719F2ACD58CC5FE06AB0B769ECA896D70E7208B18085B42FFA
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\hr\messages.json	ASCII text, with very long lines	9CF848209FF50DBF68F5292B3421831C	D29880B7B15102469123D8747BF645706CE8595B	EA1744C3CFBAA684A31A00067E8493ED114EFF3E878C797C9C55A7B122D855CD
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\hu\messages.json	ASCII text, with very long lines	4AD92AFDE3408FBBE43B0C3C71677650	3488901077F336A3196F9AE116E36DF1674E1ACA	61258FE04C23AE14FDC99EE846CEA71CC703990CC0F80C3934299646E86C475E
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\id\messages.json	ASCII text, with very long lines	9008516AA1D8F8C2B8ECE70B7E4963AD	EA7AD4BE77A80A4B9FB1E59A340010830E494747	89CAB0AF2B53C6ABEB93C8C628DDCBDD286A7A2672FE03440411BB654E3A0675
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\it\messages.json	ASCII text, with very long lines	BB9C32BA62DDA02F9471C64B5F9CF916	9825037D5D9185C58456CDD887C77B10A41D8C84	43A0B113D3773BA78F82BB9E42DDC46F6892D0FBBB351F94A7C105E4A146E9C1
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\ja\messages.json	ASCII text, with very long lines	96C8CBD161D3CE9CB1A46CB2CD0C6583	78BBFCF035B5B620E353C8E520653ADD3F4E7DB8	81D8F1D9F72B3139BC5D9845BCF82990308FB6175D07514D8238B1E6D5D02E8A
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\ko\messages.json	ASCII text, with very long lines	3CAF23A8EA2332D78B725B6C99EC3202	95C3504F55A929449EF2E3AB92014562AACD39AD	BFE72BBC492B9018A599CB6575366696E431E6A38400E4B2ED06EAE3340D3AE5
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\lt\messages.json	ASCII text, with very long lines	41F2D63952202E528DBBB683B480F99C	9DD998542DBE6609299D4A5A25364A32FA7D7865	FF7C083CD1E6134DD8263C634336EB852274BAD1BFAD18762814C42BC65309D8
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\lv\messages.json	ASCII text, with very long lines	1D21ED2D46338636E24401F6E56E326F	24497EDB25724BC4A57823C5CD06F50DB9647DD4	434A375C32B8A21C435511C551F740FD4D170EC528A8F4EFC3D798EA4A07B606
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\nb\messages.json	ASCII text, with very long lines	8F0168B9A546D5A99FD8A262C975C80E	B0718071BD0B7251D4459E9C87DF50C14622FBD6	F03FA7384DF79EBA6E0274D570996030F595A3BF6B781929DD9DB6593262E41F
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\nl\messages.json	ASCII text, with very long lines	E7F74DCE7B6411E4E0D95E9252CF74FA	33CC6C73C5F8D0144C0260C2E5A9BD0DB3EF6477	3564AEF46C01602B19CC29FD8A79676C543427EDE98206D0C91B33AF0CCF3977
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\pl\messages.json	ASCII text, with very long lines	E16649D87E4CA6462192CF78EBE543EC	53097D592B13F3C1370366B25024EA72208B136A	EB435F7460A63576CA1ECB51948E7A3AD5168D2F175AE2B5836D469672923D84
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\pt_BR\messages.json	ASCII text, with very long lines	1F4BC8A5EFD59D61127ABEECD4B6CAE3	8647B4D2D643AE4F784ABDDC50D87A39AD02971A	E1950CBBF056F068EA56160DDB318F3E6232BFBBE096D221C7CA6FCAACE2A8B9
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\pt_PT\messages.json	ASCII text, with very long lines	D80ECE7E4B3741CD9CD29B89D006B864	8F0D587B78E36861ED00524ABF886FA20E14CAE4	C8FF9ACAEA1D3B6F8483339CB40F66BC563CCA8DD87F2337F813C492B20F451B
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\ro\messages.json	ASCII text, with very long lines	D63E66B94A4EA2085D80E76209582FB1	4ECAC3EB64DD6253310A0776E6D42257FC290D77	91A5AAD210C3E0241106E8821B3897EDEFEC9D85033C94DB2324FF3A5FDE5AC7
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\ru\messages.json	ASCII text, with very long lines	22F9E62ABAD82C2190A839851245A495	E7F79BD875918F0D0799DB5F45FAC6297FB66AF7	9FC1167626C97BCBFDAFF23C6033A44252F89A501AF1DF41C43CB3A994FEB09F
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\sk\messages.json	ASCII text, with very long lines	4BBAA10FD00AADBBA3EF6E805E8E1A62	1991901BD6A20C4A7977F09DF30C0CFF0524C504	906C4F7FDDE15DE4C841E7910BBF14D9175E894BCB244B56E8447A5ADFA5B7AB
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\sl\messages.json	ASCII text, with very long lines	F45DE58765A37FD095319D7DEB0F2FB6	B585A485C9BC1982EDF7AE0B9AC73A8E91D41CB5	8366774AA582035BC7D949F4E28FAEC371C305D01404DF56FFF5A78B4F6ECDB7
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\sr\messages.json	ASCII text, with very long lines	92C1FAC62EB7F92EC3794D4A141BEF32	2AFA41BF51BF9A1089B0B92A9D2DC74299B79813	9DF154C93B02695AF1CC39F085D9D178EC6AF131A62C2AFC65F125F8F9A5B7AC
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\sv\messages.json	ASCII text, with very long lines	6E1BE9CEE29818E54E3D1C7D483DD6F7	B9DD926B60E225C5BE8A1DBB7EF3ACE422A204A9	E348583D8C53F4A5DEC4551DA93785C17108466E427E06F84708AA383EA0E326
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\th\messages.json	ASCII text, with very long lines	283D5177FB2FC7082967988E2683EC7C	DEDE43967F3CEF9D9325F140872A63BFCE2AA8C5	E8D5820BDE31B66A7641068FDEDD1A5F20C1A783460B98887A670F38422099CF
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\tr\messages.json	ASCII text, with very long lines	1BF2AA4BB904B406C9C2B7DF769BB540	8D29C4B7A79AB0657747CA194D1934292A46D2A8	0F2E8285BA3E2BDBA6B16435FB941B07159AACFAC80196AD5941B79AB52B712A
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\uk\messages.json	ASCII text, with very long lines	FD1C9890679036E1AD914218753B1E8E	58160F7A0FC94110A2876223E406A517C8E2660B	39D19CC3387FFCE13A8F11DAD72E2FCBB7CD1A4367EC699AD7C40D6F52ECE717
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\vi\messages.json	ASCII text, with very long lines	7D52E9357AB847B4CC8DBC8CC4DA93F5	AF877F3992D8056C8F08462BD575595BF79FE5B0	313F71F3FFDCEFC76FC746FF2029FBF8FBE38BD83DCF952FC3DDCD8AA96D5CFB
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\zh_CN\messages.json	ASCII text, with very long lines	393680A09DEE0CB9046A62BDC0750B74	54E7F8215061A4AB241B87AE4E81C8F860EB2C2B	D5FB52C2897FD5C294784DB63C933AC77C609D10AC91431CCB295D87452CBEE6
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\_locales\zh_TW\messages.json	ASCII text, with very long lines	CD30D132A7213FC1B7E03C6D0A49CCF7	1141DED39023B821FE9BB4682E0D1EB5469DAF76	5717F13D10E63255947F750C79CBB6BD04A6D97A08261E8D5764AF5EB0561A28
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\craw_background.js	ASCII text, with very long lines	6EEBED29E6A6301E92A9B8B347807F5F	65DFB69B650560551110B33DCBA50B25E5B876DE	04CD9494B0ED83924DAD12202630B20D053D9E2819C8E826A386C814CC0A1697
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\craw_window.js	ASCII text, with very long lines	1709B6F00A136241185161AA3DF46A06	33DA7D262FFED1A5C2D85B7390E9DBC830CBE494	5721A4B3F8E09C869A629EFFD350B51C9D46F0AC136717D4DB6265C0EE6F9AC8
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\css\craw_window.css	ASCII text	67BF9AABE17541852F9DDFF8245096CD	A4AC74DD258E8E0689034FAA1B15A5C7C56DC3BB	10DFBD2D98950B79EE12F6B8E3885AABE31543048DE56AD4FC0A5E34D0D9D4EC
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\html\craw_window.html	HTML document, ASCII text	34A839BC40DEBC746BBD181D9EF9310C	8B4EAA74D31EED5B0BABA3CA5460201F6B10DA46	BB8742615E4CD996AE5D0200E443AE6A6F0B473255F03AFFDB8FB4660DE4554D
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\images\flapper.gif	GIF image data, version 89a, 30 x 30	398ABB308EEBC355DA70BCE907B22E29	CFFB77B8A1724B8F81D98C6D6AD0071D10162252	2B73533F47A99FFEA9CC405FFAFA9C4C53623F62487AEBFBA415945120B22040
C:\Users\alfredo\AppData\Local\Temp\scoped_dir6056_300474134\CRX_INSTALL\manifest.json	ASCII text	6CA25F3EF585B63F01BCDF8635120704	00C063811E31EA5F9A00F175A71EA25E7821F621	49D9DE983F7436BA786E6E04A5A20C10F41687AE06B266B1B6553F696719563D
C:\Users\alfredo\AppData\Roaming\Microsoft\Spelling\en-US\default.dic	Little-endian UTF-16 Unicode text, with no line terminators	F3B25701FE362EC84616A93A45CE9998	D62636D8CAEC13F04E28442A0A6FA1AFEB024BBB	B3D510EF04275CA8E698E5B3CBB0ECE3949EF9252F0CDC839E9EE347409A2209

ID:	626005
Product:	CloudBasic
Start time:	13:07:50
Start date:	13.05.2022
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:
Architecture:	WINDOWS

Windows Analysis Report
https://w2globaldata.cabildodeagayu.com/1/?e=bGVzLmZyZWVsYW5kQHcyZ2xvYmFsZGF0YS5jb20=

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://w2globaldata.cabildodeagayu.com/1/?e=bGVzLmZyZWVsYW5kQHcyZ2xvYmFsZGF0YS5jb20=

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://w2globaldata.cabildodeagayu.com/1/?e=bGVzLmZyZWVsYW5kQHcyZ2xvYmFsZGF0YS5jb20=