Windows Analysis Report
https://businessadmin.org/

Overview

General Information

Sample URL:	https://businessadmin.org/
Analysis ID:	635099

Detection

HTMLPhisher

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish20

HTML body contains low number of good links

Suspicious form URL found

No HTML title found

Classification

Signatures

Phishing

Yara detected HtmlPhish20

Source: Yara match

File source: 87441.1.pages.csv, type: HTML

HTML body contains low number of good links

Source: https://productoffice365fax.weebly.com/	HTTP Parser: Number of links: 0
Source: https://productoffice365fax.weebly.com/	HTTP Parser: Number of links: 0

Suspicious form URL found

Source: https://productoffice365fax.weebly.com/	HTTP Parser: Form action: https://productoffice365fax.weebly.com/ajax/apps/formSubmitAjax.php
Source: https://productoffice365fax.weebly.com/	HTTP Parser: Form action: https://productoffice365fax.weebly.com/ajax/apps/formSubmitAjax.php

No HTML title found

Source: https://productoffice365fax.weebly.com/	HTTP Parser: HTML title missing
Source: https://productoffice365fax.weebly.com/	HTTP Parser: HTML title missing

Source: https://productoffice365fax.weebly.com/	HTTP Parser: No <meta name="author".. found
Source: https://productoffice365fax.weebly.com/	HTTP Parser: No <meta name="author".. found

Source: https://productoffice365fax.weebly.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://productoffice365fax.weebly.com/	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.3:63336 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.102.176.152:443 -> 192.168.2.3:63337 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 6MB later: 27MB

Source: unknown

DNS traffic detected: queries for: clients2.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 62303 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58616
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58617
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50213
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61904
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55350
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64453
Source: unknown	Network traffic detected: HTTP traffic on port 51900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61980
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49575
Source: unknown	Network traffic detected: HTTP traffic on port 56772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57386
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62847
Source: unknown	Network traffic detected: HTTP traffic on port 63337 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60667
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63653
Source: unknown	Network traffic detected: HTTP traffic on port 50738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59965
Source: unknown	Network traffic detected: HTTP traffic on port 64727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58146 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64637
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60674
Source: unknown	Network traffic detected: HTTP traffic on port 49575 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63336 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58617 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63653 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50213 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64995
Source: unknown	Network traffic detected: HTTP traffic on port 63506 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61489
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 62411 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62105 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53112
Source: unknown	Network traffic detected: HTTP traffic on port 58871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50401
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57443
Source: unknown	Network traffic detected: HTTP traffic on port 54955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62105
Source: unknown	Network traffic detected: HTTP traffic on port 61904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51900
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65232
Source: unknown	Network traffic detected: HTTP traffic on port 57443 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51375 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51658 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53128
Source: unknown	Network traffic detected: HTTP traffic on port 57386 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58146
Source: unknown	Network traffic detected: HTTP traffic on port 53768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63847
Source: unknown	Network traffic detected: HTTP traffic on port 60674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64133
Source: unknown	Network traffic detected: HTTP traffic on port 53112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62754
Source: unknown	Network traffic detected: HTTP traffic on port 61489 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56772
Source: unknown	Network traffic detected: HTTP traffic on port 58616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63337
Source: unknown	Network traffic detected: HTTP traffic on port 63788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63336
Source: unknown	Network traffic detected: HTTP traffic on port 64637 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64133 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63506
Source: unknown	Network traffic detected: HTTP traffic on port 63502 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55350 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64453 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62411
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63502
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51658
Source: unknown	Network traffic detected: HTTP traffic on port 65232 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51375
Source: unknown	Network traffic detected: HTTP traffic on port 64445 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54486
Source: unknown	Network traffic detected: HTTP traffic on port 54486 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64727
Source: unknown	Network traffic detected: HTTP traffic on port 60667 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50401 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63077
Source: unknown	Network traffic detected: HTTP traffic on port 65535 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64445
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65535
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62303

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.181.227

Source: global traffic

HTTP traffic detected: GET /incorrect-password.html HTTP/1.1Host: productoffice365fax.weebly.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: is_mobile=0; language=en; _snow_id.f1e9=dcc163f9-b6b2-466b-9625-e26a37baa307.1653682759.1.1653682759.1653682759.0eb83685-1f1f-486d-80bc-a7f512dc9aa2; _snow_ses.f1e9=*

Source: unknown	HTTPS traffic detected: 34.96.106.200:443 -> 192.168.2.3:63336 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.102.176.152:443 -> 192.168.2.3:63337 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\alfredo\AppData\Local\Temp\dff828ec-c4c3-46c7-8238-8b277fbd6f2e.tmp

Source: classification engine

Classification label: mal48.phis.win@27/90@16/156

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation --single-argument https://businessadmin.org/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1704,4736951046417788977,18058605637325600590,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1704,4736951046417788977,18058605637325600590,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-62913232-72C.pma

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
74.125.108.199	unknown	United States	15169	GOOGLEUS	false
216.58.212.142	unknown	United States	15169	GOOGLEUS	false
34.96.106.200	td-static-34-96-106-200.parastorage.com	United States	15169	GOOGLEUS	false
52.41.81.16	sp-2020021412301152490000000a-1069308460.us-west-2.elb.amazonaws.com	United States	16509	AMAZON-02US	false
199.34.228.54	pages-wildcard.weebly.com	United States	27647	WEEBLYUS	false
185.230.63.107	businessadmin.org	Israel	58182	WIX_COMIL	false
34.203.102.82	unknown	United States	14618	AMAZON-AESUS	false
52.201.127.108	bi-flogger-alb-ext-343643057.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
142.250.184.227	gstaticadssl.l.google.com	United States	15169	GOOGLEUS	false
142.250.184.206	clients.l.google.com	United States	15169	GOOGLEUS	false
142.250.186.138	unknown	United States	15169	GOOGLEUS	false
142.250.185.67	unknown	United States	15169	GOOGLEUS	false
142.250.184.196	www.google.com	United States	15169	GOOGLEUS	false
142.250.186.141	accounts.google.com	United States	15169	GOOGLEUS	false
151.101.1.46	weebly.map.fastly.net	United States	54113	FASTLYUS	false
34.117.168.233	td-ccm-168-233.wixdns.net	United States	139070	GOOGLE-AS-APGoogleAsiaPacificPteLtdSG	false
142.250.185.136	ssl-google-analytics.l.google.com	United States	15169	GOOGLEUS	false
142.251.37.99	unknown	United States	15169	GOOGLEUS	false
142.250.181.227	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
34.102.176.152	gcp.media-router.wixstatic.com	United States	15169	GOOGLEUS	false
142.250.186.42	unknown	United States	15169	GOOGLEUS	false
142.250.185.74	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.1
127.0.0.1

Contacted Domains

Name	IP	Active
gstaticadssl.l.google.com	142.250.184.227	true
td-ccm-168-233.wixdns.net	34.117.168.233	true
accounts.google.com	142.250.186.141	true
sp-2020021412301152490000000a-1069308460.us-west-2.elb.amazonaws.com	52.41.81.16	true
gcp.media-router.wixstatic.com	34.102.176.152	true
weebly.map.fastly.net	151.101.1.46	true
pages-wildcard.weebly.com	199.34.228.54	true
td-static-34-96-106-200.parastorage.com	34.96.106.200	true
businessadmin.org	185.230.63.107	true
ssl-google-analytics.l.google.com	142.250.185.136	true
www.google.com	142.250.184.196	true
clients.l.google.com	142.250.184.206	true
bi-flogger-alb-ext-343643057.us-east-1.elb.amazonaws.com	52.201.127.108	true
productoffice365fax.weebly.com	unknown	unknown
siteassets.parastorage.com	unknown	unknown
static.wixstatic.com	unknown	unknown
cdn2.editmysite.com	unknown	unknown
frog.editorx.com	unknown	unknown
ec.editmysite.com	unknown	unknown
clients2.google.com	unknown	unknown
frog.wix.com	unknown	unknown
www.businessadmin.org	unknown	unknown
static.parastorage.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://productoffice365fax.weebly.com/	false	high
https://productoffice365fax.weebly.com/ajax/apps/formSubmitAjax.php	false	high
https://www.businessadmin.org/	true	unknown
http://productoffice365fax.weebly.com/incorrect-password.html	false	high
https://productoffice365fax.weebly.com/incorrect-password.html	false	high

Name	Type	MD5	SHA1	SHA256
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\3f837ef4-6bb6-4c49-a519-d6ce8a8680f8.tmp	ASCII text, with very long lines, with no line terminators	EAA0D29FAAA5E226CA2324FE25DC28E1	63351FDCD792058013D348678DD06F4608A99A71	2B508E98C3E32024C6CB73C593B453B580881063FEBD1199E9B29252E93D8106
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\9f38feb6-e82b-4425-a3ef-6bd8fd95420e.tmp	data	FBB5ED735B8137CFA55078CC19A4FF48	86A0E131C89F9A92EA25618106235F29E222E63F	7020574F85C5F3B970E22FC58F12CF89613FDC108945A287294975FF0F26C7A9
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	FA7200D6F80CD1757911C45559E59C0E	89C6E99BAEC4EBB3E9A97B928FB473D1498EBA88	D9779EA4D6DD544A23C2A1C53146B6A4E596927F47DFA0680B0A7EE751D43BB2
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\01e6f39d-7cc0-47be-ad51-6610b8bd74bb.tmp	ASCII text, with very long lines, with no line terminators	CAB8BEABE7E66A4015C98A3C77B3698B	C960AAAEA7014E105290C7D0F09BFCA837C8E8CC	75431010BFE77818B8BEF4B0C4B328C00668DC6B13C09AAB769EBF58BDA4EDF7
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\1310830b-321e-4d8a-b5f8-6497f65556f4.tmp	ASCII text, with very long lines, with no line terminators	CA4D2FEF727DFCE29AEA28A3E4B19F55	F3DB1E1A7A787FC81C8D0B191218F62953EF282D	83E01E3E1D4386D6DCB5AA9960E9AAC3C9798116DBBA9FA090D23F2F782F36CB
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\1ee046b7-032d-48ff-a71a-0c87bbc557a4.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	5BD953283D419A5D200395548ECA3C5A	9B8AB932D3241BB764D94DA7949CC1FB574D2ECA	190CD36A6452267A9EBAD183F43CFA57AE87B582675115752EB439162E519D3B
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\36f094cc-4ce6-46e6-b6c3-f540df4c72f9.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	788BA81AB8C92F1EBCF22D858285D3C2	2541CF79477423B9B901586E659C170A2AD85E07	600FD57F26A2DEF3E72F840FFC858B1ACB3F70345F495D2468AB7D465515039C
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\3c353e07-df8e-4f8a-8ac7-8e18137f1466.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\3c359289-0de6-400b-955b-23b983b9f614.tmp	ASCII text, with very long lines, with no line terminators	D3E7BCDA3CFEB0E9A7E80D046D91A7E3	3BE90F5595F77955D2D63E03F8F39942C9634328	40797C83392FE871C874A3A695D7DFE692DE4DC5D8E26CB856ED84948F7BEAA9
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache	data	8B836F1852C9DD66EE418A575379A7C3	B8BB08BC8704253B1087FF503C5F4343CD57CBE4	3CC5CE2DC2693B8FE3EEC31B5BF0DBA1A45BB84BC5BFAB71866EA4BECAC1C6D0
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)	ASCII text, with very long lines, with no line terminators	CAB8BEABE7E66A4015C98A3C77B3698B	C960AAAEA7014E105290C7D0F09BFCA837C8E8CC	75431010BFE77818B8BEF4B0C4B328C00668DC6B13C09AAB769EBF58BDA4EDF7
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)	ASCII text, with very long lines, with no line terminators	CA4D2FEF727DFCE29AEA28A3E4B19F55	F3DB1E1A7A787FC81C8D0B191218F62953EF282D	83E01E3E1D4386D6DCB5AA9960E9AAC3C9798116DBBA9FA090D23F2F782F36CB
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)	UTF-8 Unicode text, with very long lines, with no line terminators	ABBD1DBFAD5A09A1EB3E93D9FF911654	36B6F16265D69155E5FCBCB6E79889DCFE3C2463	9C8808C368A0D0A0673F5FA8D5EE384605FE92BF24B9ED7BBD5C2426F0CB8442
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\21bba6cd-6715-4435-b492-c1c47b007104.tmp	ASCII text, with no line terminators	038931FF72A0C6AA0695A404960B1B22	90802F36B75C3CA70FC8CD1CF8BDFBAE0E8723A4	BEF93811AE263E2E9145A44205340015843B1D4485D084BB642EAEB500FE564C
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1	data	F50F89A0A91564D0B8A211F8921AA7DE	112403A17DD69D5B9018B8CEDE023CB3B54EAB7D	B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000001.dbtmp	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\CURRENT (copy)	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\MANIFEST-000001	PGP\011Secret Key -	5AF87DFD673BA2115E2FCF5CFDB727AB	D5B5BBF396DC291274584EF71F444F420B6056F1	F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\a7209e08-6427-4eac-953e-fb4b5eaf5207.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	ABBD1DBFAD5A09A1EB3E93D9FF911654	36B6F16265D69155E5FCBCB6E79889DCFE3C2463	9C8808C368A0D0A0673F5FA8D5EE384605FE92BF24B9ED7BBD5C2426F0CB8442
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000006.dbtmp	ASCII text	AEFD77F47FB84FAE5EA194496B44C67A	DCFBB6A5B8D05662C4858664F81693BB7F803B82	4166BF17B2DA789B0D0CC5C74203041D98005F5D4EF88C27E8281E00148CD611
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)	ASCII text	AEFD77F47FB84FAE5EA194496B44C67A	DCFBB6A5B8D05662C4858664F81693BB7F803B82	4166BF17B2DA789B0D0CC5C74203041D98005F5D4EF88C27E8281E00148CD611
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\f066315c-3d7d-4dae-9156-124a8978280e.tmp	ASCII text, with very long lines, with no line terminators	D85F9400DB57BBB7B6D53ADC4D39D191	3FB69E63E637245DB1C08B76DE4E9F374B8B2727	430FC31FAE9EC39FF492157EB1EDC0D23BB5075D74136D69297E2FFB79943BF0
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\f899b80f-8c64-433b-9da2-58d312288467.tmp	ASCII text, with very long lines, with no line terminators	B8ED22BD70E1015C604A79706AFE3D14	1B071D6712D323D67E05451ACF16FCA8EDEF8BBD	1C781386CB9D5E4A5FB36730719BFB580D477412FFC226061EAF6E4A6645F613
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Browser	data	DE9EF0C5BCC012A3A1131988DEE272D8	FA9CCBDC969AC9E1474FCE773234B28D50951CD8	3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Version	ASCII text, with no line terminators	3A0E5D4F452CF99191634D0FFAB744A0	F115BBB898EEFF640D8D19AD44A86C3FCDFFC0AD	B9D528D3AE283039F4700C7E4E790744C58A26353A91B536DD91CBA4F648A35F
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Local State (copy)	ASCII text, with very long lines, with no line terminators	F862C51E63E2F1AE88879A6F57C73D4E	ECEDF94C16D667806041AB658B56735C5AE50EDD	62E1FB3267BE3C7AA433ED6C4769FF3AF52D9EF70CB3CE17D7C3BEC5BFC9EA98
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)	data	FBB5ED735B8137CFA55078CC19A4FF48	86A0E131C89F9A92EA25618106235F29E222E63F	7020574F85C5F3B970E22FC58F12CF89613FDC108945A287294975FF0F26C7A9
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\d7ec130d-d787-480e-82fe-bbfd2e27b454.tmp	ASCII text, with very long lines, with no line terminators	F862C51E63E2F1AE88879A6F57C73D4E	ECEDF94C16D667806041AB658B56735C5AE50EDD	62E1FB3267BE3C7AA433ED6C4769FF3AF52D9EF70CB3CE17D7C3BEC5BFC9EA98
C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\df762e06-ea47-4b4d-89f4-cd299bad136a.tmp	ASCII text, with very long lines, with no line terminators	F69F22ACEFBEDC5AE2A88FC19BE36C77	F552736FA55004DB6DB58C61EFD146AA5B6E078A	B78AB26472986C4227D16857334233B0B1B22C120B20810CEB89744BE826935E
C:\Users\alfredo\AppData\Local\Temp\1265fdd7-b325-4713-8bab-ac90b940fd66.tmp	Google Chrome extension, version 3	541F52E24FE1EF9F8E12377A6CCAE0C0	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
C:\Users\alfredo\AppData\Local\Temp\3401be7f-e326-4c4f-89f4-aa17a0e1a6ba.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)	2A37AD0EC191D53104BB46953AC6C43C	FD23FFC5B7E4A6B45FBD88A486D15FAA51DC07AE	51F075EB69486CB23B32A0776782B4A1B2AF204429AB94510469E02B115E56CC
C:\Users\alfredo\AppData\Local\Temp\6ddee3e6-6cfb-4c59-a955-a3de15642fce.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)	A83A2746B84F1CF573B02965B72ED592	85CC572D6F90029EB99AAFA56297D1BCA494313A	DF4B53C1C7C48E80753D4945E6EC7847084F51BF57F0ED9D341326C74651D6EC
C:\Users\alfredo\AppData\Local\Temp\83e67817-03b7-49e0-988d-1f43779420a4.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)	71FF1204B60B0B391231CE253D7AF19B	FA096C9999E5C2B2307F06548B8A95032FB76ACF	CBBB8EEA8095E9D7B1862F98FF03056C8B9DB3B5E7AC9DB6AD3BD38CF257A967
C:\Users\alfredo\AppData\Local\Temp\8b86b677-e793-4955-89c0-50d83b300d38.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)	3E5CCD9B583763AF68E28C5101373167	2005CDC0A8070B65E321A197D576698ECC267496	41412C0863920BA95E9FDBD3AF000CBE926A73C078997A233DF55379A5C4D274
C:\Users\alfredo\AppData\Local\Temp\ffc15e06-a205-4a54-a19b-fb5ba8b6890a.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)	173CA02E5B06065771DEB2F28E4E5A9E	20F1774FB280C94C13082A255C27D7A786EFD5C7	634557AE2916F2FAA0CBF2557F8F96E26845ABE94D2784FD73B169EC5618B186
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\bg\messages.json	ASCII text, with very long lines	D7A97183BCBD5FB677AA84D464F0C564	CDBB279B864E2C0A51E0892B8714131802586506	76EFAD74EB8256B942727C42261147EB9CCA48DA284DB3CDCE5DC6A3B4346F02
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\ca\messages.json	ASCII text, with very long lines	58BA5F65ED971591D1F9D81848EE31D0	BDA3C8B74653334FC8F060CAFBCEA58DF0113AB7	CDD91587F5AF2C865776B36A5E9A07B10D21B9D911DE0B814B7A1E94B14AE885
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\cs\messages.json	ASCII text, with very long lines	43161EFFA28A0DBFC67B8F7DBE1B5184	FE0A9235A59B51B7F564F14FF564344927F035B8	3A04421DF5218E8ABD3B0E2AFE11E8338D7BDCBCD1ADB122416944B102BC9696
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\da\messages.json	ASCII text, with very long lines	31264DDBF251A95DE82D0A67FA47DB3A	3A48DC7AF26A153594C7849E1D92AAC31296459B	EDB51898A6C73D0090D6916B7B72EBAC71E964EABB5BA7CD68E21966024F0D23
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\de\messages.json	ASCII text, with very long lines	7639B300B40DDAF95318D2177D3265F9	BF9EFDF073231CB3FCFCA5CCCA25B079ECFC45BD	356A9D4ADFEC484DA824E7A72059B724B1686FC90082F4A4B667630436D593B0
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\el\messages.json	ASCII text, with very long lines	3026E922B17DBEE2674FDAEE960DF584	76602B1E3449F1B67DE42FD31A581B0821BFEFF0	876845B5A061FAB3CF2A1466E01015DC40DF8449F1CB4205F575CEBED8717BAD
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\en\messages.json	ASCII text, with very long lines	DBEDF86FA9AFB3A23DBB126674F166D2	5628AFFBCF6F897B9D7FD9C17DEB9AA75036F1CC	C0945DD5FDECAB40C45361BEC068D1996E6AE01196DCE524266D740808F753FE
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\es\messages.json	ASCII text, with very long lines	3F4B0F56C2839839FC3E3270ED4CB7B6	0D74EA655EAE3990E95BD26F6E1467EDF3EB3478	1912EA5E0A62BBC669DC14AB5A5BD5514B0502C483EE1F27C3F8834384187079
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\es_419\messages.json	ASCII text, with very long lines	1FD5DAF46C4D7C4F571C263EC37B943B	A57EE5EF6861F88005C2230EA3D633A1B4CA105A	BCC2CF06F66E9E3BB4B7887D0EE0AE4A72A6C49F4B2A578A7733B78208984417
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\et\messages.json	ASCII text, with very long lines	0293A7BAE6EEE62C4067A80E262D6A2D	E76B07BD49FFBBFB6841B7335CBE7A9620714402	D06F20D4D68D1DBB89EF7D8E405D9499CB2EB2560217CD5B4A51AB1DD50CAB44
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\fi\messages.json	ASCII text, with very long lines	E5BBE7DBBE75F45BDCD49DB8C797106E	0F069D7D19768180945F0D8B67DC71262FD586A2	BFFB2248B4C66306133FA6ECBB1541F44B3BE22CC8D9A338D690E0B1D0C85532
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\fil\messages.json	ASCII text, with very long lines	658DAD2AF2DC3AC1567D84E8B95F68B0	EE1121215960EC5ED5F7B6BDB8E4680731EBF83D	978BA6D814CF290016833BBAC22DC7C05C2C575B1D6429B9BB14F8C2156BCF29
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\fr\messages.json	ASCII text, with very long lines	1E32A78526E3AC8108E73D384F17450B	BFE2E47D888BA530A27DD1BDE25C46433C2A545C	80F6EE69F1E022812BCCC1DE1CDC53772CDF90F4E93224161B23FA607D45136A
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\hi\messages.json	ASCII text, with very long lines	B739E3B798D3EEB8AFB3E368455A8E97	56E206DD0AC7EB7B179911BE3F7DD78059CBD4F3	BA7A53A1398168719F2ACD58CC5FE06AB0B769ECA896D70E7208B18085B42FFA
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\hr\messages.json	ASCII text, with very long lines	9CF848209FF50DBF68F5292B3421831C	D29880B7B15102469123D8747BF645706CE8595B	EA1744C3CFBAA684A31A00067E8493ED114EFF3E878C797C9C55A7B122D855CD
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\hu\messages.json	ASCII text, with very long lines	4AD92AFDE3408FBBE43B0C3C71677650	3488901077F336A3196F9AE116E36DF1674E1ACA	61258FE04C23AE14FDC99EE846CEA71CC703990CC0F80C3934299646E86C475E
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\id\messages.json	ASCII text, with very long lines	9008516AA1D8F8C2B8ECE70B7E4963AD	EA7AD4BE77A80A4B9FB1E59A340010830E494747	89CAB0AF2B53C6ABEB93C8C628DDCBDD286A7A2672FE03440411BB654E3A0675
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\it\messages.json	ASCII text, with very long lines	BB9C32BA62DDA02F9471C64B5F9CF916	9825037D5D9185C58456CDD887C77B10A41D8C84	43A0B113D3773BA78F82BB9E42DDC46F6892D0FBBB351F94A7C105E4A146E9C1
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\ja\messages.json	ASCII text, with very long lines	96C8CBD161D3CE9CB1A46CB2CD0C6583	78BBFCF035B5B620E353C8E520653ADD3F4E7DB8	81D8F1D9F72B3139BC5D9845BCF82990308FB6175D07514D8238B1E6D5D02E8A
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\lt\messages.json	ASCII text, with very long lines	41F2D63952202E528DBBB683B480F99C	9DD998542DBE6609299D4A5A25364A32FA7D7865	FF7C083CD1E6134DD8263C634336EB852274BAD1BFAD18762814C42BC65309D8
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\lv\messages.json	ASCII text, with very long lines	1D21ED2D46338636E24401F6E56E326F	24497EDB25724BC4A57823C5CD06F50DB9647DD4	434A375C32B8A21C435511C551F740FD4D170EC528A8F4EFC3D798EA4A07B606
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\nb\messages.json	ASCII text, with very long lines	8F0168B9A546D5A99FD8A262C975C80E	B0718071BD0B7251D4459E9C87DF50C14622FBD6	F03FA7384DF79EBA6E0274D570996030F595A3BF6B781929DD9DB6593262E41F
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\nl\messages.json	ASCII text, with very long lines	E7F74DCE7B6411E4E0D95E9252CF74FA	33CC6C73C5F8D0144C0260C2E5A9BD0DB3EF6477	3564AEF46C01602B19CC29FD8A79676C543427EDE98206D0C91B33AF0CCF3977
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\pl\messages.json	ASCII text, with very long lines	E16649D87E4CA6462192CF78EBE543EC	53097D592B13F3C1370366B25024EA72208B136A	EB435F7460A63576CA1ECB51948E7A3AD5168D2F175AE2B5836D469672923D84
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\pt_BR\messages.json	ASCII text, with very long lines	1F4BC8A5EFD59D61127ABEECD4B6CAE3	8647B4D2D643AE4F784ABDDC50D87A39AD02971A	E1950CBBF056F068EA56160DDB318F3E6232BFBBE096D221C7CA6FCAACE2A8B9
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\pt_PT\messages.json	ASCII text, with very long lines	D80ECE7E4B3741CD9CD29B89D006B864	8F0D587B78E36861ED00524ABF886FA20E14CAE4	C8FF9ACAEA1D3B6F8483339CB40F66BC563CCA8DD87F2337F813C492B20F451B
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\ro\messages.json	ASCII text, with very long lines	D63E66B94A4EA2085D80E76209582FB1	4ECAC3EB64DD6253310A0776E6D42257FC290D77	91A5AAD210C3E0241106E8821B3897EDEFEC9D85033C94DB2324FF3A5FDE5AC7
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\ru\messages.json	ASCII text, with very long lines	22F9E62ABAD82C2190A839851245A495	E7F79BD875918F0D0799DB5F45FAC6297FB66AF7	9FC1167626C97BCBFDAFF23C6033A44252F89A501AF1DF41C43CB3A994FEB09F
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\sk\messages.json	ASCII text, with very long lines	4BBAA10FD00AADBBA3EF6E805E8E1A62	1991901BD6A20C4A7977F09DF30C0CFF0524C504	906C4F7FDDE15DE4C841E7910BBF14D9175E894BCB244B56E8447A5ADFA5B7AB
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\sl\messages.json	ASCII text, with very long lines	F45DE58765A37FD095319D7DEB0F2FB6	B585A485C9BC1982EDF7AE0B9AC73A8E91D41CB5	8366774AA582035BC7D949F4E28FAEC371C305D01404DF56FFF5A78B4F6ECDB7
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\sr\messages.json	ASCII text, with very long lines	92C1FAC62EB7F92EC3794D4A141BEF32	2AFA41BF51BF9A1089B0B92A9D2DC74299B79813	9DF154C93B02695AF1CC39F085D9D178EC6AF131A62C2AFC65F125F8F9A5B7AC
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\sv\messages.json	ASCII text, with very long lines	6E1BE9CEE29818E54E3D1C7D483DD6F7	B9DD926B60E225C5BE8A1DBB7EF3ACE422A204A9	E348583D8C53F4A5DEC4551DA93785C17108466E427E06F84708AA383EA0E326
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\th\messages.json	ASCII text, with very long lines	283D5177FB2FC7082967988E2683EC7C	DEDE43967F3CEF9D9325F140872A63BFCE2AA8C5	E8D5820BDE31B66A7641068FDEDD1A5F20C1A783460B98887A670F38422099CF
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\tr\messages.json	ASCII text, with very long lines	1BF2AA4BB904B406C9C2B7DF769BB540	8D29C4B7A79AB0657747CA194D1934292A46D2A8	0F2E8285BA3E2BDBA6B16435FB941B07159AACFAC80196AD5941B79AB52B712A
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\uk\messages.json	ASCII text, with very long lines	FD1C9890679036E1AD914218753B1E8E	58160F7A0FC94110A2876223E406A517C8E2660B	39D19CC3387FFCE13A8F11DAD72E2FCBB7CD1A4367EC699AD7C40D6F52ECE717
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\vi\messages.json	ASCII text, with very long lines	7D52E9357AB847B4CC8DBC8CC4DA93F5	AF877F3992D8056C8F08462BD575595BF79FE5B0	313F71F3FFDCEFC76FC746FF2029FBF8FBE38BD83DCF952FC3DDCD8AA96D5CFB
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\zh_CN\messages.json	ASCII text, with very long lines	393680A09DEE0CB9046A62BDC0750B74	54E7F8215061A4AB241B87AE4E81C8F860EB2C2B	D5FB52C2897FD5C294784DB63C933AC77C609D10AC91431CCB295D87452CBEE6
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\_locales\zh_TW\messages.json	ASCII text, with very long lines	CD30D132A7213FC1B7E03C6D0A49CCF7	1141DED39023B821FE9BB4682E0D1EB5469DAF76	5717F13D10E63255947F750C79CBB6BD04A6D97A08261E8D5764AF5EB0561A28
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\craw_background.js	ASCII text, with very long lines	6EEBED29E6A6301E92A9B8B347807F5F	65DFB69B650560551110B33DCBA50B25E5B876DE	04CD9494B0ED83924DAD12202630B20D053D9E2819C8E826A386C814CC0A1697
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\craw_window.js	ASCII text, with very long lines	1709B6F00A136241185161AA3DF46A06	33DA7D262FFED1A5C2D85B7390E9DBC830CBE494	5721A4B3F8E09C869A629EFFD350B51C9D46F0AC136717D4DB6265C0EE6F9AC8
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\css\craw_window.css	ASCII text	67BF9AABE17541852F9DDFF8245096CD	A4AC74DD258E8E0689034FAA1B15A5C7C56DC3BB	10DFBD2D98950B79EE12F6B8E3885AABE31543048DE56AD4FC0A5E34D0D9D4EC
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\html\craw_window.html	HTML document, ASCII text	34A839BC40DEBC746BBD181D9EF9310C	8B4EAA74D31EED5B0BABA3CA5460201F6B10DA46	BB8742615E4CD996AE5D0200E443AE6A6F0B473255F03AFFDB8FB4660DE4554D
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\images\flapper.gif	GIF image data, version 89a, 30 x 30	398ABB308EEBC355DA70BCE907B22E29	CFFB77B8A1724B8F81D98C6D6AD0071D10162252	2B73533F47A99FFEA9CC405FFAFA9C4C53623F62487AEBFBA415945120B22040
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\images\icon_128.png	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	30899B6C4E4A757B8EC6DD2208ACDFB4	F2C5880A724C6D75CCE1B5191E0D82C3BC7DE768	4F17EFBD974A41D88CB36567AAB6BF4586579E78780F00B1826676819E14BFF4
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\images\icon_16.png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	344554D96E418120BD80EF5DE5194697	23E141C3A6CE368ACC1C299F062AB85914BCB17E	0A4BD08DB6422F8E7A8A218EF39C1B99A5A675F12697F26BE88F9AFC2E1F9378
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\images\topbar_floating_button.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	8803665A6328D23CC1014A7B0E9BE295	9DA6EE729D5A6E9F30658B8EC954710F107A641F	D5F9234DC36E7FFA85F35B2359A4F82276F8395EFA76E4553507EA990B27FC6C
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\images\topbar_floating_button_close.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	0599DFD9107C7647F27E69331B0A7D75	3198C0A5F34DB67F91A0035DBC297354CBC95525	131817CD9311C03DF22D769DD2AD7FA2E6E9558863A89F7E5E1657424031A937
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\images\topbar_floating_button_hover.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	7CB6B9DC1A30F63B8BD976924B75AD96	0C40B0C496D2F2B5F2021C117EC8610AC03AB469	721B7AAA9A42A54A349881615A12E3A26983ACA48E173FD2F66E66AA0D725735
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\images\topbar_floating_button_maximize.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	232CE72808B60CBE0F4FA788A76523DF	721A9C98C835D2CD734153BBE07833C6637ECD68	AFA4EA944CBDEC8543242E627EF46D5BFD3766DCAC664E7E50CDEEF2B352740C
C:\Users\alfredo\AppData\Local\Temp\scoped_dir1836_251390515\CRX_INSTALL\manifest.json	ASCII text	6CA25F3EF585B63F01BCDF8635120704	00C063811E31EA5F9A00F175A71EA25E7821F621	49D9DE983F7436BA786E6E04A5A20C10F41687AE06B266B1B6553F696719563D
C:\Users\alfredo\AppData\Roaming\Microsoft\Spelling\en-US\default.dic	Little-endian UTF-16 Unicode text, with no line terminators	F3B25701FE362EC84616A93A45CE9998	D62636D8CAEC13F04E28442A0A6FA1AFEB024BBB	B3D510EF04275CA8E698E5B3CBB0ECE3949EF9252F0CDC839E9EE347409A2209

ID:	635099
Product:	CloudBasic
Start time:	13:18:24
Start date:	27.05.2022
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:
Architecture:	WINDOWS

Windows Analysis Report
https://businessadmin.org/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://businessadmin.org/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Software Vulnerabilities

Networking

System Summary

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://businessadmin.org/