Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://momshi.gq/secure/MailUpdateFresh

Overview

General Information

Sample URL:https://momshi.gq/secure/MailUpdateFresh
Analysis ID:635153

Detection

HTMLPhisher
Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Yara detected HtmlPhish10
HTML body contains low number of good links
No HTML title found

Classification

Process Tree

  • System is start
  • chrome.exe (PID: 3084 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation --single-argument https://momshi.gq/secure/MailUpdateFresh MD5: 74859601FB4BEEA84B40D874CCB56CAB)
    • chrome.exe (PID: 4324 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1736,12267277681355210943,5606043116382681651,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 /prefetch:8 MD5: 74859601FB4BEEA84B40D874CCB56CAB)
  • cleanup

Yara Signatures

HTML

SourceRuleDescriptionAuthorStrings
72168.0.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security

    Sigma Signatures

    No Sigma rule has matched

    Snort Signatures

    No Snort rule has matched

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    Phishing

    barindex
    Yara detected HtmlPhish10
    Source: Yara matchFile source: 72168.0.pages.csv, type: HTML
    Source: https://momshi.gq/secure/MailUpdateFresh/?err=S58O5UVNPFJAHMCEGTQ&dispatch=C08&id=AC3ba2a62B47C134a9BA25C10B239bHTTP Parser: Number of links: 0
    Source: https://momshi.gq/secure/MailUpdateFresh/?err=S58O5UVNPFJAHMCEGTQ&dispatch=C08&id=AC3ba2a62B47C134a9BA25C10B239bHTTP Parser: Number of links: 0
    Source: https://momshi.gq/secure/MailUpdateFresh/?err=S58O5UVNPFJAHMCEGTQ&dispatch=C08&id=AC3ba2a62B47C134a9BA25C10B239bHTTP Parser: HTML title missing
    Source: https://momshi.gq/secure/MailUpdateFresh/?err=S58O5UVNPFJAHMCEGTQ&dispatch=C08&id=AC3ba2a62B47C134a9BA25C10B239bHTTP Parser: HTML title missing
    Source: https://momshi.gq/secure/MailUpdateFresh/?err=S58O5UVNPFJAHMCEGTQ&dispatch=C08&id=AC3ba2a62B47C134a9BA25C10B239bHTTP Parser: No <meta name="author".. found
    Source: https://momshi.gq/secure/MailUpdateFresh/?err=S58O5UVNPFJAHMCEGTQ&dispatch=C08&id=AC3ba2a62B47C134a9BA25C10B239bHTTP Parser: No <meta name="author".. found
    Source: https://momshi.gq/secure/MailUpdateFresh/?err=S58O5UVNPFJAHMCEGTQ&dispatch=C08&id=AC3ba2a62B47C134a9BA25C10B239bHTTP Parser: No <meta name="copyright".. found
    Source: https://momshi.gq/secure/MailUpdateFresh/?err=S58O5UVNPFJAHMCEGTQ&dispatch=C08&id=AC3ba2a62B47C134a9BA25C10B239bHTTP Parser: No <meta name="copyright".. found
    Source: unknownHTTPS traffic detected: 91.209.70.20:443 -> 192.168.2.3:52215 version: TLS 1.2
    Source: unknownDNS traffic detected: queries for: clients2.google.com
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50327
    Source: unknownNetwork traffic detected: HTTP traffic on port 56530 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63592
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51343
    Source: unknownNetwork traffic detected: HTTP traffic on port 52215 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 63592 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52215
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59216
    Source: unknownNetwork traffic detected: HTTP traffic on port 63663 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55666
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56530
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52560
    Source: unknownNetwork traffic detected: HTTP traffic on port 51343 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 52560 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63663
    Source: unknownNetwork traffic detected: HTTP traffic on port 62765 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50327 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61553
    Source: unknownNetwork traffic detected: HTTP traffic on port 55666 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 61553 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 59216 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 62765
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.99
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.99
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.99
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.99
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.99
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.99
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.99
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.99
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.99
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.99
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.67
    Source: unknownHTTPS traffic detected: 91.209.70.20:443 -> 192.168.2.3:52215 version: TLS 1.2
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\alfredo\AppData\Local\Temp\cbcd19aa-87d6-437a-9a5e-32fe4c4d9ce0.tmp
    Source: classification engineClassification label: mal48.phis.win@23/56@6/128
    Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation --single-argument https://momshi.gq/secure/MailUpdateFresh
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1736,12267277681355210943,5606043116382681651,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 /prefetch:8
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1736,12267277681355210943,5606043116382681651,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 /prefetch:8
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-62915755-C0C.pma
    Source: Window RecorderWindow detected: More than 3 window changes detected

    Mitre Att&ck Matrix

    Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
    Valid AccountsWindows Management InstrumentationPath Interception1
    Process Injection    		1
    Masquerading    		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network Medium2
    Encrypted Channel    		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
    Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
    Process Injection    		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth1
    Non-Application Layer Protocol    		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
    Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration2
    Application Layer Protocol    		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    https://momshi.gq/secure/MailUpdateFresh0%Avira URL Cloudsafe

    Dropped Files

    No Antivirus matches

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    No Antivirus matches

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    accounts.google.com
    		142.250.185.141
    		truefalse
      		high
      cdnjs.cloudflare.com
      		104.17.24.14
      		truefalse
        		high
        clients.l.google.com
        		142.250.186.174
        		truefalse
          		high
          momshi.gq
          		91.209.70.20
          		truefalse
            		unknown
            clients2.google.com
            		unknown
            		unknownfalse
              		high
              cdn.jsdelivr.net
              		unknown
              		unknownfalse
                		high

                Contacted URLs

                NameMaliciousAntivirus DetectionReputation
                https://momshi.gq/secure/MailUpdateFresh/?err=S58O5UVNPFJAHMCEGTQ&dispatch=C08&id=AC3ba2a62B47C134a9BA25C10B239btrue
                  		unknown

                  World Map of Contacted IPs

                  • No. of IPs < 25%
                  • 25% < No. of IPs < 50%
                  • 50% < No. of IPs < 75%
                  • 75% < No. of IPs

                  Public IPs

                  IPDomainCountryFlagASNASN NameMalicious
                  142.250.185.99
                  		unknownUnited States
                  		15169GOOGLEUSfalse
                  104.17.24.14
                  		cdnjs.cloudflare.comUnited States
                  		13335CLOUDFLARENETUSfalse
                  142.250.74.202
                  		unknownUnited States
                  		15169GOOGLEUSfalse
                  142.250.185.67
                  		unknownUnited States
                  		15169GOOGLEUSfalse
                  216.58.212.142
                  		unknownUnited States
                  		15169GOOGLEUSfalse
                  142.250.186.174
                  		clients.l.google.comUnited States
                  		15169GOOGLEUSfalse
                  104.16.89.20
                  		unknownUnited States
                  		13335CLOUDFLARENETUSfalse
                  74.125.111.134
                  		unknownUnited States
                  		15169GOOGLEUSfalse
                  239.255.255.250
                  		unknownReserved
                  		unknownunknownfalse
                  142.250.185.141
                  		accounts.google.comUnited States
                  		15169GOOGLEUSfalse
                  91.209.70.20
                  		momshi.gqRussian Federation
                  		43317FISHNET-ASRUfalse
                  142.251.36.99
                  		unknownUnited States
                  		15169GOOGLEUSfalse

                  Private

                  IP
                  192.168.2.1
                  127.0.0.1

                  General Information

                  Joe Sandbox Version:34.0.0 Boulder Opal
                  Analysis ID:635153
                  Start date and time: 27/05/202215:56:502022-05-27 15:56:50 +02:00
                  Joe Sandbox Product:CloudBasic
                  Hypervisor based Inspection enabled:false
                  Report type:full
                  Cookbook file name:defaultwindowsinteractivecookbook.jbs
                  Sample URL:https://momshi.gq/secure/MailUpdateFresh
                  Number of analysed new started processes analysed:11
                  Number of new started drivers analysed:0
                  Number of existing processes analysed:0
                  Number of existing drivers analysed:0
                  Number of injected processes analysed:0
                  Technologies:
                  • EGA enabled
                  Analysis Mode:stream
                  Analysis stop reason:Timeout
                  Detection:MAL
                  Classification:mal48.phis.win@23/56@6/128
                  Cookbook Comments:
                  • Adjust boot time
                  • Enable AMSI

                  Warnings

                  • Exclude process from analysis (whitelisted): CompPkgSrv.exe, SIHClient.exe, svchost.exe
                  • Excluded IPs from analysis (whitelisted): 142.251.36.99, 216.58.212.142, 74.125.111.134, 104.16.89.20, 104.16.85.20, 104.16.86.20, 104.16.88.20, 104.16.87.20, 142.250.74.202
                  • Excluded domains from analysis (whitelisted): login.live.com
                  • Not all processes where analyzed, report is missing behavior information
                  • Report size getting too big, too many NtOpenFile calls found.

                  Created / dropped Files

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\4a599cc1-953b-4a36-ac02-943d11ed66b9.tmp

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:data
                  Category:dropped
                  Size (bytes):96852
                  Entropy (8bit):3.756665696445929
                  Encrypted:false
                  SSDEEP:
                  MD5:63E8F27DCC6773B05C2D2FEB1EBCBB85
                  SHA1:4E4E7A1A7BE5B53047ACBB7DD1F47958F97557C6
                  SHA-256:8D48BB71F19C9097122E97BB1190D2BCB136B29F856DB7F794FCD0D69CB70F75
                  SHA-512:872EBD6656667FC79CE95075F490AAFB312CFA09D36D60F48496187A9536BCF2D83E3BA759788DB1EAF4A35C3252C083F70BE7516EAC790AE573E4C384A27DD0
                  Malicious:false
                  Reputation:low
                  Preview:Pz..............T...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\.F.i.l.e.S.y.n.c.S.h.e.l.l.6.4...d.l.l.......puA...c.:.\.p.r.o.g.r.a.m. .f.i.l.e.s. .(.x.8.6.).\.m.i.c.r.o.s.o.f.t. .o.n.e.d.r.i.v.e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\.......f.i.l.e.s.y.n.c.s.h.e.l.l.6.4...d.l.l.......M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e."...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n.....2.1...0.8.3...0.4.2.5...0.0.0.3.....T...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\.F.i.l.e.S.y.n.c.S.h.e.l.l.6.4...d.l.l.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n...n]8. ...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.7.-.Z.i.p.\.7.-.z.i.p...d.l.l.......n\....%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.7.-.z.i.p.\.......7.-.z.i.p...d.l.l.......7.-.Z.i.p.......7.-.Z.i.p. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n.......1.9...0.0...............n]8.....

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\8e446481-1d29-4d86-aa4c-e060d4206052.tmp

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines, with no line terminators
                  Category:dropped
                  Size (bytes):105268
                  Entropy (8bit):6.035756413310612
                  Encrypted:false
                  SSDEEP:
                  MD5:F7FD22772C1A12EA055B169EF587C5C5
                  SHA1:35B03CC401372B23449C04A16B87D7B90A567ED2
                  SHA-256:E7F022C50EFCA3D95E8A59B6E196CBD87F71DCB6E65463CB26713FA75AB422E7
                  SHA-512:D842EC62F33B5E16BC4056BB2F185C5D3266C0DE2D39A9820AEED5F376CDF6DFDF514126D972F073119FC6CB40267EEF7F7EA8D86CEB2111CF56ECA5F65FAF7D
                  Malicious:false
                  Reputation:low
                  Preview:{"browser":{"last_redirect_origin":"","shortcut_migration_version":"91.0.4472.77"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.653692249141033e+12,"network":1.65365985e+12,"ticks":169055857.0,"uncertainty":3042305.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABBQ7WxpM2gT7fMNkY5iRxkAAAAAAIAAAAAABBmAAAAAQAAIAAAALDWDwoLRYqp0NkiPsTxUN2QcOPsitaJrdacpo+ULE2PAAAAAA6AAAAAAgAAIAAAAOIeKQBWbQSCqXv1OSNS2lIZGHfAdJRwvbkapN4/FWvwMAAAAPz8I/w07KQb4Ut8ObsBGVgFwbuU88R362cCGZpNEtOEILJDMaKWOA4Y9ejBRTt5kEAAAADq8RkIezfgqGPgEaEMkhoGd9qhyBeyucXcRUPEI7mgYIxaDt8C5FJrjkEhV5EOUcUmR2SCzqYelImLnfOlbhRQ"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13288110187821495"},"policy":{"last_statistics_update":"1329816584622207

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:data
                  Category:dropped
                  Size (bytes):40
                  Entropy (8bit):3.254162526001658
                  Encrypted:false
                  SSDEEP:
                  MD5:FA7200D6F80CD1757911C45559E59C0E
                  SHA1:89C6E99BAEC4EBB3E9A97B928FB473D1498EBA88
                  SHA-256:D9779EA4D6DD544A23C2A1C53146B6A4E596927F47DFA0680B0A7EE751D43BB2
                  SHA-512:71D9B2DA8EAF404063D918812BA61C3EFB6A23A283B0332180A38C8137FBB21D7977C008D5A57A74469776945CD4ED42C0BCC09F923EDEC52D8F7FE90FA2D104
                  Malicious:false
                  Reputation:low
                  Preview:sdPC.....................A.>'..M..,.,.-.

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\26ae99c0-286c-4659-9e39-ad53e5547473.tmp

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines, with no line terminators
                  Category:dropped
                  Size (bytes):3488
                  Entropy (8bit):4.941863234479792
                  Encrypted:false
                  SSDEEP:
                  MD5:C021202ED978995370C3C94FEAB9BA79
                  SHA1:8038B7D55499296515229109D3EFEE29739D655D
                  SHA-256:5C81B7C13FD4CE90764BA09377F38A71B8906610FE289BE3211880F022108C67
                  SHA-512:73BB9838429FBD4FE334E2F196A465F4B1F85E3D5F5258928EAE8DAD626B3C992B191AF35239D5454967462DDF944FBA87B51B64CD8B771F1923098577B6087C
                  Malicious:false
                  Reputation:low
                  Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13298165848173662","alternate_error_pages":{"backup":true},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2734},"default_apps_install_state":2,"domain_diversity":{"last_reporting_timestamp":"13298165848115674"},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chrome_version":"92.0.4515.107"},"gcm":{"product_category_for_subtypes":"com.chrome.windows"},"google":{"services":{"signin_scoped_device_id":"8b94c9b7-4c8a-4f2a-952f-35ad7ba060e1"}},"intl":{"selected_languages":"en-US,en"},"invalidation":{"per_sender_topics_to_handler":{"1013309121859":{},"8181035976":{}}},"media":{"device_id_salt":"F5F38AB4D674AAA1DA13229EAD5FA715","engagement":{"schema_version":4}},

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\2844603e-1a2e-48b5-b0bd-ac93faddd724.tmp

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines, with no line terminators
                  Category:dropped
                  Size (bytes):3343
                  Entropy (8bit):4.945222848960228
                  Encrypted:false
                  SSDEEP:
                  MD5:CAB8BEABE7E66A4015C98A3C77B3698B
                  SHA1:C960AAAEA7014E105290C7D0F09BFCA837C8E8CC
                  SHA-256:75431010BFE77818B8BEF4B0C4B328C00668DC6B13C09AAB769EBF58BDA4EDF7
                  SHA-512:0D1E94E84294AEA4BF400FF9D0654748BFFEB92D3A1643A6A13B541ADB1BC13EA2F649560A27C8CC3D8AEF9DA5D6B668C7E3BE696091CE882A475B91A9A4CAC8
                  Malicious:false
                  Reputation:low
                  Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3-29"],"expiration":"13270230891381309","port":443,"protocol_str":"quic"},{"advertised_alpns":["h3-Q050"],"expiration":"13270230891381310","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":39697},"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3-29"],"expiration":"13270230887958662","port":443,"protocol_str":"quic"},{"advertised_alpns":["h3-Q050"],"expiration":"13270230887958664","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":52163},"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3-29"],"expiration":"13270230886326794","port":443,"protocol_str":"quic"},{"advertised_alpns":["h3-Q050"],"expiration":"13270230886326795","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://clients2.google.com","supports_spdy

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines, with no line terminators
                  Category:dropped
                  Size (bytes):11336
                  Entropy (8bit):6.0707244876366575
                  Encrypted:false
                  SSDEEP:
                  MD5:2E2110A99AD3AE9721A458C95C64C868
                  SHA1:72AE17599EDC0B2DC61C41D946E3E296864F2CBA
                  SHA-256:BB46BA705D5F6F43F66B07EA5DA4CC7CC0BF8FE635CCC4EBBA30A5D4A54158DE
                  SHA-512:29D95D043F3E529DD33F73B3207A9167D479D9FC404209497B53229CF68AA634CB8A1FE3FD08512FD7F48AFB567144DB873FBBDAD8171D42968B97357F06BC1E
                  Malicious:false
                  Reputation:low
                  Preview:{"file_hashes":[{"block_hashes":["8D+nOE33nrpuAnTVcJlgMPWVo79reBkp3Z22WTJi5B8="],"block_size":4096,"path":"_locales/nb/messages.json"},{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico (copy)

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
                  Category:dropped
                  Size (bytes):181072
                  Entropy (8bit):5.774426487043815
                  Encrypted:false
                  SSDEEP:
                  MD5:1B40AC9ABB964672109D49ABFCFE2717
                  SHA1:966E224F2887075825D42D2E7E0063BFAA81A99C
                  SHA-256:503149B1B47F8296DEDB800251DBD9AF614856F0D7E6AB1C03DBC90EBCE53674
                  SHA-512:00B50E49CAFD8246102BB460C7B96C20B50A2DDCB48A64C40D65901B517A2698DB9C5AA5EC7F143314DDB8D74624377F12A95C7F4D9FCE206473E8BBF126388B
                  Malicious:false
                  Reputation:low
                  Preview:............ .H............. ............... .p............. .h...n......... ............... ......... .... .....n...((.... .h.......00.... ..%..~H..@@.... .(B..&n..``.... .....N......... .(....D........ .2v...M..(............. .................................]..X\.).H...>..Z............\..._...V...F...A...A.......^..Wb...f.)...l...v.M...B...@..Wc...[.....z...`...J.....9...E...k...R.D.......G...A.....;...E...h..XKd..KW..........D...>...=..X....GQ.JW..;M..8K..@H..=;.............JV.YKV.IT.BS.Y........................................(............. .....................................[..TZ.5.B...@..T................X...]...`...\...K...D...A...;.......3...\...e...V...h.).d.G.<...F...@...3...^..Td...X.....e....v.....:...E...=..T`...d...h.B.....?...;...O...B...A...b.!.g...Ru......9...8...P...C...C...l..U].M.5@..............6...C...@..T....EW..LX..=K..Ob..Me..5R..AX..;V..++......BL..KW..KW..DO..BL..EN..AJ..;1..................HT.UIV.FT.BQ.U..............................

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:zlib compressed data
                  Category:dropped
                  Size (bytes):1206
                  Entropy (8bit):5.800671166765128
                  Encrypted:false
                  SSDEEP:
                  MD5:05534453BDC0DEBC4429C0C458C8994D
                  SHA1:E995247D48BEF49843FBEF3B72EB756E26012C2A
                  SHA-256:107F51E92C37C4456D4666E557F66F86B9A5D61463390E64196DC9349B4707D4
                  SHA-512:7318E1F774894D0BDBB3752EF461ECE8F03CA569836E3039ADABA9A0E05C66467C727A982D47D2B3C918D43268DA2A2B945D72F3FF5748C163BA963FF5D377A2
                  Malicious:false
                  Reputation:low
                  Preview:............"......ac3ba2a62b47c134a9ba25c10b239b..c08..dispatch..err..gq..https..id..login..mailupdatefresh..momshi..s58o5uvnpfjahmcegtq..secure..v2*....."..ac3ba2a62b47c134a9ba25c10b239b......c08......dispatch......err......gq......https......id......login......mailupdatefresh......momshi......s58o5uvnpfjahmcegtq......secure......v2..2.........0.........1........2.........3........4........5.........6........7........8.........9........a...........b........c............d..........e...........f.........g..........h............i............j........l.........m..........n.........o..........p...........q.........r..........s.............t...........u..........v....:.......................................................................................................................................B............. .......*phttps://momshi.gq/secure/MailUpdateFresh/?err=S58O5UVNPFJAHMCEGTQ&dispatch=C08&id=AC3ba2a62B47C134a9BA25C10B239b2.Login V2:................T...... ......*(https://

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines, with no line terminators
                  Category:dropped
                  Size (bytes):3343
                  Entropy (8bit):4.945222848960228
                  Encrypted:false
                  SSDEEP:
                  MD5:CAB8BEABE7E66A4015C98A3C77B3698B
                  SHA1:C960AAAEA7014E105290C7D0F09BFCA837C8E8CC
                  SHA-256:75431010BFE77818B8BEF4B0C4B328C00668DC6B13C09AAB769EBF58BDA4EDF7
                  SHA-512:0D1E94E84294AEA4BF400FF9D0654748BFFEB92D3A1643A6A13B541ADB1BC13EA2F649560A27C8CC3D8AEF9DA5D6B668C7E3BE696091CE882A475B91A9A4CAC8
                  Malicious:false
                  Reputation:low
                  Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3-29"],"expiration":"13270230891381309","port":443,"protocol_str":"quic"},{"advertised_alpns":["h3-Q050"],"expiration":"13270230891381310","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":39697},"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3-29"],"expiration":"13270230887958662","port":443,"protocol_str":"quic"},{"advertised_alpns":["h3-Q050"],"expiration":"13270230887958664","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":52163},"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3-29"],"expiration":"13270230886326794","port":443,"protocol_str":"quic"},{"advertised_alpns":["h3-Q050"],"expiration":"13270230886326795","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://clients2.google.com","supports_spdy

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines, with no line terminators
                  Category:dropped
                  Size (bytes):4326
                  Entropy (8bit):5.027321471792032
                  Encrypted:false
                  SSDEEP:
                  MD5:170A1273A9DE4A0D473ED4CFB36F5CC7
                  SHA1:F10E840E402D9CBB37478F834A5763556B50EC5E
                  SHA-256:B41390DDCD1283C036E4EC89A1E7E05D7313D437041F4A32364EDD4AE956E464
                  SHA-512:3F71F3669AE4869C9FC66FFBD5C82D1766EDF8271B1F9ED45DF65986F1B984C16FED96D3FAB1C2D1B52BB048642CE160031AC80D50A2D164797FE0A8CCF0235A
                  Malicious:false
                  Reputation:low
                  Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13298165848173662","alternate_error_pages":{"backup":true},"autocomplete":{"retention_policy_last_version":92},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2734,"this_week_services_downstream_foreground_kb":{"115188287":51,"21145003":243,"35565745":2,"5151071":2,"88863520":1}},"default_apps_install_state":2,"domain_diversity":{"last_reporting_timestamp":"13298165848115674"},"download":{"directory_upgrade":true},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chrome_version":"92.0.4515.107"},"gaia_cookie":{"changed_time":1653692250.081002,"hash":"2jmj7l5rSw0yVb/vlWAYkK/YBwk=","last_list_accounts_data":"[\"gaia.l.a.r\",[]]"},"gcm":{"product_category_for_su

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                  Category:dropped
                  Size (bytes):16305
                  Entropy (8bit):5.567751678403647
                  Encrypted:false
                  SSDEEP:
                  MD5:5919C2DE92FA7DA77E47311818DFD583
                  SHA1:35C5BF739E6D4DB92D11828248A6AF398DF5444D
                  SHA-256:F0FEEDAE8E6F2F9AA3F844AD5F9EEB5052DF7ABE749423381A94C9943F85AED9
                  SHA-512:BA308D9D2B6BDA43B4DECD230CD9AE297ECD5EBB3340A23B0F8132BE88A1CD6416308E091D92F6323F3C7E07A6527134FEC82B7EA4F01FA01DB7C1D4A2DF0240
                  Malicious:false
                  Reputation:low
                  Preview:{"download":{"always_open_pdf_externally":true,"directory_upgrade":true,"extensions_to_open":"pdf:doc:docx:docxm:docm:xls:xlsx:xlsxm:xlsm:ppt:pptx:pptxm:pptm:mht:rtf:pub:vsd:mpp:mdb:dot:dotm:xlsb:xll:hwp:show:cell:hwpx:hwt:jtd:zip:iso:7z:rar:tar:vbs:js:jse:vbe:exe:html:htm:xhtml:tbz2:lz"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13298165846913308","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_i

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\ca2e76b2-f365-47c4-ab59-ec5a361ff8c6.tmp

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines, with no line terminators
                  Category:dropped
                  Size (bytes):4326
                  Entropy (8bit):5.027321471792032
                  Encrypted:false
                  SSDEEP:
                  MD5:170A1273A9DE4A0D473ED4CFB36F5CC7
                  SHA1:F10E840E402D9CBB37478F834A5763556B50EC5E
                  SHA-256:B41390DDCD1283C036E4EC89A1E7E05D7313D437041F4A32364EDD4AE956E464
                  SHA-512:3F71F3669AE4869C9FC66FFBD5C82D1766EDF8271B1F9ED45DF65986F1B984C16FED96D3FAB1C2D1B52BB048642CE160031AC80D50A2D164797FE0A8CCF0235A
                  Malicious:false
                  Reputation:low
                  Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13298165848173662","alternate_error_pages":{"backup":true},"autocomplete":{"retention_policy_last_version":92},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2734,"this_week_services_downstream_foreground_kb":{"115188287":51,"21145003":243,"35565745":2,"5151071":2,"88863520":1}},"default_apps_install_state":2,"domain_diversity":{"last_reporting_timestamp":"13298165848115674"},"download":{"directory_upgrade":true},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chrome_version":"92.0.4515.107"},"gaia_cookie":{"changed_time":1653692250.081002,"hash":"2jmj7l5rSw0yVb/vlWAYkK/YBwk=","last_list_accounts_data":"[\"gaia.l.a.r\",[]]"},"gcm":{"product_category_for_su

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\d06c6795-bff5-4def-a070-df6cccdf5158.tmp

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                  Category:dropped
                  Size (bytes):16305
                  Entropy (8bit):5.567751678403647
                  Encrypted:false
                  SSDEEP:
                  MD5:5919C2DE92FA7DA77E47311818DFD583
                  SHA1:35C5BF739E6D4DB92D11828248A6AF398DF5444D
                  SHA-256:F0FEEDAE8E6F2F9AA3F844AD5F9EEB5052DF7ABE749423381A94C9943F85AED9
                  SHA-512:BA308D9D2B6BDA43B4DECD230CD9AE297ECD5EBB3340A23B0F8132BE88A1CD6416308E091D92F6323F3C7E07A6527134FEC82B7EA4F01FA01DB7C1D4A2DF0240
                  Malicious:false
                  Reputation:low
                  Preview:{"download":{"always_open_pdf_externally":true,"directory_upgrade":true,"extensions_to_open":"pdf:doc:docx:docxm:docm:xls:xlsx:xlsxm:xlsm:ppt:pptx:pptxm:pptm:mht:rtf:pub:vsd:mpp:mdb:dot:dotm:xlsb:xll:hwp:show:cell:hwpx:hwt:jtd:zip:iso:7z:rar:tar:vbs:js:jse:vbe:exe:html:htm:xhtml:tbz2:lz"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13298165846913308","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_i

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\d15fca5d-08b6-4733-958e-936bb0e66765.tmp

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:UTF-8 Unicode text, with very long lines, with no line terminators
                  Category:dropped
                  Size (bytes):15765
                  Entropy (8bit):5.573496891568109
                  Encrypted:false
                  SSDEEP:
                  MD5:41F083E2D567A54B2C75511FFBC522CE
                  SHA1:7920BA95D45A6765577697D722BDD792C0FE71FA
                  SHA-256:97A7F5518E6C7D1F0465B92780947173029A440CA000F7FF5D4197DD05F7FEB9
                  SHA-512:5AE9EE5E41A290D33A31EABE479A2B253D44F19D38FD20C174042CDB758A5F0F225F13A99DF992F1A693CF7F2BCE6AEB5A9752B4F59B5E13671015FC84360E0B
                  Malicious:false
                  Reputation:low
                  Preview:{"download":{"always_open_pdf_externally":true,"directory_upgrade":true,"extensions_to_open":"pdf:doc:docx:docxm:docm:xls:xlsx:xlsxm:xlsm:ppt:pptx:pptxm:pptm:mht:rtf:pub:vsd:mpp:mdb:dot:dotm:xlsb:xll:hwp:show:cell:hwpx:hwt:jtd:zip:iso:7z:rar:tar:vbs:js:jse:vbe:exe:html:htm:xhtml:tbz2:lz"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13298165846913308","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_i

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\d4c91a90-595d-4694-9ca3-e3917ed623f9.tmp

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:very short file (no magic)
                  Category:dropped
                  Size (bytes):1
                  Entropy (8bit):0.0
                  Encrypted:false
                  SSDEEP:
                  MD5:5058F1AF8388633F609CADB75A75DC9D
                  SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                  SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                  SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                  Malicious:false
                  Reputation:low
                  Preview:.

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\daa6b740-7dbd-4c49-b1ae-91bf6291846a.tmp

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
                  Category:dropped
                  Size (bytes):181072
                  Entropy (8bit):5.774426487043815
                  Encrypted:false
                  SSDEEP:
                  MD5:1B40AC9ABB964672109D49ABFCFE2717
                  SHA1:966E224F2887075825D42D2E7E0063BFAA81A99C
                  SHA-256:503149B1B47F8296DEDB800251DBD9AF614856F0D7E6AB1C03DBC90EBCE53674
                  SHA-512:00B50E49CAFD8246102BB460C7B96C20B50A2DDCB48A64C40D65901B517A2698DB9C5AA5EC7F143314DDB8D74624377F12A95C7F4D9FCE206473E8BBF126388B
                  Malicious:false
                  Reputation:low
                  Preview:............ .H............. ............... .p............. .h...n......... ............... ......... .... .....n...((.... .h.......00.... ..%..~H..@@.... .(B..&n..``.... .....N......... .(....D........ .2v...M..(............. .................................]..X\.).H...>..Z............\..._...V...F...A...A.......^..Wb...f.)...l...v.M...B...@..Wc...[.....z...`...J.....9...E...k...R.D.......G...A.....;...E...h..XKd..KW..........D...>...=..X....GQ.JW..;M..8K..@H..=;.............JV.YKV.IT.BS.Y........................................(............. .....................................[..TZ.5.B...@..T................X...]...`...\...K...D...A...;.......3...\...e...V...h.).d.G.<...F...@...3...^..Td...X.....e....v.....:...E...=..T`...d...h.B.....?...;...O...B...A...b.!.g...Ru......9...8...P...C...C...l..U].M.5@..............6...C...@..T....EW..LX..=K..Ob..Me..5R..AX..;V..++......BL..KW..KW..DO..BL..EN..AJ..;1..................HT.UIV.FT.BQ.U..............................

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000006.dbtmp

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text
                  Category:dropped
                  Size (bytes):16
                  Entropy (8bit):3.2743974703476995
                  Encrypted:false
                  SSDEEP:
                  MD5:AEFD77F47FB84FAE5EA194496B44C67A
                  SHA1:DCFBB6A5B8D05662C4858664F81693BB7F803B82
                  SHA-256:4166BF17B2DA789B0D0CC5C74203041D98005F5D4EF88C27E8281E00148CD611
                  SHA-512:B733D502138821948267A8B27401D7C0751E590E1298FDA1428E663CCD02F55D0D2446FF4BC265BDCDC61F952D13C01524A5341BC86AFC3C2CDE1D8589B2E1C3
                  Malicious:false
                  Reputation:low
                  Preview:MANIFEST-000006.

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text
                  Category:dropped
                  Size (bytes):16
                  Entropy (8bit):3.2743974703476995
                  Encrypted:false
                  SSDEEP:
                  MD5:AEFD77F47FB84FAE5EA194496B44C67A
                  SHA1:DCFBB6A5B8D05662C4858664F81693BB7F803B82
                  SHA-256:4166BF17B2DA789B0D0CC5C74203041D98005F5D4EF88C27E8281E00148CD611
                  SHA-512:B733D502138821948267A8B27401D7C0751E590E1298FDA1428E663CCD02F55D0D2446FF4BC265BDCDC61F952D13C01524A5341BC86AFC3C2CDE1D8589B2E1C3
                  Malicious:false
                  Reputation:low
                  Preview:MANIFEST-000006.

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Browser

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:data
                  Category:dropped
                  Size (bytes):106
                  Entropy (8bit):3.138546519832722
                  Encrypted:false
                  SSDEEP:
                  MD5:DE9EF0C5BCC012A3A1131988DEE272D8
                  SHA1:FA9CCBDC969AC9E1474FCE773234B28D50951CD8
                  SHA-256:3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
                  SHA-512:CEA946EBEADFE6BE65E33EDFF6C68953A84EC2E2410884E12F406CAC1E6C8A0793180433A7EF7CE097B24EA78A1FDBB4E3B3D9CDF1A827AB6FF5605DA3691724
                  Malicious:false
                  Reputation:low
                  Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Version

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with no line terminators
                  Category:modified
                  Size (bytes):13
                  Entropy (8bit):2.873140679513133
                  Encrypted:false
                  SSDEEP:
                  MD5:3A0E5D4F452CF99191634D0FFAB744A0
                  SHA1:F115BBB898EEFF640D8D19AD44A86C3FCDFFC0AD
                  SHA-256:B9D528D3AE283039F4700C7E4E790744C58A26353A91B536DD91CBA4F648A35F
                  SHA-512:87BF9DB30598EC454A02A4A32E5458E83870524D4AA497CB167C8A92B7521204B7B75E2BE18D61F9FBE51CA7DE8E35782AA65E6F6F11E4A4926A9B6C85D6528A
                  Malicious:false
                  Reputation:low
                  Preview:92.0.4515.107

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Local State (copy)

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):450
                  Entropy (8bit):4.679939707243892
                  Encrypted:false
                  SSDEEP:
                  MD5:DBEDF86FA9AFB3A23DBB126674F166D2
                  SHA1:5628AFFBCF6F897B9D7FD9C17DEB9AA75036F1CC
                  SHA-256:C0945DD5FDECAB40C45361BEC068D1996E6AE01196DCE524266D740808F753FE
                  SHA-512:931D7BA6DA84D4BB073815540F35126F2F035A71BFE460F3CCAED25AD7C1B1792AB36CD7207B99FDDF5EAF8872250B54A8958CF5827608F0640E8AAFE11E0071
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"App currently unavailable."},"craw_connect_to_network":{"message":"Please connect to a network."},"app_name":{"message":"Chrome Web Store Payments"},"app_description":{"message":"Chrome Web Store Payments"},"iap_unavailable":{"message":"In-App Payments is currently unavailable."},"please_sign_in":{"message":"Please sign into Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:data
                  Category:dropped
                  Size (bytes):96852
                  Entropy (8bit):3.756665696445929
                  Encrypted:false
                  SSDEEP:
                  MD5:63E8F27DCC6773B05C2D2FEB1EBCBB85
                  SHA1:4E4E7A1A7BE5B53047ACBB7DD1F47958F97557C6
                  SHA-256:8D48BB71F19C9097122E97BB1190D2BCB136B29F856DB7F794FCD0D69CB70F75
                  SHA-512:872EBD6656667FC79CE95075F490AAFB312CFA09D36D60F48496187A9536BCF2D83E3BA759788DB1EAF4A35C3252C083F70BE7516EAC790AE573E4C384A27DD0
                  Malicious:false
                  Reputation:low
                  Preview:Pz..............T...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\.F.i.l.e.S.y.n.c.S.h.e.l.l.6.4...d.l.l.......puA...c.:.\.p.r.o.g.r.a.m. .f.i.l.e.s. .(.x.8.6.).\.m.i.c.r.o.s.o.f.t. .o.n.e.d.r.i.v.e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\.......f.i.l.e.s.y.n.c.s.h.e.l.l.6.4...d.l.l.......M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e."...M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n.....2.1...0.8.3...0.4.2.5...0.0.0.3.....T...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t. .O.n.e.D.r.i.v.e.\.2.1...0.8.3...0.4.2.5...0.0.0.3.\.a.m.d.6.4.\.F.i.l.e.S.y.n.c.S.h.e.l.l.6.4...d.l.l.....M.i.c.r.o.s.o.f.t. .C.o.r.p.o.r.a.t.i.o.n...n]8. ...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.7.-.Z.i.p.\.7.-.z.i.p...d.l.l.......n\....%.p.r.o.g.r.a.m.f.i.l.e.s.%.\.7.-.z.i.p.\.......7.-.z.i.p...d.l.l.......7.-.Z.i.p.......7.-.Z.i.p. .S.h.e.l.l. .E.x.t.e.n.s.i.o.n.......1.9...0.0...............n]8.....

                  C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\ef939728-6214-4ae2-b16a-6af67c15b51d.tmp

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines, with no line terminators
                  Category:dropped
                  Size (bytes):105156
                  Entropy (8bit):6.034859986870396
                  Encrypted:false
                  SSDEEP:
                  MD5:2F63541DC254AE51C492ABAC6B435262
                  SHA1:887AB595C218143CA55EB689C2172B8617A608BC
                  SHA-256:19E2BE19E41F7160334D276D707E0EEC60BC70569EC88B589B13EA76CC44792C
                  SHA-512:555127DCB8E19031F57CC1647C7A2835681DABF267455DBC1502446512FE138A0E7637AADADFF8615999704983A65737C8BB4A966422059DAC3EE523AD06665E
                  Malicious:false
                  Reputation:low
                  Preview:{"browser":{"last_redirect_origin":"","shortcut_migration_version":"91.0.4472.77"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.653692249141033e+12,"network":1.65365985e+12,"ticks":169055857.0,"uncertainty":3042305.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABBQ7WxpM2gT7fMNkY5iRxkAAAAAAIAAAAAABBmAAAAAQAAIAAAALDWDwoLRYqp0NkiPsTxUN2QcOPsitaJrdacpo+ULE2PAAAAAA6AAAAAAgAAIAAAAOIeKQBWbQSCqXv1OSNS2lIZGHfAdJRwvbkapN4/FWvwMAAAAPz8I/w07KQb4Ut8ObsBGVgFwbuU88R362cCGZpNEtOEILJDMaKWOA4Y9ejBRTt5kEAAAADq8RkIezfgqGPgEaEMkhoGd9qhyBeyucXcRUPEI7mgYIxaDt8C5FJrjkEhV5EOUcUmR2SCzqYelImLnfOlbhRQ"},"policy":{"last_statistics_update":"13298165846222074"},"profile":{"info_cache":{"Default":{"active_time":1653692247.855211,"avatar_icon":"chrome

                  C:\Users\alfredo\AppData\Local\Temp\4a26d9d8-492c-499b-a158-bb369318870c.tmp

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:Google Chrome extension, version 3
                  Category:dropped
                  Size (bytes):248531
                  Entropy (8bit):7.963657412635355
                  Encrypted:false
                  SSDEEP:
                  MD5:541F52E24FE1EF9F8E12377A6CCAE0C0
                  SHA1:189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
                  SHA-256:81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
                  SHA-512:D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
                  Malicious:false
                  Reputation:low
                  Preview:Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f|.~.c.4.E.......0..0...*.H............0.......).'..b.*$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$|..|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...|!..A..L.+.=...kP.!.1..

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\bg\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):1293
                  Entropy (8bit):4.132566655778463
                  Encrypted:false
                  SSDEEP:
                  MD5:D7A97183BCBD5FB677AA84D464F0C564
                  SHA1:CDBB279B864E2C0A51E0892B8714131802586506
                  SHA-256:76EFAD74EB8256B942727C42261147EB9CCA48DA284DB3CDCE5DC6A3B4346F02
                  SHA-512:36F0310DD06319E4A51F77E4C3D64F6276891CE6410FE2571324BB71F2FBCDA368EAC4267FF8268086BE6912E41787D0F70771755E3D49E3E8C26648EAC6EFC9
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"\u041f\u043e\u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c \u043d\u044f\u043c\u0430 \u0434\u043e\u0441\u0442\u044a\u043f \u0434\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435\u0442\u043e."},"craw_connect_to_network":{"message":"\u041c\u043e\u043b\u044f, \u0441\u0432\u044a\u0440\u0436\u0435\u0442\u0435 \u0441\u0435 \u0441 \u043c\u0440\u0435\u0436\u0430."},"app_name":{"message":"\u041f\u043b\u0430\u0449\u0430\u043d\u0438\u044f \u0432 \u0443\u0435\u0431 \u043c\u0430\u0433\u0430\u0437\u0438\u043d\u0430 \u043d\u0430 Chrome"},"app_description":{"message":"\u041f\u043b\u0430\u0449\u0430\u043d\u0438\u044f \u0432 \u0443\u0435\u0431 \u043c\u0430\u0433\u0430\u0437\u0438\u043d\u0430 \u043d\u0430 Chrome"},"iap_unavailable":{"message":"\u041f\u043e\u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c \u043d\u044f\u043c\u0430 \u0434\u043e\u0441\u0442\u044a\u043f \u0434\u043e \u0432\u0433\u0440\u0430\u0434\u0435\u043d\u0430\u0442\u0430 \

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\ca\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):556
                  Entropy (8bit):4.768628082639434
                  Encrypted:false
                  SSDEEP:
                  MD5:58BA5F65ED971591D1F9D81848EE31D0
                  SHA1:BDA3C8B74653334FC8F060CAFBCEA58DF0113AB7
                  SHA-256:CDD91587F5AF2C865776B36A5E9A07B10D21B9D911DE0B814B7A1E94B14AE885
                  SHA-512:BA2A6BAA3011A54E6B07E29DFD133009D66B6CFFF525DEC0024BDE55A9BED463AD130307EE64BFB4A983A11FFD6B44BD53ED38EB144083A2CBEFA8D85C4D5D41
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"Ara mateix aquesta aplicaci\u00f3 no est\u00e0 disponible."},"craw_connect_to_network":{"message":"Connecteu-vos a una xarxa."},"app_name":{"message":"Sistema de pagaments de Chrome Web Store"},"app_description":{"message":"Sistema de pagaments de Chrome Web Store"},"iap_unavailable":{"message":"La funci\u00f3 Pagaments a l'aplicaci\u00f3 no est\u00e0 disponible actualment."},"please_sign_in":{"message":"Inicieu la sessi\u00f3 a Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\cs\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):550
                  Entropy (8bit):4.905634822460801
                  Encrypted:false
                  SSDEEP:
                  MD5:43161EFFA28A0DBFC67B8F7DBE1B5184
                  SHA1:FE0A9235A59B51B7F564F14FF564344927F035B8
                  SHA-256:3A04421DF5218E8ABD3B0E2AFE11E8338D7BDCBCD1ADB122416944B102BC9696
                  SHA-512:FC6A391A4B37FFEE2182F29C1590E32766A1820DC58D0A70A8DD96D7ABE74B47181B24AFFF8ADAE12686CCB1B898DCDDB882EFD205C3387B5B6F3CFBE6E5BA78
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"Aplikace v sou\u010dasn\u00e9 dob\u011b nen\u00ed dostupn\u00e1."},"craw_connect_to_network":{"message":"P\u0159ipojte se pros\u00edm k s\u00edti."},"app_name":{"message":"Platby Internetov\u00e9ho obchodu Chrome"},"app_description":{"message":"Platby Internetov\u00e9ho obchodu Chrome"},"iap_unavailable":{"message":"Platby v aplikaci aktu\u00e1ln\u011b nejsou k dispozici."},"please_sign_in":{"message":"P\u0159ihlaste se do Chromu."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\da\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):505
                  Entropy (8bit):4.795529861403324
                  Encrypted:false
                  SSDEEP:
                  MD5:31264DDBF251A95DE82D0A67FA47DB3A
                  SHA1:3A48DC7AF26A153594C7849E1D92AAC31296459B
                  SHA-256:EDB51898A6C73D0090D6916B7B72EBAC71E964EABB5BA7CD68E21966024F0D23
                  SHA-512:B97D61BD71E3F0A91FF1048D2ACAD4BC092CCAF157B7A96029B6AB5AF1812B01814E3153CD894307CB13DC132523EAC22B19CADA6B97F4B81B0D1132562317B5
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"Appen er ikke tilg\u00e6ngelig i \u00f8jeblikket."},"craw_connect_to_network":{"message":"Opret forbindelse til et netv\u00e6rk."},"app_name":{"message":"Betalinger i Chrome Webshop"},"app_description":{"message":"Betalinger i Chrome Webshop"},"iap_unavailable":{"message":"Betaling i appen er ikke tilg\u00e6ngelig i \u00f8jeblikket."},"please_sign_in":{"message":"Log ind p\u00e5 Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\de\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):516
                  Entropy (8bit):4.809852395188501
                  Encrypted:false
                  SSDEEP:
                  MD5:7639B300B40DDAF95318D2177D3265F9
                  SHA1:BF9EFDF073231CB3FCFCA5CCCA25B079ECFC45BD
                  SHA-256:356A9D4ADFEC484DA824E7A72059B724B1686FC90082F4A4B667630436D593B0
                  SHA-512:70593318C6626B5D25729E8D8109D5611B95283266621BE60ADD7E60C0DD5BC43848E956C767251B7B3CCDF5A0929922DE38F90CC8632CCD0C1CCFC7D6DEFE69
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"Die App ist momentan nicht verf\u00fcgbar."},"craw_connect_to_network":{"message":"Bitte stellen Sie eine Verbindung zu einem Netzwerk her."},"app_name":{"message":"Chrome Web Store-Zahlungen"},"app_description":{"message":"Chrome Web Store-Zahlungen"},"iap_unavailable":{"message":"In-App-Zahlungen sind momentan nicht m\u00f6glich."},"please_sign_in":{"message":"Bitte melden Sie sich in Chrome an."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\el\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):1236
                  Entropy (8bit):4.338644812557597
                  Encrypted:false
                  SSDEEP:
                  MD5:3026E922B17DBEE2674FDAEE960DF584
                  SHA1:76602B1E3449F1B67DE42FD31A581B0821BFEFF0
                  SHA-256:876845B5A061FAB3CF2A1466E01015DC40DF8449F1CB4205F575CEBED8717BAD
                  SHA-512:0C4DCB2589553F9F75534E6C702EBF9095665C93D213564265E39220A99B61BB112A3B20980CE0377C7E98878E3240EB87312B5ECE874382B7E9CA90A0016992
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"\u0397 \u03b5\u03c6\u03b1\u03c1\u03bc\u03bf\u03b3\u03ae \u03c0\u03c1\u03bf\u03c2 \u03c4\u03bf \u03c0\u03b1\u03c1\u03cc\u03bd \u03b4\u03b5\u03bd \u03b5\u03af\u03bd\u03b1\u03b9 \u03b4\u03b9\u03b1\u03b8\u03ad\u03c3\u03b9\u03bc\u03b7."},"craw_connect_to_network":{"message":"\u03a3\u03c5\u03bd\u03b4\u03b5\u03b8\u03b5\u03af\u03c4\u03b5 \u03c3\u03b5 \u03ad\u03bd\u03b1 \u03b4\u03af\u03ba\u03c4\u03c5\u03bf."},"app_name":{"message":"\u03a0\u03bb\u03b7\u03c1\u03c9\u03bc\u03ad\u03c2 \u03c3\u03c4\u03bf Chrome Web Store"},"app_description":{"message":"\u03a0\u03bb\u03b7\u03c1\u03c9\u03bc\u03ad\u03c2 \u03c3\u03c4\u03bf Chrome Web Store"},"iap_unavailable":{"message":"\u039f\u03b9 \u03c0\u03bb\u03b7\u03c1\u03c9\u03bc\u03ad\u03c2 \u03b5\u03bd\u03c4\u03cc\u03c2 \u03b5\u03c6\u03b1\u03c1\u03bc\u03bf\u03b3\u03ce\u03bd \u03b4\u03b5\u03bd \u03b5\u03af\u03bd\u03b1\u03b9 \u03b1\u03c5\u03c4\u03ae\u03bd \u03c4\u03b7 \u03c3\u03c4\u03b9\u03b3\u03bc\u03ae \u03b4\u03b9\u03b1\u03b8

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\en\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):450
                  Entropy (8bit):4.679939707243892
                  Encrypted:false
                  SSDEEP:
                  MD5:DBEDF86FA9AFB3A23DBB126674F166D2
                  SHA1:5628AFFBCF6F897B9D7FD9C17DEB9AA75036F1CC
                  SHA-256:C0945DD5FDECAB40C45361BEC068D1996E6AE01196DCE524266D740808F753FE
                  SHA-512:931D7BA6DA84D4BB073815540F35126F2F035A71BFE460F3CCAED25AD7C1B1792AB36CD7207B99FDDF5EAF8872250B54A8958CF5827608F0640E8AAFE11E0071
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"App currently unavailable."},"craw_connect_to_network":{"message":"Please connect to a network."},"app_name":{"message":"Chrome Web Store Payments"},"app_description":{"message":"Chrome Web Store Payments"},"iap_unavailable":{"message":"In-App Payments is currently unavailable."},"please_sign_in":{"message":"Please sign into Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\es\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):542
                  Entropy (8bit):4.704430479150276
                  Encrypted:false
                  SSDEEP:
                  MD5:3F4B0F56C2839839FC3E3270ED4CB7B6
                  SHA1:0D74EA655EAE3990E95BD26F6E1467EDF3EB3478
                  SHA-256:1912EA5E0A62BBC669DC14AB5A5BD5514B0502C483EE1F27C3F8834384187079
                  SHA-512:4E6A828FE73FC4AB03F0EE966CE7BD8061575A059E90709F908D8D91C5F4EB6A8D25BBFA100E48AD7AC94E76D3BCD3547C277B4150D515222757CC9906AD20A2
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"Esta aplicaci\u00f3n no est\u00e1 disponible en este momento."},"craw_connect_to_network":{"message":"Con\u00e9ctate a una red."},"app_name":{"message":"Sistema de pagos de Chrome Web Store"},"app_description":{"message":"Sistema de pagos de Chrome Web Store"},"iap_unavailable":{"message":"Los pagos en la aplicaci\u00f3n no est\u00e1n disponibles en este momento."},"please_sign_in":{"message":"Inicia sesi\u00f3n en Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\es_419\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):510
                  Entropy (8bit):4.719977015734499
                  Encrypted:false
                  SSDEEP:
                  MD5:1FD5DAF46C4D7C4F571C263EC37B943B
                  SHA1:A57EE5EF6861F88005C2230EA3D633A1B4CA105A
                  SHA-256:BCC2CF06F66E9E3BB4B7887D0EE0AE4A72A6C49F4B2A578A7733B78208984417
                  SHA-512:79C3104F1DC51B17B062803209029C8165DBD391FBE0B69BB406D7B4F92FE1898CAC30E20C2E5CFB65D643B978095626C68EAA0CFCA064354D52D52D16BF21A9
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"Esta aplicaci\u00f3n no est\u00e1 disponible en este momento."},"craw_connect_to_network":{"message":"Con\u00e9ctate a una red."},"app_name":{"message":"Sistema de pagos de Chrome Web Store"},"app_description":{"message":"Sistema de pagos de Chrome Web Store"},"iap_unavailable":{"message":"En este momento, Pagos En-Apps no est\u00e1 disponible."},"please_sign_in":{"message":"Accede a Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\et\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):460
                  Entropy (8bit):4.679279844668757
                  Encrypted:false
                  SSDEEP:
                  MD5:0293A7BAE6EEE62C4067A80E262D6A2D
                  SHA1:E76B07BD49FFBBFB6841B7335CBE7A9620714402
                  SHA-256:D06F20D4D68D1DBB89EF7D8E405D9499CB2EB2560217CD5B4A51AB1DD50CAB44
                  SHA-512:8BF97DA4038A9C4426A285D5FEF0953F4E7E6D0667091A39DE4D4C5B4C35FC7B6A804425DBB4B82356A93950738E4F0937DE1AD777AE75AAC9BFB97D63F771E0
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"Rakendus pole praegu saadaval."},"craw_connect_to_network":{"message":"Looge \u00fchendus v\u00f5rguga."},"app_name":{"message":"Chrome'i veebipoe maksed"},"app_description":{"message":"Chrome'i veebipoe maksed"},"iap_unavailable":{"message":"Rakendusesisesed maksed ei ole praegu saadaval."},"please_sign_in":{"message":"Logige Chrome'i sisse."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\fi\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):568
                  Entropy (8bit):4.768364810051887
                  Encrypted:false
                  SSDEEP:
                  MD5:E5BBE7DBBE75F45BDCD49DB8C797106E
                  SHA1:0F069D7D19768180945F0D8B67DC71262FD586A2
                  SHA-256:BFFB2248B4C66306133FA6ECBB1541F44B3BE22CC8D9A338D690E0B1D0C85532
                  SHA-512:F6FE20B7A3B99BDBBF6F4737C8C63FE3098F060E6791BC40ED0E95FA5F93AA55C2643766EA2BE099E42EC378CB6E4B6FE7B5F2DA56C03A6A990B94A1F872B825
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"Sovellus ei ole t\u00e4ll\u00e4 hetkell\u00e4 k\u00e4ytett\u00e4viss\u00e4."},"craw_connect_to_network":{"message":"Muodosta verkkoyhteys."},"app_name":{"message":"Chrome Web Storen maksut"},"app_description":{"message":"Chrome Web Storen maksut"},"iap_unavailable":{"message":"Sovelluksen sis\u00e4iset maksut eiv\u00e4t ole t\u00e4ll\u00e4 hetkell\u00e4 k\u00e4ytett\u00e4viss\u00e4."},"please_sign_in":{"message":"Kirjaudu sis\u00e4\u00e4n Chromeen."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\fil\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):515
                  Entropy (8bit):4.699741311937528
                  Encrypted:false
                  SSDEEP:
                  MD5:658DAD2AF2DC3AC1567D84E8B95F68B0
                  SHA1:EE1121215960EC5ED5F7B6BDB8E4680731EBF83D
                  SHA-256:978BA6D814CF290016833BBAC22DC7C05C2C575B1D6429B9BB14F8C2156BCF29
                  SHA-512:F2FB93245D80E2CB2CA1BB2B0654FE92AD9041A558850D78AF4031CB83D2AD3BF5ABCFE6BC32160D028CA3914FA69A64784858A34FA56389C08D52B316346A05
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"Kasalukuyang hindi available ang app."},"craw_connect_to_network":{"message":"Mangyaring kumonekta sa isang network."},"app_name":{"message":"Mga Pagbabayad sa Chrome Web Store"},"app_description":{"message":"Mga Pagbabayad sa Chrome Web Store"},"iap_unavailable":{"message":"Kasalukuyang hindi available ang Mga Pagbabayad na In-App."},"please_sign_in":{"message":"Mangyaring mag-sign in sa Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\fr\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):562
                  Entropy (8bit):4.717150188929866
                  Encrypted:false
                  SSDEEP:
                  MD5:1E32A78526E3AC8108E73D384F17450B
                  SHA1:BFE2E47D888BA530A27DD1BDE25C46433C2A545C
                  SHA-256:80F6EE69F1E022812BCCC1DE1CDC53772CDF90F4E93224161B23FA607D45136A
                  SHA-512:5504F6D440779BC96571863D60B1E175EEDDC2E65B1ABBCFCFD19123F329F2E025FBA4D49BD23E33B77FFB6061BA6645132E04D4A7DEDE77F514B2151CDDF896
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"Application indisponible pour le moment."},"craw_connect_to_network":{"message":"Veuillez vous connecter \u00e0 un r\u00e9seau."},"app_name":{"message":"Paiements via le Chrome\u00a0Web\u00a0Store"},"app_description":{"message":"Paiements via le Chrome\u00a0Web\u00a0Store"},"iap_unavailable":{"message":"Les paiements via l'application ne sont pas disponibles pour le moment."},"please_sign_in":{"message":"Veuillez vous connecter \u00e0 Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\hi\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):1055
                  Entropy (8bit):4.454461505283053
                  Encrypted:false
                  SSDEEP:
                  MD5:B739E3B798D3EEB8AFB3E368455A8E97
                  SHA1:56E206DD0AC7EB7B179911BE3F7DD78059CBD4F3
                  SHA-256:BA7A53A1398168719F2ACD58CC5FE06AB0B769ECA896D70E7208B18085B42FFA
                  SHA-512:181A3B1275D1D17BD48EAA77805981A96E22589A38990214AF3ED029C4A37C2F05ECF747D8FCF816C2AAED6EF82403757F234D67C360A3A6E5DB6C3F59CA1A0C
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"\u0910\u092a\u094d\u0932\u093f\u0915\u0947\u0936\u0928 \u0907\u0938 \u0938\u092e\u092f \u0909\u092a\u0932\u092c\u094d\u0927 \u0928\u0939\u0940\u0902 \u0939\u0948."},"craw_connect_to_network":{"message":"\u0915\u0943\u092a\u092f\u093e \u0928\u0947\u091f\u0935\u0930\u094d\u0915 \u0938\u0947 \u0915\u0928\u0947\u0915\u094d\u091f \u0915\u0930\u0947\u0902."},"app_name":{"message":"Chrome \u0935\u0947\u092c \u0938\u094d\u091f\u094b\u0930 \u092d\u0941\u0917\u0924\u093e\u0928"},"app_description":{"message":"Chrome \u0935\u0947\u092c \u0938\u094d\u091f\u094b\u0930 \u092d\u0941\u0917\u0924\u093e\u0928"},"iap_unavailable":{"message":"\u0907\u0928-\u0910\u092a \u092d\u0941\u0917\u0924\u093e\u0928 \u0905\u092d\u0940 \u0909\u092a\u0932\u092c\u094d\u0927 \u0928\u0939\u0940\u0902 \u0939\u0948."},"please_sign_in":{"message":"\u0915\u0943\u092a\u092f\u093e Chrome \u092e\u0947\u0902 \u0938\u093e\u0907\u0928 \u0907\u0928 \u0915\u0930\u0947\u0902."},"jwt_retrieve_failed":

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\hr\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):503
                  Entropy (8bit):4.819520019697578
                  Encrypted:false
                  SSDEEP:
                  MD5:9CF848209FF50DBF68F5292B3421831C
                  SHA1:D29880B7B15102469123D8747BF645706CE8595B
                  SHA-256:EA1744C3CFBAA684A31A00067E8493ED114EFF3E878C797C9C55A7B122D855CD
                  SHA-512:B784AEE4926F850F30072ABDA85E2E2E3966285F14BDF647BD2A41C5C06CAB04BC962584830E4E913896010396EAD02D90528235B9D9EDA1BDEFBFBB5333EDF5
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"Aplikacija trenuta\u010dno nije dostupna."},"craw_connect_to_network":{"message":"Pove\u017eite se s mre\u017eom."},"app_name":{"message":"Pla\u0107anja u web-trgovini Chrome"},"app_description":{"message":"Pla\u0107anja u web-trgovini Chrome"},"iap_unavailable":{"message":"Pla\u0107anje u aplikaciji trenuta\u010dno nije dostupno."},"please_sign_in":{"message":"Prijavite se na Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\hu\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):612
                  Entropy (8bit):4.865151680865773
                  Encrypted:false
                  SSDEEP:
                  MD5:4AD92AFDE3408FBBE43B0C3C71677650
                  SHA1:3488901077F336A3196F9AE116E36DF1674E1ACA
                  SHA-256:61258FE04C23AE14FDC99EE846CEA71CC703990CC0F80C3934299646E86C475E
                  SHA-512:EB945FA455DEB9D70033DC0A8AA55D1F47AA00214B70AD34D5419A54F9C05B267F96F9785139F452BEE6972376DDF13EE51C681845A2B0818172FB75BA1FD093
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"Az alkalmaz\u00e1s jelenleg nem \u00e9rhet\u0151 el."},"craw_connect_to_network":{"message":"K\u00e9rj\u00fck, csatlakozzon egy h\u00e1l\u00f3zathoz."},"app_name":{"message":"Chrome Internetes \u00e1ruh\u00e1z Fizet\u00e9si rendszere"},"app_description":{"message":"Chrome Internetes \u00e1ruh\u00e1z Fizet\u00e9si rendszere"},"iap_unavailable":{"message":"Az alkalmaz\u00e1son bel\u00fcli fizet\u00e9s jelenleg nem \u00e9rhet\u0151 el."},"please_sign_in":{"message":"Jelentkezzen be a Chrome-ba."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\id\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):461
                  Entropy (8bit):4.642271834875684
                  Encrypted:false
                  SSDEEP:
                  MD5:9008516AA1D8F8C2B8ECE70B7E4963AD
                  SHA1:EA7AD4BE77A80A4B9FB1E59A340010830E494747
                  SHA-256:89CAB0AF2B53C6ABEB93C8C628DDCBDD286A7A2672FE03440411BB654E3A0675
                  SHA-512:46534829417CAD54310BA90AD4545918A2E934508E0CC3467E367944E52315B1BC6500119214EABD40D641DD167C077935436135AF1C0DB1D1007AE98E6175FC
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"Aplikasi tidak tersedia saat ini."},"craw_connect_to_network":{"message":"Sambungkan ke jaringan."},"app_name":{"message":"Pembayaran Chrome Webstore"},"app_description":{"message":"Pembayaran Chrome Webstore"},"iap_unavailable":{"message":"Pembayaran Dalam Aplikasi saat ini tidak tersedia."},"please_sign_in":{"message":"Harap masuk ke Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\it\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):464
                  Entropy (8bit):4.701550173628233
                  Encrypted:false
                  SSDEEP:
                  MD5:BB9C32BA62DDA02F9471C64B5F9CF916
                  SHA1:9825037D5D9185C58456CDD887C77B10A41D8C84
                  SHA-256:43A0B113D3773BA78F82BB9E42DDC46F6892D0FBBB351F94A7C105E4A146E9C1
                  SHA-512:4D3DB91A6251F2DD9CBF97D29805A7AC23F49988966E9B686D486B4A8CEBEA33F5502E3891D5231674061127C282C745FB87FDA7467A6172851BF6925506C8CA
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"App al momento non disponibile."},"craw_connect_to_network":{"message":"Collegati a una rete."},"app_name":{"message":"Pagamenti Chrome Web Store"},"app_description":{"message":"Pagamenti Chrome Web Store"},"iap_unavailable":{"message":"La funzione Pagamenti In-App non \u00e8 al momento disponibile."},"please_sign_in":{"message":"Accedi a Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\ja\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):806
                  Entropy (8bit):4.671841695172103
                  Encrypted:false
                  SSDEEP:
                  MD5:96C8CBD161D3CE9CB1A46CB2CD0C6583
                  SHA1:78BBFCF035B5B620E353C8E520653ADD3F4E7DB8
                  SHA-256:81D8F1D9F72B3139BC5D9845BCF82990308FB6175D07514D8238B1E6D5D02E8A
                  SHA-512:692468B7B44D961D8248BBC30CC11DE9F3F7E89D01A609E6CB71CAF653D8212C15DFA834C5FB6E8261FD21A25E9616861C0A3FC01DB27CBBE79C3FDE2C6549DD
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"\u30a2\u30d7\u30ea\u306f\u73fe\u5728\u3054\u5229\u7528\u3044\u305f\u3060\u3051\u307e\u305b\u3093\u3002"},"craw_connect_to_network":{"message":"\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306b\u63a5\u7d9a\u3057\u3066\u304f\u3060\u3055\u3044\u3002"},"app_name":{"message":"Chrome \u30a6\u30a7\u30d6\u30b9\u30c8\u30a2\u6c7a\u6e08"},"app_description":{"message":"Chrome \u30a6\u30a7\u30d6\u30b9\u30c8\u30a2\u6c7a\u6e08"},"iap_unavailable":{"message":"\u30a2\u30d7\u30ea\u5185\u30da\u30a4\u30e1\u30f3\u30c8\u306f\u73fe\u5728\u3054\u5229\u7528\u3044\u305f\u3060\u3051\u307e\u305b\u3093\u3002"},"please_sign_in":{"message":"Chrome \u306b\u30ed\u30b0\u30a4\u30f3\u3057\u3066\u304f\u3060\u3055\u3044\u3002"},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\ko\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):656
                  Entropy (8bit):4.88216622785951
                  Encrypted:false
                  SSDEEP:
                  MD5:3CAF23A8EA2332D78B725B6C99EC3202
                  SHA1:95C3504F55A929449EF2E3AB92014562AACD39AD
                  SHA-256:BFE72BBC492B9018A599CB6575366696E431E6A38400E4B2ED06EAE3340D3AE5
                  SHA-512:C000FCCB567D3590D4C401005E78C539961455BB13686296EC4FF7018BB0A4DAB2DA96FBDAA33D999C1409B5796932370219B3FF8490B671586DEBD6145519D6
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"\ud604\uc7ac \uc571\uc744 \uc0ac\uc6a9\ud560 \uc218 \uc5c6\uc2b5\ub2c8\ub2e4."},"craw_connect_to_network":{"message":"\ub124\ud2b8\uc6cc\ud06c\uc5d0 \uc5f0\uacb0\ud558\uc138\uc694."},"app_name":{"message":"Chrome \uc6f9 \uc2a4\ud1a0\uc5b4 \uacb0\uc81c"},"app_description":{"message":"Chrome \uc6f9 \uc2a4\ud1a0\uc5b4 \uacb0\uc81c"},"iap_unavailable":{"message":"\ud604\uc7ac \uc778\uc571 \uacb0\uc81c\ub97c \uc0ac\uc6a9\ud560 \uc218 \uc5c6\uc2b5\ub2c8\ub2e4."},"please_sign_in":{"message":"Chrome\uc5d0 \ub85c\uadf8\uc778\ud558\uc138\uc694."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\lt\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines
                  Category:dropped
                  Size (bytes):576
                  Entropy (8bit):4.846810495221701
                  Encrypted:false
                  SSDEEP:
                  MD5:41F2D63952202E528DBBB683B480F99C
                  SHA1:9DD998542DBE6609299D4A5A25364A32FA7D7865
                  SHA-256:FF7C083CD1E6134DD8263C634336EB852274BAD1BFAD18762814C42BC65309D8
                  SHA-512:7BD2E2D4264C6BD62DF2584F3C1D3A910C5C5A28F4532F1E8F0C2235E93714EDD6074EA24960D4DEB4F9125DA81CA813F06330EFF66FA8DF1552D1DAC686441E
                  Malicious:false
                  Reputation:low
                  Preview:{"craw_app_unavailable":{"message":"Programa \u0161iuo metu negalima."},"craw_connect_to_network":{"message":"Prisijunkite prie tinklo."},"app_name":{"message":"\u201eChrome\u201c internetin\u0117s parduotuv\u0117s mok\u0117jimo sistema"},"app_description":{"message":"\u201eChrome\u201c internetin\u0117s parduotuv\u0117s mok\u0117jimo sistema"},"iap_unavailable":{"message":"Mok\u0117jimai programoje \u0161iuo metu negalimi."},"please_sign_in":{"message":"Prisijunkite prie \u201eChrome\u201c."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\sv\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:UTF-8 Unicode text, with CRLF line terminators
                  Category:dropped
                  Size (bytes):630
                  Entropy (8bit):4.52964089437422
                  Encrypted:false
                  SSDEEP:
                  MD5:D372B8204EB743E16F45C7CBD3CAAF37
                  SHA1:C96C57219D292B01016B37DCF82E7C79AD0DD1E8
                  SHA-256:B8BA77E0089B0676545EC16D32468B727812B444F90B33A7A5B748E6C36C4388
                  SHA-512:33640529E0D5DCC5CA4BDB0615A2818E8D26C6FCB7B3474C08AC3EB67B9DB40E1F0A79954ED20728CD47A686D2533DCBC76ABCBDB917F8530C8DE8BBA687352E
                  Malicious:false
                  Reputation:low
                  Preview:{.. "app_description": {.. "message": "Betalning via Chrome Web Store".. },.. "app_name": {.. "message": "Betalning via Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Appen .r inte tillg.nglig f.r tillf.llet.".. },.. "craw_connect_to_network": {.. "message": "Anslut till ett n.tverk.".. },.. "iap_unavailable": {.. "message": "Betalning i appen .r inte tillg.ngligt f.r n.rvarande.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Logga in i Chrome.".. }..}..

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\th\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:UTF-8 Unicode text, with CRLF line terminators
                  Category:dropped
                  Size (bytes):945
                  Entropy (8bit):4.801079428724355
                  Encrypted:false
                  SSDEEP:
                  MD5:83E2D1E97791A4B2C5C69926EFB629C9
                  SHA1:429600425CB0F196DDD717F940E94DBD8BFF2837
                  SHA-256:2FECA577F43D97BAEEA464741D585892103585208FD0A935B810A03BDCE83C88
                  SHA-512:60A5928DAA8CB4341487F477C56B5A98B83EDE50E5F4F55A802E01FDDAB86F3E795D391953D3D9214552D14D3F58C5A183693C613720FC12FC387D7B8F9B9AB6
                  Malicious:false
                  Reputation:low
                  Preview:{.. "app_description": {.. "message": "............... Chrome .........".. },.. "app_name": {.. "message": "............... Chrome .........".. },.. "craw_app_unavailable": {.. "message": ".............................".. },.. "craw_connect_to_network": {.. "message": ".........................".. },.. "iap_unavailable": {.. "message": "...............................................".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "................. Chrome".. }..}..

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\tr\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:UTF-8 Unicode text, with CRLF line terminators
                  Category:dropped
                  Size (bytes):631
                  Entropy (8bit):4.710869622361971
                  Encrypted:false
                  SSDEEP:
                  MD5:2CEAE0567B6BB1D240BBAD690A98CA3B
                  SHA1:5944346FBD4A0797B13223895995CAB58E9ECD23
                  SHA-256:A7CB86F30C9C31FE5540282C308BA96ADB4EC16EF98C87129EB88105E5BEF5FC
                  SHA-512:108A07C6D03D7178E8D0FFEF5349E0249A898D864964FED8757BD8A08BC1C6D9613F2A6C01AA34A6606127D1C6CE14C229FA02586677DBB060B85E3E845950E1
                  Malicious:false
                  Reputation:low
                  Preview:{.. "app_description": {.. "message": "Chrome Web Ma.azas. .demeleri".. },.. "app_name": {.. "message": "Chrome Web Ma.azas. .demeleri".. },.. "craw_app_unavailable": {.. "message": "Uygulama .u anda kullan.lam.yor.".. },.. "craw_connect_to_network": {.. "message": "L.tfen bir a.a ba.lan.n.".. },.. "iap_unavailable": {.. "message": "Uygulama ..i .demeler .u anda kullan.lamaz.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "L.tfen Chrome'da oturum a..n.".. }..}..

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\uk\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:UTF-8 Unicode text, with CRLF line terminators
                  Category:dropped
                  Size (bytes):720
                  Entropy (8bit):4.977397623063544
                  Encrypted:false
                  SSDEEP:
                  MD5:AB0B56120E6B38C42CC3612BE948EF50
                  SHA1:8B3F520E5713D9F116D68E71DAEED1F6E8D74629
                  SHA-256:68ABA284751EB9C856032062EF9B1651E2A1E5CE5FDA0977FFC97D63BA7BED9E
                  SHA-512:CD852A58217F739C1CD58567FF432D31A7AD3F68C884ABBA1DA95799BCD1545C6A5D3B06F319681C12B78AD0A709828DE4B22736316F148D21F5DB76A5BCCBEF
                  Malicious:false
                  Reputation:low
                  Preview:{.. "app_description": {.. "message": "....... ...-........ Chrome".. },.. "app_name": {.. "message": "....... ...-........ Chrome".. },.. "craw_app_unavailable": {.. "message": "........ ......... ...........".. },.. "craw_connect_to_network": {.. "message": "............. .. .......".. },.. "iap_unavailable": {.. "message": "....... ..... ........ ..... .. .........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "........ . Chrome.".. }..}..

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\vi\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:UTF-8 Unicode text, with CRLF line terminators
                  Category:dropped
                  Size (bytes):695
                  Entropy (8bit):4.855375139026009
                  Encrypted:false
                  SSDEEP:
                  MD5:7EBB677FEAD8557D3676505225A7249A
                  SHA1:F161B4B6001AEAEAB246FF8987F4D992B48D47BE
                  SHA-256:051F96ED874C11C4A13589B5F68964E4F5B03B52DDA223D56524F2CA23760C04
                  SHA-512:74FD267CF7E299FB8E7054605C3F651F057F676FF865082FA24F4916755456768DB0DA62DBC515D829B48AB1F9CFC8AD3E841DCBF1F194D5CB14C5335A192A0D
                  Malicious:false
                  Reputation:low
                  Preview:{.. "app_description": {.. "message": "Thanh to.n tr.n c.a h.ng Chrome tr.c tuy.n".. },.. "app_name": {.. "message": "Thanh to.n tr.n c.a h.ng Chrome tr.c tuy.n".. },.. "craw_app_unavailable": {.. "message": ".ng d.ng hi.n kh.ng kh. d.ng.".. },.. "craw_connect_to_network": {.. "message": "Vui l.ng k.t n.i v.i m.ng.".. },.. "iap_unavailable": {.. "message": "Thanh to.n trong .ng d.ng hi.n kh.ng kh. d.ng.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Vui l.ng ..ng nh.p v.o Chrome.".. }..}..

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\zh_CN\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:UTF-8 Unicode text, with CRLF line terminators
                  Category:dropped
                  Size (bytes):595
                  Entropy (8bit):5.210259193489374
                  Encrypted:false
                  SSDEEP:
                  MD5:BB73BF561BB79F89D9BF7C67C5AE5C65
                  SHA1:2FADD3A1959B29C44830033A35C637D0311A8C9C
                  SHA-256:D804F2A040D21D7511EFD5213D8E1721D64964A1A0DBB48E21622CEEDC9D967E
                  SHA-512:627D44CEF1FE5C5ABD598BD47FF5E22B9EFC1CF98DDE3868FA9E5896C134A0C9C055AC34EDDADAE56B6690E51AEA89965D38F770552A85C732CC796795DC68D2
                  Malicious:false
                  Reputation:low
                  Preview:{.. "app_description": {.. "message": "Chrome .........".. },.. "app_name": {.. "message": "Chrome .........".. },.. "craw_app_unavailable": {.. "message": ".........".. },.. "craw_connect_to_network": {.. "message": ".......".. },.. "iap_unavailable": {.. "message": "............".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "... Chrome.".. }..}..

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\_locales\zh_TW\messages.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:UTF-8 Unicode text, with CRLF line terminators
                  Category:dropped
                  Size (bytes):634
                  Entropy (8bit):5.386215984611281
                  Encrypted:false
                  SSDEEP:
                  MD5:5FF50C673CC0C661D615F0CFD0E6DCA0
                  SHA1:60DFF98DEAB9C4746B288BDD9C94B3BCAE5EAA85
                  SHA-256:C6F8C640F3353A7B9B1432A0C139C1AEEC40133800E6C9B467B63991AD660308
                  SHA-512:361D62D91F4931C5F34092C9F2C6A5323D5EEB82A24E7ABE11F7817D8D66341C0ECAD4DCB4B10873920C8D6A3CC9F5704889E178EB2549001A9F62BEDF6C8019
                  Malicious:false
                  Reputation:low
                  Preview:{.. "app_description": {.. "message": "Chrome ............".. },.. "app_name": {.. "message": "Chrome ............".. },.. "craw_app_unavailable": {.. "message": ".............".. },.. "craw_connect_to_network": {.. "message": "......".. },.. "iap_unavailable": {.. "message": "................".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "... Chrome.".. }..}..

                  C:\Users\alfredo\AppData\Local\Temp\scoped_dir3084_1801237550\CRX_INSTALL\manifest.json

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text
                  Category:dropped
                  Size (bytes):1098
                  Entropy (8bit):4.919185521409901
                  Encrypted:false
                  SSDEEP:
                  MD5:6CA25F3EF585B63F01BCDF8635120704
                  SHA1:00C063811E31EA5F9A00F175A71EA25E7821F621
                  SHA-256:49D9DE983F7436BA786E6E04A5A20C10F41687AE06B266B1B6553F696719563D
                  SHA-512:566BFD9BADBD8951EE52E5911EB68B51E86286989096D32DE6E32A2523761B0E0AFCA251EF3BEA36B5D51FB8354A5FCA567772A02C3F3B9D8DFE529609FA0430
                  Malicious:false
                  Reputation:low
                  Preview:{."update_url": "https://clients2.google.com/service/update2/crx",.. "name": "__MSG_APP_NAME__",. "description": "__MSG_APP_DESCRIPTION__",. "manifest_version": 2,. "version": "1.0.0.6",. "minimum_chrome_version": "29",. "default_locale": "en",. "app": {. "background": {. "scripts": [. "craw_background.js". ]. }. },. "permissions": [. "identity",. "webview",. "https://www.google.com/",. "https://www.googleapis.com/*",. "https://payments.google.com/payments/v4/js/integrator.js",. "https://sandbox.google.com/payments/v4/js/integrator.js". ],. "oauth2": {. "auto_approve": true,. "scopes": [. "https://www.googleapis.com/auth/sierra",. "https://www.googleapis.com/auth/sierrasandbox",. "https://www.googleapis.com/auth/chromewebstore",. "https://www.googleapis.com/auth/chromewebstore.readonly". ],. "client_id": "203784468217.apps.googleusercontent.com". },. "icons": {. "16": "images/icon_16.png",. "128

                  C:\Users\alfredo\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

                  Download File
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:Little-endian UTF-16 Unicode text, with no line terminators
                  Category:dropped
                  Size (bytes):2
                  Entropy (8bit):1.0
                  Encrypted:false
                  SSDEEP:
                  MD5:F3B25701FE362EC84616A93A45CE9998
                  SHA1:D62636D8CAEC13F04E28442A0A6FA1AFEB024BBB
                  SHA-256:B3D510EF04275CA8E698E5B3CBB0ECE3949EF9252F0CDC839E9EE347409A2209
                  SHA-512:98C5F56F3DE340690C139E58EB7DAC111979F0D4DFFE9C4B24FF849510F4B6FFA9FD608C0A3DE9AC3C9FD2190F0EFAF715309061490F9755A9BFDF1C54CA0D84
                  Malicious:false
                  Reputation:low
                  Preview:..

                  Static File Info

                  No static file info