Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://xm.b82mx.switchon.pk./#.aHR0cHM6Ly9sb2dpbi1taWNyb3NvZnRvbmxpbmUtY29tLmh1Z3Voc2luZ3MuY29tLz91c2VybmFtZT1haGFuc3NvbkBxaWEucWE=

Overview

General Information

Sample URL:http://xm.b82mx.switchon.pk./#.aHR0cHM6Ly9sb2dpbi1taWNyb3NvZnRvbmxpbmUtY29tLmh1Z3Voc2luZ3MuY29tLz91c2VybmFtZT1haGFuc3NvbkBxaWEucWE=
Analysis ID:652378

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for domain / URL

Classification

Process Tree

  • System is start
  • chrome.exe (PID: 7704 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation --single-argument http://xm.b82mx.switchon.pk./#.aHR0cHM6Ly9sb2dpbi1taWNyb3NvZnRvbmxpbmUtY29tLmh1Z3Voc2luZ3MuY29tLz91c2VybmFtZT1haGFuc3NvbkBxaWEucWE= MD5: 74859601FB4BEEA84B40D874CCB56CAB)
    • chrome.exe (PID: 7544 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1680,17312869768865709007,5265568345248204262,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 /prefetch:8 MD5: 74859601FB4BEEA84B40D874CCB56CAB)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Multi AV Scanner detection for domain / URL
Source: login-microsoftonline-com.huguhsings.comVirustotal: Detection: 5%Perma Link
Source: chrome.exeMemory has grown: Private usage: 1MB later: 28MB
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: xm.b82mx.switchon.pk.Connection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.107 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: unknownDNS traffic detected: queries for: accounts.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51504
Source: unknownNetwork traffic detected: HTTP traffic on port 51931 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51931
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50680
Source: unknownNetwork traffic detected: HTTP traffic on port 58201 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 51504 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 55152 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53006
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58201
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55152
Source: unknownNetwork traffic detected: HTTP traffic on port 53006 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50680 -> 443
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.131
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.131
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.131
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.131
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.131
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.131
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.131
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.131
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.131
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.131
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.181.227
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.138
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.138
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.138
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.138
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.138
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.138
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.138
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.138
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.138
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.138
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.138
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.138
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.138
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.138
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\alfredo\AppData\Local\Temp\a0cc4d00-4a14-40d9-a38f-f962074026c6.tmp
Source: classification engineClassification label: mal48.win@27/69@4/117
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation --single-argument http://xm.b82mx.switchon.pk./#.aHR0cHM6Ly9sb2dpbi1taWNyb3NvZnRvbmxpbmUtY29tLmh1Z3Voc2luZ3MuY29tLz91c2VybmFtZT1haGFuc3NvbkBxaWEucWE=
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1680,17312869768865709007,5265568345248204262,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1680,17312869768865709007,5265568345248204262,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-62B886FB-1E18.pma
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network Medium2
Encrypted Channel		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Extra Window Memory Injection		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth2
Non-Application Layer Protocol		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)1
Extra Window Memory Injection		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration3
Application Layer Protocol		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Binary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureScheduled Transfer1
Ingress Tool Transfer		SIM Card SwapCarrier Billing Fraud

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://xm.b82mx.switchon.pk./#.aHR0cHM6Ly9sb2dpbi1taWNyb3NvZnRvbmxpbmUtY29tLmh1Z3Voc2luZ3MuY29tLz91c2VybmFtZT1haGFuc3NvbkBxaWEucWE=0%Avira URL Cloudsafe

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\alfredo\AppData\Local\Temp\7704_738841671\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe0%VirustotalBrowse
C:\Users\alfredo\AppData\Local\Temp\7704_738841671\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe0%MetadefenderBrowse
C:\Users\alfredo\AppData\Local\Temp\7704_738841671\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe0%ReversingLabs

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
login-microsoftonline-com.huguhsings.com6%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
http://xm.b82mx.switchon.pk./0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
accounts.google.com
142.250.184.237
truefalse
    		high
    clients.l.google.com
    		142.250.185.142
    		truefalse
      		high
      xm.b82mx.switchon.pk
      		173.249.15.152
      		truefalse
        		unknown
        clients2.google.com
        		unknown
        		unknownfalse
          		high
          login-microsoftonline-com.huguhsings.com
          		unknown
          		unknowntrueunknown

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          http://xm.b82mx.switchon.pk./false
          • Avira URL Cloud: safe
          		unknown

          World Map of Contacted IPs

          • No. of IPs < 25%
          • 25% < No. of IPs < 50%
          • 50% < No. of IPs < 75%
          • 75% < No. of IPs

          Public IPs

          IPDomainCountryFlagASNASN NameMalicious
          216.58.212.138
          		unknownUnited States
          		15169GOOGLEUSfalse
          173.249.15.152
          		xm.b82mx.switchon.pkGermany
          		51167CONTABODEfalse
          142.250.181.238
          		unknownUnited States
          		15169GOOGLEUSfalse
          142.250.181.227
          		unknownUnited States
          		15169GOOGLEUSfalse
          239.255.255.250
          		unknownReserved
          		unknownunknownfalse
          142.250.185.142
          		clients.l.google.comUnited States
          		15169GOOGLEUSfalse
          142.250.186.131
          		unknownUnited States
          		15169GOOGLEUSfalse
          142.250.184.237
          		accounts.google.comUnited States
          		15169GOOGLEUSfalse
          173.194.10.104
          		unknownUnited States
          		15169GOOGLEUSfalse
          172.217.16.131
          		unknownUnited States
          		15169GOOGLEUSfalse

          Private

          IP
          192.168.2.1
          127.0.0.1

          General Information

          Joe Sandbox Version:35.0.0 Citrine
          Analysis ID:652378
          Start date and time: 26/06/202209:18:292022-06-26 09:18:29 +02:00
          Joe Sandbox Product:CloudBasic
          Hypervisor based Inspection enabled:false
          Report type:full
          Cookbook file name:defaultwindowsinteractivecookbook.jbs
          Sample URL:http://xm.b82mx.switchon.pk./#.aHR0cHM6Ly9sb2dpbi1taWNyb3NvZnRvbmxpbmUtY29tLmh1Z3Voc2luZ3MuY29tLz91c2VybmFtZT1haGFuc3NvbkBxaWEucWE=
          Number of analysed new started processes analysed:11
          Number of new started drivers analysed:0
          Number of existing processes analysed:0
          Number of existing drivers analysed:0
          Number of injected processes analysed:0
          Technologies:
          • EGA enabled
          Analysis Mode:stream
          Analysis stop reason:Timeout
          Detection:MAL
          Classification:mal48.win@27/69@4/117
          Cookbook Comments:
          • Adjust boot time
          • Enable AMSI

          Warnings

          • Exclude process from analysis (whitelisted): CompPkgSrv.exe
          • Excluded IPs from analysis (whitelisted): 172.217.16.131, 142.250.181.238, 173.194.10.104
          • Excluded domains from analysis (whitelisted): fs.microsoft.com, login.live.com, nexusrules.officeapps.live.com
          • Not all processes where analyzed, report is missing behavior information
          • Report size getting too big, too many NtOpenFile calls found.
          • Report size getting too big, too many NtSetInformationFile calls found.
          • Report size getting too big, too many NtWriteVirtualMemory calls found.

          Created / dropped Files

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\0f7be02d-d584-4971-8cbc-164c60dba589.tmp

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines, with no line terminators
          Category:dropped
          Size (bytes):111765
          Entropy (8bit):6.032658002925557
          Encrypted:false
          SSDEEP:
          MD5:56EE7010478D18759713F59E1FD7B040
          SHA1:62E6771EF9111A6AD02845F98F2CA570D01CBCC8
          SHA-256:3A472D306C2099405F1FAC0C5C64A29C18F68A1A57BE11B03B50433DF8A0053B
          SHA-512:6FD65025E0B1CA2037A61D1515454C157E4AAD18D315969005DC557D17DC81093AB8AB0D5391521D152561C57A00ADCE4A0362945CDAAC5A1987C75F914ECACE
          Malicious:false
          Reputation:low
          Preview:{"browser":{"last_redirect_origin":"","shortcut_migration_version":"91.0.4472.77"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.656260349784706e+12,"network":1.656227951e+12,"ticks":177694884.0,"uncertainty":2628310.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABBQ7WxpM2gT7fMNkY5iRxkAAAAAAIAAAAAABBmAAAAAQAAIAAAALDWDwoLRYqp0NkiPsTxUN2QcOPsitaJrdacpo+ULE2PAAAAAA6AAAAAAgAAIAAAAOIeKQBWbQSCqXv1OSNS2lIZGHfAdJRwvbkapN4/FWvwMAAAAPz8I/w07KQb4Ut8ObsBGVgFwbuU88R362cCGZpNEtOEILJDMaKWOA4Y9ejBRTt5kEAAAADq8RkIezfgqGPgEaEMkhoGd9qhyBeyucXcRUPEI7mgYIxaDt8C5FJrjkEhV5EOUcUmR2SCzqYelImLnfOlbhRQ"},"policy":{"last_statistics_update":"13300733947489890"},"profile":{"info_cache":{"Default":{"active_time":1656260348.858565,"avatar_icon":"chrom

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\5016e7fb-f46f-499e-a0e7-abddddd6c9b8.tmp

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines, with no line terminators
          Category:dropped
          Size (bytes):116272
          Entropy (8bit):6.0618705182607115
          Encrypted:false
          SSDEEP:
          MD5:3099F398536F50F3D4A3ABB3BDA10291
          SHA1:33C8FC8D1EDA408C15368F97A8C561AEFAAD062B
          SHA-256:6A9A9B180C20C90C82D7BCC6D1A76DA47C3EEC07477137E869D997FBB3886FFB
          SHA-512:6F450191C492933C064FEC37DDF56BA1DCF12C88D950881C1F92A6F04EA84876E4EA9179926FE578E85E71FB83E85AE7149B1A05B616BB4A545B3B19FE56CD09
          Malicious:false
          Reputation:low
          Preview:{"browser":{"last_redirect_origin":"","shortcut_migration_version":"91.0.4472.77"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.656260349784706e+12,"network":1.656227951e+12,"ticks":177694884.0,"uncertainty":2628310.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABBQ7WxpM2gT7fMNkY5iRxkAAAAAAIAAAAAABBmAAAAAQAAIAAAALDWDwoLRYqp0NkiPsTxUN2QcOPsitaJrdacpo+ULE2PAAAAAA6AAAAAAgAAIAAAAOIeKQBWbQSCqXv1OSNS2lIZGHfAdJRwvbkapN4/FWvwMAAAAPz8I/w07KQb4Ut8ObsBGVgFwbuU88R362cCGZpNEtOEILJDMaKWOA4Y9ejBRTt5kEAAAADq8RkIezfgqGPgEaEMkhoGd9qhyBeyucXcRUPEI7mgYIxaDt8C5FJrjkEhV5EOUcUmR2SCzqYelImLnfOlbhRQ"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13288110187782627"},"plugins":{"metadata":{"adobe-flash-player":{"displ

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:data
          Category:dropped
          Size (bytes):40
          Entropy (8bit):3.254162526001658
          Encrypted:false
          SSDEEP:
          MD5:FA7200D6F80CD1757911C45559E59C0E
          SHA1:89C6E99BAEC4EBB3E9A97B928FB473D1498EBA88
          SHA-256:D9779EA4D6DD544A23C2A1C53146B6A4E596927F47DFA0680B0A7EE751D43BB2
          SHA-512:71D9B2DA8EAF404063D918812BA61C3EFB6A23A283B0332180A38C8137FBB21D7977C008D5A57A74469776945CD4ED42C0BCC09F923EDEC52D8F7FE90FA2D104
          Malicious:false
          Reputation:low
          Preview:sdPC.....................A.>'..M..,.,.-.

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\0ef28f1c-1ea3-4467-8b3b-e2309fc8bc13.tmp

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines, with no line terminators
          Category:dropped
          Size (bytes):1397
          Entropy (8bit):4.9204194085158655
          Encrypted:false
          SSDEEP:
          MD5:3A936E78D5FF1811C5881D52FEE5DB31
          SHA1:38CB7D18996D78103EB6892762FD349D537D4AF9
          SHA-256:C8961FA6B14AAA76C35695BB31176E608A51ED123562B78CC03FAE7B03D50B28
          SHA-512:6240537A75D559D16F9E7CCBA764B8D98C76D6CC5845394A266AB058AC4C1263956A341F2774895CF11631DD2D02B777E3CE63437D76BEB0D063A78E74FFE966
          Malicious:false
          Reputation:low
          Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://www.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://ssl.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"isolation":[],"server":"https://update.googleapis.com","supports_spdy":true},{"isolation":[],"server":"https://www.google.com","supports_spdy":true},{"isolation":[],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"isolation":[],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3-29"],"expiration":"13303325950527168","port":443,"protocol_str":"quic"},{"advertised_alpns":["h3-Q050"],"expiration":"13303325950527170","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3-29"

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\41d458f1-bda2-4b34-8b66-aa1385b00e2f.tmp

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
          Category:dropped
          Size (bytes):181072
          Entropy (8bit):5.774426487043815
          Encrypted:false
          SSDEEP:
          MD5:1B40AC9ABB964672109D49ABFCFE2717
          SHA1:966E224F2887075825D42D2E7E0063BFAA81A99C
          SHA-256:503149B1B47F8296DEDB800251DBD9AF614856F0D7E6AB1C03DBC90EBCE53674
          SHA-512:00B50E49CAFD8246102BB460C7B96C20B50A2DDCB48A64C40D65901B517A2698DB9C5AA5EC7F143314DDB8D74624377F12A95C7F4D9FCE206473E8BBF126388B
          Malicious:false
          Reputation:low
          Preview:............ .H............. ............... .p............. .h...n......... ............... ......... .... .....n...((.... .h.......00.... ..%..~H..@@.... .(B..&n..``.... .....N......... .(....D........ .2v...M..(............. .................................]..X\.).H...>..Z............\..._...V...F...A...A.......^..Wb...f.)...l...v.M...B...@..Wc...[.....z...`...J.....9...E...k...R.D.......G...A.....;...E...h..XKd..KW..........D...>...=..X....GQ.JW..;M..8K..@H..=;.............JV.YKV.IT.BS.Y........................................(............. .....................................[..TZ.5.B...@..T................X...]...`...\...K...D...A...;.......3...\...e...V...h.).d.G.<...F...@...3...^..Td...X.....e....v.....:...E...=..T`...d...h.B.....?...;...O...B...A...b.!.g...Ru......9...8...P...C...C...l..U].M.5@..............6...C...@..T....EW..LX..=K..Ob..Me..5R..AX..;V..++......BL..KW..KW..DO..BL..EN..AJ..;1..................HT.UIV.FT.BQ.U..............................

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\6afc5c92-7c1b-42d0-824b-09fc68969c79.tmp

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines, with no line terminators
          Category:dropped
          Size (bytes):3488
          Entropy (8bit):4.9367753089414315
          Encrypted:false
          SSDEEP:
          MD5:BE212DACD3830B5565D5F26B1E341D02
          SHA1:DA49E2C35DC44F5C9415E9D976879FAB3B0D4BDB
          SHA-256:3F72C4A6E6746010B47E8218EFF834C1B55818A5A9E06BEF51D4E58417BE6251
          SHA-512:15287D4DBC21815E2EBE5AF076A19BB8A3FD51948ED2CF632AE429FED9FFEA3712B08483BF7681040B1B63D36CF7E0171F3A6541D910DC9DB8C4EB461391F4CB
          Malicious:false
          Reputation:low
          Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13300733949013378","alternate_error_pages":{"backup":true},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2738},"default_apps_install_state":2,"domain_diversity":{"last_reporting_timestamp":"13300733949005721"},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chrome_version":"92.0.4515.107"},"gcm":{"product_category_for_subtypes":"com.chrome.windows"},"google":{"services":{"signin_scoped_device_id":"9b16ff9a-81da-4e5d-aa1c-a14d97ad5704"}},"intl":{"selected_languages":"en-US,en"},"invalidation":{"per_sender_topics_to_handler":{"1013309121859":{},"8181035976":{}}},"media":{"device_id_salt":"63B7F8BAE0109668B54E5C74835DF02C","engagement":{"schema_version":4}},

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines, with no line terminators
          Category:dropped
          Size (bytes):11336
          Entropy (8bit):6.0707244876366575
          Encrypted:false
          SSDEEP:
          MD5:2E2110A99AD3AE9721A458C95C64C868
          SHA1:72AE17599EDC0B2DC61C41D946E3E296864F2CBA
          SHA-256:BB46BA705D5F6F43F66B07EA5DA4CC7CC0BF8FE635CCC4EBBA30A5D4A54158DE
          SHA-512:29D95D043F3E529DD33F73B3207A9167D479D9FC404209497B53229CF68AA634CB8A1FE3FD08512FD7F48AFB567144DB873FBBDAD8171D42968B97357F06BC1E
          Malicious:false
          Reputation:low
          Preview:{"file_hashes":[{"block_hashes":["8D+nOE33nrpuAnTVcJlgMPWVo79reBkp3Z22WTJi5B8="],"block_size":4096,"path":"_locales/nb/messages.json"},{"block_hashes":["A+1PYW3V6CJbBuQ7aqrgYhyH3bT8PKyBXp3hN2slpI0=","WSOpQRkYTHjPSlG9Zif2a7TNhy43NDcG1Zg5Nv0UbH0=","jDctR8ImG5KZrQKm4kDjUB7FokSJfjo/pmvFowRVlaY=","LPxhhJiuU0lprt0T6flpS7TkaDg7MocrbmzO65xH6RI=","nZ9zLb2By96AkKXALRM+C0Eu11XUjPiMXEKjiCPdtHE=","wifibc1QfMBN2jrtUtLgsCefvuceTpAatmLvul11RJA=","dHjWlSIIdjj7MWqg3T8MG58RuuqRXk32vqi/13JqEgA=","zd3DV7dbvfNvx1hdhU01fW5ily52DLN0CFL/ADaEeTI=","DpjXcO85FFFY9KJFPkGNfFUtdQIOsGwO5jUckiUwY14=","gqid6l1+mk/6yWgUECRofI9lMipXgXh2jEN2+CxmPE0=","prDB91X2Mmfg/M/txVMITWBmEGbOGjqBTP7CMjYqdHs=","yLPAqV4gqoyS/zFkEt3Cn2j0q2v9QOSthVFfWn8EzCM=","EPQ3jzdrLkAHyvf3920B5Y3aAkO1IJdn/UtbnAmq6T0=","+oOc6ca+ChKUpTu+oa2ZRxRE+wG3QJmuYWEvYCs40NI=","3mBGNAiRlTANEQkqzU3TEi+5wJ0ubR5uwtS4/9OOM7w=","1A9NNawxuhu95H5eThvf1rewJ4QQWhhPNxJXO1C/n68=","E3vWLQxzmj+e5QxYbUscllJ5n0ITpw5JBHV1Kph3/KM=","i3I8ghdTF9c1ZXNBZmvsID+DV4gxBVN27rj9wsMtRpg=","R

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico (copy)

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
          Category:dropped
          Size (bytes):181072
          Entropy (8bit):5.774426487043815
          Encrypted:false
          SSDEEP:
          MD5:1B40AC9ABB964672109D49ABFCFE2717
          SHA1:966E224F2887075825D42D2E7E0063BFAA81A99C
          SHA-256:503149B1B47F8296DEDB800251DBD9AF614856F0D7E6AB1C03DBC90EBCE53674
          SHA-512:00B50E49CAFD8246102BB460C7B96C20B50A2DDCB48A64C40D65901B517A2698DB9C5AA5EC7F143314DDB8D74624377F12A95C7F4D9FCE206473E8BBF126388B
          Malicious:false
          Reputation:low
          Preview:............ .H............. ............... .p............. .h...n......... ............... ......... .... .....n...((.... .h.......00.... ..%..~H..@@.... .(B..&n..``.... .....N......... .(....D........ .2v...M..(............. .................................]..X\.).H...>..Z............\..._...V...F...A...A.......^..Wb...f.)...l...v.M...B...@..Wc...[.....z...`...J.....9...E...k...R.D.......G...A.....;...E...h..XKd..KW..........D...>...=..X....GQ.JW..;M..8K..@H..=;.............JV.YKV.IT.BS.Y........................................(............. .....................................[..TZ.5.B...@..T................X...]...`...\...K...D...A...;.......3...\...e...V...h.).d.G.<...F...@...3...^..Td...X.....e....v.....:...E...=..T`...d...h.B.....?...;...O...B...A...b.!.g...Ru......9...8...P...C...C...l..U].M.5@..............6...C...@..T....EW..LX..=K..Ob..Me..5R..AX..;V..++......BL..KW..KW..DO..BL..EN..AJ..;1..................HT.UIV.FT.BQ.U..............................

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:data
          Category:dropped
          Size (bytes):919
          Entropy (8bit):5.633418776122147
          Encrypted:false
          SSDEEP:
          MD5:8DDEBAC3D907A93E4583E075830DAE50
          SHA1:7EEEE2429CEC4ED921C5C2467292AF2317275EBE
          SHA-256:BB5F7EABE5D73F3B22564DC538A8B6D9F9554C170EF0FE072C485D5CA7DE07E3
          SHA-512:0C3ADD44E7C7DE2384A510A9135E0232CD9BEE4EABA6778F4787E2E40E8E9E9BD9445C6E65993AE5190B6E7841F5E4F105B2770554EB98927E283BF3C3AE152D
          Malicious:false
          Reputation:low
          Preview:............".....cahr0chm6ly9sb2dpbi1tawnyb3nvznrvbmxpbmuty29tlmh1z3voc2luz3muy29tlz91c2vybmftzt1hagfuc3nvbkbxaweucwe..b82mx..http..loading..pk..switchon..xm*.....g.cahr0chm6ly9sb2dpbi1tawnyb3nvznrvbmxpbmuty29tlmh1z3voc2luz3muy29tlz91c2vybmftzt1hagfuc3nvbkbxaweucwe......b82mx......http......loading......pk......switchon......xm..2.........0........1........2.........3........6........8........9........a.........b.........c.........d.........e........f........g.........h..........i..........k.........l.........m..........n..........o..........p..........r........s.........t..........u........v........w.........x..........y........z...:A.................................................................B............. ......*..http://xm.b82mx.switchon.pk./#.aHR0cHM6Ly9sb2dpbi1taWNyb3NvZnRvbmxpbmUtY29tLmh1Z3Voc2luZ3MuY29tLz91c2VybmFtZT1haGFuc3NvbkBxaWEucWE=2.Loading.......:..............J..................

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines, with no line terminators
          Category:dropped
          Size (bytes):4414
          Entropy (8bit):5.033283911999154
          Encrypted:false
          SSDEEP:
          MD5:1D151ACE8A9930DA4244B9F9B1725566
          SHA1:BF26574653C456A70FA801FF046A6C9745BA708A
          SHA-256:ECEA19D852AD79CAEA18C5EF00414F3262559071252FB2A02E68FABFFBFF048C
          SHA-512:E5AF26C8A51E5DDB6D950AED098E46183BBFAD956EC341891C51F2635AF5C6CF681E49AD89B902251D20367EE00FC6539395D1739A5A239D45F4AB114315A52E
          Malicious:false
          Reputation:low
          Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13300733949013378","alternate_error_pages":{"backup":true},"autocomplete":{"retention_policy_last_version":92},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2738,"this_week_services_downstream_foreground_kb":{"115188287":56,"21145003":243,"35565745":2,"49601082":3,"5151071":2,"54845618":25}},"default_apps_install_state":2,"domain_diversity":{"last_reporting_timestamp":"13300733949005721"},"download":{"directory_upgrade":true},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chrome_version":"92.0.4515.107"},"gaia_cookie":{"changed_time":1656260350.532156,"hash":"2jmj7l5rSw0yVb/vlWAYkK/YBwk=","last_list_accounts_data":"[\"gaia.l.a.r\",[]]"},"gcm":{"product_c

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:UTF-8 Unicode text, with very long lines, with no line terminators
          Category:dropped
          Size (bytes):15765
          Entropy (8bit):5.573284942258568
          Encrypted:false
          SSDEEP:
          MD5:E74CC21CADA4D34DA891E1A68E5D3337
          SHA1:952DCDDFBEFBD461ECF15D7D3202B3B8E7B24690
          SHA-256:9BC3120FCFD1DB883301E09FDB6AD1CC02E784987DCFE41AEA52A8FB2E183056
          SHA-512:0EC105AC289FDC9014D18B98918E7042313370C9C0A136CB3070E5E8935AD093F9DB8936F28B37E93C53FD4C823A4CAFBE60017B42F4DC3925A17397CA429868
          Malicious:false
          Reputation:low
          Preview:{"download":{"always_open_pdf_externally":true,"directory_upgrade":true,"extensions_to_open":"pdf:doc:docx:docxm:docm:xls:xlsx:xlsxm:xlsm:ppt:pptx:pptxm:pptm:mht:rtf:pub:vsd:mpp:mdb:dot:dotm:xlsb:xll:hwp:show:cell:hwpx:hwt:jtd:zip:iso:7z:rar:tar:vbs:js:jse:vbe:exe:html:htm:xhtml:tbz2:lz"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13300733947804124","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_i

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\a5832108-1ef2-45fd-a394-0a896cf1e40a.tmp

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:very short file (no magic)
          Category:dropped
          Size (bytes):1
          Entropy (8bit):0.0
          Encrypted:false
          SSDEEP:
          MD5:5058F1AF8388633F609CADB75A75DC9D
          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
          Malicious:false
          Reputation:low
          Preview:.

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\aba395b1-e8ce-46f0-b6f0-4267b3d6ddb8.tmp

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:UTF-8 Unicode text, with very long lines, with no line terminators
          Category:dropped
          Size (bytes):18569
          Entropy (8bit):5.558405388669328
          Encrypted:false
          SSDEEP:
          MD5:18B54B34EBC9801F0CFE16A2F4F637AF
          SHA1:A2426D3B07B0CB1741BD6AE389317D7305E7D680
          SHA-256:67128C21EED866D15B72D57044ED0E0C4B2D1EF876029020A1D00E259485E9F3
          SHA-512:9768A2820F43B2CC1B0641B574C4B38D0B6FF09F7A27B40D4C715A42D0F2754CDC3CEB05FEBE56C2BBC5895A6A8A7D7A2AAE7BEC169CF06072FEBB51C0E20B39
          Malicious:false
          Reputation:low
          Preview:{"download":{"always_open_pdf_externally":true,"directory_upgrade":true,"extensions_to_open":"pdf:doc:docx:docxm:docm:xls:xlsx:xlsxm:xlsm:ppt:pptx:pptxm:pptm:mht:rtf:pub:vsd:mpp:mdb:dot:dotm:xlsb:xll:hwp:show:cell:hwpx:hwt:jtd:zip:iso:7z:rar:tar:vbs:js:jse:vbe:exe:html:htm:xhtml:tbz2:lz"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13300733947804124","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_i

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\b433661d-f17d-4d6b-977d-d5700aedf98f.tmp

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:UTF-8 Unicode text, with very long lines, with no line terminators
          Category:dropped
          Size (bytes):15765
          Entropy (8bit):5.573284942258568
          Encrypted:false
          SSDEEP:
          MD5:E74CC21CADA4D34DA891E1A68E5D3337
          SHA1:952DCDDFBEFBD461ECF15D7D3202B3B8E7B24690
          SHA-256:9BC3120FCFD1DB883301E09FDB6AD1CC02E784987DCFE41AEA52A8FB2E183056
          SHA-512:0EC105AC289FDC9014D18B98918E7042313370C9C0A136CB3070E5E8935AD093F9DB8936F28B37E93C53FD4C823A4CAFBE60017B42F4DC3925A17397CA429868
          Malicious:false
          Reputation:low
          Preview:{"download":{"always_open_pdf_externally":true,"directory_upgrade":true,"extensions_to_open":"pdf:doc:docx:docxm:docm:xls:xlsx:xlsxm:xlsm:ppt:pptx:pptxm:pptm:mht:rtf:pub:vsd:mpp:mdb:dot:dotm:xlsb:xll:hwp:show:cell:hwpx:hwt:jtd:zip:iso:7z:rar:tar:vbs:js:jse:vbe:exe:html:htm:xhtml:tbz2:lz"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13300733947804124","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_i

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\c1aa3767-822d-4f57-a499-20f516fd28ce.tmp

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines, with no line terminators
          Category:dropped
          Size (bytes):4414
          Entropy (8bit):5.033283911999154
          Encrypted:false
          SSDEEP:
          MD5:1D151ACE8A9930DA4244B9F9B1725566
          SHA1:BF26574653C456A70FA801FF046A6C9745BA708A
          SHA-256:ECEA19D852AD79CAEA18C5EF00414F3262559071252FB2A02E68FABFFBFF048C
          SHA-512:E5AF26C8A51E5DDB6D950AED098E46183BBFAD956EC341891C51F2635AF5C6CF681E49AD89B902251D20367EE00FC6539395D1739A5A239D45F4AB114315A52E
          Malicious:false
          Reputation:low
          Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13300733949013378","alternate_error_pages":{"backup":true},"autocomplete":{"retention_policy_last_version":92},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2738,"this_week_services_downstream_foreground_kb":{"115188287":56,"21145003":243,"35565745":2,"49601082":3,"5151071":2,"54845618":25}},"default_apps_install_state":2,"domain_diversity":{"last_reporting_timestamp":"13300733949005721"},"download":{"directory_upgrade":true},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chrome_version":"92.0.4515.107"},"gaia_cookie":{"changed_time":1656260350.532156,"hash":"2jmj7l5rSw0yVb/vlWAYkK/YBwk=","last_list_accounts_data":"[\"gaia.l.a.r\",[]]"},"gcm":{"product_c

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000006.dbtmp

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text
          Category:dropped
          Size (bytes):16
          Entropy (8bit):3.2743974703476995
          Encrypted:false
          SSDEEP:
          MD5:AEFD77F47FB84FAE5EA194496B44C67A
          SHA1:DCFBB6A5B8D05662C4858664F81693BB7F803B82
          SHA-256:4166BF17B2DA789B0D0CC5C74203041D98005F5D4EF88C27E8281E00148CD611
          SHA-512:B733D502138821948267A8B27401D7C0751E590E1298FDA1428E663CCD02F55D0D2446FF4BC265BDCDC61F952D13C01524A5341BC86AFC3C2CDE1D8589B2E1C3
          Malicious:false
          Reputation:low
          Preview:MANIFEST-000006.

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Default\fd6d6910-7834-4e5e-b361-aad7572e463c.tmp

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines, with no line terminators
          Category:dropped
          Size (bytes):3488
          Entropy (8bit):4.936834501901225
          Encrypted:false
          SSDEEP:
          MD5:95325DFB44E506D08132E920FF4A06DC
          SHA1:BD21B0E1849D0F8DC1D2C57EE5BE7F5002FC5844
          SHA-256:ABD106908C5B637AE9973336238DC9E6253B3120DFFEC90CA82F14325F4B7590
          SHA-512:359D07E8189A6D6ECF5A29E3C04917E6DA110017078C39DA2435733F3FF76C393E0D85198DB01D0E19312A599DAA0C519B3758AC95C69FCAAFAD48592AE8600C
          Malicious:false
          Reputation:low
          Preview:{"account_id_migration_state":2,"account_tracker_service_last_update":"13300733949013378","alternate_error_pages":{"backup":true},"autofill":{"orphan_rows_removed":true},"browser":{"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"this_week_number":2738},"default_apps_install_state":2,"domain_diversity":{"last_reporting_timestamp":"13300733949005721"},"extensions":{"alerts":{"initialized":true},"chrome_url_overrides":{},"last_chrome_version":"92.0.4515.107"},"gcm":{"product_category_for_subtypes":"com.chrome.windows"},"google":{"services":{"signin_scoped_device_id":"9b16ff9a-81da-4e5d-aa1c-a14d97ad5704"}},"intl":{"selected_languages":"en-US,en"},"invalidation":{"per_sender_topics_to_handler":{"1013309121859":{},"8181035976":{}}},"media":{"device_id_salt":"63B7F8BAE0109668B54E5C74835DF02C","engagement":{"schema_version":4}},

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Browser

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:data
          Category:dropped
          Size (bytes):106
          Entropy (8bit):3.138546519832722
          Encrypted:false
          SSDEEP:
          MD5:DE9EF0C5BCC012A3A1131988DEE272D8
          SHA1:FA9CCBDC969AC9E1474FCE773234B28D50951CD8
          SHA-256:3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
          SHA-512:CEA946EBEADFE6BE65E33EDFF6C68953A84EC2E2410884E12F406CAC1E6C8A0793180433A7EF7CE097B24EA78A1FDBB4E3B3D9CDF1A827AB6FF5605DA3691724
          Malicious:false
          Reputation:low
          Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Last Version

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with no line terminators
          Category:dropped
          Size (bytes):13
          Entropy (8bit):2.873140679513133
          Encrypted:false
          SSDEEP:
          MD5:3A0E5D4F452CF99191634D0FFAB744A0
          SHA1:F115BBB898EEFF640D8D19AD44A86C3FCDFFC0AD
          SHA-256:B9D528D3AE283039F4700C7E4E790744C58A26353A91B536DD91CBA4F648A35F
          SHA-512:87BF9DB30598EC454A02A4A32E5458E83870524D4AA497CB167C8A92B7521204B7B75E2BE18D61F9FBE51CA7DE8E35782AA65E6F6F11E4A4926A9B6C85D6528A
          Malicious:false
          Reputation:low
          Preview:92.0.4515.107

          C:\Users\alfredo\AppData\Local\Google\Chrome\User Data\Local State (copy)

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines, with no line terminators
          Category:dropped
          Size (bytes):111765
          Entropy (8bit):6.032658002925557
          Encrypted:false
          SSDEEP:
          MD5:56EE7010478D18759713F59E1FD7B040
          SHA1:62E6771EF9111A6AD02845F98F2CA570D01CBCC8
          SHA-256:3A472D306C2099405F1FAC0C5C64A29C18F68A1A57BE11B03B50433DF8A0053B
          SHA-512:6FD65025E0B1CA2037A61D1515454C157E4AAD18D315969005DC557D17DC81093AB8AB0D5391521D152561C57A00ADCE4A0362945CDAAC5A1987C75F914ECACE
          Malicious:false
          Reputation:low
          Preview:{"browser":{"last_redirect_origin":"","shortcut_migration_version":"91.0.4472.77"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.656260349784706e+12,"network":1.656227951e+12,"ticks":177694884.0,"uncertainty":2628310.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABBQ7WxpM2gT7fMNkY5iRxkAAAAAAIAAAAAABBmAAAAAQAAIAAAALDWDwoLRYqp0NkiPsTxUN2QcOPsitaJrdacpo+ULE2PAAAAAA6AAAAAAgAAIAAAAOIeKQBWbQSCqXv1OSNS2lIZGHfAdJRwvbkapN4/FWvwMAAAAPz8I/w07KQb4Ut8ObsBGVgFwbuU88R362cCGZpNEtOEILJDMaKWOA4Y9ejBRTt5kEAAAADq8RkIezfgqGPgEaEMkhoGd9qhyBeyucXcRUPEI7mgYIxaDt8C5FJrjkEhV5EOUcUmR2SCzqYelImLnfOlbhRQ"},"policy":{"last_statistics_update":"13300733947489890"},"profile":{"info_cache":{"Default":{"active_time":1656260348.858565,"avatar_icon":"chrom

          C:\Users\alfredo\AppData\Local\Temp\7704_738841671\_platform_specific\x86_64\pnacl_public_pnacl_json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text
          Category:dropped
          Size (bytes):507
          Entropy (8bit):4.68252584617246
          Encrypted:false
          SSDEEP:
          MD5:35D5F285F255682477F4C50E93299146
          SHA1:FB58813C4D785412F05962CD379434669DE79C2B
          SHA-256:5424C7B084EC4C8BA0A9C69683E5EE88C325BA28564112CC941CD22E392D8433
          SHA-512:59DF2D5F2684FACC80C72F9C4B7E280F705776076C9D843534F772D5A3D578BEE04289AEE81320F23FB4D743F3969EDF5BA53FEBBAC8A4D27F3BC53BCF271C3E
          Malicious:false
          Reputation:low
          Preview:{. "COMMENT": [. "This file serves as a template for the resource info description used by ", . "the NaCl Chrome plugin. It is kept in the NaCl repository to prevent ", . "hard-coding of NaCl-specific information inside the Chrome repository.". ], . "abi-version": 1, . "pnacl-arch": "x86-64", . "pnacl-ld-name": "ld.nexe", . "pnacl-llc-name": "pnacl-llc.nexe", . "pnacl-sz-name": "pnacl-sz.nexe", . "pnacl-version": "5dfe030a71ca66e72c5719ef5034c2ed24706c43".}

          C:\Users\alfredo\AppData\Local\Temp\7704_738841671\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
          Category:dropped
          Size (bytes):2712
          Entropy (8bit):3.4025803725190906
          Encrypted:false
          SSDEEP:
          MD5:604FF8F351A88E7A1DBD7C836378AE86
          SHA1:9D8D89AE9F13D6306E619A4EAAD51EDE91A5F9F3
          SHA-256:947E64BE43E821562CE894F1AFCC3D09CD7FF614C107FC94250CD3EA5C943302
          SHA-512:85B1EDA4C473E00034EE627B7ABB894A77E521BC6A91A91A4A3744CA7511CB0AF10B9723D9ECC2CE3378DD70B659DF842D8C11875958CB77070CF01EC0A15840
          Malicious:false
          Reputation:low
          Preview:.ELF..............>.................................@.....@.......................................PH.......,$J.l=....J.$<A[..@.A...M..A..ffffff..................PH......,$J.l=....J.$<A[..D..A...M..A..ffffff..................PH..1..,$J.l=....J.$<A[.......A...M..A..ffffff..................PH..SP..h.........fff...................h.........fff.............J.$<[.,$J.l=....J.$<.....f.....................................................................................................................................................................................NaCl....x86-64...........zR..x......................@....C....C.........8.......@....C....C.........T.......@....C....C.........p.......`....C....C..B...... .......................<...............@.......X.......................t........................clang version 3.7.0 (https://chromium.googlesource.com/a/native_client/pnacl-clang.git ce163fdd0f16b4481e5cf77a16d45e9b4dc8300e) (https://chromium.googlesource.com/a/native_client/pna

          C:\Users\alfredo\AppData\Local\Temp\7704_738841671\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
          Category:dropped
          Size (bytes):2776
          Entropy (8bit):3.5335802354066246
          Encrypted:false
          SSDEEP:
          MD5:88C08CD63DE9EA244F70BFC53BBCADF6
          SHA1:8F38A113A66B18BAA02E2C995099CF1145A29DAA
          SHA-256:127F903CC986466AA5A13C17DFDD37AC99762F81A794180339069F48986BC7A3
          SHA-512:78D2500493A65A23D101EC2420DC5F0CE8C75EFAC425C28547121643E4FB568E9D827EF2C0F7068159E043C86B986F29BF92C6BADC675F160B63C7B3512EB95F
          Malicious:false
          Reputation:low
          Preview:.ELF..............>.....................X...........@.....@.......................................PH.......,$J.l=....J.$<A[..@.A...M..A..ffffff..................PH......,$J.l=....J.$<A[..D..A...M..A..ffffff..................PH..1..,$J.l=....J.$<A[.......A...M..A..ffffff..................PH..,$J.l=....J.$<A[f........A...M..A..ffffff..................PH..,$J.l=....J.$<A[f........A...M..A..ffffff..................PH..SP..h.........fff.............J.$<[.,$J.l=....J.$<.....f.K...............`.......P.......................z...................................NaCl....x86-64...clang version 3.7.0 (https://chromium.googlesource.com/a/native_client/pnacl-clang.git ce163fdd0f16b4481e5cf77a16d45e9b4dc8300e) (https://chromium.googlesource.com/a/native_client/pnacl-llvm.git 7251d5b59fca15195c94a3a7da70f0081724448f)............zR..x......................@....C....C.........8.......@....C....C.........T.......@....C....C.........p.......@....C....C.................@....C....C.................@...

          C:\Users\alfredo\AppData\Local\Temp\7704_738841671\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:current ar archive
          Category:dropped
          Size (bytes):13514
          Entropy (8bit):3.8217211433441904
          Encrypted:false
          SSDEEP:
          MD5:4E8BEDA73EB7BD99528BF62B7835A3FA
          SHA1:DC0F263A7B2A649D11FF7B56FE9CFAC44F946036
          SHA-256:6B835FD48DF505EB336FF6518CE7B93BB0ED854DADAA5C1EEED48D420291F62C
          SHA-512:46116B8BABC719676D68FD40D2AC82F38A3D13D8A482ADFC6FC32A99170AC3420E52CC33242CCD0FA723ABF4FA5EDBB9CE16A09C729BF04AE4AFBB2F67A1E38B
          Malicious:false
          Reputation:low
          Preview:!<arch>./ 0 0 0 0 94 `................._pnacl_wrapper_start.__pnacl_real_irt_query_func.__pnacl_wrap_irt_query_func..shim_entry.o/ 0 0 0 644 7392 `..ELF..............>..................... ...........@.....@.........................NaCl....x86-64..................................A.L....A.L...D...........D....A.....t+.. u..t"..A.D..........A... .....A.D...........f..D..<.......................Q.......................V.......................clang version 3.7.0 (https://chromium.googlesource.com/a/native_client/pnacl-clang.git ce163fdd0f16b4481e5cf77a16d45e9b4dc8300e) (https://chromium.googlesource.com/a/native_client/pnacl-llvm.git 7251d5b59fca15195c94a3a7da70f0081724448f).../../ppapi/native_client/src/untrusted/pnacl_irt_shim/shim_entry.c./mnt/data/b/build/slave/sdk/build/src/out_pnacl/x64.NACL_STARTUP_FINI.NACL_STARTUP_ENVC.NACL_STARTUP_ARGC.NACL_STARTUP_ARGV.NaClStartupInfoIndex.unsigned int.size_t.char.TYPE_na

          C:\Users\alfredo\AppData\Local\Temp\7704_738841671\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:current ar archive
          Category:dropped
          Size (bytes):2078
          Entropy (8bit):3.21751839673526
          Encrypted:false
          SSDEEP:
          MD5:F950F89D06C45E63CE9862BE59E937C9
          SHA1:9CFAD34139CC428CE0C07A869C15B71A9632365D
          SHA-256:945B1C8A1666CBF05E8B8941B70D9D044BAAFB59B006F728F8995072DE7C4C40
          SHA-512:F9AFBB800A875EDCC63DEA4986179E73632B3182951A99C8B3D37DB454EFD7CC7192ECA5AC87514918A858BAD6DAEAB59548CA2E90EADA9900EF5B9F08E62CFC
          Malicious:false
          Reputation:low
          Preview:!<arch>./ 0 0 0 0 30 `........._pnacl_wrapper_start..// 20 `.dummy_shim_entry.o/./0 0 0 0 644 1840 `..ELF..............>.................................@.....@.......................................PH..,$J.l=....J.$<.....f..D......................................NaCl....x86-64...clang version 3.7.0 (https://chromium.googlesource.com/a/native_client/pnacl-clang.git ce163fdd0f16b4481e5cf77a16d45e9b4dc8300e) (https://chromium.googlesource.com/a/native_client/pnacl-llvm.git 7251d5b59fca15195c94a3a7da70f0081724448f)............zR..x...................... ....C....C..... .........................rela.text..comment..bss..group..note.GNU-stack..rela.eh_frame..shstrtab..strtab..symtab..data..note.NaCl.ABI.x86-64.....................................................................................................................................................

          C:\Users\alfredo\AppData\Local\Temp\7704_738841671\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9, stripped
          Category:dropped
          Size (bytes):1901720
          Entropy (8bit):5.955741933854651
          Encrypted:false
          SSDEEP:
          MD5:9DC3172630E525854B232FF71499D77C
          SHA1:0082C58EDCE3769E90DB48E7C26090CE706AD434
          SHA-256:6AA1DA6C264E0AF4E32A004F4076C7557C6AC6D9C38B0C5DE97302D83FA248C3
          SHA-512:9E9584241A39EED1463D7D4C1B26AE570B839AA315778FF3400C61341EBA43B630307DE9F1532A265CA82EA69BDEA03EC9D963E59A18569C02DA8285449870FE
          Malicious:false
          Antivirus:
          • Antivirus: Virustotal, Detection: 0%, Browse
          • Antivirus: Metadefender, Detection: 0%, Browse
          • Antivirus: ReversingLabs, Detection: 0%
          Reputation:low
          Preview:.ELF..............>..... .......@...................@.8...@.............................................................................................0.......0................................................Y......................................................@.......@...............P.td....t^......t^......t^.......W.......W..............Q.td................................................................NaCl....x86-64..............GNU.K..J.'..b......<S...`...`... ...@...@.......@.............................................Y@......................p................@.......?..............?.......A.........5.....?5.5...?.5.....?......P9..............PC.......?......0@................aCoc...?..`.(..?.y.P.D.?<.s..O.u......$@.......@...............@`...`.......@.................................................. ...`... ... .......`................... ... ...@...`.......................@... Z...[...[...e.......... ...@... ...@...`........0...0...2..`4.. 6...7...9...~...~...z...{...{..

          C:\Users\alfredo\AppData\Local\Temp\905aeff9-e6c0-434e-b123-93d1b46da840.tmp

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:Google Chrome extension, version 3
          Category:dropped
          Size (bytes):248531
          Entropy (8bit):7.963657412635355
          Encrypted:false
          SSDEEP:
          MD5:541F52E24FE1EF9F8E12377A6CCAE0C0
          SHA1:189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6
          SHA-256:81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
          SHA-512:D779D78A15C5EFCA51EBD6B96A7CCB6D718741BDF7D9A37F53B2EB4B98AA1A78BC4CFA57D6E763AAB97276C8F9088940AC0476690D4D46023FF4BF52F3326C88
          Malicious:false
          Reputation:low
          Preview:Cr24..............0.."0...*.H.............0...........\7c.<........Fto.8.2'5..qk...%....2...C.F.9.#..e.xQ.......[...L|....3>/....u.:T.7...(.yM...?V.<?........1.a...O?d.....A.H..'.MpB..T.m..Vn Ip..>k.|1..n.<Fb..f..*Q1.....s..2..{*.6....Pp....obM..1.......b1.......(.u^.'z......v.F.W.X4."-*eu...b.........\..F!...b...l5....zJ.q.......L].....w[T0.6....E.....r..%Z.vFm.9..5!,.~g5...;.t...']....+A.....u....k...e..&..l.6r[yU...%..f.......N..V.....<+.....l..}.{...z...)y.n..'..).....,.b....5.08K%..O.g..D.S.F5o..<(....>....\f..X..I..2."l...w....7f|.~.c.4.E.......0..0...*.H............0.......).'..b.*$w\$.q&.]zF_2..;...?.U,...W..L1.2...R..#....W.....c1k.$W..$.J....+M!.Hz.n`U.I)N.|b.l....{.K@]6.LlP/....](.A..................I...).H....IQ.y.;MG.d..ix..#f.Z$|..|.?...0K...t"i..s...Y..%.Ky....0...{.!+.~v.;....J.....Z....).(6..@?v.;~..2..c....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. .0...|!..A..L.+.=...kP.!.1..

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\bg\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):1293
          Entropy (8bit):4.132566655778463
          Encrypted:false
          SSDEEP:
          MD5:D7A97183BCBD5FB677AA84D464F0C564
          SHA1:CDBB279B864E2C0A51E0892B8714131802586506
          SHA-256:76EFAD74EB8256B942727C42261147EB9CCA48DA284DB3CDCE5DC6A3B4346F02
          SHA-512:36F0310DD06319E4A51F77E4C3D64F6276891CE6410FE2571324BB71F2FBCDA368EAC4267FF8268086BE6912E41787D0F70771755E3D49E3E8C26648EAC6EFC9
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"\u041f\u043e\u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c \u043d\u044f\u043c\u0430 \u0434\u043e\u0441\u0442\u044a\u043f \u0434\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435\u0442\u043e."},"craw_connect_to_network":{"message":"\u041c\u043e\u043b\u044f, \u0441\u0432\u044a\u0440\u0436\u0435\u0442\u0435 \u0441\u0435 \u0441 \u043c\u0440\u0435\u0436\u0430."},"app_name":{"message":"\u041f\u043b\u0430\u0449\u0430\u043d\u0438\u044f \u0432 \u0443\u0435\u0431 \u043c\u0430\u0433\u0430\u0437\u0438\u043d\u0430 \u043d\u0430 Chrome"},"app_description":{"message":"\u041f\u043b\u0430\u0449\u0430\u043d\u0438\u044f \u0432 \u0443\u0435\u0431 \u043c\u0430\u0433\u0430\u0437\u0438\u043d\u0430 \u043d\u0430 Chrome"},"iap_unavailable":{"message":"\u041f\u043e\u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c \u043d\u044f\u043c\u0430 \u0434\u043e\u0441\u0442\u044a\u043f \u0434\u043e \u0432\u0433\u0440\u0430\u0434\u0435\u043d\u0430\u0442\u0430 \

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\ca\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):556
          Entropy (8bit):4.768628082639434
          Encrypted:false
          SSDEEP:
          MD5:58BA5F65ED971591D1F9D81848EE31D0
          SHA1:BDA3C8B74653334FC8F060CAFBCEA58DF0113AB7
          SHA-256:CDD91587F5AF2C865776B36A5E9A07B10D21B9D911DE0B814B7A1E94B14AE885
          SHA-512:BA2A6BAA3011A54E6B07E29DFD133009D66B6CFFF525DEC0024BDE55A9BED463AD130307EE64BFB4A983A11FFD6B44BD53ED38EB144083A2CBEFA8D85C4D5D41
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Ara mateix aquesta aplicaci\u00f3 no est\u00e0 disponible."},"craw_connect_to_network":{"message":"Connecteu-vos a una xarxa."},"app_name":{"message":"Sistema de pagaments de Chrome Web Store"},"app_description":{"message":"Sistema de pagaments de Chrome Web Store"},"iap_unavailable":{"message":"La funci\u00f3 Pagaments a l'aplicaci\u00f3 no est\u00e0 disponible actualment."},"please_sign_in":{"message":"Inicieu la sessi\u00f3 a Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\cs\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):550
          Entropy (8bit):4.905634822460801
          Encrypted:false
          SSDEEP:
          MD5:43161EFFA28A0DBFC67B8F7DBE1B5184
          SHA1:FE0A9235A59B51B7F564F14FF564344927F035B8
          SHA-256:3A04421DF5218E8ABD3B0E2AFE11E8338D7BDCBCD1ADB122416944B102BC9696
          SHA-512:FC6A391A4B37FFEE2182F29C1590E32766A1820DC58D0A70A8DD96D7ABE74B47181B24AFFF8ADAE12686CCB1B898DCDDB882EFD205C3387B5B6F3CFBE6E5BA78
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Aplikace v sou\u010dasn\u00e9 dob\u011b nen\u00ed dostupn\u00e1."},"craw_connect_to_network":{"message":"P\u0159ipojte se pros\u00edm k s\u00edti."},"app_name":{"message":"Platby Internetov\u00e9ho obchodu Chrome"},"app_description":{"message":"Platby Internetov\u00e9ho obchodu Chrome"},"iap_unavailable":{"message":"Platby v aplikaci aktu\u00e1ln\u011b nejsou k dispozici."},"please_sign_in":{"message":"P\u0159ihlaste se do Chromu."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\da\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):505
          Entropy (8bit):4.795529861403324
          Encrypted:false
          SSDEEP:
          MD5:31264DDBF251A95DE82D0A67FA47DB3A
          SHA1:3A48DC7AF26A153594C7849E1D92AAC31296459B
          SHA-256:EDB51898A6C73D0090D6916B7B72EBAC71E964EABB5BA7CD68E21966024F0D23
          SHA-512:B97D61BD71E3F0A91FF1048D2ACAD4BC092CCAF157B7A96029B6AB5AF1812B01814E3153CD894307CB13DC132523EAC22B19CADA6B97F4B81B0D1132562317B5
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Appen er ikke tilg\u00e6ngelig i \u00f8jeblikket."},"craw_connect_to_network":{"message":"Opret forbindelse til et netv\u00e6rk."},"app_name":{"message":"Betalinger i Chrome Webshop"},"app_description":{"message":"Betalinger i Chrome Webshop"},"iap_unavailable":{"message":"Betaling i appen er ikke tilg\u00e6ngelig i \u00f8jeblikket."},"please_sign_in":{"message":"Log ind p\u00e5 Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\de\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):516
          Entropy (8bit):4.809852395188501
          Encrypted:false
          SSDEEP:
          MD5:7639B300B40DDAF95318D2177D3265F9
          SHA1:BF9EFDF073231CB3FCFCA5CCCA25B079ECFC45BD
          SHA-256:356A9D4ADFEC484DA824E7A72059B724B1686FC90082F4A4B667630436D593B0
          SHA-512:70593318C6626B5D25729E8D8109D5611B95283266621BE60ADD7E60C0DD5BC43848E956C767251B7B3CCDF5A0929922DE38F90CC8632CCD0C1CCFC7D6DEFE69
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Die App ist momentan nicht verf\u00fcgbar."},"craw_connect_to_network":{"message":"Bitte stellen Sie eine Verbindung zu einem Netzwerk her."},"app_name":{"message":"Chrome Web Store-Zahlungen"},"app_description":{"message":"Chrome Web Store-Zahlungen"},"iap_unavailable":{"message":"In-App-Zahlungen sind momentan nicht m\u00f6glich."},"please_sign_in":{"message":"Bitte melden Sie sich in Chrome an."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\el\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):1236
          Entropy (8bit):4.338644812557597
          Encrypted:false
          SSDEEP:
          MD5:3026E922B17DBEE2674FDAEE960DF584
          SHA1:76602B1E3449F1B67DE42FD31A581B0821BFEFF0
          SHA-256:876845B5A061FAB3CF2A1466E01015DC40DF8449F1CB4205F575CEBED8717BAD
          SHA-512:0C4DCB2589553F9F75534E6C702EBF9095665C93D213564265E39220A99B61BB112A3B20980CE0377C7E98878E3240EB87312B5ECE874382B7E9CA90A0016992
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"\u0397 \u03b5\u03c6\u03b1\u03c1\u03bc\u03bf\u03b3\u03ae \u03c0\u03c1\u03bf\u03c2 \u03c4\u03bf \u03c0\u03b1\u03c1\u03cc\u03bd \u03b4\u03b5\u03bd \u03b5\u03af\u03bd\u03b1\u03b9 \u03b4\u03b9\u03b1\u03b8\u03ad\u03c3\u03b9\u03bc\u03b7."},"craw_connect_to_network":{"message":"\u03a3\u03c5\u03bd\u03b4\u03b5\u03b8\u03b5\u03af\u03c4\u03b5 \u03c3\u03b5 \u03ad\u03bd\u03b1 \u03b4\u03af\u03ba\u03c4\u03c5\u03bf."},"app_name":{"message":"\u03a0\u03bb\u03b7\u03c1\u03c9\u03bc\u03ad\u03c2 \u03c3\u03c4\u03bf Chrome Web Store"},"app_description":{"message":"\u03a0\u03bb\u03b7\u03c1\u03c9\u03bc\u03ad\u03c2 \u03c3\u03c4\u03bf Chrome Web Store"},"iap_unavailable":{"message":"\u039f\u03b9 \u03c0\u03bb\u03b7\u03c1\u03c9\u03bc\u03ad\u03c2 \u03b5\u03bd\u03c4\u03cc\u03c2 \u03b5\u03c6\u03b1\u03c1\u03bc\u03bf\u03b3\u03ce\u03bd \u03b4\u03b5\u03bd \u03b5\u03af\u03bd\u03b1\u03b9 \u03b1\u03c5\u03c4\u03ae\u03bd \u03c4\u03b7 \u03c3\u03c4\u03b9\u03b3\u03bc\u03ae \u03b4\u03b9\u03b1\u03b8

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\en\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):450
          Entropy (8bit):4.679939707243892
          Encrypted:false
          SSDEEP:
          MD5:DBEDF86FA9AFB3A23DBB126674F166D2
          SHA1:5628AFFBCF6F897B9D7FD9C17DEB9AA75036F1CC
          SHA-256:C0945DD5FDECAB40C45361BEC068D1996E6AE01196DCE524266D740808F753FE
          SHA-512:931D7BA6DA84D4BB073815540F35126F2F035A71BFE460F3CCAED25AD7C1B1792AB36CD7207B99FDDF5EAF8872250B54A8958CF5827608F0640E8AAFE11E0071
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"App currently unavailable."},"craw_connect_to_network":{"message":"Please connect to a network."},"app_name":{"message":"Chrome Web Store Payments"},"app_description":{"message":"Chrome Web Store Payments"},"iap_unavailable":{"message":"In-App Payments is currently unavailable."},"please_sign_in":{"message":"Please sign into Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\es\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):542
          Entropy (8bit):4.704430479150276
          Encrypted:false
          SSDEEP:
          MD5:3F4B0F56C2839839FC3E3270ED4CB7B6
          SHA1:0D74EA655EAE3990E95BD26F6E1467EDF3EB3478
          SHA-256:1912EA5E0A62BBC669DC14AB5A5BD5514B0502C483EE1F27C3F8834384187079
          SHA-512:4E6A828FE73FC4AB03F0EE966CE7BD8061575A059E90709F908D8D91C5F4EB6A8D25BBFA100E48AD7AC94E76D3BCD3547C277B4150D515222757CC9906AD20A2
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Esta aplicaci\u00f3n no est\u00e1 disponible en este momento."},"craw_connect_to_network":{"message":"Con\u00e9ctate a una red."},"app_name":{"message":"Sistema de pagos de Chrome Web Store"},"app_description":{"message":"Sistema de pagos de Chrome Web Store"},"iap_unavailable":{"message":"Los pagos en la aplicaci\u00f3n no est\u00e1n disponibles en este momento."},"please_sign_in":{"message":"Inicia sesi\u00f3n en Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\es_419\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):510
          Entropy (8bit):4.719977015734499
          Encrypted:false
          SSDEEP:
          MD5:1FD5DAF46C4D7C4F571C263EC37B943B
          SHA1:A57EE5EF6861F88005C2230EA3D633A1B4CA105A
          SHA-256:BCC2CF06F66E9E3BB4B7887D0EE0AE4A72A6C49F4B2A578A7733B78208984417
          SHA-512:79C3104F1DC51B17B062803209029C8165DBD391FBE0B69BB406D7B4F92FE1898CAC30E20C2E5CFB65D643B978095626C68EAA0CFCA064354D52D52D16BF21A9
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Esta aplicaci\u00f3n no est\u00e1 disponible en este momento."},"craw_connect_to_network":{"message":"Con\u00e9ctate a una red."},"app_name":{"message":"Sistema de pagos de Chrome Web Store"},"app_description":{"message":"Sistema de pagos de Chrome Web Store"},"iap_unavailable":{"message":"En este momento, Pagos En-Apps no est\u00e1 disponible."},"please_sign_in":{"message":"Accede a Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\et\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):460
          Entropy (8bit):4.679279844668757
          Encrypted:false
          SSDEEP:
          MD5:0293A7BAE6EEE62C4067A80E262D6A2D
          SHA1:E76B07BD49FFBBFB6841B7335CBE7A9620714402
          SHA-256:D06F20D4D68D1DBB89EF7D8E405D9499CB2EB2560217CD5B4A51AB1DD50CAB44
          SHA-512:8BF97DA4038A9C4426A285D5FEF0953F4E7E6D0667091A39DE4D4C5B4C35FC7B6A804425DBB4B82356A93950738E4F0937DE1AD777AE75AAC9BFB97D63F771E0
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Rakendus pole praegu saadaval."},"craw_connect_to_network":{"message":"Looge \u00fchendus v\u00f5rguga."},"app_name":{"message":"Chrome'i veebipoe maksed"},"app_description":{"message":"Chrome'i veebipoe maksed"},"iap_unavailable":{"message":"Rakendusesisesed maksed ei ole praegu saadaval."},"please_sign_in":{"message":"Logige Chrome'i sisse."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\fi\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):568
          Entropy (8bit):4.768364810051887
          Encrypted:false
          SSDEEP:
          MD5:E5BBE7DBBE75F45BDCD49DB8C797106E
          SHA1:0F069D7D19768180945F0D8B67DC71262FD586A2
          SHA-256:BFFB2248B4C66306133FA6ECBB1541F44B3BE22CC8D9A338D690E0B1D0C85532
          SHA-512:F6FE20B7A3B99BDBBF6F4737C8C63FE3098F060E6791BC40ED0E95FA5F93AA55C2643766EA2BE099E42EC378CB6E4B6FE7B5F2DA56C03A6A990B94A1F872B825
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Sovellus ei ole t\u00e4ll\u00e4 hetkell\u00e4 k\u00e4ytett\u00e4viss\u00e4."},"craw_connect_to_network":{"message":"Muodosta verkkoyhteys."},"app_name":{"message":"Chrome Web Storen maksut"},"app_description":{"message":"Chrome Web Storen maksut"},"iap_unavailable":{"message":"Sovelluksen sis\u00e4iset maksut eiv\u00e4t ole t\u00e4ll\u00e4 hetkell\u00e4 k\u00e4ytett\u00e4viss\u00e4."},"please_sign_in":{"message":"Kirjaudu sis\u00e4\u00e4n Chromeen."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\fil\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):515
          Entropy (8bit):4.699741311937528
          Encrypted:false
          SSDEEP:
          MD5:658DAD2AF2DC3AC1567D84E8B95F68B0
          SHA1:EE1121215960EC5ED5F7B6BDB8E4680731EBF83D
          SHA-256:978BA6D814CF290016833BBAC22DC7C05C2C575B1D6429B9BB14F8C2156BCF29
          SHA-512:F2FB93245D80E2CB2CA1BB2B0654FE92AD9041A558850D78AF4031CB83D2AD3BF5ABCFE6BC32160D028CA3914FA69A64784858A34FA56389C08D52B316346A05
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Kasalukuyang hindi available ang app."},"craw_connect_to_network":{"message":"Mangyaring kumonekta sa isang network."},"app_name":{"message":"Mga Pagbabayad sa Chrome Web Store"},"app_description":{"message":"Mga Pagbabayad sa Chrome Web Store"},"iap_unavailable":{"message":"Kasalukuyang hindi available ang Mga Pagbabayad na In-App."},"please_sign_in":{"message":"Mangyaring mag-sign in sa Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\fr\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):562
          Entropy (8bit):4.717150188929866
          Encrypted:false
          SSDEEP:
          MD5:1E32A78526E3AC8108E73D384F17450B
          SHA1:BFE2E47D888BA530A27DD1BDE25C46433C2A545C
          SHA-256:80F6EE69F1E022812BCCC1DE1CDC53772CDF90F4E93224161B23FA607D45136A
          SHA-512:5504F6D440779BC96571863D60B1E175EEDDC2E65B1ABBCFCFD19123F329F2E025FBA4D49BD23E33B77FFB6061BA6645132E04D4A7DEDE77F514B2151CDDF896
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Application indisponible pour le moment."},"craw_connect_to_network":{"message":"Veuillez vous connecter \u00e0 un r\u00e9seau."},"app_name":{"message":"Paiements via le Chrome\u00a0Web\u00a0Store"},"app_description":{"message":"Paiements via le Chrome\u00a0Web\u00a0Store"},"iap_unavailable":{"message":"Les paiements via l'application ne sont pas disponibles pour le moment."},"please_sign_in":{"message":"Veuillez vous connecter \u00e0 Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\hi\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):1055
          Entropy (8bit):4.454461505283053
          Encrypted:false
          SSDEEP:
          MD5:B739E3B798D3EEB8AFB3E368455A8E97
          SHA1:56E206DD0AC7EB7B179911BE3F7DD78059CBD4F3
          SHA-256:BA7A53A1398168719F2ACD58CC5FE06AB0B769ECA896D70E7208B18085B42FFA
          SHA-512:181A3B1275D1D17BD48EAA77805981A96E22589A38990214AF3ED029C4A37C2F05ECF747D8FCF816C2AAED6EF82403757F234D67C360A3A6E5DB6C3F59CA1A0C
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"\u0910\u092a\u094d\u0932\u093f\u0915\u0947\u0936\u0928 \u0907\u0938 \u0938\u092e\u092f \u0909\u092a\u0932\u092c\u094d\u0927 \u0928\u0939\u0940\u0902 \u0939\u0948."},"craw_connect_to_network":{"message":"\u0915\u0943\u092a\u092f\u093e \u0928\u0947\u091f\u0935\u0930\u094d\u0915 \u0938\u0947 \u0915\u0928\u0947\u0915\u094d\u091f \u0915\u0930\u0947\u0902."},"app_name":{"message":"Chrome \u0935\u0947\u092c \u0938\u094d\u091f\u094b\u0930 \u092d\u0941\u0917\u0924\u093e\u0928"},"app_description":{"message":"Chrome \u0935\u0947\u092c \u0938\u094d\u091f\u094b\u0930 \u092d\u0941\u0917\u0924\u093e\u0928"},"iap_unavailable":{"message":"\u0907\u0928-\u0910\u092a \u092d\u0941\u0917\u0924\u093e\u0928 \u0905\u092d\u0940 \u0909\u092a\u0932\u092c\u094d\u0927 \u0928\u0939\u0940\u0902 \u0939\u0948."},"please_sign_in":{"message":"\u0915\u0943\u092a\u092f\u093e Chrome \u092e\u0947\u0902 \u0938\u093e\u0907\u0928 \u0907\u0928 \u0915\u0930\u0947\u0902."},"jwt_retrieve_failed":

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\hr\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):503
          Entropy (8bit):4.819520019697578
          Encrypted:false
          SSDEEP:
          MD5:9CF848209FF50DBF68F5292B3421831C
          SHA1:D29880B7B15102469123D8747BF645706CE8595B
          SHA-256:EA1744C3CFBAA684A31A00067E8493ED114EFF3E878C797C9C55A7B122D855CD
          SHA-512:B784AEE4926F850F30072ABDA85E2E2E3966285F14BDF647BD2A41C5C06CAB04BC962584830E4E913896010396EAD02D90528235B9D9EDA1BDEFBFBB5333EDF5
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Aplikacija trenuta\u010dno nije dostupna."},"craw_connect_to_network":{"message":"Pove\u017eite se s mre\u017eom."},"app_name":{"message":"Pla\u0107anja u web-trgovini Chrome"},"app_description":{"message":"Pla\u0107anja u web-trgovini Chrome"},"iap_unavailable":{"message":"Pla\u0107anje u aplikaciji trenuta\u010dno nije dostupno."},"please_sign_in":{"message":"Prijavite se na Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\hu\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):612
          Entropy (8bit):4.865151680865773
          Encrypted:false
          SSDEEP:
          MD5:4AD92AFDE3408FBBE43B0C3C71677650
          SHA1:3488901077F336A3196F9AE116E36DF1674E1ACA
          SHA-256:61258FE04C23AE14FDC99EE846CEA71CC703990CC0F80C3934299646E86C475E
          SHA-512:EB945FA455DEB9D70033DC0A8AA55D1F47AA00214B70AD34D5419A54F9C05B267F96F9785139F452BEE6972376DDF13EE51C681845A2B0818172FB75BA1FD093
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Az alkalmaz\u00e1s jelenleg nem \u00e9rhet\u0151 el."},"craw_connect_to_network":{"message":"K\u00e9rj\u00fck, csatlakozzon egy h\u00e1l\u00f3zathoz."},"app_name":{"message":"Chrome Internetes \u00e1ruh\u00e1z Fizet\u00e9si rendszere"},"app_description":{"message":"Chrome Internetes \u00e1ruh\u00e1z Fizet\u00e9si rendszere"},"iap_unavailable":{"message":"Az alkalmaz\u00e1son bel\u00fcli fizet\u00e9s jelenleg nem \u00e9rhet\u0151 el."},"please_sign_in":{"message":"Jelentkezzen be a Chrome-ba."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\id\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):461
          Entropy (8bit):4.642271834875684
          Encrypted:false
          SSDEEP:
          MD5:9008516AA1D8F8C2B8ECE70B7E4963AD
          SHA1:EA7AD4BE77A80A4B9FB1E59A340010830E494747
          SHA-256:89CAB0AF2B53C6ABEB93C8C628DDCBDD286A7A2672FE03440411BB654E3A0675
          SHA-512:46534829417CAD54310BA90AD4545918A2E934508E0CC3467E367944E52315B1BC6500119214EABD40D641DD167C077935436135AF1C0DB1D1007AE98E6175FC
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Aplikasi tidak tersedia saat ini."},"craw_connect_to_network":{"message":"Sambungkan ke jaringan."},"app_name":{"message":"Pembayaran Chrome Webstore"},"app_description":{"message":"Pembayaran Chrome Webstore"},"iap_unavailable":{"message":"Pembayaran Dalam Aplikasi saat ini tidak tersedia."},"please_sign_in":{"message":"Harap masuk ke Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\it\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):464
          Entropy (8bit):4.701550173628233
          Encrypted:false
          SSDEEP:
          MD5:BB9C32BA62DDA02F9471C64B5F9CF916
          SHA1:9825037D5D9185C58456CDD887C77B10A41D8C84
          SHA-256:43A0B113D3773BA78F82BB9E42DDC46F6892D0FBBB351F94A7C105E4A146E9C1
          SHA-512:4D3DB91A6251F2DD9CBF97D29805A7AC23F49988966E9B686D486B4A8CEBEA33F5502E3891D5231674061127C282C745FB87FDA7467A6172851BF6925506C8CA
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"App al momento non disponibile."},"craw_connect_to_network":{"message":"Collegati a una rete."},"app_name":{"message":"Pagamenti Chrome Web Store"},"app_description":{"message":"Pagamenti Chrome Web Store"},"iap_unavailable":{"message":"La funzione Pagamenti In-App non \u00e8 al momento disponibile."},"please_sign_in":{"message":"Accedi a Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\ja\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):806
          Entropy (8bit):4.671841695172103
          Encrypted:false
          SSDEEP:
          MD5:96C8CBD161D3CE9CB1A46CB2CD0C6583
          SHA1:78BBFCF035B5B620E353C8E520653ADD3F4E7DB8
          SHA-256:81D8F1D9F72B3139BC5D9845BCF82990308FB6175D07514D8238B1E6D5D02E8A
          SHA-512:692468B7B44D961D8248BBC30CC11DE9F3F7E89D01A609E6CB71CAF653D8212C15DFA834C5FB6E8261FD21A25E9616861C0A3FC01DB27CBBE79C3FDE2C6549DD
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"\u30a2\u30d7\u30ea\u306f\u73fe\u5728\u3054\u5229\u7528\u3044\u305f\u3060\u3051\u307e\u305b\u3093\u3002"},"craw_connect_to_network":{"message":"\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306b\u63a5\u7d9a\u3057\u3066\u304f\u3060\u3055\u3044\u3002"},"app_name":{"message":"Chrome \u30a6\u30a7\u30d6\u30b9\u30c8\u30a2\u6c7a\u6e08"},"app_description":{"message":"Chrome \u30a6\u30a7\u30d6\u30b9\u30c8\u30a2\u6c7a\u6e08"},"iap_unavailable":{"message":"\u30a2\u30d7\u30ea\u5185\u30da\u30a4\u30e1\u30f3\u30c8\u306f\u73fe\u5728\u3054\u5229\u7528\u3044\u305f\u3060\u3051\u307e\u305b\u3093\u3002"},"please_sign_in":{"message":"Chrome \u306b\u30ed\u30b0\u30a4\u30f3\u3057\u3066\u304f\u3060\u3055\u3044\u3002"},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\ko\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):656
          Entropy (8bit):4.88216622785951
          Encrypted:false
          SSDEEP:
          MD5:3CAF23A8EA2332D78B725B6C99EC3202
          SHA1:95C3504F55A929449EF2E3AB92014562AACD39AD
          SHA-256:BFE72BBC492B9018A599CB6575366696E431E6A38400E4B2ED06EAE3340D3AE5
          SHA-512:C000FCCB567D3590D4C401005E78C539961455BB13686296EC4FF7018BB0A4DAB2DA96FBDAA33D999C1409B5796932370219B3FF8490B671586DEBD6145519D6
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"\ud604\uc7ac \uc571\uc744 \uc0ac\uc6a9\ud560 \uc218 \uc5c6\uc2b5\ub2c8\ub2e4."},"craw_connect_to_network":{"message":"\ub124\ud2b8\uc6cc\ud06c\uc5d0 \uc5f0\uacb0\ud558\uc138\uc694."},"app_name":{"message":"Chrome \uc6f9 \uc2a4\ud1a0\uc5b4 \uacb0\uc81c"},"app_description":{"message":"Chrome \uc6f9 \uc2a4\ud1a0\uc5b4 \uacb0\uc81c"},"iap_unavailable":{"message":"\ud604\uc7ac \uc778\uc571 \uacb0\uc81c\ub97c \uc0ac\uc6a9\ud560 \uc218 \uc5c6\uc2b5\ub2c8\ub2e4."},"please_sign_in":{"message":"Chrome\uc5d0 \ub85c\uadf8\uc778\ud558\uc138\uc694."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\lt\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):576
          Entropy (8bit):4.846810495221701
          Encrypted:false
          SSDEEP:
          MD5:41F2D63952202E528DBBB683B480F99C
          SHA1:9DD998542DBE6609299D4A5A25364A32FA7D7865
          SHA-256:FF7C083CD1E6134DD8263C634336EB852274BAD1BFAD18762814C42BC65309D8
          SHA-512:7BD2E2D4264C6BD62DF2584F3C1D3A910C5C5A28F4532F1E8F0C2235E93714EDD6074EA24960D4DEB4F9125DA81CA813F06330EFF66FA8DF1552D1DAC686441E
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Programa \u0161iuo metu negalima."},"craw_connect_to_network":{"message":"Prisijunkite prie tinklo."},"app_name":{"message":"\u201eChrome\u201c internetin\u0117s parduotuv\u0117s mok\u0117jimo sistema"},"app_description":{"message":"\u201eChrome\u201c internetin\u0117s parduotuv\u0117s mok\u0117jimo sistema"},"iap_unavailable":{"message":"Mok\u0117jimai programoje \u0161iuo metu negalimi."},"please_sign_in":{"message":"Prisijunkite prie \u201eChrome\u201c."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\lv\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):584
          Entropy (8bit):4.856464171821628
          Encrypted:false
          SSDEEP:
          MD5:1D21ED2D46338636E24401F6E56E326F
          SHA1:24497EDB25724BC4A57823C5CD06F50DB9647DD4
          SHA-256:434A375C32B8A21C435511C551F740FD4D170EC528A8F4EFC3D798EA4A07B606
          SHA-512:10A870718CC6281EE09DE01900D303B06589D9281C5849D6105C6FCF58BFFA3855F29C6ECA3689FFE6EF304BABCF41C5700EE2D8AFE711D57CB711194366FA6A
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Lietotne pagaid\u0101m nav pieejama."},"craw_connect_to_network":{"message":"L\u016bdzu, izveidojiet savienojumu ar t\u012bklu."},"app_name":{"message":"Chrome interneta veikala maks\u0101jumu sist\u0113ma"},"app_description":{"message":"Chrome interneta veikala maks\u0101jumu sist\u0113ma"},"iap_unavailable":{"message":"Maks\u0101jumi lietotn\u0113s pa\u0161laik nav pieejami."},"please_sign_in":{"message":"L\u016bdzu, pierakstieties p\u0101rl\u016bk\u0101 Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\nb\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):501
          Entropy (8bit):4.804937629013952
          Encrypted:false
          SSDEEP:
          MD5:8F0168B9A546D5A99FD8A262C975C80E
          SHA1:B0718071BD0B7251D4459E9C87DF50C14622FBD6
          SHA-256:F03FA7384DF79EBA6E0274D570996030F595A3BF6B781929DD9DB6593262E41F
          SHA-512:A1191CDC496DDD7470BDCFAF186BB9488767159E0CA6A6242D195FA3351704DC8F8BBD03DBEE57D37BBD897C9E8D14B7325FB37D58AC80DEC0F972FF893758B8
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Appen er utilgjengelig for \u00f8yeblikket."},"craw_connect_to_network":{"message":"Du m\u00e5 koble til et nettverk."},"app_name":{"message":"Chrome Nettmarked-betalinger"},"app_description":{"message":"Chrome Nettmarked-betalinger"},"iap_unavailable":{"message":"Betaling i app er ikke tilgjengelig for \u00f8yeblikket."},"please_sign_in":{"message":"Du m\u00e5 logge p\u00e5 Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\nl\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):472
          Entropy (8bit):4.651254944398292
          Encrypted:false
          SSDEEP:
          MD5:E7F74DCE7B6411E4E0D95E9252CF74FA
          SHA1:33CC6C73C5F8D0144C0260C2E5A9BD0DB3EF6477
          SHA-256:3564AEF46C01602B19CC29FD8A79676C543427EDE98206D0C91B33AF0CCF3977
          SHA-512:B0987002F8BC4F0B0AC41A87E90BA729464BF2F34D1CC413DD3837019F5F37FD46EB9E9FDABB97F5BDCB50768ABF808AF6E7C531CD7BCA477C71990D2F13335B
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"App momenteel niet beschikbaar."},"craw_connect_to_network":{"message":"Maak verbinding met een netwerk."},"app_name":{"message":"Betalingen via Chrome Web Store"},"app_description":{"message":"Betalingen via Chrome Web Store"},"iap_unavailable":{"message":"In-app-betalingen is momenteel niet beschikbaar."},"please_sign_in":{"message":"Log in bij Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\pl\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):549
          Entropy (8bit):4.978056737225237
          Encrypted:false
          SSDEEP:
          MD5:E16649D87E4CA6462192CF78EBE543EC
          SHA1:53097D592B13F3C1370366B25024EA72208B136A
          SHA-256:EB435F7460A63576CA1ECB51948E7A3AD5168D2F175AE2B5836D469672923D84
          SHA-512:6EC702CEC6E312CAC6F33109A57F7D83A3F073F2F9A9BD42DB0F91A36F87D800EEB978C69023B6A0E00B86ECE3E1024C269F89D038F0926619F40D075F6689DD
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Aplikacja jest obecnie niedost\u0119pna."},"craw_connect_to_network":{"message":"Po\u0142\u0105cz si\u0119 z sieci\u0105."},"app_name":{"message":"P\u0142atno\u015bci w sklepie Chrome Web Store"},"app_description":{"message":"P\u0142atno\u015bci w sklepie Chrome Web Store"},"iap_unavailable":{"message":"P\u0142atno\u015bci w ramach aplikacji s\u0105 teraz niedost\u0119pne."},"please_sign_in":{"message":"Zaloguj si\u0119 w Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\pt_BR\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):513
          Entropy (8bit):4.734605177119403
          Encrypted:false
          SSDEEP:
          MD5:1F4BC8A5EFD59D61127ABEECD4B6CAE3
          SHA1:8647B4D2D643AE4F784ABDDC50D87A39AD02971A
          SHA-256:E1950CBBF056F068EA56160DDB318F3E6232BFBBE096D221C7CA6FCAACE2A8B9
          SHA-512:B58A95BBBC0A16B06826684198B481D2E15A7C760956721C3B538C62C902873A7856F328506457EE66311E45D7A16A4AAAC85B12853AA7EF09780189D28EB3DE
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Aplicativo indispon\u00edvel no momento."},"craw_connect_to_network":{"message":"Conecte-se a uma rede."},"app_name":{"message":"Pagamentos da Chrome Web Store"},"app_description":{"message":"Pagamentos da Chrome Web Store"},"iap_unavailable":{"message":"No momento, os Pagamentos no aplicativo n\u00e3o est\u00e3o dispon\u00edveis."},"please_sign_in":{"message":"Fa\u00e7a login no Google Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\pt_PT\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):503
          Entropy (8bit):4.742240430473613
          Encrypted:false
          SSDEEP:
          MD5:D80ECE7E4B3741CD9CD29B89D006B864
          SHA1:8F0D587B78E36861ED00524ABF886FA20E14CAE4
          SHA-256:C8FF9ACAEA1D3B6F8483339CB40F66BC563CCA8DD87F2337F813C492B20F451B
          SHA-512:8A53D9618BBD1A62CD48501E5620932631C1B045612082D99429628D2BF4409AEE3FA695107E82037B5CB332111C456CF3A74235C66B61380CF1E382914F1088
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"Aplica\u00e7\u00e3o atualmente indispon\u00edvel."},"craw_connect_to_network":{"message":"Ligue-se a uma rede."},"app_name":{"message":"Pagamentos via Chrome Web Store"},"app_description":{"message":"Pagamentos via Chrome Web Store"},"iap_unavailable":{"message":"Os Pagamentos na app est\u00e3o atualmente indispon\u00edveis."},"please_sign_in":{"message":"Inicie sess\u00e3o no Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\ro\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text, with very long lines
          Category:dropped
          Size (bytes):554
          Entropy (8bit):4.8596885592394505
          Encrypted:false
          SSDEEP:
          MD5:D63E66B94A4EA2085D80E76209582FB1
          SHA1:4ECAC3EB64DD6253310A0776E6D42257FC290D77
          SHA-256:91A5AAD210C3E0241106E8821B3897EDEFEC9D85033C94DB2324FF3A5FDE5AC7
          SHA-512:09AC34CF286FD0730EED4F6DB3E2FD00A026D0F42DCC75AE49B045DDAD38DFA38B0FB7823ECAC8B0A9BC2A89F4EAF4BCE081779F2ECDF6CC39286045577DC5C9
          Malicious:false
          Reputation:low
          Preview:{"craw_app_unavailable":{"message":"\u00cen prezent, aplica\u021bia nu este disponibil\u0103."},"craw_connect_to_network":{"message":"Conecteaz\u0103-te la o re\u021bea."},"app_name":{"message":"Pl\u0103\u021bi prin Magazinul web Chrome"},"app_description":{"message":"Pl\u0103\u021bi prin Magazinul web Chrome"},"iap_unavailable":{"message":"Pl\u0103\u021bile \u00een aplica\u021bie nu sunt disponibile momentan."},"please_sign_in":{"message":"Conecteaz\u0103-te la Chrome."},"jwt_retrieve_failed":{"message":"The transaction could not be completed."}}.

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\ru\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:UTF-8 Unicode text, with CRLF line terminators
          Category:dropped
          Size (bytes):744
          Entropy (8bit):4.918620852166656
          Encrypted:false
          SSDEEP:
          MD5:DB2EDF1465946C06BD95C71A1E13AE64
          SHA1:FB4F3ECE9ECECEBBC6CA2A592A15FB9C1FDFB811
          SHA-256:FBAF22CE6E16DE174CED8CB5EA3098CCA1C3426A2111FF33BD3E64DA64ED67AB
          SHA-512:4E0CF00BAEF1757548DEB17BBE1AF55770A0A0F7351779EF55C7DEFA6D112D0227B8865C2C22E0EC62E6E2F1C8E1632A2D0CE6828D25C5ABBF143C990116F632
          Malicious:false
          Reputation:low
          Preview:{.. "app_description": {.. "message": "......... ....... ........-........ Chrome".. },.. "app_name": {.. "message": "......... ....... ........-........ Chrome".. },.. "craw_app_unavailable": {.. "message": ".......... ...........".. },.. "craw_connect_to_network": {.. "message": "............ . .....".. },.. "iap_unavailable": {.. "message": "....... ..... .......... ...........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "....... . Chrome.".. }..}..

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\sk\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:UTF-8 Unicode text, with CRLF line terminators
          Category:dropped
          Size (bytes):647
          Entropy (8bit):4.640777810668463
          Encrypted:false
          SSDEEP:
          MD5:8DF215D1EFBDABB175CCDD68ED8DCB0A
          SHA1:2B374462137A38589A73FDD00A84CBDC7E50F9F4
          SHA-256:7FA16AF97E6CFC52EC6008EB679D3F30E7E0C24F9EF2D18A9228EAF4DED9D63B
          SHA-512:C0E623343BDAEB4731800D183B59F2FCFE285F0C7153EC99641FD84F2F2DCFE47D21E73F3D28B1240340453C5668EB0AFFBE087AAB62F1C88CD2A40CC44E599D
          Malicious:false
          Reputation:low
          Preview:{.. "app_description": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "app_name": {.. "message": "Platby Internetov.ho obchodu Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplik.cia moment.lne nie je dostupn..".. },.. "craw_connect_to_network": {.. "message": "Pripojte sa k sieti.".. },.. "iap_unavailable": {.. "message": "Platby v aplik.cii moment.lne nie s. k dispoz.cii.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prihl.ste sa do prehliada.a Chrome.".. }..}..

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\sl\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:UTF-8 Unicode text, with CRLF line terminators
          Category:dropped
          Size (bytes):617
          Entropy (8bit):4.5101656584816885
          Encrypted:false
          SSDEEP:
          MD5:3943FA2A647AECEDFD685408B27139EE
          SHA1:0129DD19D28373359530B3B477FE8A9279DABB7D
          SHA-256:18AFF072EE0DF7C3495045435C752A805606E6D5D462EF2321C443F1773F4B3A
          SHA-512:42E62B3855611FF2E1D39C11404CB1A09825EE4CA6A8ACB3FF538B4574388F549E3BD79137DD4DC128A8DC44DD270D7D878E4AAD20DA8250A5C25297B0DEC09D
          Malicious:false
          Reputation:low
          Preview:{.. "app_description": {.. "message": "Pla.ila v spletni trgovini Chrome".. },.. "app_name": {.. "message": "Pla.ila v spletni trgovini Chrome".. },.. "craw_app_unavailable": {.. "message": "Aplikacija trenutno ni na voljo.".. },.. "craw_connect_to_network": {.. "message": "Pove.ite se z omre.jem.".. },.. "iap_unavailable": {.. "message": "Pla.ila v aplikacijah trenutno niso na voljo.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Prijavite se v Chrome.".. }..}..

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\sr\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:UTF-8 Unicode text, with CRLF line terminators
          Category:dropped
          Size (bytes):743
          Entropy (8bit):4.913927107235852
          Encrypted:false
          SSDEEP:
          MD5:D485DF17F085B6A37125694F85646FD0
          SHA1:24D51D8642CDC6EFD5D8D7A4430232D8CDE25108
          SHA-256:7FFDE34C58E7C376C042DE64DEF6481DAE32BE8B70F0B18EDF536290CBE0C818
          SHA-512:0DDECFD860E99290B6C3AAA04F510272AE081CF2D93ED5832D9D6378EC9D36177FFBE213471247FB94721EA34A83E7665669200047091D0FDE134E3D763217E7
          Malicious:false
          Reputation:low
          Preview:{.. "app_description": {.. "message": "....... . Chrome ...-..........".. },.. "app_name": {.. "message": "....... . Chrome ...-..........".. },.. "craw_app_unavailable": {.. "message": ".......... .. ........ ...........".. },.. "craw_connect_to_network": {.. "message": "........ .. .......".. },.. "iap_unavailable": {.. "message": "....... . .......... .. ........ ...........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "......... .. . Chrome.".. }..}..

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\sv\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:UTF-8 Unicode text, with CRLF line terminators
          Category:dropped
          Size (bytes):630
          Entropy (8bit):4.52964089437422
          Encrypted:false
          SSDEEP:
          MD5:D372B8204EB743E16F45C7CBD3CAAF37
          SHA1:C96C57219D292B01016B37DCF82E7C79AD0DD1E8
          SHA-256:B8BA77E0089B0676545EC16D32468B727812B444F90B33A7A5B748E6C36C4388
          SHA-512:33640529E0D5DCC5CA4BDB0615A2818E8D26C6FCB7B3474C08AC3EB67B9DB40E1F0A79954ED20728CD47A686D2533DCBC76ABCBDB917F8530C8DE8BBA687352E
          Malicious:false
          Reputation:low
          Preview:{.. "app_description": {.. "message": "Betalning via Chrome Web Store".. },.. "app_name": {.. "message": "Betalning via Chrome Web Store".. },.. "craw_app_unavailable": {.. "message": "Appen .r inte tillg.nglig f.r tillf.llet.".. },.. "craw_connect_to_network": {.. "message": "Anslut till ett n.tverk.".. },.. "iap_unavailable": {.. "message": "Betalning i appen .r inte tillg.ngligt f.r n.rvarande.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Logga in i Chrome.".. }..}..

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\th\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:UTF-8 Unicode text, with CRLF line terminators
          Category:dropped
          Size (bytes):945
          Entropy (8bit):4.801079428724355
          Encrypted:false
          SSDEEP:
          MD5:83E2D1E97791A4B2C5C69926EFB629C9
          SHA1:429600425CB0F196DDD717F940E94DBD8BFF2837
          SHA-256:2FECA577F43D97BAEEA464741D585892103585208FD0A935B810A03BDCE83C88
          SHA-512:60A5928DAA8CB4341487F477C56B5A98B83EDE50E5F4F55A802E01FDDAB86F3E795D391953D3D9214552D14D3F58C5A183693C613720FC12FC387D7B8F9B9AB6
          Malicious:false
          Reputation:low
          Preview:{.. "app_description": {.. "message": "............... Chrome .........".. },.. "app_name": {.. "message": "............... Chrome .........".. },.. "craw_app_unavailable": {.. "message": ".............................".. },.. "craw_connect_to_network": {.. "message": ".........................".. },.. "iap_unavailable": {.. "message": "...............................................".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "................. Chrome".. }..}..

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\tr\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:UTF-8 Unicode text, with CRLF line terminators
          Category:dropped
          Size (bytes):631
          Entropy (8bit):4.710869622361971
          Encrypted:false
          SSDEEP:
          MD5:2CEAE0567B6BB1D240BBAD690A98CA3B
          SHA1:5944346FBD4A0797B13223895995CAB58E9ECD23
          SHA-256:A7CB86F30C9C31FE5540282C308BA96ADB4EC16EF98C87129EB88105E5BEF5FC
          SHA-512:108A07C6D03D7178E8D0FFEF5349E0249A898D864964FED8757BD8A08BC1C6D9613F2A6C01AA34A6606127D1C6CE14C229FA02586677DBB060B85E3E845950E1
          Malicious:false
          Reputation:low
          Preview:{.. "app_description": {.. "message": "Chrome Web Ma.azas. .demeleri".. },.. "app_name": {.. "message": "Chrome Web Ma.azas. .demeleri".. },.. "craw_app_unavailable": {.. "message": "Uygulama .u anda kullan.lam.yor.".. },.. "craw_connect_to_network": {.. "message": "L.tfen bir a.a ba.lan.n.".. },.. "iap_unavailable": {.. "message": "Uygulama ..i .demeler .u anda kullan.lamaz.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "L.tfen Chrome'da oturum a..n.".. }..}..

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\uk\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:UTF-8 Unicode text, with CRLF line terminators
          Category:dropped
          Size (bytes):720
          Entropy (8bit):4.977397623063544
          Encrypted:false
          SSDEEP:
          MD5:AB0B56120E6B38C42CC3612BE948EF50
          SHA1:8B3F520E5713D9F116D68E71DAEED1F6E8D74629
          SHA-256:68ABA284751EB9C856032062EF9B1651E2A1E5CE5FDA0977FFC97D63BA7BED9E
          SHA-512:CD852A58217F739C1CD58567FF432D31A7AD3F68C884ABBA1DA95799BCD1545C6A5D3B06F319681C12B78AD0A709828DE4B22736316F148D21F5DB76A5BCCBEF
          Malicious:false
          Reputation:low
          Preview:{.. "app_description": {.. "message": "....... ...-........ Chrome".. },.. "app_name": {.. "message": "....... ...-........ Chrome".. },.. "craw_app_unavailable": {.. "message": "........ ......... ...........".. },.. "craw_connect_to_network": {.. "message": "............. .. .......".. },.. "iap_unavailable": {.. "message": "....... ..... ........ ..... .. .........".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "........ . Chrome.".. }..}..

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\vi\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:UTF-8 Unicode text, with CRLF line terminators
          Category:dropped
          Size (bytes):695
          Entropy (8bit):4.855375139026009
          Encrypted:false
          SSDEEP:
          MD5:7EBB677FEAD8557D3676505225A7249A
          SHA1:F161B4B6001AEAEAB246FF8987F4D992B48D47BE
          SHA-256:051F96ED874C11C4A13589B5F68964E4F5B03B52DDA223D56524F2CA23760C04
          SHA-512:74FD267CF7E299FB8E7054605C3F651F057F676FF865082FA24F4916755456768DB0DA62DBC515D829B48AB1F9CFC8AD3E841DCBF1F194D5CB14C5335A192A0D
          Malicious:false
          Reputation:low
          Preview:{.. "app_description": {.. "message": "Thanh to.n tr.n c.a h.ng Chrome tr.c tuy.n".. },.. "app_name": {.. "message": "Thanh to.n tr.n c.a h.ng Chrome tr.c tuy.n".. },.. "craw_app_unavailable": {.. "message": ".ng d.ng hi.n kh.ng kh. d.ng.".. },.. "craw_connect_to_network": {.. "message": "Vui l.ng k.t n.i v.i m.ng.".. },.. "iap_unavailable": {.. "message": "Thanh to.n trong .ng d.ng hi.n kh.ng kh. d.ng.".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "Vui l.ng ..ng nh.p v.o Chrome.".. }..}..

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\zh_CN\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:UTF-8 Unicode text, with CRLF line terminators
          Category:dropped
          Size (bytes):595
          Entropy (8bit):5.210259193489374
          Encrypted:false
          SSDEEP:
          MD5:BB73BF561BB79F89D9BF7C67C5AE5C65
          SHA1:2FADD3A1959B29C44830033A35C637D0311A8C9C
          SHA-256:D804F2A040D21D7511EFD5213D8E1721D64964A1A0DBB48E21622CEEDC9D967E
          SHA-512:627D44CEF1FE5C5ABD598BD47FF5E22B9EFC1CF98DDE3868FA9E5896C134A0C9C055AC34EDDADAE56B6690E51AEA89965D38F770552A85C732CC796795DC68D2
          Malicious:false
          Reputation:low
          Preview:{.. "app_description": {.. "message": "Chrome .........".. },.. "app_name": {.. "message": "Chrome .........".. },.. "craw_app_unavailable": {.. "message": ".........".. },.. "craw_connect_to_network": {.. "message": ".......".. },.. "iap_unavailable": {.. "message": "............".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "... Chrome.".. }..}..

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\_locales\zh_TW\messages.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:UTF-8 Unicode text, with CRLF line terminators
          Category:modified
          Size (bytes):634
          Entropy (8bit):5.386215984611281
          Encrypted:false
          SSDEEP:
          MD5:5FF50C673CC0C661D615F0CFD0E6DCA0
          SHA1:60DFF98DEAB9C4746B288BDD9C94B3BCAE5EAA85
          SHA-256:C6F8C640F3353A7B9B1432A0C139C1AEEC40133800E6C9B467B63991AD660308
          SHA-512:361D62D91F4931C5F34092C9F2C6A5323D5EEB82A24E7ABE11F7817D8D66341C0ECAD4DCB4B10873920C8D6A3CC9F5704889E178EB2549001A9F62BEDF6C8019
          Malicious:false
          Reputation:low
          Preview:{.. "app_description": {.. "message": "Chrome ............".. },.. "app_name": {.. "message": "Chrome ............".. },.. "craw_app_unavailable": {.. "message": ".............".. },.. "craw_connect_to_network": {.. "message": "......".. },.. "iap_unavailable": {.. "message": "................".. },.. "jwt_retrieve_failed": {.. "message": "The transaction could not be completed.".. },.. "please_sign_in": {.. "message": "... Chrome.".. }..}..

          C:\Users\alfredo\AppData\Local\Temp\scoped_dir7704_1451311960\CRX_INSTALL\manifest.json

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:ASCII text
          Category:dropped
          Size (bytes):1098
          Entropy (8bit):4.919185521409901
          Encrypted:false
          SSDEEP:
          MD5:6CA25F3EF585B63F01BCDF8635120704
          SHA1:00C063811E31EA5F9A00F175A71EA25E7821F621
          SHA-256:49D9DE983F7436BA786E6E04A5A20C10F41687AE06B266B1B6553F696719563D
          SHA-512:566BFD9BADBD8951EE52E5911EB68B51E86286989096D32DE6E32A2523761B0E0AFCA251EF3BEA36B5D51FB8354A5FCA567772A02C3F3B9D8DFE529609FA0430
          Malicious:false
          Reputation:low
          Preview:{."update_url": "https://clients2.google.com/service/update2/crx",.. "name": "__MSG_APP_NAME__",. "description": "__MSG_APP_DESCRIPTION__",. "manifest_version": 2,. "version": "1.0.0.6",. "minimum_chrome_version": "29",. "default_locale": "en",. "app": {. "background": {. "scripts": [. "craw_background.js". ]. }. },. "permissions": [. "identity",. "webview",. "https://www.google.com/",. "https://www.googleapis.com/*",. "https://payments.google.com/payments/v4/js/integrator.js",. "https://sandbox.google.com/payments/v4/js/integrator.js". ],. "oauth2": {. "auto_approve": true,. "scopes": [. "https://www.googleapis.com/auth/sierra",. "https://www.googleapis.com/auth/sierrasandbox",. "https://www.googleapis.com/auth/chromewebstore",. "https://www.googleapis.com/auth/chromewebstore.readonly". ],. "client_id": "203784468217.apps.googleusercontent.com". },. "icons": {. "16": "images/icon_16.png",. "128

          C:\Users\alfredo\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

          Download File
          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
          File Type:Little-endian UTF-16 Unicode text, with no line terminators
          Category:dropped
          Size (bytes):2
          Entropy (8bit):1.0
          Encrypted:false
          SSDEEP:
          MD5:F3B25701FE362EC84616A93A45CE9998
          SHA1:D62636D8CAEC13F04E28442A0A6FA1AFEB024BBB
          SHA-256:B3D510EF04275CA8E698E5B3CBB0ECE3949EF9252F0CDC839E9EE347409A2209
          SHA-512:98C5F56F3DE340690C139E58EB7DAC111979F0D4DFFE9C4B24FF849510F4B6FFA9FD608C0A3DE9AC3C9FD2190F0EFAF715309061490F9755A9BFDF1C54CA0D84
          Malicious:false
          Reputation:low
          Preview:..

          Static File Info

          No static file info