Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
Ihr angestellter sch#U00f6dl und dessen straftaten.pdf

Overview

General Information

Sample Name:Ihr angestellter sch#U00f6dl und dessen straftaten.pdf
Original Sample Name:Ihr angestellter schdl und dessen straftaten.pdf
Analysis ID:1327312
MD5:71448b5e4c58d53e5e84caf32a1fc725
SHA1:185f04618f5b3f69bd8fc1a21ffa6bbd93c0595f
SHA256:1f496b6deb826a2bf59cb98d2267bf7977234d0798ce27fc1c895e6965de6f9e

Detection

Score:3
Range:0 - 100
Whitelisted:false
Confidence:20%

Signatures

Queries the volume information (name, serial number etc) of a device
Tries to load missing DLLs
Deletes files inside the Windows folder
Creates files inside the system directory
Stores files to the Windows start menu directory
Checks for available system drives (often done to infect USB drives)
Uses insecure TLS / SSL version for HTTPS connection

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Analysis Advice

Sample is looking for USB drives. Launch the sample with the USB Fake Disk cookbook
No malicious behavior found, analyze the document also on other version of Office / Acrobat
Sample tries to load a library which is not present or installed on the analysis machine, adding the library might reveal more behavior
Uses HTTPS for network communication, use the 'Proxy HTTPS (port 443) to read its encrypted data' cookbook for further analysis

Process Tree

  • System is w10x64_ra
  • Acrobat.exe (PID: 6568 cmdline: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Ihr angestellter sch#U00f6dl und dessen straftaten.pdf MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)
    • AcroCEF.exe (PID: 6760 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
      • AcroCEF.exe (PID: 7068 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2108 --field-trial-handle=1540,i,6613218752519948160,8584042387313899053,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
    • chrome.exe (PID: 6156 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://web.de/ MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
      • chrome.exe (PID: 6060 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1724 --field-trial-handle=2020,i,15135919961778147070,12108555729555919385,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • chrome.exe (PID: 1228 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
    • chrome.exe (PID: 872 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 --field-trial-handle=2032,i,18271736419816815582,15142729278561171641,262144 /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

  • Compliance
  • Spreading
  • Software Vulnerabilities
  • Networking
  • System Summary
  • Boot Survival
  • Hooking and other Techniques for Hiding and Protection
  • Malware Analysis System Evasion
  • Language, Device and Operating System Detection

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknownHTTPS traffic detected: 173.222.162.58:443 -> 192.168.2.17:49756 version: TLS 1.0
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.17:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.67.144.177:443 -> 192.168.2.17:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 173.222.162.58:443 -> 192.168.2.17:49720 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.17:49767 version: TLS 1.2
Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.17:49808 version: TLS 1.2
Source: unknownHTTPS traffic detected: 173.222.162.58:443 -> 192.168.2.17:49817 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.237.254:443 -> 192.168.2.17:49819 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.219.13.99:443 -> 192.168.2.17:49821 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.62.132:443 -> 192.168.2.17:49823 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49824 version: TLS 1.2
Source: unknownHTTPS traffic detected: 173.222.162.16:443 -> 192.168.2.17:49825 version: TLS 1.2
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: z:
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: x:
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: v:
Source: C:\Windows\System32\msiexec.exeFile opened: t:
Source: C:\Windows\System32\msiexec.exeFile opened: r:
Source: C:\Windows\System32\msiexec.exeFile opened: p:
Source: C:\Windows\System32\msiexec.exeFile opened: n:
Source: C:\Windows\System32\msiexec.exeFile opened: l:
Source: C:\Windows\System32\msiexec.exeFile opened: j:
Source: C:\Windows\System32\msiexec.exeFile opened: h:
Source: C:\Windows\System32\msiexec.exeFile opened: f:
Source: C:\Windows\System32\msiexec.exeFile opened: b:
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: y:
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: w:
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: u:
Source: C:\Windows\System32\msiexec.exeFile opened: s:
Source: C:\Windows\System32\msiexec.exeFile opened: q:
Source: C:\Windows\System32\msiexec.exeFile opened: o:
Source: C:\Windows\System32\msiexec.exeFile opened: m:
Source: C:\Windows\System32\msiexec.exeFile opened: k:
Source: C:\Windows\System32\msiexec.exeFile opened: i:
Source: C:\Windows\System32\msiexec.exeFile opened: g:
Source: C:\Windows\System32\msiexec.exeFile opened: e:
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile opened: c:
Source: C:\Windows\System32\msiexec.exeFile opened: a:
Source: chrome.exeMemory has grown: Private usage: 6MB later: 28MB
Source: unknownHTTPS traffic detected: 173.222.162.58:443 -> 192.168.2.17:49756 version: TLS 1.0
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49696
Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49684
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49683 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 49696 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49684 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.84
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.67.144.177
Source: unknownTCP traffic detected without corresponding DNS query: 13.67.144.177
Source: unknownTCP traffic detected without corresponding DNS query: 13.67.144.177
Source: unknownTCP traffic detected without corresponding DNS query: 13.67.144.177
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknownTCP traffic detected without corresponding DNS query: 13.67.144.177
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.84
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.84
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknownTCP traffic detected without corresponding DNS query: 209.197.3.8
Source: unknownTCP traffic detected without corresponding DNS query: 104.101.135.98
Source: unknownTCP traffic detected without corresponding DNS query: 23.48.217.75
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknownTCP traffic detected without corresponding DNS query: 13.67.144.177
Source: unknownTCP traffic detected without corresponding DNS query: 13.67.144.177
Source: unknownTCP traffic detected without corresponding DNS query: 13.67.144.177
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.58
Source: unknownDNS traffic detected: queries for: clients2.google.com
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.17:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.67.144.177:443 -> 192.168.2.17:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 173.222.162.58:443 -> 192.168.2.17:49720 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.17:49767 version: TLS 1.2
Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.17:49808 version: TLS 1.2
Source: unknownHTTPS traffic detected: 173.222.162.58:443 -> 192.168.2.17:49817 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.237.254:443 -> 192.168.2.17:49819 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.219.13.99:443 -> 192.168.2.17:49821 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.62.132:443 -> 192.168.2.17:49823 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.5.88:443 -> 192.168.2.17:49824 version: TLS 1.2
Source: unknownHTTPS traffic detected: 173.222.162.16:443 -> 192.168.2.17:49825 version: TLS 1.2
Source: C:\Windows\System32\msiexec.exeSection loaded: sfc.dll
Source: C:\Windows\System32\msiexec.exeSection loaded: tsappcmp.dll
Source: C:\Windows\System32\msiexec.exeSection loaded: sfc.dll
Source: C:\Windows\System32\msiexec.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\msiexec.exeFile deleted: C:\Windows\Installer\MSI549A.tmp
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSI549A.tmp
Source: Ihr angestellter sch#U00f6dl und dessen straftaten.pdfInitial sample: http://web.de/
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA
Source: unknownProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Ihr angestellter sch#U00f6dl und dessen straftaten.pdf
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2108 --field-trial-handle=1540,i,6613218752519948160,8584042387313899053,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: unknownProcess created: C:\Windows\System32\msiexec.exe C:\Windows\system32\msiexec.exe /V
Source: C:\Windows\System32\msiexec.exeProcess created: C:\Windows\System32\msiexec.exe C:\Windows\System32\MsiExec.exe -Embedding 427EFB58F24E2DF4BB2A716B1857C228
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2108 --field-trial-handle=1540,i,6613218752519948160,8584042387313899053,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Windows\System32\msiexec.exeProcess created: C:\Windows\System32\msiexec.exe C:\Windows\System32\MsiExec.exe -Embedding 427EFB58F24E2DF4BB2A716B1857C228
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 --field-trial-handle=2032,i,18271736419816815582,15142729278561171641,262144 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 --field-trial-handle=2032,i,18271736419816815582,15142729278561171641,262144 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://web.de/
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1724 --field-trial-handle=2020,i,15135919961778147070,12108555729555919385,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1724 --field-trial-handle=2020,i,15135919961778147070,12108555729555919385,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://web.de/
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2023-10-17 15-43-44-099.log
Source: classification engineClassification label: clean3.winPDF@55/159@30/187
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: Ihr angestellter sch#U00f6dl und dessen straftaten.pdfInitial sample: PDF keyword /JS count = 0
Source: Ihr angestellter sch#U00f6dl und dessen straftaten.pdfInitial sample: PDF keyword /JavaScript count = 0
Source: Ihr angestellter sch#U00f6dl und dessen straftaten.pdfInitial sample: PDF keyword /EmbeddedFile count = 0
Source: Ihr angestellter sch#U00f6dl und dessen straftaten.pdfInitial sample: PDF keyword stream count = 36
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exeProcess information queried: ProcessInformation
Source: C:\Windows\System32\msiexec.exeFile Volume queried: C:\ FullSizeInformation
Source: C:\Windows\System32\msiexec.exeFile Volume queried: unknown FullSizeInformation
Source: C:\Windows\System32\msiexec.exeQueries volume information: C:\ VolumeInformation

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
1
Spearphishing Link		Windows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		11
Masquerading		OS Credential Dumping1
Process Discovery		1
Replication Through Removable Media		Data from Local SystemExfiltration Over Other Network Medium2
Encrypted Channel		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
1
Replication Through Removable Media		Scheduled Task/Job1
DLL Side-Loading		1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS Memory11
Peripheral Device Discovery		Remote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth1
Non-Application Layer Protocol		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)1
DLL Side-Loading		1
DLL Side-Loading		Security Account Manager12
System Information Discovery		SMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration2
Application Layer Protocol		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Local AccountsAt (Windows)Logon Script (Mac)1
Extra Window Memory Injection		1
File Deletion		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureScheduled TransferProtocol ImpersonationSIM Card SwapCarrier Billing Fraud
Cloud AccountsCronNetwork Logon ScriptNetwork Logon Script1
Extra Window Memory Injection		LSA SecretsRemote System DiscoverySSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

No bigger version
No bigger version
No bigger version
No bigger version
No bigger version
No bigger version
No bigger version
No bigger version
No bigger version
No bigger version
No bigger version

windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
tgw.web.de
217.72.199.35
truefalse
    		high
    wa.web.de
    		82.165.229.39
    		truefalse
      		high
      accounts.google.com
      		142.250.188.237
      		truefalse
        		high
        einwilligungsspeicher.ha-cdn.de
        		195.20.250.8
        		truefalse
          		unknown
          nct.ui-portal.de
          		82.165.229.54
          		truefalse
            		high
            poma-ingress-tr2-tls-traefik-bs-bap.g-ha-1und1.de
            		217.72.199.28
            		truefalse
              		unknown
              www.google.com
              		172.217.12.132
              		truefalse
                		high
                clients.l.google.com
                		142.250.217.142
                		truefalse
                  		high
                  plus.g-ha-web.de
                  		195.20.250.110
                  		truefalse
                    		unknown
                    clients1.google.com
                    		unknown
                    		unknownfalse
                      		high
                      einwilligungsspeicher.netid.de
                      		unknown
                      		unknownfalse
                        		unknown
                        dl.web.de
                        		unknown
                        		unknownfalse
                          		high
                          epimetheus.navigator.web.de
                          		unknown
                          		unknownfalse
                            		high
                            plus.web.de
                            		unknown
                            		unknownfalse
                              		high
                              js.ui-portal.de
                              		unknown
                              		unknownfalse
                                		high
                                clients2.google.com
                                		unknown
                                		unknownfalse
                                  		high
                                  s.uicdn.com
                                  		unknown
                                  		unknownfalse
                                    		high
                                    img.ui-portal.de
                                    		unknown
                                    		unknownfalse
                                      		high
                                      i0.web.de
                                      		unknown
                                      		unknownfalse
                                        		high

                                        World Map of Contacted IPs

                                        • No. of IPs < 25%
                                        • 25% < No. of IPs < 50%
                                        • 50% < No. of IPs < 75%
                                        • 75% < No. of IPs

                                        Public IPs

                                        IPDomainCountryFlagASNASN NameMalicious
                                        142.250.68.110
                                        		unknownUnited States
                                        		15169GOOGLEUSfalse
                                        1.1.1.1
                                        		unknownAustralia
                                        		13335CLOUDFLARENETUSfalse
                                        195.20.250.8
                                        		einwilligungsspeicher.ha-cdn.deGermany
                                        		8560ONEANDONE-ASBrauerstrasse48DEfalse
                                        195.20.250.110
                                        		plus.g-ha-web.deGermany
                                        		8560ONEANDONE-ASBrauerstrasse48DEfalse
                                        96.7.140.134
                                        		unknownUnited States
                                        		21342AKAMAI-ASN2EUfalse
                                        172.217.12.138
                                        		unknownUnited States
                                        		15169GOOGLEUSfalse
                                        217.72.199.35
                                        		tgw.web.deGermany
                                        		8560ONEANDONE-ASBrauerstrasse48DEfalse
                                        96.7.140.164
                                        		unknownUnited States
                                        		21342AKAMAI-ASN2EUfalse
                                        142.250.68.42
                                        		unknownUnited States
                                        		15169GOOGLEUSfalse
                                        142.250.189.3
                                        		unknownUnited States
                                        		15169GOOGLEUSfalse
                                        50.16.47.176
                                        		unknownUnited States
                                        		14618AMAZON-AESUSfalse
                                        82.165.229.39
                                        		wa.web.deGermany
                                        		8560ONEANDONE-ASBrauerstrasse48DEfalse
                                        142.250.217.142
                                        		clients.l.google.comUnited States
                                        		15169GOOGLEUSfalse
                                        142.250.217.131
                                        		unknownUnited States
                                        		15169GOOGLEUSfalse
                                        172.217.12.132
                                        		www.google.comUnited States
                                        		15169GOOGLEUSfalse
                                        239.255.255.250
                                        		unknownReserved
                                        		unknownunknownfalse
                                        104.85.244.222
                                        		unknownUnited States
                                        		16625AKAMAI-ASUSfalse
                                        217.72.199.28
                                        		poma-ingress-tr2-tls-traefik-bs-bap.g-ha-1und1.deGermany
                                        		8560ONEANDONE-ASBrauerstrasse48DEfalse
                                        82.165.229.54
                                        		nct.ui-portal.deGermany
                                        		8560ONEANDONE-ASBrauerstrasse48DEfalse
                                        142.250.188.237
                                        		accounts.google.comUnited States
                                        		15169GOOGLEUSfalse
                                        172.64.41.3
                                        		unknownUnited States
                                        		13335CLOUDFLARENETUSfalse
                                        82.165.229.83
                                        		unknownGermany
                                        		8560ONEANDONE-ASBrauerstrasse48DEfalse
                                        142.250.188.227
                                        		unknownUnited States
                                        		15169GOOGLEUSfalse

                                        Private

                                        IP
                                        192.168.2.17

                                        General Information

                                        Joe Sandbox Version:38.0.0 Ammolite
                                        Analysis ID:1327312
                                        Start date and time:2023-10-17 15:42:48 +02:00
                                        Joe Sandbox Product:CloudBasic
                                        Overall analysis duration:
                                        Hypervisor based Inspection enabled:false
                                        Report type:full
                                        Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                        Analysis system description:Windows 10 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                        Number of analysed new started processes analysed:36
                                        Number of new started drivers analysed:0
                                        Number of existing processes analysed:0
                                        Number of existing drivers analysed:0
                                        Number of injected processes analysed:0
                                        Technologies:
                                        • EGA enabled
                                        Analysis Mode:stream
                                        Analysis stop reason:Timeout
                                        Sample file name:Ihr angestellter sch#U00f6dl und dessen straftaten.pdf
                                        renamed because original name is a hash value
                                        Original Sample Name:Ihr angestellter schdl und dessen straftaten.pdf
                                        Detection:CLEAN
                                        Classification:clean3.winPDF@55/159@30/187
                                        Cookbook Comments:
                                        • Found application associated with file extension: .pdf
                                        • Exclude process from analysis (whitelisted): dllhost.exe, SgrmBroker.exe, MoUsoCoreWorker.exe, svchost.exe
                                        • Excluded IPs from analysis (whitelisted): 96.7.140.134, 50.16.47.176, 34.237.241.83, 18.213.11.84, 54.224.241.105, 184.28.98.118, 184.28.98.83, 172.64.41.3, 162.159.61.3
                                        • Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, fs.microsoft.com, ssl-delivery.adobe.com.edgekey.net, acroipm2.adobe.com.edgesuite.net, a122.dscd.akamai.net, p13n.adobe.io, geo2.adobe.com, acroipm2.adobe.com
                                        • Not all processes where analyzed, report is missing behavior information
                                        • VT rate limit hit for: Ihr angestellter sch#U00f6dl und dessen straftaten.pdf

                                        Created / dropped Files

                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                        File Type:ASCII text
                                        Category:dropped
                                        Size (bytes):294
                                        Entropy (8bit):5.1853093135859485
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:C1C38DADC0464CA05B48E6A89B4FE9EB
                                        SHA1:56F347F50E83F01CB02B87B8AF440F8E6495A733
                                        SHA-256:5BEE9F6E93039A60CA61E031746390C0268DD04ADFC42A3532C412C2B77751EC
                                        SHA-512:71F1B8D4C7A45ADD376C2CC36C32A3CC1D7A88E7F1BDD8D03EED4E3EF653992131C1826334CD612B1ADC6CA3E43000AB5E82B5919B79D65E4A58AC8764F1F41C
                                        Malicious:false
                                        Reputation:low
                                        Preview:2023/10/17-15:43:41.950 1b5c Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2023/10/17-15:43:41.951 1b5c Recovering log #3.2023/10/17-15:43:41.951 1b5c Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                        File Type:ASCII text
                                        Category:dropped
                                        Size (bytes):338
                                        Entropy (8bit):5.200482871487431
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:C94C9E2B84ACA68AA6E18E2984979310
                                        SHA1:FB666803214D5C78AC07516542835CD65D486C85
                                        SHA-256:353E2800BE40704EB55C9955F99ACD8C8238F82D7BD4FEFDCD772BABC5A57AE9
                                        SHA-512:50CBEF850C5ADBCE1C2E9A711A731C4A24EC6B05EABFD0FFA2A705E94CBC9D3F62C4C1E0A65227FE33D56BD7DA91EE2EEDA99888045705C9914AD547B50D0960
                                        Malicious:false
                                        Reputation:low
                                        Preview:2023/10/17-15:43:41.983 11f0 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2023/10/17-15:43:41.985 11f0 Recovering log #3.2023/10/17-15:43:41.986 11f0 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                        File Type:data
                                        Category:dropped
                                        Size (bytes):6268
                                        Entropy (8bit):5.243505416572965
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:43B7F600AFCED0C5DF61A5EFEBD112A4
                                        SHA1:EAAA19BBD3A59F49BC25F02C09D9FB5484BFFC71
                                        SHA-256:0F84620A6E0151DAC185B3A5D6EDB80BFD5CC6F02C039062E120E0C8A6BE9AB1
                                        SHA-512:CD3B4220FA4C4506C9CD43584B3922AC7FB9E0A7292158328AA7F190682A12AB8AF14B36DA15D6CF86FA80FD0D207026A182162CC5926082DA8D465463E0E06A
                                        Malicious:false
                                        Reputation:low
                                        Preview:*...#................version.1..namespace-....o................next-map-id.1.Pnamespace-42000ee3_e7f8_4e1a_acf9_c35e414a379e-https://rna-resource.acrobat.com/.0F...r................next-map-id.2.Snamespace-c3e8f6d4_f714_436a_92db_f0a4810aae6e-https://rna-v2-resource.acrobat.com/.1.p..r................next-map-id.3.Snamespace-d0743b68_de08_4f3c_b7bc_aca178ee7ff1-https://rna-v2-resource.acrobat.com/.2....o................next-map-id.4.Pnamespace-ce27b6a8_7896_4616_ab45_36a5ede234ad-https://rna-resource.acrobat.com/.3..).^...............Pnamespace-42000ee3_e7f8_4e1a_acf9_c35e414a379e-https://rna-resource.acrobat.com/...^...............Pnamespace-ce27b6a8_7896_4616_ab45_36a5ede234ad-https://rna-resource.acrobat.com/.{VUa...............Snamespace-c3e8f6d4_f714_436a_92db_f0a4810aae6e-https://rna-v2-resource.acrobat.com/....a...............Snamespace-d0743b68_de08_4f3c_b7bc_aca178ee7ff1-https://rna-v2-resource.acrobat.com/yATuo................next-map-id.5.Pnamespace-eb3aef6d_d129_430c_a353_

                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                        File Type:ASCII text
                                        Category:dropped
                                        Size (bytes):326
                                        Entropy (8bit):5.153595404811757
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:7EB20EC0632EFA19503BDB19C2A47395
                                        SHA1:42E569D4E45F850DDCBB9345DED9DA5041EEAF19
                                        SHA-256:9F492261B78A7CDBEB8C33EDECA4024631FBF10C1D2695EBC199EBDFD941C912
                                        SHA-512:A4C351D4E555456455BE0088FC17E935C06E9BD43A45F67ABB77C3B1AF8BAEBAF0726AE6D89EF65B8B9763147492C85212472DB30BD660B44660F9FE00FF2A4E
                                        Malicious:false
                                        Reputation:low
                                        Preview:2023/10/17-15:43:42.190 11f0 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2023/10/17-15:43:42.191 11f0 Recovering log #3.2023/10/17-15:43:42.192 11f0 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

                                        C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-231017134346Z-158.bmp

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:PC bitmap, Windows 3.x format, 107 x -152 x 32, cbSize 65110, bits offset 54
                                        Category:dropped
                                        Size (bytes):65110
                                        Entropy (8bit):1.6814098179214525
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:9E6FEBD31B0E1E6DCAF223B64016F0A5
                                        SHA1:47418DFF5FC9EAD05B8951EE0B960A1E8F9B9CE3
                                        SHA-256:5903F763900AA6C2A2376BD10BCBD45B037C968FB21815F204218597530F421F
                                        SHA-512:0EEBF5DD43E9BBD49D88138E8F6058138C9325783893C578BDD0597FB64C3FC03A69F07C0A36E7A85567C27EDDE76CAFA76B05B126AC023A2E903353DD39CA94
                                        Malicious:false
                                        Reputation:low
                                        Preview:BMV.......6...(...k...h..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:JSON data
                                        Category:dropped
                                        Size (bytes):295
                                        Entropy (8bit):5.3764502982668345
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:1D5059325DCB575702292648C7D78ED8
                                        SHA1:5CC1293C32558C04FBF591AD5CDC14DE6143896E
                                        SHA-256:A1AD8096DE16DF967501FF8E98135D73DDCD7953408A0869023350BE92718CBA
                                        SHA-512:5FDB14714CD624A3B6C10BDDBE0C2C1517526090841CF0627F417E3EA58260E849B319550B959C294051E1452B0F92DD591FD0591AEE8D52C8E3591B36A565FD
                                        Malicious:false
                                        Reputation:low
                                        Preview:{"analyticsData":{"responseGUID":"b7ab88b8-4fce-4e3b-9e50-f566fb56c952","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1697729073482,"statusCode":200,"surfaceID":"ACROBAT_READER_MASTER_SURFACEID","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:JSON data
                                        Category:dropped
                                        Size (bytes):294
                                        Entropy (8bit):5.321192386465392
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:4E3A434D67DB2AA9E44225D29FFC0C5F
                                        SHA1:A69BD6D6126B9E86FB5B710D476B0D1EC01B108E
                                        SHA-256:15D808B21BCB0D40A131BF4E8C167D8B9EDE33F31BA6B24E031EC2E4CBC21726
                                        SHA-512:7AE73F65A7FDE376C29B1FE993BBFDBE5FB9738EC9259704EC248F3CC016D3DBD1121B93CD29B304D76F3BF218AAA2336E49251F4D288C1737223BDDD86EAB90
                                        Malicious:false
                                        Reputation:low
                                        Preview:{"analyticsData":{"responseGUID":"b7ab88b8-4fce-4e3b-9e50-f566fb56c952","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1697729073482,"statusCode":200,"surfaceID":"DC_FirstMile_Home_View_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:JSON data
                                        Category:dropped
                                        Size (bytes):294
                                        Entropy (8bit):5.30001346151099
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:F9B29E8D701422013C445428B40155FC
                                        SHA1:A36A4EFF38672B6BB950FCB8A63D6D9211554FA7
                                        SHA-256:6BB16B2305FEB616C699F28C9D9AD55C09A4183F7480AD4FAE5AF7606372B44E
                                        SHA-512:57CCD581E039BB09AFAFDC8A4D87069C3C6D04721FAB9DAAA34A6130232E04BD16B73157713D6AD55686FDAC2A6E401AAE689B649AF3A90AC5138987B39823A6
                                        Malicious:false
                                        Reputation:low
                                        Preview:{"analyticsData":{"responseGUID":"b7ab88b8-4fce-4e3b-9e50-f566fb56c952","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1697729073482,"statusCode":200,"surfaceID":"DC_FirstMile_Right_Sec_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:JSON data
                                        Category:dropped
                                        Size (bytes):285
                                        Entropy (8bit):5.363005971923308
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:50F5231CBC304DE7AD07FBAE680E634C
                                        SHA1:29147F413EEA1CE76385A75C118C2D1422CC4FF4
                                        SHA-256:64E173A24F05B386D9EAC7ABD1C50E9CCF611BC57D6DB51A1C82C9F39469EE7E
                                        SHA-512:C7AE48D80892F686601BDD897E943E41FC0827BFAC33EEE6EB1933648ECF8014687DCE9E8F063B94AA6E9C15C440D7AC972711E7190A86CBA9083A3DF23E99FD
                                        Malicious:false
                                        Reputation:low
                                        Preview:{"analyticsData":{"responseGUID":"b7ab88b8-4fce-4e3b-9e50-f566fb56c952","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1697729073482,"statusCode":200,"surfaceID":"DC_READER_LAUNCH_CARD","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:JSON data
                                        Category:dropped
                                        Size (bytes):1255
                                        Entropy (8bit):5.699155838266854
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:02F41744E1AC22A49C18BCEA3C5AC884
                                        SHA1:329BE7D62A3F52EFBCE9AC365B2F8D0FAD8FD9BC
                                        SHA-256:20EE2839E09F464C6A027795CA1D990B4035A7135A4F3930CCA5DBDCE8604F42
                                        SHA-512:A4E3F6F3F20A0758D90DED030DB6248E07E37805C1700FB61A48FEC45CF7001BA3E71C972BB78A0AC2F8D6F69D3EC2A59FF16BF3BB8AD21373B5F43DFACE8AD0
                                        Malicious:false
                                        Reputation:low
                                        Preview:{"analyticsData":{"responseGUID":"b7ab88b8-4fce-4e3b-9e50-f566fb56c952","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1697729073482,"statusCode":200,"surfaceID":"DC_Reader_Convert_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Convert_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"65179_200306ActionBlock_0","campaignId":65179,"containerId":"1","controlGroupId":"","treatmentId":"f7fa0e9f-7d25-4321-b719-c501bbb8a162","variationId":"200306"},"containerId":1,"containerLabel":"JSON for DC_Reader_Convert_LHP_Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJGcmVlIDctZGF5IHRyaWFsIn0sInVpIjp7InRpdGxlX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTQiLCJmb250X3N0eWxlIjoiMyJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjE0IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjoiIiwiZGVzY3JpcHRpb24iOiJDb252ZXJ0IGZpbGVzIHRvIGFuZCBmcm9tIFBERiBcbndpdGhvdXQgbGltaXRzLiIsImJhY2tncm91bmRfc3R5bGluZyI6eyJiYWNrZ3JvdW5k

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:JSON data
                                        Category:dropped
                                        Size (bytes):1250
                                        Entropy (8bit):5.709105156483181
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:CC90E338245CE5BEE3C3ABEE0BF1AE03
                                        SHA1:172BC39F1BCB3BA114C891BB2BB00214AD2ECE31
                                        SHA-256:37CA96DBF089C2CAC8CBE34F5EB5329B70E4B61EF89781702C55E63FD30727DD
                                        SHA-512:811C03F84B5A16631E8F6222065555E6AF9130550CD638FAEA9835DD24C37919A74F8645C97F4B8956FD15B4996571F9FC5DC4537526409C03D3A3D44FDEAE9A
                                        Malicious:false
                                        Reputation:low
                                        Preview:{"analyticsData":{"responseGUID":"b7ab88b8-4fce-4e3b-9e50-f566fb56c952","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1697729073482,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Disc_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"65179_200306ActionBlock_1","campaignId":65179,"containerId":"1","controlGroupId":"","treatmentId":"250f56c6-2d66-4fca-8033-eabbd2bc9951","variationId":"200306"},"containerId":1,"containerLabel":"JSON for DC_Reader_Disc_LHP_Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJGcmVlIDctZGF5IHRyaWFsIn0sInVpIjp7InRpdGxlX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTQiLCJmb250X3N0eWxlIjoiMyJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjE0IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjoiIiwiZGVzY3JpcHRpb24iOiJDb252ZXJ0LCBlZGl0IGFuZCBlLXNpZ24gUERGXG4gZm9ybXMgJiBhZ3JlZW1lbnRzLiIsImJhY2tncm91bmRfc3R5bGluZyI6eyJiYWNrZ3JvdW5kX2Nvb

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:JSON data
                                        Category:dropped
                                        Size (bytes):292
                                        Entropy (8bit):5.3149939262431225
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:3720BB874C203491E7FBA4A7648661AE
                                        SHA1:7C968EF61BF66792AEEE1865B36D851A551F6C5B
                                        SHA-256:A697ACC62549831DC9AAEBB76684E87A238CC6146475500F9F70050B226D16A8
                                        SHA-512:7679FB631A856310CAD947E6C947BAF6AF487764F60E8FE3222AF0FD79DDB47902538B627B3BB4A8E644A4797D3EE2A2B68F0815F04BAFB6FFE015B393D64A55
                                        Malicious:false
                                        Reputation:low
                                        Preview:{"analyticsData":{"responseGUID":"b7ab88b8-4fce-4e3b-9e50-f566fb56c952","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1697729073482,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:JSON data
                                        Category:dropped
                                        Size (bytes):1230
                                        Entropy (8bit):5.692002267260649
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:A320B59EAE276B3C25D3807EDD3369D0
                                        SHA1:2317CFFDF40960D0ECFE8BDCA773C3F71255DA8B
                                        SHA-256:59DCE8E0C7FB9C365E27B5491CE3DEB6C05B2320D8C5950E84AA7376C00975CF
                                        SHA-512:3B21A9F967B108C6720F78833576F13F9D7569BD393DA846E8E35BBAB9E2132A27D4193BEB97D214084F7D7C288D98C0F52BE193FD6B45454E54F8CBF9CABDB1
                                        Malicious:false
                                        Reputation:low
                                        Preview:{"analyticsData":{"responseGUID":"b7ab88b8-4fce-4e3b-9e50-f566fb56c952","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1697729073482,"statusCode":200,"surfaceID":"DC_Reader_Edit_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Edit_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"65179_200306ActionBlock_3","campaignId":65179,"containerId":"1","controlGroupId":"","treatmentId":"07caa165-20a7-4c5f-adf8-061ef3d98af3","variationId":"200306"},"containerId":1,"containerLabel":"JSON for DC_Reader_Edit_LHP_Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJGcmVlIDctZGF5IHRyaWFsIn0sInVpIjp7InRpdGxlX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTQiLCJmb250X3N0eWxlIjoiMyJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjE0IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjoiIiwiZGVzY3JpcHRpb24iOiJFZGl0IHRleHQsIGltYWdlcywgcGFnZXMsIGFuZCBtb3JlLiIsImJhY2tncm91bmRfc3R5bGluZyI6eyJiYWNrZ3JvdW5kX2NvbG9yX2RhcmtfdGhlbWUiO

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:JSON data
                                        Category:dropped
                                        Size (bytes):1408
                                        Entropy (8bit):5.757985975868806
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:75EA422FFC97CDF2C3409DBDCC3D0A75
                                        SHA1:932431EEC31C10AFC67EC3989BB82E64FD35443A
                                        SHA-256:3B79FB4889A2C7FBF4F88D7DE1083A837F05D115A5DAEEA201263FCBB69B51E3
                                        SHA-512:6DD377794E658536A23BF3E0A14D60D4E31EE5D10D58E29CC06739199F3D3044196187976B93E8DC69686C9BB1CCA90A88083CD663DA855A0CF63D24EF765847
                                        Malicious:false
                                        Reputation:low
                                        Preview:{"analyticsData":{"responseGUID":"b7ab88b8-4fce-4e3b-9e50-f566fb56c952","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1697729073482,"statusCode":200,"surfaceID":"DC_Reader_Home_LHP_Trial_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Home_LHP_Trial_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"66636_205208ActionBlock_0","campaignId":66636,"containerId":"1","controlGroupId":"","treatmentId":"61744ad0-6d48-4056-9909-a6eb12c52545","variationId":"205208"},"containerId":1,"containerLabel":"JSON for DC_Reader_Home_LHP_Trial_Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJUcnkgQWNyb2JhdCBQcm8ifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIyMCIsImZvbnRfc3R5bGUiOiIwIn0sImRlc2NyaXB0aW9uX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTQiLCJmb250X3N0eWxlIjoiLTEifSwidGl0bGUiOiJGcmVlIDctZGF5IHRyaWFsIiwiZGVzY3JpcHRpb24iOiJHZXQgdW5saW1pdGVkIGFjY2VzcyB0byBhbGwgUERGIGFuZCBlLXNpZ25pbmcgdG9vbHMuIiwiYmFja2d

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:JSON data
                                        Category:dropped
                                        Size (bytes):289
                                        Entropy (8bit):5.321394592762197
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:E75AAE6C11899A2EAF980BFA74FCCE0C
                                        SHA1:F0F73D13E77D241CA42CA3E59D54703600946000
                                        SHA-256:C96C367060A4D69D3AFBB0D1231FEE0CF410B1165DAD222F00F00BC5A6AC4D9A
                                        SHA-512:512AEC7490D4A09E4BC45BA96D7964C8CAEC5510B4E8AE0017D52C064F6E7F4CC6CC0D51A78391BBB891132F136B1DD9A5F9441BD2479DAFBDA6B6AAFDB8FA0D
                                        Malicious:false
                                        Reputation:low
                                        Preview:{"analyticsData":{"responseGUID":"b7ab88b8-4fce-4e3b-9e50-f566fb56c952","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1697729073482,"statusCode":200,"surfaceID":"DC_Reader_More_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:JSON data
                                        Category:dropped
                                        Size (bytes):1395
                                        Entropy (8bit):5.7784905823217825
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:29332CDDD75D6247F3403BE9E98432F8
                                        SHA1:49844FA93309EE7956D6C4DE009915FFCB7981C5
                                        SHA-256:D8239E7094343EC82A5F92B18C8EF694FACAADFCABCC19DECFB0C364A9DA5314
                                        SHA-512:12BE599C42737473DA622804B5539D13E3C369F08D002F2D9AF537BE3162D70F44752AACBEFF58DEA89BC32BDFDDF4682AA0BEE1AFE97367822662E94DEB2615
                                        Malicious:false
                                        Reputation:low
                                        Preview:{"analyticsData":{"responseGUID":"b7ab88b8-4fce-4e3b-9e50-f566fb56c952","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1697729073482,"statusCode":200,"surfaceID":"DC_Reader_RHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_RHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"57802_176003ActionBlock_0","campaignId":57802,"containerId":"1","controlGroupId":"","treatmentId":"d0374f2d-08b2-49b9-9500-3392758c9e2e","variationId":"176003"},"containerId":1,"containerLabel":"JSON for Reader DC RHP Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJGcmVlIDctRGF5IFRyaWFsIiwiZ29fdXJsIjoiaHR0cHM6Ly9hY3JvYmF0LmFkb2JlLmNvbS9wcm94eS9wcmljaW5nL3VzL2VuL3NpZ24tZnJlZS10cmlhbC5odG1sP3RyYWNraW5naWQ9UEMxUFFMUVQmbXY9aW4tcHJvZHVjdCZtdjI9cmVhZGVyIn0sInVpIjp7InRpdGxlX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTQiLCJmb250X3N0eWxlIjoiMyJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjEyIiwiZm9udF9zdHlsZSI6IjMifSwidGl0

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:JSON data
                                        Category:dropped
                                        Size (bytes):291
                                        Entropy (8bit):5.304794648561405
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:729071BAE7739299DBD7FDA817CB4594
                                        SHA1:D64C1546DC1726F211612408B235CE4F8F21F3D9
                                        SHA-256:0F4611FC7F1EAD483EEF5067877E6971678A8AB5D1CCB6388135C2A043A657BE
                                        SHA-512:C7F602C3518EE05C3346DA683EEBC6A02E2798672A01026006276798E403DE9282F1D7DE1C4051B7DCEB217A774D0E769308BF8D1AD161D214AE79B35599852E
                                        Malicious:false
                                        Reputation:low
                                        Preview:{"analyticsData":{"responseGUID":"b7ab88b8-4fce-4e3b-9e50-f566fb56c952","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1697729073482,"statusCode":200,"surfaceID":"DC_Reader_RHP_Intent_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:JSON data
                                        Category:dropped
                                        Size (bytes):287
                                        Entropy (8bit):5.306449620347085
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:BD12EFC14ED878812BE4A5CFA324D02C
                                        SHA1:5E87AF6188D6673C9C2C696CAC9D5A05D38D7887
                                        SHA-256:E289676C03B93F3F2151EC6495BFB81494C710499DC589373962BA97311BE706
                                        SHA-512:20931CD5ACF2F1C5FDED670EEB795A2A484A2C0CA45BF9FC1E99757B5DBB6BE4F5B94811607E0B610E64DAEA2A3951192EAF3C2FB75AA977DF874881B4FD957F
                                        Malicious:false
                                        Reputation:low
                                        Preview:{"analyticsData":{"responseGUID":"b7ab88b8-4fce-4e3b-9e50-f566fb56c952","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1697729073482,"statusCode":200,"surfaceID":"DC_Reader_RHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:JSON data
                                        Category:dropped
                                        Size (bytes):1250
                                        Entropy (8bit):5.723249778708421
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:280E2AE86F0AC4A9C08A06F97FED31DD
                                        SHA1:1B50216860D7B90E0A7AD9FD27044A893B5FB410
                                        SHA-256:E57ACDC647CDCCDA6BFEF411E254B1E4E1856B5DB95FD1287A352645439E2B62
                                        SHA-512:343FCA13B8032F2C93E535A884013C03C78919F8C16F3BC4465603122B1EE74312061D6E3204EE64D626FEA47337821F46EC1C378A7F5E39D9666D34CF014108
                                        Malicious:false
                                        Reputation:low
                                        Preview:{"analyticsData":{"responseGUID":"b7ab88b8-4fce-4e3b-9e50-f566fb56c952","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1697729073482,"statusCode":200,"surfaceID":"DC_Reader_Sign_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Sign_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"65179_200306ActionBlock_2","campaignId":65179,"containerId":"1","controlGroupId":"","treatmentId":"8deb148d-1a64-4e57-9648-e8bf939c598e","variationId":"200306"},"containerId":1,"containerLabel":"JSON for DC_Reader_Sign_LHP_Banner","content":{"data":"eyJjdGEiOnsidHlwZSI6ImJ1dHRvbiIsInRleHQiOiJGcmVlIDctZGF5IHRyaWFsIn0sInVpIjp7InRpdGxlX3N0eWxpbmciOnsiZm9udF9zaXplIjoiMTQiLCJmb250X3N0eWxlIjoiMyJ9LCJkZXNjcmlwdGlvbl9zdHlsaW5nIjp7ImZvbnRfc2l6ZSI6IjE0IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjoiIiwiZGVzY3JpcHRpb24iOiJTZW5kIGRvY3VtZW50cyAmIGZvcm1zIFxuZm9yIGZhc3QgZS1zaWduaW5nIG9ubGluZS4iLCJiYWNrZ3JvdW5kX3N0eWxpbmciOnsiYmFja2dyb3VuZF9jb

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:JSON data
                                        Category:dropped
                                        Size (bytes):5220
                                        Entropy (8bit):5.80491332007984
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:07947012006045F8CA94DA30660EBE67
                                        SHA1:FB72190E7E8B46120FFDC2C3AD4FC8A6E385F550
                                        SHA-256:C6CD9BEB8BC73F128F57A08C21EC689068BC081DC28E0EA542D91C35B2011BD0
                                        SHA-512:221043DFAD5930319BFD43F90306F2579DED2633FFB394C326C4CB480BFDC292EB5C3DD80DB56DD382C148CDFEC139C55968875A305093477E3BFB639C300616
                                        Malicious:false
                                        Reputation:low
                                        Preview:{"analyticsData":{"responseGUID":"b7ab88b8-4fce-4e3b-9e50-f566fb56c952","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1697729073482,"statusCode":200,"surfaceID":"DC_Reader_Upsell_Cards","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Upsell_Cards"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"65872_202577ActionBlock_0","campaignId":65872,"containerId":"1","controlGroupId":"","treatmentId":"fde975b8-6690-4353-9b93-ee40b641f60f","variationId":"202577"},"containerId":1,"containerLabel":"JSON for DC Reader Upsell Cards","content":{"data":"eyJVcGdyYWRlQWNyb2JhdFBlcnNpc3RlbnRCdXR0b24iOnsiZGF0YVR5cGUiOiJ1cmwiLCJkYXRhIjp7ImxpZ2h0IjoiaHR0cHM6Ly9jdnMuYWRvYmUuY29tL2NvbnRlbnQvZGFtL2N2cy9hY3JvYmF0ZGVza3RvcC91cHNlbGxjYXJkcy9yZ3MwMjU0L3YyL2luZGV4Lmh0bWw\/ZXhwZXJpZW5jZT11cGdyYWRlLXRvcHxlbnwxfGxpZ2h0IiwiZGFyayI6Imh0dHBzOi8vY3ZzLmFkb2JlLmNvbS9jb250ZW50L2RhbS9jdnMvYWNyb2JhdGRlc2t0b3AvdXBzZWxsY2FyZHMvcmdzMDI1NC92Mi9pbmRleC5odG1sP2V4c

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:JSON data
                                        Category:dropped
                                        Size (bytes):782
                                        Entropy (8bit):5.37725282771623
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:0C1E7566DD77AF91CAE4F8100474BF5E
                                        SHA1:9A3FA2AA22F760064EAF2BD12B892D071DA9A268
                                        SHA-256:4F3EC4AE3A781F69C292F72797925B25F27F27C9F160AD4E2B86D76EC91CCAEB
                                        SHA-512:2CAFA5300E6BF3E3062014B8E1C583E226F46307D1BECF2A105E8D570B2C468DA90F20FE5FDC691F126840C37A6DFECB9447B61529EDB11D98FFDA2D44233647
                                        Malicious:false
                                        Reputation:low
                                        Preview:{"analyticsData":{"responseGUID":"b7ab88b8-4fce-4e3b-9e50-f566fb56c952","sophiaUUID":"94B2C178-E1F7-4D12-8BEA-76F4017C8DA0"},"encodingScheme":true,"expirationDTS":1697729073482,"statusCode":200,"surfaceID":"Edit_InApp_Aug2020","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"Edit_InApp_Aug2020"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"20360_57769ActionBlock_0","campaignId":20360,"containerId":"1","controlGroupId":"","treatmentId":"3c07988a-9c54-409d-9d06-53885c9f21ec","variationId":"57769"},"containerId":1,"containerLabel":"JSON for switching in-app test","content":{"data":"eyJ1cHNlbGxleHBlcmltZW50Ijp7InRlc3RpZCI6IjEiLCJjb2hvcnQiOiJicm93c2VyIn19","dataType":"application\/json","encodingScheme":true},"endDTS":1735804679000,"startDTS":1697550228523}}}}

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:data
                                        Category:dropped
                                        Size (bytes):4
                                        Entropy (8bit):0.8112781244591328
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:DC84B0D741E5BEAE8070013ADDCC8C28
                                        SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
                                        SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
                                        SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
                                        Malicious:false
                                        Reputation:low
                                        Preview:....

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:JSON data
                                        Category:dropped
                                        Size (bytes):2819
                                        Entropy (8bit):5.137345531180465
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:E2B19575D79830DF9733D7732F542B55
                                        SHA1:C6D33430D0DDCFDF1629C141AD47F19E5B3ED523
                                        SHA-256:0EFCD4DEBB6A84983D3E94B21C7D8A71F6C7EE38A1D4849F14291D9F71CED911
                                        SHA-512:0A82B58D69FBF19220FBF02B89803E9A9E8322AE6213A4BDE27F3098C77EC2BBAD16EEF12E4C0947B3C6FD066666B1F40CCEB7714233E11E25E59C7308C2DF25
                                        Malicious:false
                                        Reputation:low
                                        Preview:{"all":[{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"d447adfd71fa98a99ec6be709d131260","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":1250,"ts":1697550228000},{"id":"DC_Reader_Home_LHP_Trial_Banner","info":{"dg":"23649b7fcc944fcc9957106dea3c850d","sid":"DC_Reader_Home_LHP_Trial_Banner"},"mimeType":"file","size":1408,"ts":1697550228000},{"id":"DC_Reader_Sign_LHP_Banner","info":{"dg":"a4a7efc2cf323b3d33032b8992c54dd8","sid":"DC_Reader_Sign_LHP_Banner"},"mimeType":"file","size":1250,"ts":1697550228000},{"id":"DC_Reader_Convert_LHP_Banner","info":{"dg":"d885b6ad3efc47bfe9b7d52d71e41ac0","sid":"DC_Reader_Convert_LHP_Banner"},"mimeType":"file","size":1255,"ts":1697550228000},{"id":"DC_Reader_Edit_LHP_Banner","info":{"dg":"c85749735aefbf2d4d2aeff53a4c462d","sid":"DC_Reader_Edit_LHP_Banner"},"mimeType":"file","size":1230,"ts":1697550228000},{"id":"DC_Reader_Upsell_Cards","info":{"dg":"9c77800799932bf4c7d54f37837f30e5","sid":"DC_Reader_Upsell_Cards"},"mimeType":"file","size":522

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 23, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 23
                                        Category:dropped
                                        Size (bytes):12288
                                        Entropy (8bit):1.3573584566989805
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:3646919F5B3AF8216F4AC39590DC8F82
                                        SHA1:D42D5F88B9D641530AD7A2314D8BCE364BDD977B
                                        SHA-256:21DBA2CB3240112EA4DFEE5260F6141C557B93CA51F53E2D6C3F248A717CCB4C
                                        SHA-512:ED987E68BCE43E8B469FAEFC78A647298DBCC7D31CE15597BBD9CE79CA74E39304082F624CB9AA789F4784BA5D6E9FED62C28C63D69B1CD4C6BB2ECD7D98576F
                                        Malicious:false
                                        Reputation:low
                                        Preview:SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:SQLite Rollback Journal
                                        Category:dropped
                                        Size (bytes):8720
                                        Entropy (8bit):1.8314225676335232
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:89A8655B9A1F51FB2CBE7549004086A7
                                        SHA1:89297493623FBE8F9811F32DB37163F9CE903A4D
                                        SHA-256:9820042D6C8142039948008119BA2DD88FD97C6AD87CD015F20023684DE6D417
                                        SHA-512:58C982DEA6D6B055CA0ABD38D6FA0CB64CD67EEE1B08D35D256DF5A70546C5B47AF5F191F14B4FE0ECFA093F864DBAB49112AAB28768B40F03958502893EEBDA
                                        Malicious:false
                                        Reputation:low
                                        Preview:.... .c......%h.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................v.../.././././.-.-.-.-.-.-.-.-.-.-.-.-.-.-........................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                        C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2023-10-17 15-43-44-099.log

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:ASCII text, with very long lines (393)
                                        Category:dropped
                                        Size (bytes):16525
                                        Entropy (8bit):5.359827924713262
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:06DEAEDB81D09FD8FB5FF668D8E09CB2
                                        SHA1:28A02BCBD5975117B97A08AFB049F2C94F334726
                                        SHA-256:D98DE785425112A2D7A41B16073812FA4FA4955F2D5139AE87C9A5FBC4717D64
                                        SHA-512:948E3B56E5A8D818A5FE9D74B82A898F7264909ADF2C49E5D096CB90F4D28ED95990545A4857933F0E06D493AA0F6D41F6109C74B44BC0E4B84346B519681936
                                        Malicious:false
                                        Reputation:low
                                        Preview:SessionID=c98ebd97-9477-4d7e-bd0c-12efa5f01bab.1696586972755 Timestamp=2023-10-06T12:09:32:755+0200 ThreadID=6536 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=c98ebd97-9477-4d7e-bd0c-12efa5f01bab.1696586972755 Timestamp=2023-10-06T12:09:32:756+0200 ThreadID=6536 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=c98ebd97-9477-4d7e-bd0c-12efa5f01bab.1696586972755 Timestamp=2023-10-06T12:09:32:756+0200 ThreadID=6536 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=c98ebd97-9477-4d7e-bd0c-12efa5f01bab.1696586972755 Timestamp=2023-10-06T12:09:32:756+0200 ThreadID=6536 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=c98ebd97-9477-4d7e-bd0c-12efa5f01bab.1696586972755 Timestamp=2023-10-06T12:09:32:756+0200 ThreadID=6536 Component=ngl-lib_NglAppLib Description="SetConfig:

                                        C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:ASCII text, with very long lines (393), with CRLF line terminators
                                        Category:dropped
                                        Size (bytes):15114
                                        Entropy (8bit):5.381594967646196
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:3D54AE6F4D2D0F0C7DEED332A6BD117A
                                        SHA1:2230F12A44C21A2CFFEA2C3190E186F97E842ABB
                                        SHA-256:BA325475B7DFF7F51407A406898804113805C8D4B092F42A2CF923C031A2AD14
                                        SHA-512:4CDB3BB69FBCE88C3627B3BB34209BFF4359A3A4E1377CE3BB81B48063B6E3DA7459AA79972B68902381E5246CDF81778CCF496C77E5F10BE67DD3FB356AF16D
                                        Malicious:false
                                        Reputation:low
                                        Preview:SessionID=cdd38757-6736-4000-a924-b5c9983533ea.1697550224128 Timestamp=2023-10-17T15:43:44:128+0200 ThreadID=6704 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------"..SessionID=cdd38757-6736-4000-a924-b5c9983533ea.1697550224128 Timestamp=2023-10-17T15:43:44:129+0200 ThreadID=6704 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found"..SessionID=cdd38757-6736-4000-a924-b5c9983533ea.1697550224128 Timestamp=2023-10-17T15:43:44:129+0200 ThreadID=6704 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!"..SessionID=cdd38757-6736-4000-a924-b5c9983533ea.1697550224128 Timestamp=2023-10-17T15:43:44:129+0200 ThreadID=6704 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1"..SessionID=cdd38757-6736-4000-a924-b5c9983533ea.1697550224128 Timestamp=2023-10-17T15:43:44:129+0200 ThreadID=6704 Component=ngl-lib_NglAppLib Description="SetConf

                                        C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                        File Type:ASCII text, with CRLF line terminators
                                        Category:dropped
                                        Size (bytes):35721
                                        Entropy (8bit):5.4241693775514275
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:2B1C90B4CAB5DB6853E3C280C6FAD2FB
                                        SHA1:B4F1C337A49E642F457984149FFA56067C0D21A1
                                        SHA-256:2CB1D39BDFDC130B2BE8E44C6EDBDDC703F046BF8B53725F99DE6ECEA77121A9
                                        SHA-512:BFD8C374F299E6ABE8B2DCDC649F1D99F957E3BD36C37D368D9DB90955A306CA6F9CCD44D01A14E06ABFA2D4E3CA32187898FA2EA6C161ECEB902354215A2F68
                                        Malicious:false
                                        Reputation:low
                                        Preview:06-10-2023 11:44:59:.---2---..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : ***************************************..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : ***************************************..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : ******** Starting new session ********..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : Starting NGL..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..06-10-2023 11:44:59:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..06-10-2023 11:44:59:.Closing File..06-10-

                                        C:\Users\user\AppData\Local\Temp\acrocef_low\21c964af-8a79-4fc0-9951-c60d90edf466.tmp

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                        File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
                                        Category:dropped
                                        Size (bytes):386528
                                        Entropy (8bit):7.9736851559892425
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:5C48B0AD2FEF800949466AE872E1F1E2
                                        SHA1:337D617AE142815EDDACB48484628C1F16692A2F
                                        SHA-256:F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE
                                        SHA-512:44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324
                                        Malicious:false
                                        Reputation:low
                                        Preview:...........]s[G. Z...{....;...J$%K&..%.[..k...S....$,.`. )Z..m........a.......o..7.VfV...S..HY}Ba.<.NUVVV~W.].;qG4..b,N..#1.=1.#1..o.Fb.........IC.....Z...g_~.OO.l..g.uO...bY.,[..o.s.D<..W....w....?$4..+..%.[.?..h.w<.T.9.vM.!..h0......}..H..$[...lq,....>..K.)=..s.{.g.O...S9".....Q...#...+..)>=.....|6......<4W.'.U.j$....+..=9...l.....S..<.\.k.'....{.1<.?..<..uk.v;.7n.!...g....."P..4.U........c.KC..w._G..u..g./.g....{'^.-|..h#.g.\.PO.|...]x..Kf4..s..............+.Y.....@.K....zI..X......6e?[..u.g"{..h.vKbM<.?i6{%.q)i...v..<P8P3.......CW.fwd...{:@h...;........5..@.C.j.....a.. U.5...].$.L..wW....z...v.......".M.?c.......o..}.a.9..A..%V..o.d....'..|m.WC.....|.....e.[W.p.8...rm....^..x'......5!...|......z..#......X_..Gl..c..R..`...*.s-1f..]x......f...g...k........g....... ).3.B..{"4...!r....v+As...Zn.]K{.8[..M.r.Y..........+%...]...J}f]~}_..K....;.Z.[..V.&..g...>...{F..{I..@~.^.|P..G.R>....U..../HY...(.z.<.~.9OW.Sxo.Y

                                        C:\Users\user\AppData\Local\Temp\acrocef_low\50c27ed8-f8a6-4063-822d-21ad71035079.tmp

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                        File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
                                        Category:dropped
                                        Size (bytes):1419751
                                        Entropy (8bit):7.976496077007677
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:AE1E8A5D3E7B2198980A0CA16DE5F3D3
                                        SHA1:A1DB2C58AFC81E6A114A8EB47BE0243956F79460
                                        SHA-256:8C2E1B13F6658714D51737D6745FE065B87497923945AB3028706A4171C8328F
                                        SHA-512:5B36CF0982C5AFED5CCEA4B30A0B31A2B5312FBF5438623D53153E076B59F1B4BEF8C08695EA74E086BCA4EF7221889DB977B5DCFF4C684BA0683FDDECDE2EC4
                                        Malicious:false
                                        Reputation:low
                                        Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                                        C:\Users\user\AppData\Local\Temp\acrocef_low\779c5019-30da-4832-8e24-7140db460da9.tmp

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                        File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
                                        Category:dropped
                                        Size (bytes):1407294
                                        Entropy (8bit):7.97605879016224
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:A0CFC77914D9BFBDD8BC1B1154A7B364
                                        SHA1:54962BFDF3797C95DC2A4C8B29E873743811AD30
                                        SHA-256:81E45F94FE27B1D7D61DBC0DAFC005A1816D238D594B443BF4F0EE3241FB9685
                                        SHA-512:74A8F6D96E004B8AFB4B635C0150355CEF5D7127972EA90683900B60560AA9C7F8DE780D1D5A4A944AF92B63C69F80DCDE09249AB99696932F1955F9EED443BE
                                        Malicious:false
                                        Reputation:low
                                        Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.

                                        C:\Users\user\AppData\Local\Temp\acrocef_low\b6bee007-b71b-4d7a-b428-db301371b76e.tmp

                                        Download File
                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                        File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
                                        Category:dropped
                                        Size (bytes):758601
                                        Entropy (8bit):7.98639316555857
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:3A49135134665364308390AC398006F1
                                        SHA1:28EF4CE5690BF8A9E048AF7D30688120DAC6F126
                                        SHA-256:D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B
                                        SHA-512:BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5
                                        Malicious:false
                                        Reputation:low
                                        Preview:...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!|G.1...... .3.`./....`~......G.............|..pS.e.C....:o.u_..oi.:..|....joi...eM.m.K...2%...Z..j...VUh..9.}.....

                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 17 12:44:08 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                        Category:dropped
                                        Size (bytes):2677
                                        Entropy (8bit):3.973452728562199
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:23A02B928CC2C1AAC1C7941DF754DB26
                                        SHA1:3443776EB18D178D95B7EC91C5AA8F92A21A4557
                                        SHA-256:E1E8600D8CE58B528437C8729D7798A7BD7116A73CCD22A0B40EE97915B361B7
                                        SHA-512:BD881490FFE860FF84492EBF30B6B5B135A6C0E7DA43B3B1FE762A32A588F5C3C7F03D085E7DC3DE3942420256A557A8C784C36A5812978E62ED39198AC7FCA4
                                        Malicious:false
                                        Reputation:low
                                        Preview:L..................F.@.. ...$+.,....j4x.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IQWnm....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VQW.m....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VQW.m....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VQW.m...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VQW.m...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 17 12:44:07 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                        Category:dropped
                                        Size (bytes):2679
                                        Entropy (8bit):3.989388530250242
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:7A677145D09036E54429F4EA0E4EE0C0
                                        SHA1:7D6A3371226C4AF23E61DB3DF89BB0725F409224
                                        SHA-256:63FC3301097773AB180CDB13CC6025ADE7C59EA03623D9018678281DD9009A27
                                        SHA-512:BAD876BC808436EA5332490FE0752694024740FC7F27947432563206E93219F7FD4FBB03FB9EC0556019CCC629E42D09AA1DD5F4D7E3207929464D2BDB357FE6
                                        Malicious:false
                                        Reputation:low
                                        Preview:L..................F.@.. ...$+.,....CZf.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IQWnm....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VQW.m....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VQW.m....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VQW.m...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VQW.m...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                        Category:dropped
                                        Size (bytes):2693
                                        Entropy (8bit):4.011773022178979
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:DE9A59B5E28837B23F1A13556837D105
                                        SHA1:C1D4C4450C986BDC94F4480B2A64D0053D59B599
                                        SHA-256:3A0F7BD45751AA00F744BAB8BD6AB420FE431118D4427F47E23522DF03C1B10B
                                        SHA-512:C864A9E73D3D117ABDD1F38E87489FD4CABC273EB9C59E2BF1219909F026C266F297EA7EF1E314D4E90A47A682952919DA386DFADCAE4B950B1830C82983C687
                                        Malicious:false
                                        Reputation:low
                                        Preview:L..................F.@.. ...$+.,.....v. ;.......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IQWnm....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VQW.m....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VQW.m....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VQW.m...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VFW.N...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 17 12:44:07 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                        Category:dropped
                                        Size (bytes):2681
                                        Entropy (8bit):3.9901284028502504
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:686B09185F0EF20A00C1516F360BDB14
                                        SHA1:826D0862E925B8C6E62C19D797C0098A928D9CC6
                                        SHA-256:04E66DA1C477219E9416FA06D75467BE4503CDA9F5920123E17DA16F18FF4C57
                                        SHA-512:D87332B0CB48C1AA6C942B39E9F2E7965972B265F187E625BE047E9F67327601A6056FD03068BFBF0C0D5ABA3F19A5AB030F031CD4E3FFAB2214A92A84E9635E
                                        Malicious:false
                                        Reputation:low
                                        Preview:L..................F.@.. ...$+.,....C|_.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IQWnm....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VQW.m....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VQW.m....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VQW.m...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VQW.m...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 17 12:44:07 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                        Category:dropped
                                        Size (bytes):2681
                                        Entropy (8bit):3.978781887294371
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:416FF73ABAA0AE91F666A69B9F36BDD5
                                        SHA1:B74D1EE546E3E65725AE1D565FF42B3E9AAD4651
                                        SHA-256:1C25BBFB5343B52D8338870A900B2DCC1251E576AADED7115184B60350F282EF
                                        SHA-512:F8D449B1D9DA88C1420322EBC42F6FAFC13A80E4C139403E63E2773FD338751BA93715006A5EF2E866265BFC18C11808BC784CAEE66A188B047EAB33F1FA7448
                                        Malicious:false
                                        Reputation:low
                                        Preview:L..................F.@.. ...$+.,.....3o.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IQWnm....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VQW.m....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VQW.m....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VQW.m...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VQW.m...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 17 12:44:07 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
                                        Category:dropped
                                        Size (bytes):2683
                                        Entropy (8bit):3.9907833300894846
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:52BE848A4337107CFE98D95E26F9F420
                                        SHA1:4684DA934CEB1EAE38E7CC29E42AE07E38A63827
                                        SHA-256:9B29046ACF3CB44D127EF4F9A68ACEAF0FAE87791882F16EE1A4BCE598742117
                                        SHA-512:CDF047C8169F9F7EBAB8C7E6F487E86A3764A45DE501B81313FDD6DF79798E8746554714691A1551E8C99BB34A6A310DB1F6E2A665F489C105BDEDDD36A556AE
                                        Malicious:false
                                        Reputation:low
                                        Preview:L..................F.@.. ...$+.,....R.S.........y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FWoN..PROGRA~1..t......O.IQWnm....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VQW.m....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.N..Chrome..>......CW.VQW.m....M......................W..C.h.r.o.m.e.....`.1.....FW.N..APPLIC~1..H......CW.VQW.m...........................W..A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.VQW.m...........................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                        C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log

                                        Download File
                                        Process:C:\Windows\System32\msiexec.exe
                                        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                        Category:dropped
                                        Size (bytes):403156
                                        Entropy (8bit):5.359657541895821
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:A7328E223DB7F43358F9E032B01C5030
                                        SHA1:675793292C3BCC3CF71B178A450075DEBEB63C17
                                        SHA-256:3C6184EDA728BF586BE305B7C147C3213D4A1C04572B4303FBEF2CE33C659F7E
                                        SHA-512:04F555E14B9409DD92F65A23A002F2DCDE159619AEAB449C49196F67D1248E6B609C3ABC8FD2A85D8A9C887A56911B15D45D5F97F975093E485FDABE44BD2BE2
                                        Malicious:false
                                        Reputation:low
                                        Preview:.To learn about increasing the verbosity of the NGen log files please see http://go.microsoft.com/fwlink/?linkid=210113..12/07/2019 14:54:22.458 [5488]: Command line: D:\wd\compilerTemp\BMT.200yuild.1bk\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe executeQueuedItems /nologo ..12/07/2019 14:54:22.473 [5488]: Executing command from offline queue: install "System.Runtime.WindowsRuntime.UI.Xaml, Version=4.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil" /NoDependencies /queue:1..12/07/2019 14:54:22.490 [5488]: Executing command from offline queue: install "System.Web.ApplicationServices, Version=4.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil" /NoDependencies /queue:3..12/07/2019 14:54:22.490 [5488]: Exclusion list entry found for System.Web.ApplicationServices, Version=4.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil; it will not be installed..12/07/2019 14:54:22.490 [

                                        Chrome Cache Entry: 228

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with no line terminators
                                        Category:downloaded
                                        Size (bytes):102
                                        Entropy (8bit):4.899621299015828
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:E82E2A2D9574AA1510ADC2FFDC04B2EF
                                        SHA1:EF4116A276C39549961167D28BA479087F3A58A1
                                        SHA-256:145BF25D7A0B98497C1DBFA062C7EC9A2F329F19854545FC9390634F5788A3AE
                                        SHA-512:538B9B5E231043AE4856978CE35193CDE2FE1D41B293FD687EF03D0AA81975A3668FAD33E379EEC42F824175B1087BD684133F9E45C5657D2B87A06919945644
                                        Malicious:false
                                        Reputation:low
                                        URL:https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=MydHw_zggsxIJuhSbyOmPv5R
                                        Preview:importScripts('https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__en.js');

                                        Chrome Cache Entry: 229

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
                                        Category:downloaded
                                        Size (bytes):15086
                                        Entropy (8bit):3.397741884015131
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:E28E217FE7CC6E04619D224FE0864660
                                        SHA1:259EA5C86F9153D0980B3872FC3432BE6C0A7884
                                        SHA-256:FC68B906543280A143EC95215F32825DB7A580B38955886D101FC1BA1DD0B6FD
                                        SHA-512:5FBA258D38E948EFA22700F429BA3F14FF0BD2783ACFFAB3C15FE59D4F8E464AD4E7109EAFA4E02A17B0C308246A445A94A41290EEA3B350445B7023CA89ED15
                                        Malicious:false
                                        Reputation:low
                                        URL:https://img.ui-portal.de/webde/favicon.ico
                                        Preview:......00.... ..%..6... .... ......%........ .h....6..(...0...`..... ......%............................. ........................................................................................................................................................................... ...............0...................................................................................................................................................................................0....... ........................................................................................................................................................................................... ..........................................................................................................................................................................................................................................................................................................................................

                                        Chrome Cache Entry: 230

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with no line terminators
                                        Category:downloaded
                                        Size (bytes):16
                                        Entropy (8bit):3.75
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:AFB69DF47958EB78B4E941270772BD6A
                                        SHA1:D9FE9A625E906FF25C1F165E7872B1D9C731E78E
                                        SHA-256:874809FB1235F80831B706B9E9B903D80BD5662D036B7712CC76F8C684118878
                                        SHA-512:FD92B98859FFCCFD12AD57830887259F03C7396DA6569C0629B64604CD964E0DF15D695F1A770D2E7F8DF238140F0E6DA7E7D176B54E31C3BB75DDE9B9127C45
                                        Malicious:false
                                        Reputation:low
                                        URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xNDkSEAk8dqZYMe7mkRIFDVNaR8U=?alt=proto
                                        Preview:CgkKBw1TWkfFGgA=

                                        Chrome Cache Entry: 231

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:Web Open Font Format, TrueType, length 18080, version 1.0
                                        Category:downloaded
                                        Size (bytes):18080
                                        Entropy (8bit):7.974958276963794
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:7D3616C7D04A9AE474875E42C4BC0496
                                        SHA1:4D0137DD6F1E5325EB3BA3E7BC4D577E68C75D46
                                        SHA-256:7676E0D97793004054C4EC3E7CBD2D98C52FABC90479B7E3D5CFBB62F4E7A5AF
                                        SHA-512:00D21C47C19CFDB28125B7C131295CE204A01CC0E2E4151D3C9FAEFDA3D23140C4CD2B55B45149216114CC3CD56F917D8C5160499F6EA5505E07D462127FD25A
                                        Malicious:false
                                        Reputation:low
                                        URL:https://img.ui-portal.de/ci/webde/global/fonts/web.de-sans/web.de-sans-light.woff
                                        Preview:wOFF......F.......wp........................FFTM............u..GDEF.............'..GPOS.......P.....>..GSUB.......2...@..(.OS/2...@...K...`tx.wcmap.............?.cvt .............D..gasp................glyf... ..4W..U.@.kBhead..>x...0...6...Ohhea..>.... ...$...vhmtx..>....<.....jlKloca..A.........a..maxp..B.... ... .0..name..B...........Aqpost..D.........7.9.webf..F...........U.x.c```d.....y......:...P....x.c`d``..b1 fb`...@...1.........x.X]l.U.=3;[.m..B.@.P)...P..%FS.E..*H).&...t.....jb...D}....kba..W7KCx..!<..C..~3.;;...3w~......;s...0^.[.t.vt..#..a..}r..`.)...U..8t..a.....2.:.J.z..Q......1..0`..Q)=.B,WCXI.%..T...N..6...5....=d.J....._._.....y..a..d..6.....C...|.H...$6)..Yv.....#.....d.<A..........y.4.O].~.bp.9..u.n.>...j.B.O_%..N..<@...Q..y.L.'.....D..?.i."y..B^%....a....X....,.....p..q.Wq..1..0#.:O3'j..sX..0UN.....<.O.>b9.Q...G...]...g.....O..f..>3.jTkyZ.m.%M...dO.[fu4.TUO.k5X..(....&...+..].r.X`.9.[.7'.v._<...T..Uc.....F..?..H%B.R*..[j.R...S.U..W.C.x..

                                        Chrome Cache Entry: 232

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (8660)
                                        Category:downloaded
                                        Size (bytes):16429
                                        Entropy (8bit):5.334622617184503
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:683D1952B82047E73F35D1AF9C240A10
                                        SHA1:7E59F59B303906B73FF8D866793A3A64E6CE6B82
                                        SHA-256:9594ADEFAF54F78B80E088013DD83A29794AA57A614030073A2185850680E98F
                                        SHA-512:DD4792DFEF95EDE1EBC131267047EB1DF3D06DDDAEDBC1E2A2FBC6CF97427593DBE7F1EB7627669E99D202D8E7049A469AD390D6682FA7D4D28DAF908E49ABA0
                                        Malicious:false
                                        Reputation:low
                                        URL:https://s.uicdn.com/permission/live/v1/ppp/js/permission-layer.min.js
                                        Preview:var PermissionLayer=function(){"use strict";function e(e){if(!(0 in arguments))throw new TypeError("1 argument is required");do{if(this===e)return!0}while(e=e&&e.parentNode);return!1}var t=function(){return t=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},t.apply(this,arguments)};function n(e,t,n,r){return new(n||(n=Promise))((function(o,i){function a(e){try{s(r.next(e))}catch(e){i(e)}}function c(e){try{s(r.throw(e))}catch(e){i(e)}}function s(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(a,c)}s((r=r.apply(e,t||[])).next())}))}function r(e,t){var n,r,o,i,a={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return i={next:c(0),throw:c(1),return:c(2)},"function"==typeof Symbol&&(i[Symbol.iterator]=function(){return this}),i;function c(i){return function(c){return function(i){if(n)throw new TypeError("Generator i

                                        Chrome Cache Entry: 233

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (65536), with no line terminators
                                        Category:downloaded
                                        Size (bytes):178651
                                        Entropy (8bit):5.419462326261195
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:64955FEB523E451BFD158B99D96427EF
                                        SHA1:81D520FF153D2BEF7C8041AD27E5CCE795A42C83
                                        SHA-256:185B3B6794B7A741DDBBCEE24DC645BB8B28EF4433E6470F8D1D0B31BC220E3C
                                        SHA-512:7E0606BF80439287DB8C35813A92028845127D04EFDE81BB60834E8A6041666BF214D62C7004B0E2FE0311FD220DFC0FF10D5D94CB0B036F65339489F3462042
                                        Malicious:false
                                        Reputation:low
                                        URL:https://js.ui-portal.de/tamago/1.4.12/tamago.js?loglevel=error&view=automatic&tm=teal&stage=live&exclude=ppp&userEventLoad=partitialPageLoadDone
                                        Preview:!function(){var t={6848:function(t,e,n){"use strict";Object.defineProperty(e,"__esModule",{value:!0});var r=n(2351);e.default=function(t){new r.default((function(e){return e&&t()})),document.addEventListener("mouseenter",(function(){return t()}))}},9457:function(t,e,n){"use strict";Object.defineProperty(e,"__esModule",{value:!0});var r=n(2351);e.default=function(t){new r.default((function(e){return!e&&t()})),document.body.addEventListener("mouseleave",(function(){return t()}))}},2351:function(t,e,n){"use strict";Object.defineProperty(e,"__esModule",{value:!0});var r=n(3896);e.default=function(t){void 0!==document.addEventListener&&void 0!==document.onvisibilitychange?document.addEventListener("visibilitychange",(function(){return t(document.hidden)}),!1):r.default.verbose("Browser does not support visibility API, therefore we can not track leave a tab with keyboard")}},9919:function(t,e){"use strict";Object.defineProperty(e,"__esModule",{value:!0});var n=function(){function t(t){this.f

                                        Chrome Cache Entry: 234

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (64084)
                                        Category:downloaded
                                        Size (bytes):73441
                                        Entropy (8bit):5.2873183340426735
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:20E3C327D0D8828EEB639A0CC94DEA5B
                                        SHA1:CA77973D2BC09D11417D71E6A7D6E13B25D1FE9C
                                        SHA-256:DF2421DFF3572E3EB558FA452FC382FFD3B2DBB510ADCC66F9713E792CF68A23
                                        SHA-512:D7B38EA22B8F94A8CC06AE4577A60634745A5947513110022857AD2F18CEB59AAFFD6BFF955123D4F5057152B6AC7557B11A9B051B7218E42C1F1AEDDF570DD2
                                        Malicious:false
                                        Reputation:low
                                        URL:https://dl.web.de/permission/live/portal/v1/ppp/js/permission-core.min.js
                                        Preview:var PermissionCore=function(e){"use strict";function t(e){if(e&&e.__esModule)return e;var t=Object.create(null);return e&&Object.keys(e).forEach((function(n){if("default"!==n){var r=Object.getOwnPropertyDescriptor(e,n);Object.defineProperty(t,n,r.get?r:{enumerable:!0,get:function(){return e[n]}})}})),t.default=e,Object.freeze(t)}var n=t(e);function r(e){if(!(0 in arguments))throw new TypeError("1 argument is required");do{if(this===e)return!0}while(e=e&&e.parentNode);return!1}"undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self&&self;var i,o={exports:{}};./*! *****************************************************************************.Copyright (c) Microsoft Corporation...Permission to use, copy, modify, and/or distribute this software for any.purpose with or without fee is hereby granted...THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH.REGARD TO THIS SOFTWARE INCLUDING ALL

                                        Chrome Cache Entry: 235

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (817)
                                        Category:downloaded
                                        Size (bytes):822
                                        Entropy (8bit):5.153207042703062
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:3F00E86BB2C94BBC2AFABA75A40A1BB8
                                        SHA1:245522995175A7B0A2580EAA01F339372616FD93
                                        SHA-256:A6DE9251A274C03B9A573307C8D837EB17DFBCB52FBCAD70600231099CACABE4
                                        SHA-512:F532C95DEED0AD43C8AC73C025D7E46E0F9A2874FA29E914BCC360A2C87BEF74B9B7ECCA1E0A35FE98E52BC7115D79267BE10D264A77272E8DA53355C5E2FD4F
                                        Malicious:false
                                        Reputation:low
                                        URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                        Preview:)]}'.["",["giannis damian lillard","trick or treat decks clash royale","mortgage interest rates today","nfl free agent running backs","georgia man $1.4 million speeding ticket","intel core i9 14th generation","minnie mouse mickey mouse breakup","lottery powerball jackpot"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggestrelevance":[1257,1256,1255,1254,1253,1252,1251,1250],"google:suggestsubtypes":[[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

                                        Chrome Cache Entry: 237

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
                                        Category:downloaded
                                        Size (bytes):5430
                                        Entropy (8bit):3.6534652184263736
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:F3418A443E7D841097C714D69EC4BCB8
                                        SHA1:49263695F6B0CDD72F45CF1B775E660FDC36C606
                                        SHA-256:6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770
                                        SHA-512:82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563
                                        Malicious:false
                                        Reputation:low
                                        URL:https://www.google.com/favicon.ico
                                        Preview:............ .h...&... .... .........(....... ..... ............................................0...................................................................................................................................v.].X.:.X.:.r.Y........................................q.X.S.4.S.4.S.4.S.4.S.4.S.4...X....................0........q.W.S.4.X.:.................J...A...g.........................K.H.V.8..........................F..B.....................,.......................................B..............................................B..B..B..B..B...u..........................................B..B..B..B..B...{.................5.......k...........................................................7R..8F.................................................2........Vb..5C..;I..................R^.....................0................Xc..5C..5C..5C..5C..5C..5C..lv..........................................]i..<J..:G..Zf....................................................

                                        Chrome Cache Entry: 238

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:SVG Scalable Vector Graphics image
                                        Category:downloaded
                                        Size (bytes):4000
                                        Entropy (8bit):3.985900964851867
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:542D250227263EF6966C2981900AF0EC
                                        SHA1:A6167754C908C4468EBDBD01CDFE8321989AB3C7
                                        SHA-256:F1D6BD08C102B1B9F3669971352215A3797DA113AF21C47B7959A96F8F9D1DE4
                                        SHA-512:B2A39925607B313EFB13F3717C3574582FF851D5833B04C647F15D54155C0DA048B4AAB42D125D8683E0C6DFEAA625E0F74A12D05F28694ECAFB5A1D96D5353B
                                        Malicious:false
                                        Reputation:low
                                        URL:https://img.ui-portal.de/cd/ci/web.de/brand-logo.svg
                                        Preview:<svg id="Ebene_1" xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><style>.st0{fill:#ffd800}.st1{fill:#323131}</style><path class="st0" d="M42 48H6c-3.3 0-6-2.7-6-6V6c0-3.3 2.7-6 6-6h36c3.3 0 6 2.7 6 6v36c0 3.3-2.7 6-6 6z"/><path class="st1" d="M10.824 14.74c.386.142.898-.115 1.269-.181.368-.064 1.877-.403 1.592-.059-.16.193-.574.195-.943.303-.512.151-1.333.236-1.364.894-.073 1.566 2.361.524 3.075.27 1.933-.673 4.149-.788 6.104-1.115 2.17-.361 4.401-.394 6.592-.478 2.306-.089 4.786-.185 7.051.135.603.085 1.174.152 1.788.216.532.055 1.652.543 2.126.319.43-.203.235-.712.457-.971.32-.373.95-.308.512-1.106-.334-.607-1.549-.804-2.179-.681-.063-.384.23-.213.307-.412.111-.287.111-.73-.075-1.049-.338-.58-1.943-.786-1.943-.786-3.85-.62-10.776-1.288-18.148-.428-1.223.143-3.37.295-4.622.803-.554.225-.546.23-.615.593-.066.517.183 1.119.804.991 1.191-.245 3.294-.586 3.896-.739 2.973-.757 12.87-.61 14.145-.307.788.168 5.115.31 5.219 1.102-10.099-.418-13.955-.414-23.022.6

                                        Chrome Cache Entry: 239

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (56398), with no line terminators
                                        Category:downloaded
                                        Size (bytes):56398
                                        Entropy (8bit):5.907604034780877
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:EB4BC511F79F7A1573B45F5775B3A99B
                                        SHA1:D910FB51AD7316AA54F055079374574698E74B35
                                        SHA-256:7859A62E04B0ACB06516EB12454DE6673883ECFAEAED6C254659BCA7CD59C050
                                        SHA-512:EC9BDF1C91B6262B183FD23F640EAC22016D1F42DB631380676ED34B962E01BADDA91F9CBDFA189B42FE3182A992F1B95A7353AF41E41B2D6E1DAB17E87637A0
                                        Malicious:false
                                        Reputation:low
                                        URL:https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/styles__ltr.css
                                        Preview:.goog-inline-block{position:relative;display:-moz-inline-box;display:inline-block}* html .goog-inline-block{display:inline}*:first-child+html .goog-inline-block{display:inline}.recaptcha-checkbox{border:none;font-size:1px;height:28px;margin:4px;width:28px;overflow:visible;outline:0;vertical-align:text-bottom}.recaptcha-checkbox-border{-webkit-border-radius:2px;-moz-border-radius:2px;border-radius:2px;background-color:#fff;border:2px solid #c1c1c1;font-size:1px;height:24px;position:absolute;width:24px;z-index:1}.recaptcha-checkbox-borderAnimation{background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAFQAAANICAYAAABZl8i8AAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAABIAAAASABGyWs+AAAACXZwQWcAAABUAAADSAC4K4y8AAA4oElEQVR42u2dCZRV1ZX3q5iE4IQIiKQQCKBt0JLEIUZwCCk7pBNFiRMajZrIl9aOLZ8sY4CWdkDbT2McooaAEmNixFhpaYE2dCiLScWiQHCgoGQoGQuhGArKKl7V+c5/n33fO/V4w733nVuheXuv9V/rrnvP2Xud3zvTPee+ewsKxMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExP4OdtlT6ztAbRWvvLy8A3QkwxzH6tBGMMexI

                                        Chrome Cache Entry: 240

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (51441)
                                        Category:downloaded
                                        Size (bytes):51570
                                        Entropy (8bit):5.229859453550898
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:B1DCC6195D84CF50C3E882D3D515F848
                                        SHA1:06562C193663A31A3CABEAA18CFFEB882084FCB6
                                        SHA-256:8C04755395B8F232C57D062A7669C3C414658299D29C6B6F83F1F30185D94ECB
                                        SHA-512:344C3014C59BA72512DEF4E8963088A61D20334555B4C85E64EFBBC19FCA19EA305237D3ED048863F77F80F0427DDD9C81D5359DC8EEA674A75D960A04678D29
                                        Malicious:false
                                        Reputation:low
                                        URL:https://s.uicdn.com/shared/sentry/5.5.0/bundle.min.js
                                        Preview:/*! @sentry/browser 5.5.0 (994247d6) | https://github.com/getsentry/sentry-javascript */.var Sentry=function(n){var t=function(n,r){return(t=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(n,t){n.__proto__=t}||function(n,t){for(var r in t)t.hasOwnProperty(r)&&(n[r]=t[r])})(n,r)};function r(n,r){function e(){this.constructor=n}t(n,r),n.prototype=null===r?Object.create(r):(e.prototype=r.prototype,new e)}var e,i,o,u=function(){return(u=Object.assign||function(n){for(var t,r=1,e=arguments.length;r<e;r++)for(var i in t=arguments[r])Object.prototype.hasOwnProperty.call(t,i)&&(n[i]=t[i]);return n}).apply(this,arguments)};function c(n,t){var r="function"==typeof Symbol&&n[Symbol.iterator];if(!r)return n;var e,i,o=r.call(n),u=[];try{for(;(void 0===t||t-- >0)&&!(e=o.next()).done;)u.push(e.value)}catch(n){i={error:n}}finally{try{e&&!e.done&&(r=o.return)&&r.call(o)}finally{if(i)throw i.error}}return u}function s(){for(var n=[],t=0;t<arguments.length;t++)n=n.concat(c(arguments[t]));

                                        Chrome Cache Entry: 241

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
                                        Category:downloaded
                                        Size (bytes):146584
                                        Entropy (8bit):5.183408830651053
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:1274D7C50EA0CA8B303133F0F5A5C4A8
                                        SHA1:D54C773E60F8FC3685A2629182B5297857E0FD36
                                        SHA-256:BDDB5A14BD94992F56E0320B1EE6244A1CA94095B5430D296DD0EE43CE9F2A73
                                        SHA-512:2424BB2F8E5B01CEEC49E04B41E52EEE9F66B6E1C1BB2E9A8971CA679D356A8200BA12343D0BEC6D73D50595A9B2EA4D795A6931223819EDA110A5612DF50B5E
                                        Malicious:false
                                        Reputation:low
                                        URL:https://js.ui-portal.de/netid/cmp/release/v1/webde/app.css
                                        Preview:@font-face{font-family:WebdeSansBold;src:url(https://img.ui-portal.de/ci/webde/global/fonts/web.de-sans/web.de-sans-bold.eot);src:url(https://img.ui-portal.de/ci/webde/global/fonts/web.de-sans/web.de-sans-bold.eot?#iefix) format("embedded-opentype"),url(https://img.ui-portal.de/ci/webde/global/fonts/web.de-sans/web.de-sans-bold.woff) format("woff"),url(https://img.ui-portal.de/ci/webde/global/fonts/web.de-sans/web.de-sans-bold.ttf) format("truetype");font-weight:400;font-style:normal}@font-face{font-family:WebdeSansMedium;src:url(https://img.ui-portal.de/ci/webde/global/fonts/web.de-sans/web.de-sans-medium.eot);src:url(https://img.ui-portal.de/ci/webde/global/fonts/web.de-sans/web.de-sans-medium.eot?#iefix) format("embedded-opentype"),url(https://img.ui-portal.de/ci/webde/global/fonts/web.de-sans/web.de-sans-medium.woff) format("woff"),url(https://img.ui-portal.de/ci/webde/global/fonts/web.de-sans/web.de-sans-medium.ttf) format("truetype");font-weight:400;font-style:normal}@font-face{f

                                        Chrome Cache Entry: 242

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (65536), with no line terminators
                                        Category:downloaded
                                        Size (bytes):225097
                                        Entropy (8bit):5.444003548545358
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:448B62A73A33941327542DF06490C13E
                                        SHA1:D95C71E6A60C90EF6ADA8788BA6BE0B5BC5178C2
                                        SHA-256:D3D2B80E9971A428127645F2D9F496F3F9F2656D274165871A0B3F0A6293AAAD
                                        SHA-512:06DF0E39A18950D1C7F3D0577FE2FC3906944F212060340E571BA7B40B3E03CEEFBC3E70A9090B929F2C5451B0DD72FB4A13DF7ADA39C0087E617329A32F6095
                                        Malicious:false
                                        Reputation:low
                                        URL:https://js.ui-portal.de/netid/cmp/release/v1/webde/app.js
                                        Preview:var no=Object.defineProperty;var so=(e,t,n)=>t in e?no(e,t,{enumerable:!0,configurable:!0,writable:!0,value:n}):e[t]=n;var S=(e,t,n)=>(so(e,typeof t!="symbol"?t+"":t,n),n);(function(){const t=document.createElement("link").relList;if(t&&t.supports&&t.supports("modulepreload"))return;for(const r of document.querySelectorAll('link[rel="modulepreload"]'))s(r);new MutationObserver(r=>{for(const i of r)if(i.type==="childList")for(const a of i.addedNodes)a.tagName==="LINK"&&a.rel==="modulepreload"&&s(a)}).observe(document,{childList:!0,subtree:!0});function n(r){const i={};return r.integrity&&(i.integrity=r.integrity),r.referrerPolicy&&(i.referrerPolicy=r.referrerPolicy),r.crossOrigin==="use-credentials"?i.credentials="include":r.crossOrigin==="anonymous"?i.credentials="omit":i.credentials="same-origin",i}function s(r){if(r.ep)return;r.ep=!0;const i=n(r);fetch(r.href,i)}})();class Vt extends Error{constructor(t){super(t),this.name="DecodingError"}}class yt extends Error{constructor(t){super(

                                        Chrome Cache Entry: 243

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (2072)
                                        Category:downloaded
                                        Size (bytes):2073
                                        Entropy (8bit):5.232402312552178
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:E83373E6F54C43405B7CBFF2A7785CAB
                                        SHA1:E0D16BED000737A621B061DE31A36D676E68216B
                                        SHA-256:DFC3FC6E1E8F316E38F5EE1E144851B0F0A76A886E6E134B710CC25BBDAFFA31
                                        SHA-512:A06549906FF9B3D488834B9D05912D33DF459ADBFF5998C298D76529D4F5D352C4A3F07A543AD76ADF77F03DEB7DED41BEF8A026A473E1516E27E50B045B4819
                                        Malicious:false
                                        Reputation:low
                                        URL:https://js.ui-portal.de/homepage/res/live/1.64/webde/homepage.bundle.js
                                        Preview:/* 1.64.0-rc8 */(function(){"use strict";var n={},e={};function t(r){var o=e[r];if(void 0!==o)return o.exports;var i=e[r]={id:r,loaded:!1,exports:{}};return n[r].call(i.exports,i,i.exports,t),i.loaded=!0,i.exports}t.m=n,function(){var n=[];t.O=function(e,r,o,i){if(!r){var u=1/0;for(l=0;l<n.length;l++){r=n[l][0],o=n[l][1],i=n[l][2];for(var f=!0,c=0;c<r.length;c++)(!1&i||u>=i)&&Object.keys(t.O).every((function(n){return t.O[n](r[c])}))?r.splice(c--,1):(f=!1,i<u&&(u=i));if(f){n.splice(l--,1);var a=o();void 0!==a&&(e=a)}}return e}i=i||0;for(var l=n.length;l>0&&n[l-1][2]>i;l--)n[l]=n[l-1];n[l]=[r,o,i]}}(),function(){t.n=function(n){var e=n&&n.__esModule?function(){return n["default"]}:function(){return n};return t.d(e,{a:e}),e}}(),function(){t.d=function(n,e){for(var r in e)t.o(e,r)&&!t.o(n,r)&&Object.defineProperty(n,r,{enumerable:!0,get:e[r]})}}(),function(){t.g=function(){if("object"===typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(n){if("object"

                                        Chrome Cache Entry: 244

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (4009)
                                        Category:downloaded
                                        Size (bytes):6605
                                        Entropy (8bit):5.123952993734981
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:C2631969A3D6755C54839A7E215873BE
                                        SHA1:0A6BE2DAE719B81333A75D2DF8FB21E6D2D391DD
                                        SHA-256:3F9E4D27FBA3BE5E064FF436233DD282A5DABF77E51DA3D479E5A8B9404988FB
                                        SHA-512:38085F6E0994C468A8C55E72CFA5D6672376FB65C075D24544136CDE2D467E808FFA232C6C9B0825AFC1B5F63016F7749F1B058E13492C5A14FCB9CA10D357CA
                                        Malicious:false
                                        Reputation:low
                                        URL:https://s.uicdn.com/t/prod/iq/mam/purple/utag.31.js?utv=ut4.49.202309190910
                                        Preview://tealium universal tag - utag.31 ut4.0.202309190911, Copyright 2023 Tealium.com Inc. All Rights Reserved..try{(function(id,loader){var u={};utag.o[loader].sender[id]=u;if(utag===undefined){utag={};}if(utag.ut===undefined){utag.ut={};}if(utag.ut.loader===undefined){u.loader=function(o){var a,b,c,l;a=document;if(o.type==="iframe"){b=a.createElement("iframe");b.setAttribute("height","1");b.setAttribute("width","1");b.setAttribute("style","display:none");b.setAttribute("src",o.src);}else if(o.type==="img"){utag.DB("Attach img: "+o.src);b=new Image();b.src=o.src;return;}else{b=a.createElement("script");b.language="javascript";b.type="text/javascript";b.async=1;b.charset="utf-8";b.src=o.src;}if(o.id){b.id=o.id;}if(typeof o.cb==="function"){if(b.addEventListener){b.addEventListener("load",function(){o.cb();},false);}else{b.onreadystatechange=function(){if(this.readyState==="complete"||this.readyState==="loaded"){this.onreadystatechange=null;o.cb();}};}}l=o.loc||"head";c=a.getElementsByTagNam

                                        Chrome Cache Entry: 245

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:Web Open Font Format, TrueType, length 18052, version 1.0
                                        Category:downloaded
                                        Size (bytes):18052
                                        Entropy (8bit):7.9700426498504795
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:99EAFBDC5F638D2FEC6E869E5005F8F9
                                        SHA1:9F8F73605E41DC0EEF8B5F5A46D3906716A7B3A5
                                        SHA-256:01E773FACC13E915276219573795DCF3F2A0FE00FCA0841AF95B21769872FF48
                                        SHA-512:5F51C76308BC873AF92F887B6669D3908D13E87505DBD54A7118C90B5DFFCAAF1C339A5CDFC054E7852EFFA5962DED140E4561DCD8CDF2F38A45C6B4055CAFC1
                                        Malicious:false
                                        Reputation:low
                                        URL:https://img.ui-portal.de/ci/webde/global/fonts/web.de-sans/web.de-sans-medium.woff
                                        Preview:wOFF......F.......v.........................FFTM............t.O.GDEF.............'..GPOS................GSUB...D...2...@..(.OS/2...x...K...`t...cmap.............?.cvt ...L.........D..gasp...P............glyf...X..3...TH....head..>H...1...6....hhea..>|... ...$...)hmtx..>....:......Q.loca..@.........o..nmaxp..B.... ... .0..name..B.............post..D.........7.9.webf..F|..........U.x.c```d......`zG.U.....KR.&.x.c`d``..b1 fb`...@...1.........x.X[l.U..fv..m..B.C.R@.UJ......EP+T(P.L@.0.Ec..,.D.!U..X.....(P,An..4.4M.@C.`.ELx.Cc..z..?....B..o.g....33..../....5..P.....1.?<.%..*...5........GB/L.=(4....a...%.....G..g.e..fc.j.br...\.BXMV+?6.....C5`'..8.>M....W.).4..{...M...-..9...O.!Y.b^-!+..Q.Q..r_.ul;D.&#...(y.<....5.{.}..4.K.b7G1..]n.y..7.X.^.*..^}...[.:r.y.......y.<F.'.....Y.G..y..H^"/.......-........X.7..[...q..p....N..(.u.8R....\VwP..~5.zULu.)~.....U..~.`.#..g?...3...b.z..........>....I}.X...=...Xg4:j...v...._Y.P..Y..9.$,?J.<.[..ig.9.=d.On.l.m.m...2..R9.+:...!.

                                        Chrome Cache Entry: 246

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (1222), with no line terminators
                                        Category:downloaded
                                        Size (bytes):1222
                                        Entropy (8bit):5.803881313580845
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:0839656A6F0BA2342EF9E9AA5113BCD3
                                        SHA1:2703CE39DA2F0B8E2C8696C449727971877BB2E9
                                        SHA-256:CBFADAFF0B2642693C08D1C4A82BF998D717E2C585A4692E7CF916A51944D839
                                        SHA-512:F909C1DFD94CEA3A9A729C07039FDA69E3B4CF3DFB065915360A055DAABD7A00A05BB231A3C5D1FF376405EBBB454404F3EB46416635581A39D8A789E7EFE9FF
                                        Malicious:false
                                        Reputation:low
                                        URL:https://www.google.com/recaptcha/api.js
                                        Preview:/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]||{},N='grecaptcha';var gr=w[N]=w[N]||{};gr.ready=gr.ready||function(f){(cfg['fns']=cfg['fns']||[]).push(f);};w['__recaptcha_api']='https://www.google.com/recaptcha/api2/';(cfg['render']=cfg['render']||[]).push('onload');w['__google_recaptcha_client']=true;var d=document,po=d.createElement('script');po.type='text/javascript';po.async=true;var m=d.createElement('meta');m.httpEquiv='origin-trial';m.content='Az520Inasey3TAyqLyojQa8MnmCALSEU29yQFW8dePZ7xQTvSt73pHazLFTK5f7SyLUJSo2uKLesEtEa9aUYcgMAAACPeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZyIsImV4cGlyeSI6MTcyNTQwNzk5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=';d.head.prepend(m);po.src='https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__en.js';po.crossOrigin='anonymous';po.integrity='sha384-LzEnReQQed5ol5AFwl71PUw/lqyIcw22944Y6TAe

                                        Chrome Cache Entry: 247

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 1020x1820, Scaling: [none]x[none], YUV color, decoders should clamp
                                        Category:downloaded
                                        Size (bytes):46608
                                        Entropy (8bit):7.992153156654561
                                        Encrypted:true
                                        SSDEEP:
                                        MD5:6ABBEBE55F3BE5DCE404FF41058693BD
                                        SHA1:B29517DEDC36C8B1C54384EFB47B428E5CA79E87
                                        SHA-256:75D67C8E565528B5C2244E70039E3CD3AA0AD17CFA0E079654870B52B4B63C58
                                        SHA-512:DC60790D2C21E4C04D39AD0EDF98E74014A1FD5CE0B907D53761E6A5131A14AF10404F46E4C97B88D09B0A3FD5F32280DED1FC34F49485AA508744435DF73658
                                        Malicious:false
                                        Reputation:low
                                        URL:"https://i0.web.de/image/450/38549450,pd=3,h=1820,w=1020/homepage.webp"
                                        Preview:RIFF....WEBPVP8 ....pk...*....>a*.E..;+....`..gn........pG.k..4...2~...._.qEFZ..U.?V.N...?.......*.2.%...O.'..?....M...S.....c.I.G.^...}.?5..........S.n.~O~..H.......O...z......v......x...zGu7u.z@V.........?.......?..../.>...m..?....7.|.......k..._....".?.....]..... g...&D.4...5..8...zMw.dN.@...]..... g...&D.4...5....E.C{....f<..W`...L.7..9Z.5....o....7..6..'..O.~S.....C..?...uD?M.U.......lW.Q2+.s..E.2..3^_...5=..e....&.M......,......y*.Pe.....K.Y.C......g..h.y..lW.....-S...b.K...vYge.I.\.z..]&.p9.un.s.r.......z..E....X..TU.T...|..4...>i.....K..w8..L...I*..$..=.~..a.#..=.SM..W......Ty.<.*."...n].e.T.....$....$.p.q....ZqI+.XJ..j....!m..m$.%^{...#a...F.5..Y.....s..j.).......6...1....C.c;.;..{;^.....`.:/A....=d..q.._..8S..~...@(.......-.k..E.#..Y....Q...uR...U.....W.I.\.z..P`..e..5......^:@.(...|...0.+....&5..F.....+.$.h......U.R.....hU7^..'.....T..!.q....-.h[...?7..^..\..]..c.}.5..R.A...w......$.t.....(...pI.-.X3.n.h..hzWr.bR.6.MN.l...

                                        Chrome Cache Entry: 248

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:JSON data
                                        Category:downloaded
                                        Size (bytes):1735
                                        Entropy (8bit):3.886895627396774
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:223E6DF8C38A1701CDA64BF658C8781E
                                        SHA1:FB309E2053FFE4DAAAF2EA2C21DE98475D3CEEBC
                                        SHA-256:020E8439C177F4980CFA7D1F8A00C7FE17D05652BB789104D37B12E8257BF80B
                                        SHA-512:99EEBF564DDF14735121D59EFC15030A258788FB1E5F8993739A7FC224D200A5E3FA34D779A86EBB33B73559864C25F1247107707BB18284387243D81EA53AB9
                                        Malicious:false
                                        Reputation:low
                                        URL:https://js.ui-portal.de/netid/cmp/config/webde/config.json?p=94513601337
                                        Preview:{. "resurface": {. "on": true,. "minimalGvlVersion": 211. },. "optOutResurface": {. "on": false,. "interval": 60,. "environment": []. },. "vendorIds": [1106, 173, 1204,458, 855, 1228, 788, 1189, 885, 136, 251, 178, 1060, 667, 138, 157, 517, 1020, 1025, 686, 737, 438, 1145, 956, 1126, 1122, 1003, 459, 948, 92, 58, 40, 830, 767, 649, 57, 953, 37, 377, 539, 1019, 50, 790, 39, 14, 93, 22, 81, 264, 565, 384, 224, 6, 66, 507, 410, 195, 27, 259, 785, 793, 148, 23, 780, 733, 354, 797, 394, 783, 561, 598, 956, 46, 907, 647, 983, 771, 801, 12, 508, 30, 87, 212, 462, 128, 185, 86, 625, 94, 163, 422, 792, 329, 945, 315, 810, 243, 285, 416, 77, 56, 591, 630, 868, 91, 1026, 875, 938, 440, 209, 707, 1029, 735, 852, 126, 1075, 434, 584, 110, 796, 168, 929, 8, 213, 183, 24, 1050, 312, 1, 120, 795, 100, 78, 323, 159, 119, 262, 870, 731, 328, 845, 758, 536, 967, 580, 755, 657, 98, 295, 1031, 881, 856, 431, 316, 131, 921, 606, 253, 10, 730, 946, 333, 452, 150, 278, 436, 991, 252, 294,

                                        Chrome Cache Entry: 249

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:HTML document, ASCII text, with very long lines (20682)
                                        Category:downloaded
                                        Size (bytes):42122
                                        Entropy (8bit):5.464335350749516
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:57A98182EDE5C8AE4A3DE79F3A22C06B
                                        SHA1:58D21730ECAA698DAF79B4E5A02F9D0D20B5B698
                                        SHA-256:3E09C22F7E5CED43AF40D31CE96F4EFB1EE4716165198D2028C86DD0DB4EAF2F
                                        SHA-512:106202D86FFE5BAC0BC6BBFC1020E5F475F7B0B1FBE1E7F3C481DD118CDBB20657D02C9EE0F9FE9B17B3B0A3ABC6F31224D333FD667D91C8BC32FE6B426FC8C3
                                        Malicious:false
                                        Reputation:low
                                        URL:https://s.uicdn.com/t/prod/iq/mam/purple/daq.js
                                        Preview://tealium universal tag - utag.loader ut4.0.202309190911, Copyright 2023 Tealium.com Inc. All Rights Reserved..var utag_condload=false;window.__tealium_twc_switch=false;try{try{window.utag_cfg_ovrd={noview:true};sdx=document.domain.toString();sdy=sdx.split(".");sdz=(/\.co\.|\.com\.|\.org\.|\.edu\.|\.net\.|\.asn\.|\...\.jp$/.test(sdx))?3:2;window.utag_cfg_ovrd.domain=sdy.splice(sdy.length-sdz,sdz).join(".");}catch(e){console.log(e)}}catch(e){console.log(e);}.if(!utag_condload){try{try{(function(){let tagManagers='teal'.if(location.hostname.includes('gmx.co.uk')||location.hostname.includes('gmx.com')||location.hostname.includes('gmx.es')||location.hostname.includes('mail.com')||location.hostname.includes('gmx.fr')){tagManagers='teal,gtm'}.let scriptTag=document.createElement('script').scriptTag.src='https://js.ui-portal.de/tamago/1.4.12/tamago.js?loglevel=error&view=automatic&tm='+tagManagers+'&stage=live&exclude=ppp&userEventLoad=partitialPageLoadDone'.scriptTag.async=true.let item=docu

                                        Chrome Cache Entry: 250

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
                                        Category:downloaded
                                        Size (bytes):2228
                                        Entropy (8bit):7.82817506159911
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:EF9941290C50CD3866E2BA6B793F010D
                                        SHA1:4736508C795667DCEA21F8D864233031223B7832
                                        SHA-256:1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
                                        SHA-512:A0C69C70117C5713CAF8B12F3B6E8BBB9CDAF72768E5DB9DB5831A3C37541B87613C6B020DD2F9B8760064A8C7337F175E7234BFE776EEE5E3588DC5662419D9
                                        Malicious:false
                                        Reputation:low
                                        URL:https://www.gstatic.com/recaptcha/api2/logo_48.png
                                        Preview:.PNG........IHDR...0...0.....W.......gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD.......C......pHYs.................IDATh...P....=..8.....Nx. ..PlP8..;.C.1iL#6...*.Z..!......3.po .o.L.i.I..1fl..4..ujL&6$...............w...........,Z..z. ~.....\.._.C.eK...g..%..P..L7...96..q....L.....k6...*..,xz.._......B."#...L(n..f..Yb...*.8.;....K)N...H).%.F"Ic.LB.........jG.uD..B....Tm....T..).A.}D.f..3.V.....O.....t_..].x.{o......*....x?!W...j..@..G=Ed.XF.........J..E?../]..?p..W..H..d5% WA+.....)2r..+..'qk8.../HS.[...u..z.P.*....-.A.}.......I .P.....S....|...)..KS4....I.....W...@....S.s..s..$`.X9.....E.x.=.u.*iJ...........k......'...!.a....*+.....(...S..\h....@............I.$..%.2....l......a.|.....U....y.....t..8....TF.o.p.+.@<.g........-.M.....:.@..(.......@......>..=.ofm.WM{...e..,..D.r.......w....T.L.os..T@Rv..;.....9....56<.x...........2.k.1....dd.V.....m..y5../4|...G.p.V.......6...}.....B........5...&..v..yTd.6...../m.K...(.

                                        Chrome Cache Entry: 251

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (35153)
                                        Category:downloaded
                                        Size (bytes):35191
                                        Entropy (8bit):5.160250416588836
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:467D64D03CFC78E8871157E56581E037
                                        SHA1:BE8C7EB037128204999FF8D42477E27F7A23E598
                                        SHA-256:40A6F6526AFEA19DB42DCF345249915CCACC710EE6C97091D5D6285B5F90EAD3
                                        SHA-512:84CF52E66423CA0EBC353527F67DC023C947E48745CBA46E71BC8282B1CDA97BA4B573D064918C3A9C4C665EFE347CE3B510A47659AAEC99BEA17F64F01B6C74
                                        Malicious:false
                                        Reputation:low
                                        URL:https://img.ui-portal.de/pos-cdn/tracklib/4.3.0/tracklib.min.js
                                        Preview:!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.TrackLib=t():e.TrackLib=t()}(this,function(){return function(e){function __webpack_require__(r){if(t[r])return t[r].exports;var a=t[r]={i:r,l:!1,exports:{}};return e[r].call(a.exports,a,a.exports,__webpack_require__),a.l=!0,a.exports}var t={};return __webpack_require__.m=e,__webpack_require__.c=t,__webpack_require__.d=function(e,t,r){__webpack_require__.o(e,t)||Object.defineProperty(e,t,{configurable:!1,enumerable:!0,get:r})},__webpack_require__.n=function(e){var t=e&&e.__esModule?function(){return e["default"]}:function(){return e};return __webpack_require__.d(t,"a",t),t},__webpack_require__.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},__webpack_require__.p="",__webpack_require__(__webpack_require__.s=109)}([,function(e,t,r){"use strict";t.__esModule=!0;var a=function(e,t){var r;if(s.isObject(e)&&s.

                                        Chrome Cache Entry: 252

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (34080)
                                        Category:downloaded
                                        Size (bytes):34188
                                        Entropy (8bit):5.163950197395375
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:A50A5E1D36DAB9D6FAEA2361E75B695F
                                        SHA1:CE1B042544C22288F56A5BB2055C599045B3E47F
                                        SHA-256:5A7B022D78911811CFF6B144A4A780DE91448EFABB5ED7F318837BA297065B2C
                                        SHA-512:26BC8DCACA4FEBC791087381CB46432FEB183FBCA30112BA4A98BDE851ED52F1F4DA1258D807DA508732789617DE651290A865032BAEF1536FC1F69D7A3DDAEC
                                        Malicious:false
                                        Reputation:low
                                        URL:https://img.ui-portal.de/pos-cdn/tracklib/4.7.3/tracklib.min.js
                                        Preview:/*! For license information please see tracklib.min.js.LICENSE.txt */.var TrackLib;!function(){var t={8796:function(t,e){"use strict";e.__esModule=!0,e.features=void 0;var r={touchevents:function(){var t=!1;return("ontouchstart"in window||window.DocumentTouch&&document instanceof DocumentTouch)&&(t=!0),t}};e.features=r},1080:function(t,e,r){"use strict";e.__esModule=!0,e.tcf2Filter=e.PERSONAL_DATA_ATTRIBUTES=void 0;var a=r(5813);e.PERSONAL_DATA_ATTRIBUTES=["reso_scr_w","reso_scr_h","reso_scr_ppi","corr_","hid","reso_win_w","reso_win_h","cont_page_id","cont_lvts","cont_segment","cont_variant","size_","soft_variant","campaign"],e.tcf2Filter=function(t,r,n){"pakpie"===t.key&&((0,a.getTcfConsent)("brainTracking",2)||Object.keys(r).forEach((function(t){e.PERSONAL_DATA_ATTRIBUTES.forEach((function(e){0===t.indexOf(e)&&delete r[t]}))})))}},9525:function(t,e,r){"use strict";e.__esModule=!0,e.imageGenerator=void 0;var a=r(3155),n=r(8153),i=function(t){return a.util.createUrl(t)},o=function(t){v

                                        Chrome Cache Entry: 253

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (690)
                                        Category:downloaded
                                        Size (bytes):1257
                                        Entropy (8bit):5.148935693603366
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:1C6DD92408E4EB14F2B5E040CD8F7DED
                                        SHA1:0529F2F00A22CBF03870C1F264EF1FB7A388EB6B
                                        SHA-256:247268BB0E18F05112E68999814D02AEDB654A141BE3907399C9D40848763225
                                        SHA-512:7CF29D709A73A85098044EAED7020E24BADF389D458D29DA0F0277990F720AE418E3B1D7670C67BF62EC5BE236597ED77CF2D184F05EB55EFDC0300E5C6BA78F
                                        Malicious:false
                                        Reputation:low
                                        URL:https://s.uicdn.com/tcf/live/v1/js/tcf-stub.js
                                        Preview:var TcfStub=function(a){"use strict";./*.The TCF API Stub (tcf-stub.js) is intended to be used in third-party iframes loaded within an ancestor frame that utilizes the full TCF API (tcf-api.js)..It implements the public TCF API interface (window.__tcfapi) but forwards commands to the 'real' TCF API instance in the ancestor frame..This allows the iframe document to access the customer's TCF consent status stored in the parent frame's euconsent_v2 cookie...Please note that when using the stub, TCF API callbacks will always be executed asynchronously...@preserve.*/var t={};function e(){for(var a,e=window;e;){try{if(e.frames.__tcfapiLocator){a=e;break}}catch(a){}if(e===window.top)break;e=e.parent}window.__tcfapi=function(e,n,r,c){if(a){var o=Math.random()+"",i={command:e,parameter:c,version:n,callId:o};t[o]=r,a.postMessage({__tcfapiCall:i},"*")}else r({msg:"CMP not found"},!1)},window.addEventListener("message",n,!1)}function n(a){var e={};try{e="string"==typeof a.data?JSON.parse(a.data):a

                                        Chrome Cache Entry: 254

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (9458)
                                        Category:downloaded
                                        Size (bytes):10247
                                        Entropy (8bit):5.3760957159947305
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:B6B5754BC26A81E5DF128FF447EA2168
                                        SHA1:EC22487925C4D9B2AEACC62888961FD43ADF210E
                                        SHA-256:99E31B117E5865EA0A6D30A045D2FD073C11852F38E1A85E25E780E909F32449
                                        SHA-512:68219E796D60C49BC1F827ADE910EE977F8D93417638A4F4872F9A61527139DF67159B81AD97360E1E0A7FE18E76FE7342F88D59366731B1EDE98DBB81F582D7
                                        Malicious:false
                                        Reputation:low
                                        URL:https://dl.web.de/permission/live/portal/v1/ppp/js/permission-client-compat.js
                                        Preview:var PermissionClientCompatInterface=function(){"use strict";./*! *****************************************************************************.Copyright (c) Microsoft Corporation...Permission to use, copy, modify, and/or distribute this software for any.purpose with or without fee is hereby granted...THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH.REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY.AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,.INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM.LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR.OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR.PERFORMANCE OF THIS SOFTWARE..***************************************************************************** */var t;!function(t){t[t.debug=0]="debug",t[t.info=1]="info",t[t.warn=2]="warn",t[t.error=3]="error",t[t.none=4]="none"}(t||(t={}));va

                                        Chrome Cache Entry: 255

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (21434)
                                        Category:downloaded
                                        Size (bytes):21435
                                        Entropy (8bit):5.261138730339234
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:9862D943C3D14860D87287F3C59AE2DE
                                        SHA1:545B8E202522162C42431938BA7D2B958A342C8A
                                        SHA-256:C2F47972FC035E806D874FB3CC76AEFA5ECCA32D6A95653A4F2A2FB3138EED54
                                        SHA-512:02409791386BD1327CC086E8B7AD7735BD048E6360E53AD21F12573EF320FAA74E5D48753C05522192A748D9A4EE11C8D566CD0B458B84D1658538C5F5F80FFD
                                        Malicious:false
                                        Reputation:low
                                        URL:https://dl.web.de/uim/permission/_auth/authlib.js
                                        Preview:!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).AuthLib={})}(this,(function(e){"use strict";var t=function(e,n){return t=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)t.hasOwnProperty(n)&&(e[n]=t[n])},t(e,n)};function n(e,n){function r(){this.constructor=e}t(e,n),e.prototype=null===n?Object.create(n):(r.prototype=n.prototype,new r)}var r=function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var i in t=arguments[n])Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i]);return e},r.apply(this,arguments)};function i(e,t,n,r){return new(n||(n=Promise))((function(i,o){function s(e){try{a(r.next(e))}catch(e){o(e)}}function c(e){try{a(r.throw(e))}catch(e){o(e)}}function a(e){var t;e.done?i(e.value):(t=e.value,t instanceof n?t:new n((function(e)

                                        Chrome Cache Entry: 256

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:JSON data
                                        Category:downloaded
                                        Size (bytes):437161
                                        Entropy (8bit):5.0972562486303765
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:677183BC1B054F7F1EF9FBB3330C32B1
                                        SHA1:EDF00C088598E6E6816331B9C24B65BC6C44FAFD
                                        SHA-256:1642136609668529FB659B39B938AE14F9093BDFDD4B85622894C6399110EFC2
                                        SHA-512:1A405446529214B3D7361CAE15FFE01960A8AF74B85FBFCC1D4E10AEE33ED52C8A516F716F33C18E73FD1E82C7F4D5461CC38134D70A94322552D602946DE588
                                        Malicious:false
                                        Reputation:low
                                        URL:https://js.ui-portal.de/netid/consensu/v2/latest/vendor-list.json
                                        Preview:{"gvlSpecificationVersion":2,"vendorListVersion":219,"tcfPolicyVersion":2,"lastUpdated":"2023-10-12T16:05:30Z","purposes":{"1":{"id":1,"name":"Store and/or access information on a device","description":"Cookies, device identifiers, or other information can be stored or accessed on your device for the purposes presented to you.","descriptionLegal":"Vendors can:\n* Store and access information on the device such as cookies and device identifiers presented to a user."},"2":{"id":2,"name":"Select basic ads","description":"Ads can be shown to you based on the content you\u2019re viewing, the app you\u2019re using, your approximate location, or your device type.","descriptionLegal":"To do basic ad selection vendors can:\n* Use real-time information about the context in which the ad will be shown, to show the ad, including information about the content and the device, such as: device type and capabilities, user agent, URL, IP address\n* Use a user\u2019s non-precise geolocation data\n* Contro

                                        Chrome Cache Entry: 257

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:Web Open Font Format, TrueType, length 18136, version 1.0
                                        Category:downloaded
                                        Size (bytes):18136
                                        Entropy (8bit):7.970566575760222
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:9123D7FFC3F36C6F662F4A03E730CC75
                                        SHA1:F84E2F0805BF1F671A8832F8AC7493B685CC7B69
                                        SHA-256:5CFD71639613393B9B416598890D8A9812382B78B2E1AA839D21ECD2005B1CCD
                                        SHA-512:2958C87BB79B71F48639DF0B1828312AE9DF9DD2E05CEB11F516ECBB617536410E1E2B982DA63E100E24CB78F961B892EEF3756832A689E196B0A50F2D24321B
                                        Malicious:false
                                        Reputation:low
                                        URL:https://img.ui-portal.de/ci/webde/global/fonts/web.de-sans/web.de-sans-regular.woff
                                        Preview:wOFF......F.......u.........................FFTM............u.."GDEF.............'..GPOS..............GSUB...D...2...@..(.OS/2...x...K...`t..mcmap..............cvt ...T.........D..gasp...X............glyf...`..4_..T..9..head..>....1...6...Ahhea..>.... ...$...Jhmtx..?....=.....].loca..AT........w5b.maxp..C.... ... ./..name..C<.........K.post..D.........6.9.webf..F...........U.x.c```d.....y...E.!t...UP.u.x.c`d``..b1 fb`...@...1.........x..YlTU..;3].i..K..Z..!..%"...X..@......I..+[!...Jj#..h!..4...i...S.II.c..&.......w.;.m;.....w.=.,..?.+....MyG..*.U....8(..|..!Y"...1b[.Wv..8|H.mI....~)p...-.s\[G..$d...'....2W..FY.W..p...j...e...N.!.....{L....Yx.~....a..@.{.y..r...?........R...,..je...Z..Q......<.O.......j..F..1.>..4.^Fq.4...j..VKM.T.t......Gy~...'.IX.O..<..~...5x...a....a.lU."R$.d.l%...v.A&n.-.-MrG..E....i...6yU^"....4.vFx...g..4h..o..Hv..!J...}.1.#...z.Wg..r..I..0.<...o..a.b..Q.....:....FTb.i.m-.=.Bms.Kk..cnK,....L.;..w....[.s.<66.k.gn..;.k.Z.>...Scf

                                        Chrome Cache Entry: 258

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (665)
                                        Category:downloaded
                                        Size (bytes):471253
                                        Entropy (8bit):5.660635603145118
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:1597ADFD61770DA62F147C7072DDCE90
                                        SHA1:AC0214495692E766B4C453589CE587A46242AF67
                                        SHA-256:C662A9036D1FD054A03BD683564761866F27663C4607AAA2B1FF417D17C512F1
                                        SHA-512:1D247287949B3C7D326D0FBF600CC0BB18F4CFB461A24DB60B56B0BC22096C5AEB86F3ACC72DAE6968639C3A102DEEFFA922BA5EE9E3E5DB85392784F2B0EF36
                                        Malicious:false
                                        Reputation:low
                                        URL:https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__en.js
                                        Preview:(function(){/*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/./*.. Copyright 2005, 2007 Bob Ippolito. All Rights Reserved.. Copyright The Closure Library Authors.. SPDX-License-Identifier: MIT.*/./*. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/./*.. SPDX-License-Identifier: Apache-2.0.*/.var l=function(){return[function(I,r,X,t,F,d,w){return((I^6)<(((I-(d=["T",24,5],6)^29)<I&&(I-1^19)>=I&&(Q[23](1,t)?w=n[d[2]](6,r,X,t[d[0]]):(F=l[25](9,t),w=!!F&&n[d[2]](2,r,X,F))),I-6)&9||(w=r instanceof Ie&&r.constructor===Ie?r.Y:"type_error:TrustedResourceUrl"),d[1])&&10<=(I|2)&&Z.call(this,r),2>(I-3&16)&&7<=I>>2)&&(r=void 0===r?1E3:r,X=new sj,X.K4=function(){return $D(function(U,Y,p){return(p=h[33](31),Y=p-U,!p||Math.floor(Y/r))?(X.K4=function(){return 0},X.K4()):r-Y},h[33](15))}(),w=X),w},function(I,.r,X,t,F,d){if((I|(d=["Y",8,4],d[1]))==I)g[d[1]](32,X,r,t);return I-3>>d[2]||(F=h[20](25,r[d[0]])+r.I[d[0]].size),F},function(I,r,X,t,

                                        Chrome Cache Entry: 259

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:HTML document, ASCII text
                                        Category:downloaded
                                        Size (bytes):17616
                                        Entropy (8bit):4.702601504958086
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:96BD2127F938B04FB23BC5FC09DA3B99
                                        SHA1:E7A9B71758F50CD2B50437BF1931B108827CF28C
                                        SHA-256:EADE3CE1F21E39B97040A83511B9E18D62CCDA553EB1E20C29C1227C36453B04
                                        SHA-512:00E8A025BA0F02090669A27E5C801112431E6410A3A76F9CE15D07B7F7DE338874AE85DA17CAE1DABB0496EBD666D7CA8C2D0245B23DFA157991378C326FE3E4
                                        Malicious:false
                                        Reputation:low
                                        URL:https://plus.web.de/lt?wpt=x&nw=42&lt=portal%28webde%29category%28homepage%29section%28landingpage%29tagid%28permission%29layoutclass%28b%29&ref=https%253A%252F%252Fweb.de&prf%5Bportal%5D=webde&prf%5Bstage%5D=live&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=landingpage&prf%5Btagid%5D=permission&prf%5Blayoutclass%5D=b&prf%5Bversion%5D=1.81.0&external_uid=null&uid_stable=0&prf%5Bexternal_uid%5D=&prf%5Bpermission_layer%5D=tcf_v2&prf%5Bhist_items_displayed%5D=&prf%5Bhist_items_count%5D=0&wi=976360205
                                        Preview: cuid: 4553457 | cid: 5498581 | bid: 16639498 | version: !472 | #5257855 | 2021-02-16 14:06:10 -->.<!DOCTYPE html>.<html lang="en">.<head>. <meta charset=utf-8>. <meta name=viewport content="width=device-width,initial-scale=1">. <title>CMP</title>. <link rel="shortcut icon" type="image/x-icon" href="https://img.ui-portal.de/cd/ci/netid/favicon.ico">. <script>. var dlServer = {. 'gmx': 'gmx.net',. 'gmxat': 'gmx.net',. 'gmxch': 'gmx.net',. 'webde': 'web.de',. }['webde'] || 'gmx.net';. document.write('<script src="https://dl.' + dlServer + '/uim/permission/_auth/authlib.js"><\/script>');. </script>. <script type="text/javascript">. // Config. var tcfVers = 'v1';. var pppVers = 'v1';. var pppBasePath = 'https://s.uicdn.com/permission/live/' + pppVers;. var tcfBasePath = 'https://s.uicdn.com/tcf/live/' + tcfVers;.. if (typeof window.Promise !== 'function') {. document.write('<script src="' + pppBasePath + '/ppp/js/polyfills/prom

                                        Chrome Cache Entry: 260

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (40430)
                                        Category:downloaded
                                        Size (bytes):44979
                                        Entropy (8bit):5.284366215121462
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:15204367AD68A40EF9AA9D39FEB3F671
                                        SHA1:6C9F3F709F9951204B73D1C99F8CC11195CF88A1
                                        SHA-256:2F25C78D04F03CD6F49D6D15FB72F32677C00A19906339183D4CB6E82603DCAD
                                        SHA-512:978891EB9093063C54BC1AE7003BC2AAEF76684B84334F4F68EBD002605D46D79CE866E0F945EEA73F7ADDE5A495632B793DB27A97F608E79FDBBA17678B954A
                                        Malicious:false
                                        Reputation:low
                                        URL:https://dl.web.de/permission/live/portal/v1/ppp/js/permission-client.js
                                        Preview:var PermissionClient=function(){"use strict";function e(e){if(!(0 in arguments))throw new TypeError("1 argument is required");do{if(this===e)return!0}while(e=e&&e.parentNode);return!1}Array.prototype.find=Array.prototype.find||function(e){if(null===this)throw new TypeError("Array.prototype.find called on null or undefined");if("function"!=typeof e)throw new TypeError("callback must be a function");for(var t=Object(this),n=t.length>>>0,o=arguments[1],r=0;r<n;r++){var i=t[r];if(e.call(o,i,r,t))return i}},Array.prototype.findIndex=Array.prototype.findIndex||function(e){if(null===this)throw new TypeError("Array.prototype.findIndex called on null or undefined");if("function"!=typeof e)throw new TypeError("callback must be a function");for(var t=Object(this),n=t.length>>>0,o=arguments[1],r=0;r<n;r++)if(e.call(o,t[r],r,t))return r;return-1};var t=function(){return t=Object.assign||function(e){for(var t,n=1,o=arguments.length;n<o;n++)for(var r in t=arguments[n])Object.prototype.hasOwnProperty.

                                        Chrome Cache Entry: 261

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:HTML document, ASCII text
                                        Category:downloaded
                                        Size (bytes):1300
                                        Entropy (8bit):5.096114450251644
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:99F760D583004BB8344E646AA27F70BF
                                        SHA1:6202AA67D26D1DEA242C7A3A111FBECF9A848D2E
                                        SHA-256:8A0AD071A76AD7D6362E7CCCEAA98F608D8FB67754C3D41B578D50F089800AA8
                                        SHA-512:C795E501AA3F97978110D418381C7F6593DD5413DC3718144298DCB89F50FA51DC28F9E886ED196B95827F2A7535EC5737A5C0C33CB985CD473525F96C9271EA
                                        Malicious:false
                                        Reputation:low
                                        URL:https://dl.web.de/permission/live/portal/v1/ppp/core.html
                                        Preview:<!DOCTYPE html>.<html lang="de">..<head>. <meta charset="utf-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge">. <title>Permission Core Iframe</title>. <meta name="viewport" content="width=device-width, initial-scale=1">. <meta name="ppp-version" content="REPLACE:CONFIG_APP_VERSION">. <script>. if (typeof window.Promise !== 'function') {. document.write('<script src="./js/polyfills/promise.min.js"><\/script>');. }. try {. new URL(location.href);. } catch (e) {. document.write('<script src="./js/polyfills/url-polyfill.js"><\/script>');. }. if (document.documentMode){. document.write('<script src="https://img.ui-portal.de/pos-cdn/tracklib/4.3.0/polyfills.min.js"><\/script>');. }. </script>. <script src="https://s.uicdn.com/shared/sentry/5.5.0/bundle.min.js"></script>. <script>. if (!window.Sentry) {. window.Sentry = {};. }. </script>. <script src="https://s.uicdn.com/tcf/live/v1/js/tcf-stub.js"></script>. <script src

                                        Chrome Cache Entry: 262

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:Unicode text, UTF-8 text, with very long lines (62369)
                                        Category:downloaded
                                        Size (bytes):142002
                                        Entropy (8bit):5.451479987782676
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:ECBF5BD75757B686C4EAE78422003273
                                        SHA1:C7544BDE97075E746DB52A45A7218B7C7608AAEF
                                        SHA-256:A12ADB1947E6FA872BD67BC57FB3E46F8F5949B4938183D630E77F4317C92A25
                                        SHA-512:3ECEC168F0FF2ADC466B0E25C099FC60DE66C285F7E6ABB1175E4286E480464357955F11A653CBA24C6AB7EF19EF2AAA115509F91443188F9314AA7C016D68F8
                                        Malicious:false
                                        Reputation:low
                                        URL:https://dl.web.de/tcf/live/v1/js/tcf-api.js
                                        Preview:var TcfApi=function(e){"use strict";var t,n;e.TcfApiCommands=void 0,(t=e.TcfApiCommands||(e.TcfApiCommands={}))[t.getTCData=0]="getTCData",t[t.ping=1]="ping",t[t.addEventListener=2]="addEventListener",t[t.removeEventListener=3]="removeEventListener",t[t.updateTCString=4]="updateTCString",t[t.getTCString=5]="getTCString",t[t.getACString=6]="getACString",t[t.getPermission=7]="getPermission",t[t.getPermissionFeatures=8]="getPermissionFeatures",t[t.getTCFVersion=9]="getTCFVersion",t[t.getTCLastUpdated=10]="getTCLastUpdated",t[t.getTCStringUtil=11]="getTCStringUtil",t[t.getAppInfo=12]="getAppInfo",t[t.getConsentState=13]="getConsentState",e.PermissionFeatures=void 0,(n=e.PermissionFeatures||(e.PermissionFeatures={}))[n.publisher=0]="publisher",n[n.purpose=1]="purpose",n[n.vendor=2]="vendor",n[n.special=3]="special",n[n.brainTracking=4]="brainTracking",n[n.uimservTracking=5]="uimservTracking",n[n.agofTracking=6]="agofTracking",n[n.tgp=7]="tgp",n[n.oewaTracking=8]="oewaTracking",n[n.googleAna

                                        Chrome Cache Entry: 263

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text
                                        Category:downloaded
                                        Size (bytes):7369
                                        Entropy (8bit):4.947160270113701
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:791ED12F2E0CFEF572189DDE2E0C7586
                                        SHA1:D8AD8B1A98764F006C3C2E29383F789D4D273020
                                        SHA-256:EE64D5D6F4C3C4FFFF6EBDF431B82DCCF59CB5F47D1C8A15154CE69787059AFE
                                        SHA-512:1EE039538C2550C9126C31B0AD2A9F5E91E07C84662BABB79B7838328E80773002EB77E70D20DC01CE5C57DF658F00D88B6F98C2097029C5505D5668CDB87B8E
                                        Malicious:false
                                        Reputation:low
                                        URL:https://js.ui-portal.de/homepage/res/live/1.64/webde/js/piNctTracking.js
                                        Preview:if (!window.SiteInfo) {. window.SiteInfo = {}.}..window.SiteInfo.TrackLibPageId = Math.random(). .toString(36). .substring(2, 11)..let updatePixelSent = false.let initDone = false.const site = window.PageConfig.site === 'hp' ? 'homepage' : 'logout'..const getMeta = (metaName) => document.querySelector(`meta[name=${metaName}]`)?.getAttribute('content') || ''..window.PageConfig.softwareVersion = getMeta('templateVersion')..const getDomainName = (hostName) => {. return hostName.substring(hostName.lastIndexOf('.', hostName.lastIndexOf('.') - 1) + 1).replace('.', '').}..const getBrand = () => {. const brand = window.location.hostname.split('.').reverse()?.[1]. return brand === 'web' ? 'webde' : brand.}..const updateTrackLibPixel = () => {. if (!updatePixelSent) {. const trackObject = {. section: `${site}.update`,. trackingtype: 'ev',. cont_page_id: window.SiteInfo.TrackLibPageId,. cont_reco: '',. visit_calc: 1,. sett_privatemode: !window.availableResp

                                        Chrome Cache Entry: 264

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:ASCII text, with very long lines (3892)
                                        Category:downloaded
                                        Size (bytes):6626
                                        Entropy (8bit):5.100298472978179
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:1C0FFC444DB981C0C8FC3330844978C1
                                        SHA1:47588C8B569EB622743079AE9BA011B97E7618B0
                                        SHA-256:8381B861D1716A11DF1C4416F002A78781343589FAE3D9C07B148D77F83DD0E0
                                        SHA-512:E7A0CA93F3F109F775998FD9A27F09483CB3B55655B76A52E7A889BD8EEADA2D02576778C90A79727C985770E98C0DECBC21656FA8995BAE54F948FD4428DBFB
                                        Malicious:false
                                        Reputation:low
                                        URL:https://s.uicdn.com/t/prod/iq/mam/purple/utag.32.js?utv=ut4.49.202309190910
                                        Preview://tealium universal tag - utag.32 ut4.0.202309190911, Copyright 2023 Tealium.com Inc. All Rights Reserved..try{(function(id,loader){var u={};utag.o[loader].sender[id]=u;if(utag===undefined){utag={};}if(utag.ut===undefined){utag.ut={};}if(utag.ut.loader===undefined){u.loader=function(o){var a,b,c,l;a=document;if(o.type==="iframe"){b=a.createElement("iframe");b.setAttribute("height","1");b.setAttribute("width","1");b.setAttribute("style","display:none");b.setAttribute("src",o.src);}else if(o.type==="img"){utag.DB("Attach img: "+o.src);b=new Image();b.src=o.src;return;}else{b=a.createElement("script");b.language="javascript";b.type="text/javascript";b.async=1;b.charset="utf-8";b.src=o.src;}if(o.id){b.id=o.id;}if(typeof o.cb==="function"){if(b.addEventListener){b.addEventListener("load",function(){o.cb();},false);}else{b.onreadystatechange=function(){if(this.readyState==="complete"||this.readyState==="loaded"){this.onreadystatechange=null;o.cb();}};}}l=o.loc||"head";c=a.getElementsByTagNam

                                        Chrome Cache Entry: 265

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
                                        Category:downloaded
                                        Size (bytes):15344
                                        Entropy (8bit):7.984625225844861
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:5D4AEB4E5F5EF754E307D7FFAEF688BD
                                        SHA1:06DB651CDF354C64A7383EA9C77024EF4FB4CEF8
                                        SHA-256:3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
                                        SHA-512:7EB7C301DF79D35A6A521FAE9D3DCCC0A695D3480B4D34C7D262DD0C67ABEC8437ED40E2920625E98AAEAFBA1D908DEC69C3B07494EC7C29307DE49E91C2EF48
                                        Malicious:false
                                        Reputation:low
                                        URL:https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
                                        Preview:wOF2......;........H..;..........................d..@..J.`..L.T..<.....x.....^...x.6.$..6. ..t. ..I.h|.l....A....b6........(......@e.]...*:..-.0..r.)..hS..h...N.).D.........b.].......^..t?.m{...."84...9......c...?..r3o....}...S]....zbO.../z..{.....~cc....I...#.G.D....#*e.A..b...b`a5P.4........M....v4..fI#X.z,.,...=avy..F.a.\9.P|.[....r.Q@M.I.._.9..V..Q..]......[ {u..L@...]..K......]C....l$.Z.Z...Zs.4........ x.........F.?.7N..].|.wb\....Z{1L#..t....0.dM...$JV...{..oX...i....6.v.~......)|.TtAP&).KQ.]y........'...:.d..+..d..."C.h..p.2.M..e,.*UP..@.q..7..D.@...,......B.n. r&.......F!.....\...;R.?-.i...,7..cb../I...Eg...!X.)5.Aj7...Ok..l7.j.A@B`".}.w.m..R.9..T.X.X.d....S..`XI..1... .$C.H.,.\. ..A(.AZ.................`Wr.0]y..-..K.1.............1.tBs..n.0...9.F[b.3x...*$....T..PM.Z-.N.rS?I.<8eR'.3..27..?;..OLf*.Rj.@.o.W...........j~ATA....vX.N:.3dM.r.)Q.B...4i.f..K.l..s....e.U.2...k..a.GO.}..../.'..%$..ed.*.'..qP....M..j....../.z&.=...q<....-..?.A.%..K..

                                        Chrome Cache Entry: 266

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:Unicode text, UTF-8 text, with very long lines (65015), with no line terminators
                                        Category:downloaded
                                        Size (bytes):65016
                                        Entropy (8bit):5.317586982561581
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:D88193F8308935FDC0C047CB48B4FEE9
                                        SHA1:C8D5CA644BBFEADDC061249960206F9E884CA8F9
                                        SHA-256:D68B3761597C50810589121E42B397F6B5ECF80E5FFD1EC9105CD3E5A32EB66E
                                        SHA-512:E3AEC4E17BE54078E15F2449E7AEA99E0A50D2D7D336DBD68A4A7844D269C92AE37D8C7325220E0CA9F171180B70DEBE5134B06A6CD6B1E53C8B20BE11C98FE6
                                        Malicious:false
                                        Reputation:low
                                        URL:https://js.ui-portal.de/netid/permission-service/release/v1/main.js
                                        Preview:!function(n){var t={};function e(r){if(t[r])return t[r].exports;var o=t[r]={i:r,l:!1,exports:{}};return n[r].call(o.exports,o,o.exports,e),o.l=!0,o.exports}e.m=n,e.c=t,e.d=function(n,t,r){e.o(n,t)||Object.defineProperty(n,t,{enumerable:!0,get:r})},e.r=function(n){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(n,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(n,"__esModule",{value:!0})},e.t=function(n,t){if(1&t&&(n=e(n)),8&t)return n;if(4&t&&"object"==typeof n&&n&&n.__esModule)return n;var r=Object.create(null);if(e.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:n}),2&t&&"string"!=typeof n)for(var o in n)e.d(r,o,function(t){return n[t]}.bind(null,o));return r},e.n=function(n){var t=n&&n.__esModule?function(){return n.default}:function(){return n};return e.d(t,"a",t),t},e.o=function(n,t){return Object.prototype.hasOwnProperty.call(n,t)},e.p="",e(e.s=57)}([function(n,t,e){(function(t){var e=function(n){return n&&n.Math==Math&&n};n.exports=e("

                                        Chrome Cache Entry: 267

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:JSON data
                                        Category:downloaded
                                        Size (bytes):33255
                                        Entropy (8bit):4.736921712106271
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:1DD63366261BB4973F48B9B546996514
                                        SHA1:9C94372790C29D0EE7E0C0B0CE3C68B182216599
                                        SHA-256:B5DC1E46C74D74FC2D8D04007889885CF5A39D8819B5D890E4A347E95C186086
                                        SHA-512:1D336C994A95DC4D05CBA0AB4126EE6AF224B39379CB24B2A3F520D3DEC1D47533362983DB2C1EBB3BCE5636F2A7281764200E50AE6D8B970833D55A04B35F94
                                        Malicious:false
                                        Reputation:low
                                        URL:https://js.ui-portal.de/netid/consensu/v2/latest/purposes-de.json
                                        Preview:{"vendorListVersion":219,"lastUpdated":"2023-10-12T16:46:35Z","purposes":{"1":{"id":1,"name":"Informationen auf einem Ger\u00e4t speichern und/oder abrufen","description":"F\u00fcr die Ihnen angezeigten Verarbeitungszwecke k\u00f6nnen Cookies, Ger\u00e4te-Kennungen oder andere Informationen auf Ihrem Ger\u00e4t gespeichert oder abgerufen werden.","descriptionLegal":"Anbieter k\u00f6nnen:\n* Informationen wie z. B. Cookies und Ger\u00e4te-Kennungen zu den dem Nutzer angezeigten Verarbeitungszwecken auf dem Ger\u00e4t speichern und abrufen.\n"},"2":{"id":2,"name":"Auswahl einfacher Anzeigen","description":"Anzeigen k\u00f6nnen Ihnen basierend auf den Inhalten, die Sie ansehen, der Anwendung, die Sie verwenden und Ihrem ungef\u00e4hren Standort oder Ihrem Ger\u00e4tetyp eingeblendet werden.","descriptionLegal":"F\u00fcr die Auswahl einfacher Anzeigen k\u00f6nnen Anbieter:\n* Echtzeit-Informationen \u00fcber den Kontext, in dem die Anzeige dargestellt wird, verwenden, einschlie\u00dflich I

                                        Chrome Cache Entry: 268

                                        Download File
                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                        File Type:GIF image data, version 89a, 32 x 32
                                        Category:downloaded
                                        Size (bytes):3208
                                        Entropy (8bit):7.529526639667793
                                        Encrypted:false
                                        SSDEEP:
                                        MD5:491B0CE13E31283F87E4EED48FAAA081
                                        SHA1:2A58DC7E0507638918724F579B4F58E1851A5805
                                        SHA-256:6FCDCFF9CFBC6FC67E0D115452DBB692261022775885CAFB71B22F4D523FE00E
                                        SHA-512:6D39130D54F63BF5E8F88DBF5E2B79E4D473895C3779A64356907CDE5D7CD41E255FA01F9B962EE70273C149A84F7A6138F31F835DDD7819168A5A8EC95939F5
                                        Malicious:false
                                        Reputation:low
                                        URL:https://img.ui-portal.de/homepage/tcf/webde/spinner.gif
                                        Preview:GIF89a . ....................L..h...........6..............!..NETSCAPE2.0.....!..Created with ajaxload.info.!.......,.... . ......Iia....bK.$.F...R.A.T.,..2S.*05//.m.p!z...0...;$.0C....I*!.HC(A@.o...!39T5.\.8)....`..d..wxG=Y..g...wHb..v.A=.0.V\.\.;........;...H.........0..t%.Hs..rY<H..........b..Z.b.OEg:...GY]..=.A.OQ.s....\b.h.9.=sg...c..e....*...f.7D..!.......,.... . ......IiY...YF5..F..R..Tb.G.J....L..d...&.Ymx...... \...@........ ....1..&R....H..4.1Q..|V..%.z.v...#j0....l.Gg{0~..<.<..[.[.h.x..G...y.........[.0....G.....P.z...h...kz..i....y....h|z.h.G..V.......\h..[........&.+..W.7.8...!..!.......,.... . ......I)1....1G5d].(..R..T2..jL.{..< .[.5.M....0..)... L...I...m..E..`....p..U....^f.%..^.......u.;..zz.}0.X....S0.ew.y.k<..%..O.......z..{....|......%......F.i.1.0......Y.....8.x.....z..@....<...............8..Y<......8.\.P.$...!......!.......,.... . ......I.....g.EU... .R.a.TB.....p>'...e..$.."...\.#E1C.n.....~...J.,..,Aa.....Uw^4.I%P....u.Q.33.{0..i1T

                                        Static File Info

                                        General

                                        File type:PDF document, version 1.4, 1 pages
                                        Entropy (8bit):7.752457364835746
                                        TrID:
                                        • Adobe Portable Document Format (5005/1) 100.00%
                                        File name:Ihr angestellter sch#U00f6dl und dessen straftaten.pdf
                                        File size:30'515 bytes
                                        MD5:71448b5e4c58d53e5e84caf32a1fc725
                                        SHA1:185f04618f5b3f69bd8fc1a21ffa6bbd93c0595f
                                        SHA256:1f496b6deb826a2bf59cb98d2267bf7977234d0798ce27fc1c895e6965de6f9e
                                        SHA512:4955d846dddb8046b99eadec9d61029331665fcefd1309294acd359b9f9ec48f2b5d018010bc87a50ad69e3441d96c58d334d8079dd230fcc0f4f51603d9d923
                                        SSDEEP:768:xOByuqLlyelTXeg3fPr6FaKpN+YZBXDZGKMLFGtZxxdg1:xOolPffPreaKpNfGu7g1
                                        TLSH:93D28DD4CA989DDCE45457C26F39A2AAEACEF2A770C890E1686CC343541DE45E21BC73
                                        File Content Preview:%PDF-1.4..%......1 0 obj..<</CreationDate(D:20231016182520+00'00')/Creator(Chromium)/ModDate(D:20231016182520+00'00')/Producer(Skia/PDF m116)>>..endobj..2 0 obj..<</Annots[ 7 0 R ]/Contents 49 0 R /MediaBox[ 0 0 595 841]/Parent 9 0 R /Resources<</ExtGStat

                                        File Icon

                                        Icon Hash:62cc8caeb29e8ae0

                                        Static PDF Info

                                        General

                                        Header:%PDF-1.4
                                        Total Entropy:7.752457
                                        Total Bytes:30515
                                        Stream Entropy:7.987768
                                        Stream Bytes:23342
                                        Entropy outside Streams:5.088316
                                        Bytes outside Streams:7173
                                        Number of EOF found:1
                                        Bytes after EOF:
                                        NameCount
                                        obj49
                                        endobj49
                                        stream36
                                        endstream36
                                        xref1
                                        trailer1
                                        startxref1
                                        /Page1
                                        /Encrypt0
                                        /ObjStm0
                                        /URI2
                                        /JS0
                                        /JavaScript0
                                        /AA0
                                        /OpenAction0
                                        /AcroForm0
                                        /JBIG2Decode0
                                        /RichMedia0
                                        /Launch0
                                        /EmbeddedFile0