Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
Notice of personal information processing. (This is not an advertisement).msg

Overview

General Information

Sample Name:Notice of personal information processing. (This is not an advertisement).msg
Analysis ID:1348751
MD5:3e36754e11bed6140fe2843fada25d61
SHA1:5d7b7c7b486a09ecfd93363185808d0ceaf4e855
SHA256:aa2721756b13ff1e53152d98a82eedd0b805b3805108c9f07233db2b8d9e003a

Detection

Score:22
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Writes to foreign memory regions
Queries the volume information (name, serial number etc) of a device
Found iframes
Creates files inside the system directory
Stores files to the Windows start menu directory
HTML body contains low number of good links

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64_ra
  • OUTLOOK.EXE (PID: 5592 cmdline: C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /f "C:\Users\user\Desktop\Notice of personal information processing. (This is not an advertisement).msg MD5: 91A5292942864110ED734005B7E005C0)
    • ai.exe (PID: 6108 cmdline: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "AB019450-84D7-4E92-A699-10BD1AE5BFA6" "1C49E812-BC0D-4EA4-8C0C-9FEFA8B229CD" "5592" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx MD5: EC652BEDD90E089D9406AFED89A8A8BD)
    • chrome.exe (PID: 6832 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lushaprivacy.com%2Fremoval-form%2F&data=05%7C01%7Cmichael.fromm%40axactor.de%7C440ccb1517b9481002c108dbef537a36%7Caa047274bbe64fbd98b6b244735e8553%7C0%7C1%7C638366914051291491%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000%7C%7C%7C&sdata=4u5QRn8vIrXoQwzUiyRK9FqnRy7QliCwTyXCrHTUeU8%3D&reserved=0 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 1892 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 --field-trial-handle=2084,i,2593598609038605147,5883379865209405257,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

  • Phishing
  • Compliance
  • Networking
  • System Summary
  • Boot Survival
  • Hooking and other Techniques for Hiding and Protection
  • Malware Analysis System Evasion
  • HIPS / PFW / Operating System Protection Evasion
  • Language, Device and Operating System Detection

Click to jump to signature section

Show All Signature Results
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xn&co=aHR0cHM6Ly9wcml2YWN5cG9ydGFsLWV1Lm9uZXRydXN0LmNvbTo0NDM.&hl=en-us&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=d8b3bjnyg03q
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xn&co=aHR0cHM6Ly9wcml2YWN5cG9ydGFsLWV1Lm9uZXRydXN0LmNvbTo0NDM.&hl=en-us&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=d8b3bjnyg03q
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xn
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xn&co=aHR0cHM6Ly9wcml2YWN5cG9ydGFsLWV1Lm9uZXRydXN0LmNvbTo0NDM.&hl=en-us&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=d8b3bjnyg03q
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xn
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xn&co=aHR0cHM6Ly9wcml2YWN5cG9ydGFsLWV1Lm9uZXRydXN0LmNvbTo0NDM.&hl=en-us&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=d8b3bjnyg03q
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xn
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xn&co=aHR0cHM6Ly9wcml2YWN5cG9ydGFsLWV1Lm9uZXRydXN0LmNvbTo0NDM.&hl=en-us&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=d8b3bjnyg03q
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xn
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xn&co=aHR0cHM6Ly9wcml2YWN5cG9ydGFsLWV1Lm9uZXRydXN0LmNvbTo0NDM.&hl=en-us&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=d8b3bjnyg03q
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xn
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: Number of links: 0
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: No <meta name="author".. found
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: No <meta name="author".. found
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: No <meta name="author".. found
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: No <meta name="author".. found
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: No <meta name="author".. found
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: No <meta name="author".. found
Source: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xn&co=aHR0cHM6Ly9wcml2YWN5cG9ydGFsLWV1Lm9uZXRydXN0LmNvbTo0NDM.&hl=en-us&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=d8b3bjnyg03qHTTP Parser: No favicon
Source: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xnHTTP Parser: No favicon
Source: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xn&co=aHR0cHM6Ly9wcml2YWN5cG9ydGFsLWV1Lm9uZXRydXN0LmNvbTo0NDM.&hl=en-us&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=d8b3bjnyg03qHTTP Parser: No favicon
Source: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xnHTTP Parser: No favicon
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: No <meta name="copyright".. found
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: No <meta name="copyright".. found
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: No <meta name="copyright".. found
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: No <meta name="copyright".. found
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: No <meta name="copyright".. found
Source: https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2HTTP Parser: No <meta name="copyright".. found
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries
Source: unknownHTTPS traffic detected: 23.1.237.25:443 -> 192.168.2.16:49704 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49734 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49783 version: TLS 1.2
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.25
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownDNS traffic detected: queries for: eur02.safelinks.protection.outlook.com
Source: unknownHTTPS traffic detected: 23.1.237.25:443 -> 192.168.2.16:49704 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:49734 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.165.165.26:443 -> 192.168.2.16:49783 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_BITS_6832_139026254
Source: unknownProcess created: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /f "C:\Users\user\Desktop\Notice of personal information processing. (This is not an advertisement).msg
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "AB019450-84D7-4E92-A699-10BD1AE5BFA6" "1C49E812-BC0D-4EA4-8C0C-9FEFA8B229CD" "5592" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lushaprivacy.com%2Fremoval-form%2F&data=05%7C01%7Cmichael.fromm%40axactor.de%7C440ccb1517b9481002c108dbef537a36%7Caa047274bbe64fbd98b6b244735e8553%7C0%7C1%7C638366914051291491%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000%7C%7C%7C&sdata=4u5QRn8vIrXoQwzUiyRK9FqnRy7QliCwTyXCrHTUeU8%3D&reserved=0
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 --field-trial-handle=2084,i,2593598609038605147,5883379865209405257,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 --field-trial-handle=2084,i,2593598609038605147,5883379865209405257,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lushaprivacy.com%2Fremoval-form%2F&data=05%7C01%7Cmichael.fromm%40axactor.de%7C440ccb1517b9481002c108dbef537a36%7Caa047274bbe64fbd98b6b244735e8553%7C0%7C1%7C638366914051291491%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000%7C%7C%7C&sdata=4u5QRn8vIrXoQwzUiyRK9FqnRy7QliCwTyXCrHTUeU8%3D&reserved=0
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InProcServer32
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\Dictionaries
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile created: C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmp
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile created: C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20231127T1749030282-5592.etl
Source: classification engineClassification label: sus22.winMSG@21/141@28/273
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEWindow found: window name: SysTabControl32
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information queried: ProcessInformation
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile Volume queried: C:\Windows\SysWOW64 FullSizeInformation
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile Volume queried: C:\Windows\SysWOW64 FullSizeInformation

HIPS / PFW / Operating System Protection Evasion

barindex
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEMemory written: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe base: 298C9B30000
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEMemory written: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe base: F6F3A332D8
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeQueries volume information: C:\Program Files (x86)\Microsoft Office\root\Office16\AI\WordCombinedFloatieLreOnline.onnx VolumeInformation
Source: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpactResource DevelopmentReconnaissance
1
Drive-by Compromise		Windows Management Instrumentation1
Registry Run Keys / Startup Folder		11
Process Injection		13
Masquerading		OS Credential Dumping1
Process Discovery		Remote ServicesData from Local SystemExfiltration Over Other Network Medium2
Encrypted Channel		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationAbuse Accessibility FeaturesAcquire InfrastructureGather Victim Identity Information
Default AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		11
Process Injection		LSASS Memory13
System Information Discovery		Remote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth1
Non-Application Layer Protocol		SIM Card SwapObtain Device Cloud BackupsNetwork Denial of ServiceDomainsCredentials
Domain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration2
Application Layer Protocol		Data Encrypted for ImpactDNS ServerEmail Addresses

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
a.nel.cloudflare.com
35.190.80.1
truefalse
    		high
    accounts.google.com
    		142.251.167.84
    		truefalse
      		high
      www.lushaprivacy.com
      		162.159.135.42
      		truefalse
        		unknown
        privacyportal-eu.onetrust.com
        		172.64.155.119
        		truefalse
          		high
          www.google.com
          		172.253.63.105
          		truefalse
            		high
            clients.l.google.com
            		142.251.163.138
            		truefalse
              		high
              privacyportal-eu-cdn.onetrust.com
              		104.18.32.137
              		truefalse
                		high
                geolocation.onetrust.com
                		104.18.32.137
                		truefalse
                  		high
                  eur02.safelinks.protection.outlook.com
                  		104.47.11.92
                  		truefalse
                    		high
                    clients1.google.com
                    		unknown
                    		unknownfalse
                      		high
                      clients2.google.com
                      		unknown
                      		unknownfalse
                        		high

                        Contacted URLs

                        NameMaliciousAntivirus DetectionReputation
                        https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xnfalse
                          		high
                          about:blankfalse
                            		low
                            https://www.lushaprivacy.com/removal-form/false
                              		unknown
                              https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2false
                                		high
                                https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xn&co=aHR0cHM6Ly9wcml2YWN5cG9ydGFsLWV1Lm9uZXRydXN0LmNvbTo0NDM.&hl=en-us&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=d8b3bjnyg03qfalse
                                  		high

                                  World Map of Contacted IPs

                                  • No. of IPs < 25%
                                  • 25% < No. of IPs < 50%
                                  • 50% < No. of IPs < 75%
                                  • 75% < No. of IPs

                                  Public IPs

                                  IPDomainCountryFlagASNASN NameMalicious
                                  104.47.11.92
                                  		eur02.safelinks.protection.outlook.comUnited States
                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                  20.38.118.132
                                  		unknownUnited States
                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                  20.42.72.131
                                  		unknownUnited States
                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                  142.251.167.104
                                  		unknownUnited States
                                  		15169GOOGLEUSfalse
                                  104.18.32.137
                                  		privacyportal-eu-cdn.onetrust.comUnited States
                                  		13335CLOUDFLARENETUSfalse
                                  142.250.31.94
                                  		unknownUnited States
                                  		15169GOOGLEUSfalse
                                  35.190.80.1
                                  		a.nel.cloudflare.comUnited States
                                  		15169GOOGLEUSfalse
                                  172.253.115.94
                                  		unknownUnited States
                                  		15169GOOGLEUSfalse
                                  142.251.163.94
                                  		unknownUnited States
                                  		15169GOOGLEUSfalse
                                  172.253.62.101
                                  		unknownUnited States
                                  		15169GOOGLEUSfalse
                                  52.109.20.38
                                  		unknownUnited States
                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                  52.113.194.132
                                  		unknownUnited States
                                  		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                  1.1.1.1
                                  		unknownAustralia
                                  		13335CLOUDFLARENETUSfalse
                                  142.251.16.103
                                  		unknownUnited States
                                  		15169GOOGLEUSfalse
                                  172.253.63.105
                                  		www.google.comUnited States
                                  		15169GOOGLEUSfalse
                                  172.253.63.94
                                  		unknownUnited States
                                  		15169GOOGLEUSfalse
                                  172.253.122.97
                                  		unknownUnited States
                                  		15169GOOGLEUSfalse
                                  142.251.163.138
                                  		clients.l.google.comUnited States
                                  		15169GOOGLEUSfalse
                                  172.253.122.95
                                  		unknownUnited States
                                  		15169GOOGLEUSfalse
                                  172.64.155.119
                                  		privacyportal-eu.onetrust.comUnited States
                                  		13335CLOUDFLARENETUSfalse
                                  172.253.122.101
                                  		unknownUnited States
                                  		15169GOOGLEUSfalse
                                  142.251.167.84
                                  		accounts.google.comUnited States
                                  		15169GOOGLEUSfalse
                                  162.159.135.42
                                  		www.lushaprivacy.comUnited States
                                  		13335CLOUDFLARENETUSfalse
                                  239.255.255.250
                                  		unknownReserved
                                  		unknownunknownfalse
                                  23.221.242.90
                                  		unknownUnited States
                                  		8612TISCALI-ITfalse
                                  142.251.16.95
                                  		unknownUnited States
                                  		15169GOOGLEUSfalse
                                  142.251.16.94
                                  		unknownUnited States
                                  		15169GOOGLEUSfalse
                                  172.253.62.139
                                  		unknownUnited States
                                  		15169GOOGLEUSfalse

                                  Private

                                  IP
                                  192.168.2.16

                                  General Information

                                  Joe Sandbox Version:38.0.0 Ammolite
                                  Analysis ID:1348751
                                  Start date and time:2023-11-27 17:48:31 +01:00
                                  Joe Sandbox Product:CloudBasic
                                  Overall analysis duration:
                                  Hypervisor based Inspection enabled:false
                                  Report type:full
                                  Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                  Number of analysed new started processes analysed:10
                                  Number of new started drivers analysed:0
                                  Number of existing processes analysed:0
                                  Number of existing drivers analysed:0
                                  Number of injected processes analysed:0
                                  Technologies:
                                  • EGA enabled
                                  Analysis Mode:stream
                                  Analysis stop reason:Timeout
                                  Sample file name:Notice of personal information processing. (This is not an advertisement).msg
                                  Detection:SUS
                                  Classification:sus22.winMSG@21/141@28/273
                                  Cookbook Comments:
                                  • Found application associated with file extension: .msg
                                  • Exclude process from analysis (whitelisted): dllhost.exe
                                  • Excluded IPs from analysis (whitelisted): 52.109.20.38, 23.221.242.90, 52.113.194.132, 172.253.63.94, 34.104.35.123, 192.229.211.108, 20.42.72.131, 172.253.122.97, 172.253.62.139, 172.253.62.102, 172.253.62.100, 172.253.62.138, 172.253.62.113, 172.253.62.101, 20.38.118.132, 142.251.16.95, 142.251.179.95, 142.251.167.95, 172.253.115.95, 172.253.122.95, 172.253.63.95, 172.253.62.95, 142.251.163.95, 142.250.31.95, 142.251.111.95
                                  • Excluded domains from analysis (whitelisted): appeudsebed.blob.core.windows.net, slscr.update.microsoft.com, clientservices.googleapis.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, ecs-office.s-0005.s-msedge.net, ocsp.digicert.com, www.googletagmanager.com, e16604.g.akamaiedge.net, officeclient.microsoft.com, prod.fs.microsoft.com.akadns.net, www.google-analytics.com, ecs.office.com, self-events-data.trafficmanager.net, fs.microsoft.com, content-autofill.googleapis.com, prod.configsvc1.live.com.akadns.net, self.events.data.microsoft.com, s-0005-office.config.skype.com, blob.fra21prdstr03a.store.core.windows.net, fe3cr.delivery.mp.microsoft.com, edgedl.me.gvt1.com, s-0005.s-msedge.net, config.officeapps.live.com, us.configsvc1.live.com.akadns.net, onedscolprdeus00.eastus.cloudapp.azure.com, ecs.office.trafficmanager.net
                                  • Not all processes where analyzed, report is missing behavior information
                                  • Report size getting too big, too many NtQueryAttributesFile calls found.
                                  • Report size getting too big, too many NtQueryValueKey calls found.
                                  • VT rate limit hit for: Notice of personal information processing. (This is not an advertisement).msg

                                  Created / dropped Files

                                  C:\Users\user\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):231348
                                  Entropy (8bit):4.389467900693413
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:1B93196777936EB27642B9DCF275BEC0
                                  SHA1:781CA3B0498A3C00B1E08F3201B3A8F5E0C3BE89
                                  SHA-256:75CA9AA35F9852CF9329580F0A30BEDAE4B6DD429CEA77BAE1CF22E9F912F4BA
                                  SHA-512:E2592CD31434F1B1CEEB3D0057DF600FFFA9536BE58A2347D10BEFCCA5E5593F1C4993B067BAACD07B180157259C904199520672424CEC4FB1EB2FD61A65ED66
                                  Malicious:false
                                  Reputation:low
                                  Preview:TH02...... .....Q!......SM01X...,.......Q!..........IPM.Activity...........h...............h............H..hT.i......*7~...h........8...H..h\cal ...pDat...h8...0.....i....h[-u............h........_`.j...h..u.@...I..w...h....H...8..j...0....T...............d.........2h...............k..............!h.............. hs......i...#h....8.........$h8.......8....."h.......`....'h..............1h[-u.<.........0h....4.....j../h....h......jH..h.d..p...T.i...-h .........i...+h.,u.....H.i................. ..............F7..............FIPM.Activity.st.Form.e..Standard.tanJournal Entry.pdIPM.Microsoft.FolderDesign.FormsDescription................F.k..........1122110020000000.000Microsoft.ofThis form is used to create journal entries.........kf...... ..........&...........(.......(... ...@.....................................................................................................................fffffffff........wwwwwwww.p....pp..............p...............pw..............pw..DDDDO..

                                  C:\Users\user\AppData\Local\Microsoft\FontCache\4\CatalogCacheMetaData.xml

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:XML 1.0 document, ASCII text, with very long lines (2147), with no line terminators
                                  Category:dropped
                                  Size (bytes):2147
                                  Entropy (8bit):5.087352683514672
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:D2909275EC0BDB791202B4DE1BB6FEE4
                                  SHA1:D4022BF2292CCCCA974C70EE940743DBC4431573
                                  SHA-256:CDA5120744FA8E2CA5C831F162D6F5CA1450EFE33F026DB48C4926D4CBBFF057
                                  SHA-512:D8B92D19E68426FEA041E3D41F48F2EA33DE130CB296E07C7E3822769E4AA20BD10696C5892A749E98E8126549AC266B83B5B309C3E4C84E29DB4ACB9971E2FC
                                  Malicious:false
                                  Reputation:low
                                  Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?><root><version>1</version><Count>14</Count><Resource><Id>Aptos_26215680</Id><LAT>2023-11-27T16:49:03Z</LAT><key>29939506207.ttf</key><folder>Aptos</folder><type>4</type></Resource><Resource><Id>Aptos_45876480</Id><LAT>2023-11-27T16:49:03Z</LAT><key>27160079615.ttf</key><folder>Aptos</folder><type>4</type></Resource><Resource><Id>Aptos Narrow_26215424</Id><LAT>2023-11-27T16:49:03Z</LAT><key>31558910439.ttf</key><folder>Aptos Narrow</folder><type>4</type></Resource><Resource><Id>Aptos Display_26215680</Id><LAT>2023-11-27T16:49:03Z</LAT><key>23001069669.ttf</key><folder>Aptos Display</folder><type>4</type></Resource><Resource><Id>Aptos Narrow_45876224</Id><LAT>2023-11-27T16:49:03Z</LAT><key>24153076628.ttf</key><folder>Aptos Narrow</folder><type>4</type></Resource><Resource><Id>Aptos Display_45876480</Id><LAT>2023-11-27T16:49:03Z</LAT><key>30264859306.ttf</key><folder>Aptos Display</folder><type>4</type></Resource><Resource><Id>Aptos_

                                  C:\Users\user\AppData\Local\Microsoft\FontCache\4\Catalog\ListAll.Json

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:JSON data
                                  Category:dropped
                                  Size (bytes):520128
                                  Entropy (8bit):4.907706947229227
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:FBD616C03BD0BB44DD43D63001DE4891
                                  SHA1:542B34961A09A535B19EBE3B84B41A0A3930F7F0
                                  SHA-256:C85795698D46699A69EBC9EAE17AE1C26045C6A97C18B60597679E30C97668B9
                                  SHA-512:C92783CFC6CC7CC10A2306FDA2B55E12D572F09E57F1ED656DC959EF79F9862E78011EF5FA771D9828D07CBD82E3FC3ED9B6897A82B36BC26DDF5D88B4D4A9E9
                                  Malicious:false
                                  Reputation:low
                                  Preview:{"MajorVersion":4,"MinorVersion":37,"Expiration":14,"Fonts":[{"a":[4294966911],"f":"Abadi","fam":[],"sf":[{"c":[1,0],"dn":"Abadi","fs":32696,"ful":[{"lcp":983041,"lsc":"Latn","ltx":"Abadi"}],"gn":"Abadi","id":"23643452060","p":[2,11,6,4,2,1,4,2,2,4],"sub":[],"t":"ttf","u":[2147483651,0,0,0],"v":197263,"w":26215680},{"c":[1,0],"dn":"Abadi Extra Light","fs":22180,"ful":[{"lcp":983042,"lsc":"Latn","ltx":"Abadi Extra Light"}],"gn":"Abadi Extra Light","id":"17656736728","p":[2,11,2,4,2,1,4,2,2,4],"sub":[],"t":"ttf","u":[2147483651,0,0,0],"v":197263,"w":13108480}]},{"a":[4294966911],"f":"ADLaM Display","fam":[],"sf":[{"c":[536870913,0],"dn":"ADLaM Display Regular","fs":140072,"ful":[{"lcp":983040,"lsc":"Latn","ltx":"ADLaM Display"}],"gn":"ADLaM Display","id":"31965479471","p":[2,1,0,0,0,0,0,0,0,0],"sub":[],"t":"ttf","u":[2147491951,1107296330,0,0],"v":131072,"w":26215680}]},{"a":[4294966911],"f":"Agency FB","fam":[],"sf":[{"c":[536870913,0],"dn":"Agency FB Bold","fs":54372,"ful":[{"lcp":9830

                                  C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Roboto\29157941112.ttf

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:TrueType Font data, 17 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularGoogle:Roboto Regular:2016Version 3.
                                  Category:dropped
                                  Size (bytes):469544
                                  Entropy (8bit):6.8480115015387035
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:4F6375B8EA6B4094295CCD33334B0B7A
                                  SHA1:1476EDA17FED0A7F71B30161265D40DBE26E5577
                                  SHA-256:2F420C946304315909C1672B14CB4343A3D70C45879C39B85D2345A75850C287
                                  SHA-512:63DF47FCE03B3458E05472B6541B3E6317B50DBB561AF896CFAF3E9D86D6297E189E1D34C52DDAA877E85F39286473317E06C11C2960F031441903D1C69C8A16
                                  Malicious:false
                                  Reputation:low
                                  Preview:............GDEF..."........GPOS&.........>.GSUB..q|......-.OS/2...........`cmapg+.B..6.....cvt ;.&}..bD....fpgm...2..O.....gasp............glyf..qR...4....head.?,........6hhea...M...T...$hmtxo..,......4.loca$A....cD..4.maxp...m...x... name>.n...'0....post.7....*.....prepyX...._t..............Y._.<.........................\.s.................l...........\.................:.....;.P...v......./.......u.................3.......3.....f..................P.!....!....GOOG.@.........f.... ........:..... .....d...............................w...n...i...f.f.h.......'.r.....N.....6.&.....M.....s.......^..._...5...........N...q...d.......)...H.d.../.....K./.m.8.......5.x.@.......l...s.z.....-...j.5.....O.............w.......n.......Q...2.0.........=...:.......W.....I.).....X.@.....y.9.Z.m.~...0.]..._.>.]...=.~.a.h.......................k.....\.~....._.....!._.....i.....!...+...*.......Y...@.........q.......a.i...[...i.4.........[.Y.e.I.\.......e.n...J.[.........G.a...B...?...{.......D.......t...{

                                  C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Roboto\31996480045.ttf

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:TrueType Font data, 17 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldGoogle:Roboto Bold:2016Roboto BoldVersi
                                  Category:modified
                                  Size (bytes):471760
                                  Entropy (8bit):6.849571568567551
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:F5D861C69936190F6B631ACEB948515F
                                  SHA1:9F6F314D0576415F85E71EC8658E30517C066D48
                                  SHA-256:464B4AFCC2F464A3D3A76C4DBEB86F3718F8D10E3ECDDED96368ABF7D63F1FB8
                                  SHA-512:3A2758E647A58D06534C1A580495518828DCDA2AA4908EC58B57BD474D43D16F60BD64F54CF4A81AB2AE362DBE44702C875B54B1FEABECB65E3E528E0723FDD4
                                  Malicious:false
                                  Reputation:low
                                  Preview:............GDEF..."........GPOS.k.Z......>.GSUB..q|......-.OS/2..m.......`cmapg+.B..6.....cvt ;.&}..bD....fpgm...2..O.....gasp............glyf..C....4....head.8,Y.......6hhea.......T...$hmtx........4.loca$.....cD..4.maxp...m...x... name?bn8../.....post.7....1.....prepyX...._t............Gz.r_.<..........................{.s.................l...........{.................:.....;.P...v......./.......u.................3.......3.....f..................P.!....!....GOOG. .........f.... ........:..... .....d.....................*.z...>...;...\...`.B.G.J.?...}...(.....\.8...&.'.s.R.~......._.......G...?...9...i...d...<...^...V.A.{...;...6.....!.w...-.,.L.`.......<.V.3.......d...t._.....W...x.*.....T.............V.(.....T. .....E...).F.u.:.....#...........I.7.y._...7.....-.......8.H.B...p.+.B...C.R.G.......E.{.i...m.....F.p.......o.|.j...B...p...C...p...7.....{.h...................J...0......."./.j.C.....e...c...Q.J.........^...a.I.X.......L.h.~.I.X.........L.X...9...1...e.......M.j...&.a....

                                  C:\Users\user\AppData\Local\Microsoft\FontCache\4\PreviewFont\flat_officeFontsPreview_4_37.ttf

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:TrueType Font data, 10 tables, 1st "OS/2", 7 names, Microsoft, language 0x409, \251 2018 Microsoft Corporation. All Rights Reserved.msofp_4_37RegularVersion 4.37;O365
                                  Category:dropped
                                  Size (bytes):767532
                                  Entropy (8bit):6.5591108505203914
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:795C53DE9F9FEA90A237A43534CCCAB2
                                  SHA1:E73FDCD5135A1ED4BEDF643CAB0BD73D58A6F4A6
                                  SHA-256:892C40F31DB579FAAE34F53D9482708E5CEE564BEF5413D140D4FCD1B82C2030
                                  SHA-512:731988998E96ED7013FBC3B2CA9F7B1D03876F1B68E79C502E983D145A5E8FE58B1FD1780F6455A20EB41E3FC8502E14E021C1E54EFEC503884CBA6227D1B3D4
                                  Malicious:false
                                  Reputation:low
                                  Preview:........... OS/29....(...`cmap.s.(.......pglyf..&?...\....head1..0.......6hheaE.@r.......$hmtxr..........0loca.+.....(...4maxp........... name.V+.........post...<....... ..........*._.<...........<......J.G....Aa...................Q....Aa....Aa.........................~...................................................3..............................MS .@.......(...Q................. ...........d...........0...J.......8.......>..........+a..#...,................................................/...K.......z...............N......*...!...-...+........z.......h..%^..3...&j..+...+%..'R..+..."....................l......$A...,.......g...&...=.......X..&........*......&....B..(B...............#.......j...............+...P...5...@...)..........#...)Q...............*...{.. ....?..'...#....N...7......<...;>.............. ]...........5......#....s.......$.......$.......^..................+...>....H.......%...7.......6.......O...V...........K......"........c...N......!...............$...&...*p..

                                  C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-shm

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):32768
                                  Entropy (8bit):0.04571325397760245
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:0FCB08F9D99E8EBAE93CC65C04E74744
                                  SHA1:31ADB778D2029BD703C87BFDA204E21496F14B5F
                                  SHA-256:DE9AB8FCD42AD66CC6FB812BE7A55A5C1C7C600187A9499083E5DA8A1DDF7268
                                  SHA-512:0BAA2C1584292D9B308CAB801159D536FF25B5F4AE11D028DBDE3D16C16A0B34BC8AA619674D6F69EF0162B701EA4035B552663FDD1E3A91E1254447F8AACA87
                                  Malicious:false
                                  Reputation:low
                                  Preview:..-.....................3"c...b.se...{.="eI.1C....-.....................3"c...b.se...{.="eI.1C..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-wal

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:SQLite Write-Ahead Log, version 3007000
                                  Category:dropped
                                  Size (bytes):49472
                                  Entropy (8bit):0.483242480915537
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:0716C64BFA759EFAB4953FAC2C46A968
                                  SHA1:A57DBB192B70D2AC0B387DDA1E8164944A63FA5A
                                  SHA-256:678029CC666461B1A6C1281EC9E7B70449403EB345C4A5078887BEFACFBEB25E
                                  SHA-512:E6F8F30BA86B02D4309D72475AF10D58E6D3718B405C21982B606C42E2F6A797054098E20F75EF89397D82C62DC2878214DC6501EA8A8F95CD07263DB09A6744
                                  Malicious:false
                                  Reputation:low
                                  Preview:7....-..........se...{.=..h............se...{.=YQA4..<JSQLite format 3......@ .......................................................................... .............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRS{1C69F185-3CCC-4DD9-8156-D6AF742392C5}.tmp

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):13492
                                  Entropy (8bit):3.5441386586914354
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:B17210F9042406C378BF09A9739AD841
                                  SHA1:491097D275F74CB1853ED283B4564A3B7283D041
                                  SHA-256:7A3B9DB38D7080E0F0AB7D2474F3D9DF7A6623A530485218BA7580B855DF9B1E
                                  SHA-512:81798F9C63CA3B7A73EEB02C511AACFE2DD18B58F56DC0D82A6D3311F3C69879F9ECD94C01D10769FBD98EBF9EB7170A5CFBDB92FDF61AC87220254AED674B90
                                  Malicious:false
                                  Reputation:low
                                  Preview:....C.A.U.T.I.O.N.:. .T.h.i.s. .e.m.a.i.l. .o.r.i.g.i.n.a.t.e.s. .f.r.o.m. .o.u.t.s.i.d.e. .t.h.e. .A.x.a.c.t.o.r. .o.r.g.a.n.i.s.a.t.i.o.n. ...P.e.r.s.o.n.a.l. .D.a.t.a. .N.o.t.i.c.e.............................................................................................................................................................................................................................................................................................................................................................j.......x.......b...l...|.......................6...............................................................................................................................................................................................................................................................&..F...d,...........[$.\$.......,.....[$.\$......d,...........[$.\$......$..d,.........,.[$.\$.a$.,..$d....%d....&d....'d....-D..M...........N...e......O...e......

                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRS{8E8C1969-4186-4172-9BD4-19E8F2B5B1A3}.tmp

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:data
                                  Category:modified
                                  Size (bytes):2048
                                  Entropy (8bit):1.7658348935489872
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:8B77BD22883043BECC981C298A24E396
                                  SHA1:60D191CFD99182487D89B199E2F975AE8B799470
                                  SHA-256:028858AD95F12F5E52F1E2495676BA67F3650F1B1BC1DD5FA6A864119BDD00B1
                                  SHA-512:0F189495DDC17FA2877494AD20AC39DE97C7EEAF49A42810C5CAFE34EC102D7FC842905EABC4829AF81EC554707F321D267193BCDAE134A0F7457C5FC4C9445D
                                  Malicious:false
                                  Reputation:low
                                  Preview:....1.2.....1.....1.2.....1.2.....1.2.....1.2.....1.2.....1.2.....1.2.....1.2.....1.....1.....1.2.....1.2.....1.2.....1.2.....(.....(.....(.....(.....(...c.a.l.i...c............................................................................................................................................................................................................................................................................................................................................................................................... ..."...(...*...0...2...8...:...@...B...H...J...P...R...V...X...\...^...d...f...l...................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1701103743525492600_E031E233-16B3-417D-9AA0-810C5E4FDBEC.log

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:ASCII text, with very long lines (28758), with CRLF line terminators
                                  Category:dropped
                                  Size (bytes):20971520
                                  Entropy (8bit):0.18276546790440015
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:0712C7995FCFC7F545893C5F9B4A4695
                                  SHA1:EFAB017CB07D2C3E95EAED8CC0BEF186F10A11E1
                                  SHA-256:E57D732D568F2890CF615FFB62079E555AC6CA8B4BF45AD6D7879C468D5DF641
                                  SHA-512:F58D383E0CCADE936D355778BF61CBFF28496FA43141B2DF8D14D59B870AF49E7D730B8D2859BFDD821F9F525E58ADFDBB0C8C6EC314F2209513A313D4F1BA66
                                  Malicious:false
                                  Reputation:low
                                  Preview:Timestamp.Process.TID.Area.Category.EventID.Level.Message.Correlation..11/27/2023 16:49:03.601.OUTLOOK (0x15D8).0x95C.Microsoft Outlook.Telemetry Event.b7vzq.Medium.SendEvent {"EventName":"Office.Text.GDIAssistant.HandleCallback","Flags":30962256044949761,"InternalSequenceNumber":22,"Time":"2023-11-27T16:49:03.601Z","Contract":"Office.System.Activity","Activity.CV":"M+Ix4LMWfUGaoIEMXk/b7A.4.9","Activity.Duration":10,"Activity.Count":1,"Activity.AggMode":0,"Activity.Success":true,"Data.GdiFamilyName":"","Data.CloudFontStatus":6,"Data.CloudFontTypes":256}...11/27/2023 16:49:03.617.OUTLOOK (0x15D8).0x95C.Microsoft Outlook.Telemetry Event.b7vzq.Medium.SendEvent {"EventName":"Office.Text.ResourceClient.Deserialize","Flags":30962256044949761,"InternalSequenceNumber":24,"Time":"2023-11-27T16:49:03.617Z","Contract":"Office.System.Activity","Activity.CV":"M+Ix4LMWfUGaoIEMXk/b7A.4.10","Activity.Duration":9857,"Activity.Count":1,"Activity.AggMode":0,"Activity.Success":true,"Data.JsonFileMajorVers

                                  C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1701103743526373200_E031E233-16B3-417D-9AA0-810C5E4FDBEC.log

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):20971520
                                  Entropy (8bit):0.0
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:8F4E33F3DC3E414FF94E5FB6905CBA8C
                                  SHA1:9674344C90C2F0646F0B78026E127C9B86E3AD77
                                  SHA-256:CD52D81E25F372E6FA4DB2C0DFCEB59862C1969CAB17096DA352B34950C973CC
                                  SHA-512:7FB91E868F3923BBD043725818EF3A5D8D08EBF1059A18AC0FE07040D32EEBA517DA11515E6A4AFAEB29BCC5E0F1543BA2C595B0FE8E6167DDC5E6793EDEF5BB
                                  Malicious:false
                                  Reputation:low
                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20231127T1749030282-5592.etl

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:data
                                  Category:modified
                                  Size (bytes):98304
                                  Entropy (8bit):4.488990818841293
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:C00E7BEFB38173207BAEA8F1ADF36377
                                  SHA1:0DBC9CC0398532AFB2DC4F47E7CD9E9127333DCE
                                  SHA-256:011932D1ACF51B470D1C689C21563249FDD890A45BAB0F8499FCF28BE3867A79
                                  SHA-512:58F9D9EB1E70637FBC26D93D9359AFA17129684EED4D4D65F05470A6E1ABE999EC14595DF381B047ADA214BFAD839FB1D90283B36A6C788864A5258AE3D8F3B0
                                  Malicious:false
                                  Reputation:low
                                  Preview:............................................................................`...\.......bM..Q!..................eJ..............Zb..2.......................................@.t.z.r.e.s...d.l.l.,.-.3.2.2.......................................................@.t.z.r.e.s...d.l.l.,.-.3.2.1..............................................................*...........bM..Q!..........v.2._.O.U.T.L.O.O.K.:.1.5.d.8.:.f.8.5.1.d.1.0.e.3.6.6.0.4.0.3.7.8.f.9.c.6.e.5.6.e.4.c.2.8.2.e.4...C.:.\.U.s.e.r.s.\.c.a.l.i.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.O.u.t.l.o.o.k. .L.o.g.g.i.n.g.\.O.U.T.L.O.O.K._.1.6._.0._.1.6.8.2.7._.2.0.1.3.0.-.2.0.2.3.1.1.2.7.T.1.7.4.9.0.3.0.2.8.2.-.5.5.9.2...e.t.l.......P.P.\.......bM..Q!..........................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Local\Temp\prep_ram Files (x86)_Microsoft Office_root_Office16_AugLoop_bundle_js_V8_perf.cache

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):538795
                                  Entropy (8bit):5.985828857997036
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:D835DD8459DEFB05D0043A57027770ED
                                  SHA1:F6DB9DA3008EA5FB737B35D8DD19AF4ABA25D018
                                  SHA-256:E3A5FD41A4EF17F063707B291AA437F8DADE1ED9EADC95A413782EB52A376AAE
                                  SHA-512:3B068BB40AE166CD2CDF157D50F4A582D1C45FF2CF60B490851AA3B4FFE186B74E4FCA05BF1E48C4EF2D20897976E6246CB1D87DCD9DB8D8D1E291E001422054
                                  Malicious:false
                                  Reputation:low
                                  Preview:RNWPREP...A..<.l........h8.........e,N"......%....|...H...4l...@...P.Q.....uY|P8.......$S.,..`......L`.....$S...`VY.....L`.....M.Rb.................c.@........... ...D..Qb.@.]...._p..`......Qb.......Ms..`......Qb...X....nf..`.....D..Qb.@].....DC..`......Qb.@p.....Lc..`.....D..Qb:.qX....As..`x.....Qb>@3.....ct..`.....D..QbF.;.....sn..`.....D..Qbf@.....pb..`.....D..Qbz..{....on..`l....D..Qb........Du..`......Qb...=....zg..`.....D..Qb...B....at..`,....D..Qb...'....ST..`r....D..Qb...:....ye..`$.....Qb.@......Qy..`v.....Qb.@.u....Js..`R.....Qb........qC..`.....D..Qb..D....eS..`N....D..Qb.@J,....hg..`......Qb...2....uh..`......Qb...w....Va..`.....D..Qb...[....Xd..`T....D..Qb"A......cm..`R.....Qb".h.....xr..`b....D..Qb........Rh..`b....D..Qb6.B.....Aa..`t....D..QbF..d....cT..`.....D..QbN.......M_..`l....D..QbVAH^...._y..`&....D..QbfA.[....$f..`.....D..QbrA[.....PC..`......Qbv.......dT..`.....D..Qb.A.t....IA..`.....D..Qb........es..`.....D..Qb...^....Nt..`......Qb..F.....Dk..`......Qb..e

                                  C:\Users\user\AppData\Local\Temp\~DF7F272689F6E68461.TMP

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):163840
                                  Entropy (8bit):0.37472807562174487
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:A9FB96CA57EF89F382415C3A229E4E57
                                  SHA1:5DE8AF78CB9AF2D4B11F8C40CF2DE65ABF25A2DF
                                  SHA-256:18BED71E7FDA5F4CB3C8C750595892019FC07DBE09EB6D58E480D072CA083C3B
                                  SHA-512:B72A6DC1EF8A3477DF79B6980BD47139ED470EDED2036542BE3DE5F61173225CB63A58C8F0CDA76AD5E509F9B13CFD6A8D546423C42978988F7527C82C0FB693
                                  Malicious:false
                                  Reputation:low
                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\AppData\Roaming\Microsoft\Office\MSO3072.acl

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):30
                                  Entropy (8bit):1.2389205950315936
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:EEEA2F18DB8ABFC596BC3D3F9B5A4346
                                  SHA1:9ED43364DA174AC5D8ACB2AA265C82DD73F0B315
                                  SHA-256:EF437042BD1E36D4A2D7149802C1FEF58F375274C39E535D036F0B5F902D98BA
                                  SHA-512:097AAB329BBCB8C429006F972A681E2F4C740F1F4E6947818CBB653B5040F05C90974B89BBD2DD499C03283B8FC40BF35B302EA9763EF7CD155C72D852E9F0C3
                                  Malicious:false
                                  Reputation:low
                                  Preview:.............................

                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 27 15:49:13 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                  Category:dropped
                                  Size (bytes):2673
                                  Entropy (8bit):3.9890741052422
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:CC739499FE152C4A51146D790AD3AE73
                                  SHA1:D073D5B4B9F2AC3C18BBCACA2A97FBADDB09494D
                                  SHA-256:8C5429D433F12030C4D5D2BC6FAFF7F69A9EF67A93CED7C9301FDE5D25FCBA69
                                  SHA-512:6C8A1C66655598C17EFFBC949304259F09226779399310936C928A857661A87A45CE217470B846B8CD1E4BAA23CA92E47609D9DC9AF2C54FC8FA96A194BCF174
                                  Malicious:false
                                  Reputation:low
                                  Preview:L..................F.@.. ...$+.,....g...Q!..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I{W......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V{W%.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V{W%.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V{W%............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V{W'............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........8........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 27 15:49:13 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                  Category:dropped
                                  Size (bytes):2675
                                  Entropy (8bit):4.00879578311053
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:CEB2F258858CAD5A8A42365075ECC79E
                                  SHA1:CD90CB10D6C5C4F0D31E54881E21082A0B8D62A2
                                  SHA-256:264FF66F1035516E5985D48F88249DC684CFF422BF6F8FDF92DCCCB090A4CE07
                                  SHA-512:646C3A459459D33CF5B3A93CD43CFC3C2D8C9F6CC31B9880B3773B72E6E8240EDBC39E0579061895DD5486CCDE6DE50E0F3A67C9B2898F5AFDF02AA57921D72C
                                  Malicious:false
                                  Reputation:low
                                  Preview:L..................F.@.. ...$+.,....z...Q!..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I{W......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V{W%.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V{W%.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V{W%............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V{W'............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........8........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                  Category:dropped
                                  Size (bytes):2689
                                  Entropy (8bit):4.010410830048521
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:BC5A862FE9627FDCCFA3696129D774C5
                                  SHA1:8E0D1649AB1372CFFF4555092E766693BB004AAC
                                  SHA-256:3D402C0A8F6DABFF459749AC60BCC972896EB1B8D684F4B98B9D73CC68ACA505
                                  SHA-512:E5732BC246B31FACC02AE3AD86FEE2B648139714D7C9943E398EEBD216C7BCA2995EE63645B40188F9016E9A3A572BEA7E5805159BE9C2D3C442560264FD2A04
                                  Malicious:false
                                  Reputation:low
                                  Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I{W......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V{W%.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V{W%.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V{W%............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........8........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 27 15:49:13 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                  Category:dropped
                                  Size (bytes):2677
                                  Entropy (8bit):4.005458639025811
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:4B76777B29E9EEE375BF7ECE52DBA859
                                  SHA1:6F6A001F0E2AB52021275A389B682F02508F660A
                                  SHA-256:FA351E5A568215DC3116EA184127053D98EEBF79819AC8E7A809BE83FFCAE24B
                                  SHA-512:D8645C2D31243BB59FBD813DBA488E0EDC20E78F8BE99CE74BA7C4047CE7A6F041F95399D5D244E908FB3AF8F6BFC2EE40D39C7A11FB3C0F4FF307140E41C632
                                  Malicious:false
                                  Reputation:low
                                  Preview:L..................F.@.. ...$+.,.......Q!..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I{W......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V{W%.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V{W%.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V{W%............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V{W'............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........8........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 27 15:49:13 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                  Category:dropped
                                  Size (bytes):2677
                                  Entropy (8bit):3.991039603839283
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:92FFECE626E612C9A9E1FE3A2F3D5CCC
                                  SHA1:02A4DB26CF8FA50E873D5013B39375E3A15FDF96
                                  SHA-256:73503409227F53ED960913078F44CD10B0F40ECE6160FF59A0519DACBD997644
                                  SHA-512:A35894C2CBE74259CD1EB18E28BB4D815EB52060BF6BB64A4632735D8587B2DAD4BFEF40DF6FC1D97E3D13DE9B5D061715C3437449D0A23022F7038F4C641AAC
                                  Malicious:false
                                  Reputation:low
                                  Preview:L..................F.@.. ...$+.,....xc..Q!..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I{W......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V{W%.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V{W%.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V{W%............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V{W'............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........8........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 27 15:49:13 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                  Category:dropped
                                  Size (bytes):2679
                                  Entropy (8bit):4.003125693299963
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:71052C5C7D5664DEF867AE769F2CFAA9
                                  SHA1:75CF39F39D7B958E2C9719AD40A41F27F863A38D
                                  SHA-256:00D199B6A1F8874B62AD265A8DE757D0801FE790EC1B66C92DFBDD74B406E3D8
                                  SHA-512:D1D7606A8FCB6A09B8535A6C548BE665B66DE73B82E1CFA360E20F06DC863BA0029A8AB9748FA3CB788E7DC953B250860EAF36CC4DB3FBD9401C713459FE731D
                                  Malicious:false
                                  Reputation:low
                                  Preview:L..................F.@.. ...$+.,.....)..Q!..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I{W......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V{W%.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V{W%.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V{W%............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V{W'............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........8........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                  C:\Users\user\Documents\Outlook Files\Outlook Data File - NoEmail.pst

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:Microsoft Outlook email folder (>=2003)
                                  Category:dropped
                                  Size (bytes):271360
                                  Entropy (8bit):1.3121119487323347
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:113EA1AE3E49B40EB98595BA91E2B35D
                                  SHA1:C75D7789730DBF3C9821DAA7BF24D37243B35F2F
                                  SHA-256:326C5E99A3F7018EA3916E8364111FC8FF045AF8F1AB0BE663AA3BE34EF6942A
                                  SHA-512:ED9A98F9640596C84AD7DF95C8E707D1CFFEBC9B3E2B0A150262A73BB49927E6CF1715CB388BABD2FBE2FCEDCDE24036534D1DDD513AF305B59F213BA1F8F0BD
                                  Malicious:false
                                  Reputation:low
                                  Preview:!BDN+..SM......\...=...........5.......T................@...........@...@...................................@...........................................................................$.......D......@S..............1...............4...................................................................................................................................................................................................................................................................................................p.2.B......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                  C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmp

                                  Download File
                                  Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                                  File Type:data
                                  Category:dropped
                                  Size (bytes):131072
                                  Entropy (8bit):0.7960885782218261
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:5361B6264816FA225DD419B0255C7A98
                                  SHA1:85DBF250F08F80A2FF500ECDBFA4E0C1509B342C
                                  SHA-256:CE7684D17A72D7D5915A45329AD08230CEC403EB8EDFAFC7EB6F3FD77EC849CC
                                  SHA-512:90CF905BA56316337F966D6F8041044ABB5F326F8A85754EEA94002A94D347DA5F78828F9949B965D857586F2F28FA85EDEE120DFB398D97CC648F5F1C4DC8E1
                                  Malicious:false
                                  Reputation:low
                                  Preview:%..~C...Q...........%..Q!....................#.!BDN+..SM......\...=...........5.......T................@...........@...@...................................@...........................................................................$.......D......@S..............1...............4...................................................................................................................................................................................................................................................................................................p.2.B..%..Q!.......B............#.........................................................................................................................................................................................................................................................................................................................................................................................................

                                  Chrome Cache Entry: 107

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with very long lines (15718)
                                  Category:downloaded
                                  Size (bytes):18692
                                  Entropy (8bit):4.754375391922092
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:4CC444663C1E69CB8AC7B909E7192BCA
                                  SHA1:D00DDC5B9526193FA99BC3995A6D05F995452EA1
                                  SHA-256:4F79A89D16A5F717110FE080C0BF90B7E05FF95A4C4983F64D33110BF5F9C230
                                  SHA-512:AE37D08D11AA4337650CBEC0D0F1205A5505CB3E82373873E82CBA093019521CD2B93CFE2DBE4840CE098717287E1F732E9330C90063B122F1C6358664F1B8EE
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.lushaprivacy.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
                                  Preview:/*! This file is auto-generated */.// Source: wp-includes/js/twemoji.min.js.var twemoji=function(){"use strict";var m={base:"https://twemoji.maxcdn.com/v/14.0.2/",ext:".png",size:"72x72",className:"emoji",convert:{fromCodePoint:function(d){d="string"==typeof d?parseInt(d,16):d;if(d<65536)return e(d);return e(55296+((d-=65536)>>10),56320+(1023&d))},toCodePoint:o},onerror:function(){this.parentNode&&this.parentNode.replaceChild(x(this.alt,!1),this)},parse:function(d,u){u&&"function"!=typeof u||(u={callback:u});return m.doNotParse=u.doNotParse,("string"==typeof d?function(d,a){return n(d,function(d){var u,f,c=d,e=N(d),b=a.callback(e,a);if(e&&b){for(f in c="<img ".concat('class="',a.className,'" ','draggable="false" ','alt="',d,'"',' src="',b,'"'),u=a.attributes(d,e))u.hasOwnProperty(f)&&0!==f.indexOf("on")&&-1===c.indexOf(" "+f+"=")&&(c=c.concat(" ",f,'="',u[f].replace(t,r),'"'));c=c.concat("/>")}return c})}:function(d,u){var f,c,e,b,a,t,r,n,o,i,s,l=function d(u,f){var c,e,b=u.childNodes,

                                  Chrome Cache Entry: 108

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with very long lines (496), with no line terminators
                                  Category:downloaded
                                  Size (bytes):496
                                  Entropy (8bit):5.0702744937771955
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:CE784500754D1898341A71D34D3994C0
                                  SHA1:C7D82C2E9763CB76C2636CAF81076F24C361B8A7
                                  SHA-256:F5150653CAC1AB15792588AF417D648C7163DFB211A20EB1CB1642428577BED8
                                  SHA-512:9DCBFBF5DEA2F2E7BB62B5DCB0B10798ECB6CB7CB929B68B8BFE4FC203A45665E37A37AE02373DD5B143F9269A05D59824B405C59C6FDF52A8304F97BF42C91B
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.lushaprivacy.com/wp-content/themes/lushaprivacy/assets/js/custom.min.js?ver=6.3.2
                                  Preview:"use strict";jQuery(document).ready(function(n){n(".content-section").anchorific({navigation:".col-nav__wrap",headers:"h1, h2",speed:200,anchorClass:"anchor",anchorText:"",top:".top",spy:!0,position:"append",spyOffset:150}),n(".col-nav__wrap > ul > li:first-child").addClass("active"),n('a[href^="#"]').bind("click.smoothscroll",function(o){o.preventDefault();var t=this.hash,o=n(t);n("html, body").stop().animate({scrollTop:o.offset().top-40},900,"swing",function(){window.location.hash=t})})});

                                  Chrome Cache Entry: 109

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with very long lines (563)
                                  Category:downloaded
                                  Size (bytes):476095
                                  Entropy (8bit):5.686239177235318
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:23B9DD721490A4062BA8D01454EF6BA9
                                  SHA1:EFDBB7331585411F7D397DACBF51FD3E95F3031D
                                  SHA-256:4970C7161D03503A3EB5EC49E4190A03445C50CD5A9081714BD13183D2D948A7
                                  SHA-512:5ABFCB96FABD98FB9715B1FBBBF689E78997EAC8C9D48A625E4974A51D7B4BBF300561A8243F8352FA691ED9BA6A3FCBEC19E07BB34AB644444CE78EB20E88BF
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
                                  Preview:(function(){/*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/./*.. Copyright 2005, 2007 Bob Ippolito. All Rights Reserved.. Copyright The Closure Library Authors.. SPDX-License-Identifier: MIT.*/./*. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/./*.. SPDX-License-Identifier: Apache-2.0.*/.var e=function(){return[function(Q,B,b,k){if(!(Q-5>>(0<=(b=[8,14,"call"],(Q^b[1])>>3)&&(Q|6)<b[0]&&(bk[b[2]](this,function(){return B}),this.l=B),4)))L[b[2]](this,B);return k},function(Q,B,b,k,l,y,d,G,n,S,T,N,H,m){return((H=[2,2097151,(1==Q+3>>3&&(B=kC,m=b=function(r){return B.call(b.src,b.listener,r)}),16777215)],Q|H[0])>>3||(k=Gu(t[18].bind(null,10),B),b.B?k():(b.kU||(b.kU=[]),b.kU.push(k))),12>((Q^17)&16)&&-61<=Q>>H[0])&&(G=[24,"",6710656],b>>>=0,k>>>=0,b<=H[1]?l=G[1]+(4294967296*b+k):(O[15](4)?.y=G[1]+(BigInt(b)<<BigInt(32)|BigInt(k)):(d=b>>16&65535,N=(k>>>G[0]|b<<B)&H[2],T=N+8147497*d,n=d*H[0],S=(k&H[2])+6777216*N+d*G[H[0]],1E7<=S

                                  Chrome Cache Entry: 110

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:HTML document, ASCII text
                                  Category:dropped
                                  Size (bytes):211
                                  Entropy (8bit):5.090012084439345
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:938464F4A51E80A29886967E2DD10247
                                  SHA1:6CA208768620D334DC104B093C6B816BEFD75CAD
                                  SHA-256:E5E1650378525B31C2E2805A4CF471C306C690A4F01466044490D53753E83BBF
                                  SHA-512:D432657412D9A0D75171CFC35F9F3A1DF6383406D76BF299A1EC230E859C2DDA71BF452129956E66538CB652732ED4F8E47BA363691F18C77D61A7442391C30C
                                  Malicious:false
                                  Reputation:low
                                  Preview:<HTML>.<HEAD>.<TITLE>HTTP method GET is not supported by this URL</TITLE>.</HEAD>.<BODY BGCOLOR="#FFFFFF" TEXT="#000000">.<H1>HTTP method GET is not supported by this URL</H1>.<H2>Error 405</H2>.</BODY>.</HTML>.

                                  Chrome Cache Entry: 111

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with very long lines (13479)
                                  Category:downloaded
                                  Size (bytes):13577
                                  Entropy (8bit):5.272065782731947
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:9FFEB32E2D9EFBF8F70CAABDED242267
                                  SHA1:3AD0C10E501AC2A9BFA18F9CD7E700219B378738
                                  SHA-256:5274F11E6FB32AE0CF2DFB9F8043272865C397A7C4223B4CFA7D50EA52FBDE89
                                  SHA-512:8D6BE545508A1C38278B8AD780C3758AE48A25E4E12EEE443375AA56031D9B356F8C90F22D4F251140FA3F65603AF40523165E33CAE2E2D62FC78EC106E3D731
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.lushaprivacy.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
                                  Preview:/*! jQuery Migrate v3.4.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */."undefined"==typeof jQuery.migrateMute&&(jQuery.migrateMute=!0),function(t){"use strict";"function"==typeof define&&define.amd?define(["jquery"],function(e){return t(e,window)}):"object"==typeof module&&module.exports?module.exports=t(require("jquery"),window):t(jQuery,window)}(function(s,n){"use strict";function e(e){return 0<=function(e,t){for(var r=/^(\d+)\.(\d+)\.(\d+)/,n=r.exec(e)||[],o=r.exec(t)||[],a=1;a<=3;a++){if(+o[a]<+n[a])return 1;if(+n[a]<+o[a])return-1}return 0}(s.fn.jquery,e)}s.migrateVersion="3.4.1";var t=Object.create(null);s.migrateDisablePatches=function(){for(var e=0;e<arguments.length;e++)t[arguments[e]]=!0},s.migrateEnablePatches=function(){for(var e=0;e<arguments.length;e++)delete t[arguments[e]]},s.migrateIsPatchEnabled=function(e){return!t[e]},n.console&&n.console.log&&(s&&e("3.0.0")&&!e("5.0.0")||n.console.log("JQMIGRATE: jQuery 3.x-4.x REQUIRED"),s.migrateWarnings

                                  Chrome Cache Entry: 112

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
                                  Category:downloaded
                                  Size (bytes):530
                                  Entropy (8bit):7.2576396280117494
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:88E0F42C9FA4F94AA8BCD54D1685C180
                                  SHA1:5AD9D47A49B82718BAA3BE88550A0B3350270C42
                                  SHA-256:89C62095126FCA89EA1511CF35B49B8306162946B0C26D6F60C5506C51D85992
                                  SHA-512:FAFF842E9FF4CC838EC3C724E95EEE6D36B2F8C768DC23E48669E28FC5C19AA24B1B34CF1DBCBE877B3537D6A325B4C35AF440C2B6D58F6A77A04A208D9296F8
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.gstatic.com/recaptcha/api2/audio_2x.png
                                  Preview:.PNG........IHDR...0...0.......1.....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD.........IDATX...JBA.....E-R... (#..-*$.}.%.Kt.A..Dx.I...AF.Q.4.......-.6..?.m:.,.......Q..D.L..e4..2.D..8)j4:......&>.s......p?......9.o5>.][H.}...&L.%.xh{~K.J|.b..N..HMp....f.}dd..S..4%...$dK..!..Z..NNs.W&g..Fn....p...w..Ut...E\.e.......6......M.F...X.L......em.....R#'..%....j$/..-......@.l."..M.|....OtW.H.,.-.~W`Z.s8..W...B...C-.8"H....6......9...A..aO.1`.M..A..eA.{...-...U.,.W........IEND.B`.

                                  Chrome Cache Entry: 113

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:SVG Scalable Vector Graphics image
                                  Category:dropped
                                  Size (bytes):6235
                                  Entropy (8bit):4.5429784377369
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:EF87B2C7D1F679DC219947FB87651F8C
                                  SHA1:3E4D83C324C55A17A41BC555FF83E4987EA2EB83
                                  SHA-256:9A28BBB9F7E84E8A0C7F548407245EAA52290B81FB7B80D9E06EFE6EF69439B6
                                  SHA-512:685D719808BD1B95AE56DF07BD83792FBE659CA7CC3E337F4AC6B592FA946E37256258C1DDCEC8035378460761EC43376A6C49AC497EA9A0B580A2B96CBBFF99
                                  Malicious:false
                                  Reputation:low
                                  Preview:<?xml version="1.0" encoding="UTF-8"?>.<svg width="102px" height="102px" viewBox="0 0 102 102" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" aria-hidden="true">. Generator: sketchtool 51.2 (57519) - http://www.bohemiancoding.com/sketch -->. <title>D9EAF561-1FC2-473F-82CD-50120A28C18B</title>. <desc>Created with sketchtool.</desc>. <defs>. <polygon id="path-1" points="0.0121912351 0.188030815 101.908769 0.188030815 101.908769 101.987833 0.0121912351 101.987833"></polygon>. </defs>. <g id="Page-1" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">. <g id="03_UserFlow_03" transform="translate(-693.000000, -336.000000)">. <g id="Thankyou_Icon" transform="translate(693.000000, 336.000000)">. <g id="Group-5">. <mask id="mask-2" fill="white">. <use xlink:href="#path-1"></use>. </mask>. <g id="C

                                  Chrome Cache Entry: 114

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:downloaded
                                  Size (bytes):80
                                  Entropy (8bit):4.894265602280304
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:C7192E1EB9E6F0DF89C5BB4FEF5D4EF3
                                  SHA1:D14D9BE410ABACC1AE8FF2AA5F815DE7FFC22FD1
                                  SHA-256:4F276DE4954E2AD982CD982585FCBA4007694A62685857242F52E41F9D8C5A44
                                  SHA-512:41075BC889B38816B78FA93396988B89F2110099835FB567C8481BDD9456D7F7537D78EFAA1DA69D3B2326E326A7824BD747DBD15263BFA22F2EE8B3FAA00B68
                                  Malicious:false
                                  Reputation:low
                                  URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHgkY3nXnH2FqexIFDRid7ecSBQ38NvfgEgUNGSDjyxIeCbhfSKfCWZL3EgUNGJ3t5xIFDfw29-ASBQ0ZIOPL?alt=proto
                                  Preview:ChsKBw0Yne3nGgAKBw38NvfgGgAKBw0ZIOPLGgAKGwoHDRid7ecaAAoHDfw29+AaAAoHDRkg48saAA==

                                  Chrome Cache Entry: 115

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3
                                  Category:dropped
                                  Size (bytes):46905
                                  Entropy (8bit):7.977953925704872
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:EBC6726C544DAD48ACA0CC1074795269
                                  SHA1:0E797B48AEC51206CCABF5DD8E4637E15915F0EF
                                  SHA-256:3B26753CA88B14AA5CF9E01C80D21A9133629A85F985896949BB656B295A72E2
                                  SHA-512:6E54B51ED87AF3D3E562990EDD50CC0AD977255C361978A9A72D631DB28FE02A27C8F2B2FDC9E2A20AC74C1A2D44B0368D9A9D78A207A4AAFD5B2E3F7BCBEEDD
                                  Malicious:false
                                  Reputation:low
                                  Preview:......JFIF.............C..............................................!........."$".$.......C............................................................................"............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?....s.>.\.xZ?7DDg........[.z....4.....:t.Z.S..?...~.l6v......J;.n.B...^..%...iv..H.d.9.;..c<.#..$.qJ....3CG..]Kw..l..v5..\.0U..sT...:..e.Z...{S.G.y.chb..O78.K...!..q.Ma|S.xZM.....z...$.+1.8.d|W...l.'.L.DV.t0~.........y../...c'5...uht.I... u..o...Hd...(..\.IZ.C.A..>$...Cs......v0.".9.8...x...h.,..y..nu.VO...M....Q.9....R....i.zdUo.5.h.a.c,-.jY..W...Be.

                                  Chrome Cache Entry: 116

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
                                  Category:downloaded
                                  Size (bytes):15552
                                  Entropy (8bit):7.983966851275127
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:285467176F7FE6BB6A9C6873B3DAD2CC
                                  SHA1:EA04E4FF5142DDD69307C183DEF721A160E0A64E
                                  SHA-256:5A8C1E7681318CAA29E9F44E8A6E271F6A4067A2703E9916DFD4FE9099241DB7
                                  SHA-512:5F9BB763406EA8CE978EC675BD51A0263E9547021EA71188DBD62F0212EB00C1421B750D3B94550B50425BEBFF5F881C41299F6A33BBFA12FB1FF18C12BC7FF1
                                  Malicious:false
                                  Reputation:low
                                  URL:https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
                                  Preview:wOF2......<...........<Z.........................d..z..J.`..L.\..<.....<.....^...x.6.$..6. .... ..S..}%.......|....x..[j.E...d..-A...]=sjf$X.o.5......V....i?}.\...;...V......5..mO=,[.B..d'..=..M...q...8..U'..N..G...[..8....Jp..xP...'.?....}.-.1F.C.....%z..#...Q...~.~..3.............r.Xk..v.*.7t.+bw...f..b...q.W..'E.....O..a..HI.....Y.B..i.K.0.:.d.E.Lw....Q..~.6.}B...bT.F.,<./....Qu....|...H....Fk.*-..H..p4.$......{.2.....".T'..........Va.6+.9uv....RW..U$8...p...........H5...B..N..V...{.1....5}p.q6..T...U.P.N...U...!.w..?..mI..8q.}.... >.Z.K.....tq..}.><Ok..w.. ..v....W...{....o...."+#+,..vdt...p.WKK:.p1...3`. 3.......Q.].V.$}.......:.S..bb!I...c.of.2uq.n.MaJ..Cf.......w.$.9C...sj.=...=.Z7...h.w M.D..A.t.....]..GVpL...U(.+.)m..e)..H.}i.o.L...S.r..m..Ko....i..M..J..84.=............S..@......Z.V.E..b...0.....@h>...."$.?....../..?.....?.J.a,..|..d...|`.m5..b..LWc...L...?.G.].i...Q..1.:..LJV.J...bU.2.:\.kt.......t.....k....B..i.z+...........A.....

                                  Chrome Cache Entry: 117

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:Web Open Font Format (Version 2), TrueType, length 15340, version 1.0
                                  Category:downloaded
                                  Size (bytes):15340
                                  Entropy (8bit):7.983406336508752
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:19B7A0ADFDD4F808B53AF7E2CE2AD4E5
                                  SHA1:81D5D4C7B5035AD10CCE63CF7100295E0C51FDDA
                                  SHA-256:C912A9CE0C3122D4B2B29AD26BFE06B0390D1A5BDAA5D6128692C0BEFD1DFBBD
                                  SHA-512:49DA16000687AC81FC4CA9E9112BDCA850BB9F32E0AF2FE751ABC57A8E9C3382451B50998CEB9DE56FC4196F1DC7EF46BBA47933FC47EB4538124870B7630036
                                  Malicious:false
                                  Reputation:low
                                  URL:https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
                                  Preview:wOF2......;........d..;..........................d..z..J.`..L.Z..<.....\..`..^...x.6.$..6. ..|. ..8..z%......Q.{..q...FF.kd .8.(..d..).!C...Y.JA...r. ..GH8F......nW...".2&....2<..+C...p...b..SC.......J......z.-..Q..#6&1zUe../\...l.....<.....9s...E~.]B-..B.wY..o......Q..*A.F..1j.......-.`P% .. ,..@1.0..~.....WWW.d.u<c{..^.R.+..w....&.........A......+C....(.N.....0.~..0.J.;.Nu..7....]..m.H.....[h.GL3....?)....c.H...2.3.}y........SXI|..iVN'%E.D.W....r..<`....i....6;E$.....U.$j.@...._.......R2....WS...k.vz.R.'a9!^..*.N....h.._.....c.%."..S.2.16B...o.2}.pmU[.|.LI....2.....OWQLO1-....s..8.(...".|6...6R.. ..M-.zO.}w)..v..mXxX...c..3*#.+.v....F`.Z;.zQ.......r,....Yo.....g.h....+.....O.3Y..)Y.8.!....elX......._.3.}k~u.{ C..H.z..FP........@...d..)T.R...L.H.J.j.@..............$...E......y...3.b...I.h u.+%.HA.\..9..8..X.!....gx...].:..V..C...._..X..!....6..)...GM:E.....O.Z.*}k.;.T.k..D.k.O..D5.r..."......?..T.Q.A...CF...3g.5.Dn<.QPy..G..1.9..Q..0..

                                  Chrome Cache Entry: 118

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:downloaded
                                  Size (bytes):40
                                  Entropy (8bit):4.377567157116928
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:EF03CDD3DEB9E7D2DC416BC3BC10651C
                                  SHA1:A7EEF0FBD2864D31CA8C771762957622FAA46EB8
                                  SHA-256:7D5FC289758CF9FDEAA0CBDD7212A5F11AD565796F9B92639F324C07326440A0
                                  SHA-512:E286016A968885A32FE143B7C24FF2DC6AAC0023F16D9F23AD32E13BBA477511514D543E881261355C9FE548F7686E91B175EE07BA34A0299DB61186678784E1
                                  Malicious:false
                                  Reputation:low
                                  URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHgm4X0inwlmS9xIFDRid7ecSBQ38NvfgEgUNGSDjyw==?alt=proto
                                  Preview:ChsKBw0Yne3nGgAKBw38NvfgGgAKBw0ZIOPLGgA=

                                  Chrome Cache Entry: 119

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
                                  Category:downloaded
                                  Size (bytes):77160
                                  Entropy (8bit):7.996509451516447
                                  Encrypted:true
                                  SSDEEP:
                                  MD5:AF7AE505A9EED503F8B8E6982036873E
                                  SHA1:D6F48CBA7D076FB6F2FD6BA993A75B9DC1ECBF0C
                                  SHA-256:2ADEFCBC041E7D18FCF2D417879DC5A09997AA64D675B7A3C4B6CE33DA13F3FE
                                  SHA-512:838FEFDBC14901F41EDF995A78FDAC55764CD4912CCB734B8BEA4909194582904D8F2AFDF2B6C428667912CE4D65681A1044D045D1BC6DE2B14113F0315FC892
                                  Malicious:false
                                  Reputation:low
                                  URL:https://privacyportal-eu-cdn.onetrust.com/dsarwebform/202212.1.0/fontawesome-webfont.20fd1704ea223900efa9.woff2?v=4.7.0
                                  Preview:wOF2......-h..........-.........................?FFTM.. .`..r.....(..X.6.$..p..... .....u[R.rGa...*...'.=.:..&..=r.*.......].t..E.n.......1F...@....|....f.m.`.$..@d[BQ.$([U<+(..@P.5..`....>.P..;.(..1..l..h...)..Yy..Ji......|%..^..G..3..n........D..p\Yr .L.P.....t.)......6R.^"S.L~.YR.CXR...4...F.y\[..7n..|.s.q..M..%K......,.....L.t.'....M.,..c..+b....O.s.^.$...z...m...h&gb...v.....'..6.:....s.m.b.1.m0"....*V.....c.$,0ATPT.1.....<..;...`..'.H.?.s.:..ND.....I..$..T..[..b4........,....bl6...IL.i}.&.4.m,'....#....Rw..bu..,K......v....m_-...\H....HH.......?...m..9P...)9.J..$.....8......~.;.r..n.=$.....Nddn.!'....;...8..'.N...!.-..J.........X.=.,......"`:....... {......K!'...-FH....#$~.Z_.......N5VU8F....%.P..........Cp..$.Q.......r.....k.k...3...:R.%....2{.....h%.)8..........ILK.6v.#......,;.6..N.2.hv...........OO..t#....xT..Bf....q^.#....?{.5b.I..%-WZ..b.A...^.1..n5.....NQ.Y'.........S.....!t" .`b3..%....35....fv;....l..9.:jgf?gr..p.x. ..|.. $. e.

                                  Chrome Cache Entry: 120

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:SVG Scalable Vector Graphics image
                                  Category:dropped
                                  Size (bytes):11650
                                  Entropy (8bit):3.93876124749046
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:98A33C76AD101B297F0EB6C8209A45CB
                                  SHA1:0B7BC7B4632D954F19FFFE7B9CFC78EA0C47ABC2
                                  SHA-256:D76F0E86584D3619BF1FEECDD057CBF61E9A330EE5C81248880FE93415AD2545
                                  SHA-512:8956B7983503F98C46827F6DBFC3121A37862101A84A2ABD012DF9BD3A63511B0DB1A419B22F6D370E6D735503C182D1DB8CC757D8E6C062754D741FFDED2340
                                  Malicious:false
                                  Reputation:low
                                  Preview:<svg width="178" height="19" viewBox="0 0 178 19" fill="none" xmlns="http://www.w3.org/2000/svg">.<path d="M1.05682 16V7.27273H4.00568C4.69034 7.27273 5.25 7.39631 5.68466 7.64347C6.12216 7.88778 6.44602 8.21875 6.65625 8.63636C6.86648 9.05398 6.97159 9.51989 6.97159 10.0341C6.97159 10.5483 6.86648 11.0156 6.65625 11.4361C6.44886 11.8565 6.12784 12.1918 5.69318 12.4418C5.25852 12.6889 4.7017 12.8125 4.02273 12.8125H1.90909V11.875H3.98864C4.45739 11.875 4.83381 11.794 5.1179 11.6321C5.40199 11.4702 5.60795 11.2514 5.7358 10.9759C5.86648 10.6974 5.93182 10.3835 5.93182 10.0341C5.93182 9.68466 5.86648 9.37216 5.7358 9.09659C5.60795 8.82102 5.40057 8.60511 5.11364 8.44886C4.8267 8.28977 4.44602 8.21023 3.97159 8.21023H2.11364V16H1.05682ZM11.1264 16.1364C10.5355 16.1364 10.017 15.9957 9.57102 15.7145C9.12784 15.4332 8.78125 15.0398 8.53125 14.5341C8.28409 14.0284 8.16051 13.4375 8.16051 12.7614C8.16051 12.0795 8.28409 11.4844 8.53125 10.9759C8.78125 10.4673 9.12784 10.0724 9.57102 9.79119C1

                                  Chrome Cache Entry: 121

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:SVG Scalable Vector Graphics image
                                  Category:downloaded
                                  Size (bytes):2017
                                  Entropy (8bit):4.1819879630541195
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:9B150B2B4D221C050CAE6C558D37DEBC
                                  SHA1:D7D80C9841A91BCCB6E875D73B7A2D37BA1BA41F
                                  SHA-256:5F897A46FA9AFB9EA51E2E4C34E609E6BDCBC0B36ECBA699F00523D1E955CD69
                                  SHA-512:C746EF4C3EFF427CF77492157F143A2556411BA5BF1E92C239A728DD804A9D8D824618394D7952C103B52409BC5D65F3142E333F75BBF2D4AA59B44ABD27030C
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.lushaprivacy.com/wp-content/themes/lushaprivacy/assets/img/logo.svg
                                  Preview:<svg width="92" height="32" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M33.45 7.6h-3.372v17.082h9.886v-3.225h-6.515V7.6zm15.421 11.471c0 2.121-1.147 3.025-2.684 3.025-1.417 0-2.413-.855-2.413-2.516v-7.1h-3.149v7.49c0 3.246 2.024 5.053 4.61 5.053 1.634 0 2.906-.611 3.636-1.71v1.37h3.15V12.48h-3.15v6.591zm8.052-3.129c0-.66.634-1 1.418-1 .904 0 1.586.464 1.953 1.244l2.684-1.467c-.952-1.683-2.662-2.586-4.637-2.586-2.516 0-4.637 1.39-4.637 3.88 0 4.296 6.298 3.316 6.298 5.102 0 .709-.681 1.05-1.683 1.05-1.217 0-2.05-.585-2.391-1.586l-2.733 1.537c.877 1.878 2.684 2.906 5.124 2.906 2.614 0 4.903-1.272 4.903-3.907-.005-4.486-6.299-3.366-6.299-5.173zm14.323-3.802c-1.634 0-2.905.61-3.636 1.71V7.6h-3.15v17.082h3.15v-6.59c0-2.122 1.147-3.025 2.684-3.025 1.418 0 2.413.855 2.413 2.516v7.1h3.15v-7.495c.005-3.247-2.024-5.049-4.61-5.049zm15.79.34v1.439c-.876-1.099-2.196-1.78-3.977-1.78-3.246 0-5.93 2.808-5.93 6.444s2.684 6.445 5.93 6.445c1.78 0 3.1-.682 3.977-1.78v1.439h3.15V12.48h-3.15zm-

                                  Chrome Cache Entry: 122

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
                                  Category:dropped
                                  Size (bytes):600
                                  Entropy (8bit):7.391634169810707
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:0F2A4639B8A4CB30C76E8333C00D30A6
                                  SHA1:57E273A270BB864970D747C74B3F0A7C8E515B13
                                  SHA-256:44B988703019CD6BFA86C91840FECF2A42B611B364E3EEA2F4EB63BF62714E98
                                  SHA-512:3EA72C7E8702D2E9D94B0FAA6FA095A33AB8BC6EC2891F8B3165CE29A9CCF2114FAEF424FA03FD4B9D06785326284C1BB2087CE05E249CCAC65418361BFA7C51
                                  Malicious:false
                                  Reputation:low
                                  Preview:.PNG........IHDR...0...0.......1.....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD.........IDATX..M+.Q.....&/....&......6...|.I..).o.I.X..#.@.bb.D.'5....m...=..y........{....<.P..;.H......f...3l...M.I...j2.....3..1x..S......9..<m...E.'F'.. ...M.j...C..c.5.-..F..3H./F!.."V.e.i.}.Y....../.rw...@...].rp...`CQo(.....J...u.".!E...$.^$...k....b...*.@.^.;.u5.*.......H/Q{..$..'..........w...r.+xS.uR..J.......GD.O./.. G7..l...J.t.3.S...N.7...e..s.-Jlj)..5E....E.;8w4.k..=.li.G...1.c....p,T6;....1.oW.%.2,..Z..a...*m.s}T1F....Hr.1......<x0.....-.i......IEND.B`.

                                  Chrome Cache Entry: 123

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:downloaded
                                  Size (bytes):102
                                  Entropy (8bit):5.044277058840961
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:B581F6E6AC7EB4D572233BDD384918F8
                                  SHA1:12A90CD14CFEA2286982801538560F638670EAFF
                                  SHA-256:B62F36160407C81030404AB242125AFD42FA0DA6626EF11E5F406DDA12ACF144
                                  SHA-512:232FB6B94AD5708A7C1631050A42EB6A3AC1E383D916A09EEFF1E070EA110C7DBEDF69EFA692467C5242AD41C90E9C5505E1C9FE0DEFA794EF49C2D8523D15AC
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
                                  Preview:importScripts('https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js');

                                  Chrome Cache Entry: 124

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:Web Open Font Format (Version 2), TrueType, length 15572, version 1.6554
                                  Category:downloaded
                                  Size (bytes):15572
                                  Entropy (8bit):7.9810164149550245
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:E64CAB167BBDC04807429D10873901A0
                                  SHA1:AFC44700053C9A28F9AB26F6AEC4862AC1D0795D
                                  SHA-256:60F9B5203842A4FE2D52F7C96F3C57B755BBF8F347535469739BCC6F95A9C4B5
                                  SHA-512:9812A394D05F56B70C1DE57FF6CCD46E15C2DB99A003138A0CC2210D08303746969A269F37583A6BE14C706C645FB923136E4231B3ED1FB47FCAF6209884CEAC
                                  Malicious:false
                                  Reputation:low
                                  URL:https://privacyportal-eu-cdn.onetrust.com/dsarwebform/202212.1.0/open-sans-v13-latin-regular.53ea6dd630c9834ba13c.woff2
                                  Preview:wOF2......<........8..<p.............................t.`..L.."..4.....D..B.6.$..l.....<.. ..2..(.....w..;[...C.[%[.v.(*T..E.q@..g.....yI..%X."h.u..O...)nb.A1..hC.V.@CN....~.e..........el<..s.....8.9..5B./(..%.k..4Ji.:.....C".o)&.......T.......K....R...R(.......G.T..'.6...?......j.o..,..T.I.&..]..g..@.B. ....P&...m..Q.r.*.S..=Q.1.....2r......*D....9.._......?.6f..F.......^.r0.7..W.dY..$.......\.x...{..%.-....g.K>.>.Y. ..AtAti@..q..&y..).)..(+..aC.......d....Xy..T_.[.l}K..DN...A..Ug.....,..J5....".&.F..@.v:..pM5......}..,.AD.~..m.....#..%./B]..E-..Xv;.i..r..h.e..O..V..1P...`>.S...../.jUb....Gq.9@..x..O.v\.........A..'...5.,..A...p...".&.4...S>.-)l.Bo.'5?4S3...14J.]H.^....|!......L....... (....R:/II..FP....@...SN.7.....D.K1Wv..M..../MO6x..2B........Q. ....^B0+&..i..xZ.GS......:.2.....d...)..x...l!.>r.............TJ.S..4....E.).sN.e. .2..p.I1..&...$....Z..0E.t..G..............vkp..h"...iH@.B..[...D.,0..e.....AN....r..w.......L

                                  Chrome Cache Entry: 127

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with very long lines (3034)
                                  Category:downloaded
                                  Size (bytes):231181
                                  Entropy (8bit):5.56464656152246
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:6F095EA0FFFC797D9CDBFFDB79969980
                                  SHA1:566551AB421E9EA7CC49486F98D58F5E38E079C5
                                  SHA-256:89728056C05524F880F756C89BC02AC13D4A45D8F83C9EEB32B13CE88B7FB0CF
                                  SHA-512:4B829ADCAC3338FCE61208243B93A95346CFA4F019513C04791BA78BA183FA65A23198B49C3B37165A80DD7F713F977367BFA20A31A9E327E3D625B2AF97429E
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.googletagmanager.com/gtag/js?id=G-LPBVZJFDEK&l=dataLayer&cx=c
                                  Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0},{"vtp_signal":0,"function":"__c","vtp_value":0}],. "tags":[{"function":"__gct","vtp_trackingId":"G-LPBVZJFDEK","vtp_sessionDuration":0,"tag_id":1},{"function":"__ccd_em_outbound_click","priority":0,"vtp_includeParams":true,"vtp_instanceDestinationId":"G-LPBVZJFDEK","tag_id":3},{"function":"__ccd_em_site_search","vtp_searchQueryParams":"q,s,search,query,keyword","vtp_includeParams":true,"vtp_instanceDestinationId":"G-LPBVZJFDEK","tag_id":5},{"function":"__ccd_em_scroll","vtp_includeParams":true,"vtp_instanceDestinationId":"G-LPBVZJFDEK","tag_id":6},{"function":"__ccd_em_page_view","vtp_historyEvents":true,"vtp_includeParams":true,"vtp_instanceDestinationId":"G-LPBVZJFDEK","tag_id":7},{"function":"__ccd_conversion_marking","vtp_conversionRules":["list",["map","matchingRules","{

                                  Chrome Cache Entry: 128

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with very long lines (2440), with no line terminators
                                  Category:downloaded
                                  Size (bytes):2440
                                  Entropy (8bit):4.959562321437489
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:41D14D679D58829A4EF7BC93B7ECDDA1
                                  SHA1:6BFA8DEB6CDE27146233F034787CD5CF11098931
                                  SHA-256:466C8AF7D34F8FB2B22BF44A677BA4A41814531629BF679CED747A41B4C286E2
                                  SHA-512:6BA8E649CD199B2DED40884C3DA1490BD1FB44E282882367D0E037C67398C53C53B1318870B6E6544C4B8111CAB2EA1505FD82F393EB1B5AAA62136EF99CEE48
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.lushaprivacy.com/wp-content/themes/lushaprivacy/assets/js/vendor.min.js?ver=6.3.2
                                  Preview:"use strict";"function"!=typeof Object.create&&(Object.create=function(t){function n(){}return n.prototype=t,new n}),function(r,i,s){var a={init:function(t,n){var a=this;a.elem=n,a.$elem=r(n),a.opt=r.extend({},this.opt,t),a.headers=a.$elem.find(a.opt.headers),(a.previous=0)!==a.headers.length&&(a.first=parseInt(a.headers.prop("nodeName").substring(1),null)),a.build()},opt:{navigation:".anchorific",headers:"h1, h2, h3, h4, h5, h6",speed:200,anchorClass:"anchor",anchorText:"#",top:".top",spy:!0,position:"append",spyOffset:!0},build:function(){var t,n=this,a=function(){};n.opt.navigation&&(r(n.opt.navigation).append("<ul />"),n.previous=r(n.opt.navigation).find("ul").last(),a=function(t){return n.navigations(t)});for(var e=0;e<n.headers.length;e++)a(t=n.headers.eq(e)),n.anchor(t);n.opt.spy&&n.spy(),n.opt.top&&n.back()},navigations:function(t){var n=this,a=n.name(t);t.attr("id")!==s&&(a=t.attr("id")),a=r("<a />").attr("href","#"+a).text(t.text()),a=r("<li />").append(a),t=parseInt(t.prop("

                                  Chrome Cache Entry: 129

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:JSON data
                                  Category:downloaded
                                  Size (bytes):108952
                                  Entropy (8bit):5.085443688976785
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:EFE54BA0ECC3580318A951F25B6BEBE2
                                  SHA1:A9EE27843B05C3E518751F53A8A5009C44A8291D
                                  SHA-256:E0D0A72A4DE41346F91F3791D90B94699328A25C32D9637858BB53AC79CA636F
                                  SHA-512:8B74456F98337C13E2E2653A4A982921EEDF1D8792CCED59AFBD33C5C975F708220951A11068E7526ABDFFA7211ED4943A2288E1F8FA85B456FDE9940DF43A12
                                  Malicious:false
                                  Reputation:low
                                  URL:https://appeudsebed.blob.core.windows.net/dsarwebform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2-locations.json
                                  Preview:{"id":"00000000-0000-0000-0000-000000000000","name":"Default","locations":[{"id":"cc4226e7-f2a1-452e-b9ed-fc472069f2e8","code":"AF","name":"Afghanistan","enabled":true,"translations":{"de":"Afghanistan","en-us":"Afghanistan","pt":"Afeganist.o","it":"Afghanistan","es":"Afganist.n","ja":".......","ro":"Afganistan","nl":"Afghanistan","fr":"Afghanistan","sv":"Afghanistan","da":"Afghanistan"},"regionCode":"AS","metadata":{"phoneCode":"+93"}},{"id":"1bd8ed8c-2462-4af2-b3e8-d4200e133f1e","code":"AX","name":".land Islands","enabled":true,"translations":{"de":"Alandinseln","en-us":".land Islands","pt":"Ilhas Alanda","it":"Isole .land","es":"Islas Aland","ja":".......","ro":"Insulele .land","nl":".land","fr":".land","sv":".land","da":".lands.erne"},"regionCode":"EU","metadata":{"phoneCode":"+358"}},{"id":"2fdaa4c9-5172-471e-827e-58ffd3795285","code":"AL","name":"Albania","enabled":true,"translations":{"de":"Albanien","en-us":"Albania","pt":"Alb.nia","it":"

                                  Chrome Cache Entry: 131

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with very long lines (56398), with no line terminators
                                  Category:downloaded
                                  Size (bytes):56398
                                  Entropy (8bit):5.907604034780877
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:EB4BC511F79F7A1573B45F5775B3A99B
                                  SHA1:D910FB51AD7316AA54F055079374574698E74B35
                                  SHA-256:7859A62E04B0ACB06516EB12454DE6673883ECFAEAED6C254659BCA7CD59C050
                                  SHA-512:EC9BDF1C91B6262B183FD23F640EAC22016D1F42DB631380676ED34B962E01BADDA91F9CBDFA189B42FE3182A992F1B95A7353AF41E41B2D6E1DAB17E87637A0
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
                                  Preview:.goog-inline-block{position:relative;display:-moz-inline-box;display:inline-block}* html .goog-inline-block{display:inline}*:first-child+html .goog-inline-block{display:inline}.recaptcha-checkbox{border:none;font-size:1px;height:28px;margin:4px;width:28px;overflow:visible;outline:0;vertical-align:text-bottom}.recaptcha-checkbox-border{-webkit-border-radius:2px;-moz-border-radius:2px;border-radius:2px;background-color:#fff;border:2px solid #c1c1c1;font-size:1px;height:24px;position:absolute;width:24px;z-index:1}.recaptcha-checkbox-borderAnimation{background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAFQAAANICAYAAABZl8i8AAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAABIAAAASABGyWs+AAAACXZwQWcAAABUAAADSAC4K4y8AAA4oElEQVR42u2dCZRV1ZX3q5iE4IQIiKQQCKBt0JLEIUZwCCk7pBNFiRMajZrIl9aOLZ8sY4CWdkDbT2McooaAEmNixFhpaYE2dCiLScWiQHCgoGQoGQuhGArKKl7V+c5/n33fO/V4w733nVuheXuv9V/rrnvP2Xud3zvTPee+ewsKxMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExP4OdtlT6ztAbRWvvLy8A3QkwxzH6tBGMMexI

                                  Chrome Cache Entry: 132

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with very long lines (1294), with no line terminators
                                  Category:downloaded
                                  Size (bytes):1294
                                  Entropy (8bit):5.802516111896218
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:39AB1DDF0BF9BDF54EA897749BCE0D51
                                  SHA1:173B41E2B962D45F3E0DDCC55C0F67CB2F019A4F
                                  SHA-256:00D0E431B64943A1C34B6555207D2069198D4D692E66391B80CC69C98FB67261
                                  SHA-512:AB7342201E2DCF3FAD331354BD5954C9041465D9350BEA78BB7596FD96A643C1A1D7D4FA8364F63A895E4E8612363043CABE326B4C2863355C6DAEE107D622CC
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.google.com/recaptcha/api.js?onload=ngx_captcha_onload_callback&render=explicit&hl=en-us
                                  Preview:/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]||{},N='grecaptcha';var gr=w[N]=w[N]||{};gr.ready=gr.ready||function(f){(cfg['fns']=cfg['fns']||[]).push(f);};w['__recaptcha_api']='https://www.google.com/recaptcha/api2/';(cfg['render']=cfg['render']||[]).push('explicit');(cfg['onload']=cfg['onload']||[]).push('ngx_captcha_onload_callback');w['__google_recaptcha_client']=true;var d=document,po=d.createElement('script');po.type='text/javascript';po.async=true;var m=d.createElement('meta');m.httpEquiv='origin-trial';m.content='Az520Inasey3TAyqLyojQa8MnmCALSEU29yQFW8dePZ7xQTvSt73pHazLFTK5f7SyLUJSo2uKLesEtEa9aUYcgMAAACPeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZyIsImV4cGlyeSI6MTcyNTQwNzk5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=';d.head.prepend(m);po.src='https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js';po.crossOrigin='

                                  Chrome Cache Entry: 134

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
                                  Category:dropped
                                  Size (bytes):665
                                  Entropy (8bit):7.42832670119013
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:07BF314AAB04047B9E9A959EE6F63DA3
                                  SHA1:17BEF6602672E2FD9956381E01356245144003E5
                                  SHA-256:55EAF62CB05DA20088DC12B39D7D254D046CB1FD61DDF3AE641F1439EFD0A5EE
                                  SHA-512:2A1D4EBC7FBA6951881FD1DDA745480B504E14E3ADAC3B27EC5CF4045DE14FF030D45DDA99DC056285C7980446BA0FC37F489B7534BE46107B21BD43CEE87BA0
                                  Malicious:false
                                  Reputation:low
                                  Preview:.PNG........IHDR...0...0.......1.....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD.........IDATX..W..DA.=.6O...H.,E.............b.....C.1...1..EbLPI.W......H..s.z5.:..._.d.0.u.......j.x.R..._.v..R...1..ir..`.yn..R..j.h./y..l......(`..5....l.E..0......B^......F.....F....Y|p..._,p.............(3^.r.P.O......;<....z.,..yF....N..x.MS...Q.C%......D8G.+......oOk...)T..}|..e...G.....'.R..G.Z.T}7(...&..@...G....$PGYv...A.c.]d....N..'.4b...R.%..)2Yd..b.M..^@.M....^.:h.N(dP*t..RQ%.o...{.vGH..S._".@./...g.....]...?..h..E.,r.m.%."."W.6G..t...->....q\.Kc.t"^......Kj~{l..C..).y..><@|yB....=c.............!...<....IEND.B`.

                                  Chrome Cache Entry: 136

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with very long lines (3026)
                                  Category:downloaded
                                  Size (bytes):172684
                                  Entropy (8bit):5.5434547636732345
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:CDD3745606416CA6977AD0DE41E9491B
                                  SHA1:30E42EE630F31B6D368A7A91ED3E8741D0D60702
                                  SHA-256:5F89E6C0C22DC2F1D4F06C3521F3939404085F744DC68F6D481FD2AF0DCB1EE5
                                  SHA-512:DAE6F35AB32D5F840E5CE9938CC77D7E2291061BB05F6900EBD9762162B74DFE5DDCE390CA9684C1A943E7C6D019F314B6DE3774711A023A1B5DA21ADAB3EC6A
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.googletagmanager.com/gtm.js?id=GTM-TWCSJR9
                                  Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"},{"function":"__u","vtp_component":"HOST","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"PATH","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__f","vtp_component":"URL"},{"function":"__e"}],. "tags":[{"function":"__googtag","metadata":["map"],"once_per_event":true,"vtp_tagId":"G-LPBVZJFDEK","vtp_configSettingsTable":["list",["map","parameter","send_page_view","parameterValue","true"]],"tag_id":5},{"function":"__html","metadata":["map"],"once_per_event":true,"vtp_html":"\u003Cscript data-gtmsrc=\"\/c3650cdf-216a-4ba2-80b0-9d6c540b105e58d2670b-ea0f-484e-b88c-0e2c1499ec9bd71e4b42-8570-44e3-89b6-845326fa43b6\" type=\"text\/gtmscript\"

                                  Chrome Cache Entry: 141

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
                                  Category:dropped
                                  Size (bytes):2228
                                  Entropy (8bit):7.82817506159911
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:EF9941290C50CD3866E2BA6B793F010D
                                  SHA1:4736508C795667DCEA21F8D864233031223B7832
                                  SHA-256:1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
                                  SHA-512:A0C69C70117C5713CAF8B12F3B6E8BBB9CDAF72768E5DB9DB5831A3C37541B87613C6B020DD2F9B8760064A8C7337F175E7234BFE776EEE5E3588DC5662419D9
                                  Malicious:false
                                  Reputation:low
                                  Preview:.PNG........IHDR...0...0.....W.......gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD.......C......pHYs.................IDATh...P....=..8.....Nx. ..PlP8..;.C.1iL#6...*.Z..!......3.po .o.L.i.I..1fl..4..ujL&6$...............w...........,Z..z. ~.....\.._.C.eK...g..%..P..L7...96..q....L.....k6...*..,xz.._......B."#...L(n..f..Yb...*.8.;....K)N...H).%.F"Ic.LB.........jG.uD..B....Tm....T..).A.}D.f..3.V.....O.....t_..].x.{o......*....x?!W...j..@..G=Ed.XF.........J..E?../]..?p..W..H..d5% WA+.....)2r..+..'qk8.../HS.[...u..z.P.*....-.A.}.......I .P.....S....|...)..KS4....I.....W...@....S.s..s..$`.X9.....E.x.=.u.*iJ...........k......'...!.a....*+.....(...S..\h....@............I.$..%.2....l......a.|.....U....y.....t..8....TF.o.p.+.@<.g........-.M.....:.@..(.......@......>..=.ofm.WM{...e..,..D.r.......w....T.L.os..T@Rv..;.....9....56<.x...........2.k.1....dd.V.....m..y5../4|...G.p.V.......6...}.....B........5...&..v..yTd.6...../m.K...(.

                                  Chrome Cache Entry: 142

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with very long lines (65536), with no line terminators
                                  Category:downloaded
                                  Size (bytes):866824
                                  Entropy (8bit):5.330465300196858
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:F62792BB9657D22022640DAEE83D1103
                                  SHA1:0C9AC8C8BCE5118E3CD8DA78755906AF323B9000
                                  SHA-256:54036EB26DDEB712871057366A81670EA21726C6FF2B9F4F8601FC6055D26189
                                  SHA-512:430408212B53E5BA18490F0368BD8FFB5B6D808BFBCA9E1A5336A0E03521DABA6FED3A275D818BD469CFFC7B2239B477405023CAF4C0B10132004BEF98E14724
                                  Malicious:false
                                  Reputation:low
                                  URL:https://privacyportal-eu-cdn.onetrust.com/dsarwebform/202212.1.0/main-es2015.372a2e9e238ab18a136f.js
                                  Preview:(window.webpackJsonp=window.webpackJsonp||[]).push([[1],{0:function(e,t,n){e.exports=n("zUnb")},"2pl3":function(e,t){e.exports=function(e){return e.webpackPolyfill||(e.deprecate=function(){},e.paths=[],e.children||(e.children=[]),Object.defineProperty(e,"loaded",{enumerable:!0,get:function(){return e.l}}),Object.defineProperty(e,"id",{enumerable:!0,get:function(){return e.i}}),e.webpackPolyfill=1),e}},"6MUB":function(e,t,n){"use strict";var i=function(e){switch(typeof e){case"string":return e;case"boolean":return e?"true":"false";case"number":return isFinite(e)?e:"";default:return""}};e.exports=function(e,t,n,r){return t=t||"&",n=n||"=",null===e&&(e=void 0),"object"==typeof e?Object.keys(e).map((function(r){var s=encodeURIComponent(i(r))+n;return Array.isArray(e[r])?e[r].map((function(e){return s+encodeURIComponent(i(e))})).join(t):s+encodeURIComponent(i(e[r]))})).join(t):r?encodeURIComponent(i(r))+n+encodeURIComponent(i(e)):""}},CxY0:function(e,t,n){"use strict";var i=n("nYho"),r=n("N

                                  Chrome Cache Entry: 143

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:Web Open Font Format (Version 2), TrueType, length 16276, version 1.6554
                                  Category:downloaded
                                  Size (bytes):16276
                                  Entropy (8bit):7.978971220338421
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:73437AD44345F889F45E27C428D618D8
                                  SHA1:578D7B5FF3816F7F666984E303364C81BE0771D0
                                  SHA-256:F164941997FBC7F7ED7D2A7C3E86B997D647F1910D93FDC2462DD86FD5AFFA48
                                  SHA-512:2E315C3BC63C62059EA08E03971D6B947C996703FA91744A4B342651E28AB8631E8C5F011A5598A23AA0A25126409F109748932261666EA988DA4A2A537B4601
                                  Malicious:false
                                  Reputation:low
                                  URL:https://privacyportal-eu-cdn.onetrust.com/dsarwebform/202212.1.0/open-sans-v13-latin-700.00fb2fb77ba911c3cabc.woff2
                                  Preview:wOF2......?........0..?..............................t.`..L..*..`.....x..Z.6.$..l.....<.. ..\..(..x.#~.D..6%)!.m.X..bT...Ju.#.............v2..m......U.0K&../bU.i+R...>..twi3... sa'..h6e8..<...f...*9.D.-......Y*(.t...ESg@R..l.|.3ZFE<./Bj.OB"..RC..cF{....}...$|.M....=b.w..u.A-.M~......s.{..?..I.T...G}..$k.x*z...9...~j....9...d...R...&c.."..:u...t:R.t...e..{.....|%81ezj....._..MLD{.L[.mt.....R........h0...Eg.`...6b....1g.......sa.\..6..K..M.i4......7..8.6wWtW........A..M..K..d...{...2.kB..,@U8..F.....j...A.R.H.5+...]C.L.qQ.,....$>`K.Fr:..}..VR...WM.,..#.6._.H..%.p....i....kz.........Xg~.##C.....k....8..!<...u.)\....Vjn.;d...pc........$...E*P..D$.....N.H..c.{.B....dS:6.}...aQY<...CT[&"....gyX.0...y.2.....4t...py.R.izk..).EX.....C!r....{S.$0....k...9K.@]#c|..vf..M{[... ..w..>t...3~.4.F2.d}.$.ciql/HK3...H!C.[A.* ..{V.FZ....s....u).2e..e.z..3-...D..,../....~.U...t/.......e....+...se.Q.=....A6.t.6.&...*$....f7.|.~a.].b#.^....9.>. ....Y.}....<*.....I^%.

                                  Chrome Cache Entry: 145

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
                                  Category:downloaded
                                  Size (bytes):15344
                                  Entropy (8bit):7.984625225844861
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:5D4AEB4E5F5EF754E307D7FFAEF688BD
                                  SHA1:06DB651CDF354C64A7383EA9C77024EF4FB4CEF8
                                  SHA-256:3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
                                  SHA-512:7EB7C301DF79D35A6A521FAE9D3DCCC0A695D3480B4D34C7D262DD0C67ABEC8437ED40E2920625E98AAEAFBA1D908DEC69C3B07494EC7C29307DE49E91C2EF48
                                  Malicious:false
                                  Reputation:low
                                  URL:https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
                                  Preview:wOF2......;........H..;..........................d..@..J.`..L.T..<.....x.....^...x.6.$..6. ..t. ..I.h|.l....A....b6........(......@e.]...*:..-.0..r.)..hS..h...N.).D.........b.].......^..t?.m{...."84...9......c...?..r3o....}...S]....zbO.../z..{.....~cc....I...#.G.D....#*e.A..b...b`a5P.4........M....v4..fI#X.z,.,...=avy..F.a.\9.P|.[....r.Q@M.I.._.9..V..Q..]......[ {u..L@...]..K......]C....l$.Z.Z...Zs.4........ x.........F.?.7N..].|.wb\....Z{1L#..t....0.dM...$JV...{..oX...i....6.v.~......)|.TtAP&).KQ.]y........'...:.d..+..d..."C.h..p.2.M..e,.*UP..@.q..7..D.@...,......B.n. r&.......F!.....\...;R.?-.i...,7..cb../I...Eg...!X.)5.Aj7...Ok..l7.j.A@B`".}.w.m..R.9..T.X.X.d....S..`XI..1... .$C.H.,.\. ..A(.AZ.................`Wr.0]y..-..K.1.............1.tBs..n.0...9.F[b.3x...*$....T..PM.Z-.N.rS?I.<8eR'.3..27..?;..OLf*.Rj.@.o.W...........j~ATA....vX.N:.3dM.r.)Q.B...4i.f..K.l..s....e.U.2...k..a.GO.}..../.'..%$..ed.*.'..qP....M..j....../.z&.=...q<....-..?.A.%..K..

                                  Chrome Cache Entry: 146

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with very long lines (53449)
                                  Category:downloaded
                                  Size (bytes):104484
                                  Entropy (8bit):4.91975104219658
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:03C0F2128C8DD615B1691C168F1D4456
                                  SHA1:DEFA44BED1F35EC899CFD358CA911390BCA53E67
                                  SHA-256:67447C3656CAAD630373253691F3E8F64467EAFD6E7305C9B0E98111B0B41694
                                  SHA-512:01485475AEC2D490E75DC76AEA6E011541EDCFF527E85A773644ACCF101175B619E10B4D3A5CDB5926669559782BC33DF483FE9CC3DE9D3431E08123CE5D0853
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.lushaprivacy.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
                                  Preview:@charset "UTF-8";.wp-block-archives{box-sizing:border-box}.wp-block-archives-dropdown label{display:block}.wp-block-avatar{line-height:0}.wp-block-avatar,.wp-block-avatar img{box-sizing:border-box}.wp-block-avatar.aligncenter{text-align:center}.wp-block-audio{box-sizing:border-box}.wp-block-audio figcaption{margin-bottom:1em;margin-top:.5em}.wp-block-audio audio{min-width:300px;width:100%}.wp-block-button__link{box-sizing:border-box;cursor:pointer;display:inline-block;text-align:center;word-break:break-word}.wp-block-button__link.aligncenter{text-align:center}.wp-block-button__link.alignright{text-align:right}:where(.wp-block-button__link){border-radius:9999px;box-shadow:none;padding:calc(.667em + 2px) calc(1.333em + 2px);text-decoration:none}.wp-block-button[style*=text-decoration] .wp-block-button__link{text-decoration:inherit}.wp-block-buttons>.wp-block-button.has-custom-width{max-width:none}.wp-block-buttons>.wp-block-button.has-custom-width .wp-block-button__link{width:100%}.wp-bl

                                  Chrome Cache Entry: 147

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:downloaded
                                  Size (bytes):27
                                  Entropy (8bit):4.236368983644951
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:E309E3BD35A53626E48D0003DCE67A5C
                                  SHA1:E1D01FD52F86FD7F11B151AD94D45E37AE22A499
                                  SHA-256:A8813C15C8008A25C97C8F688440784DFFBEE20B9D668838D6FC057A447C135E
                                  SHA-512:63F21A8B34CD3C8405745A8CCBB2ECD6A4CB8F42E5BEABBA82885C1A8D5B743DC014AD86AD8513BD3406DDCF3C01544F385521CB234BF3AD9341ADAF5AEE269C
                                  Malicious:false
                                  Reputation:low
                                  URL:https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countrycode?callback=ng_jsonp_callback_0
                                  Preview:jsonFeed({"country":"US"});

                                  Chrome Cache Entry: 148

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with very long lines (1485), with no line terminators
                                  Category:downloaded
                                  Size (bytes):1485
                                  Entropy (8bit):5.142774489176319
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:1244D3F2F28ECC6619157927ACA95200
                                  SHA1:A9AAFCF49F49145093FC831EFD9B8E2F6C71BB9C
                                  SHA-256:6C5ACBB82A46A4971660F65131241DFFCC28828F4DBD76B8EC7BAB0B468250F8
                                  SHA-512:3686AFB82F76DA09848C154CCB79A5213DC67698763412E526216FBCE17A94BD0B1762DA3627677B3EE97A05CDC837739FDC4DBDC08B13FBD50CBB0FB9A0B512
                                  Malicious:false
                                  Reputation:low
                                  URL:https://privacyportal-eu-cdn.onetrust.com/dsarwebform/202212.1.0/runtime-es2015.1c3d57ecadbcd276b059.js
                                  Preview:!function(e){function r(r){for(var n,l,f=r[0],i=r[1],p=r[2],c=0,s=[];c<f.length;c++)l=f[c],Object.prototype.hasOwnProperty.call(o,l)&&o[l]&&s.push(o[l][0]),o[l]=0;for(n in i)Object.prototype.hasOwnProperty.call(i,n)&&(e[n]=i[n]);for(a&&a(r);s.length;)s.shift()();return u.push.apply(u,p||[]),t()}function t(){for(var e,r=0;r<u.length;r++){for(var t=u[r],n=!0,f=1;f<t.length;f++)0!==o[t[f]]&&(n=!1);n&&(u.splice(r--,1),e=l(l.s=t[0]))}return e}var n={},o={0:0},u=[];function l(r){if(n[r])return n[r].exports;var t=n[r]={i:r,l:!1,exports:{}};return e[r].call(t.exports,t,t.exports,l),t.l=!0,t.exports}l.m=e,l.c=n,l.d=function(e,r,t){l.o(e,r)||Object.defineProperty(e,r,{enumerable:!0,get:t})},l.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},l.t=function(e,r){if(1&r&&(e=l(e)),8&r)return e;if(4&r&&"object"==typeof e&&e&&e.__esModule)return e;var t=Object.create(null);if(l.r(t

                                  Chrome Cache Entry: 149

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:HTML document, Unicode text, UTF-8 text, with very long lines (9462)
                                  Category:downloaded
                                  Size (bytes):21877
                                  Entropy (8bit):5.325808227236136
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:A47C01250320781937342F8DCBD6295F
                                  SHA1:8338DCBB338B1E86ABD7A96AF275D09E813E2D67
                                  SHA-256:6CF590EC0B0380577464382280C828F2432E839C93513896F1823CFFD002C2A0
                                  SHA-512:F5DF884EFA14A603B6CE91BDE24BC79D83DFA4F7A61893D62ADC4AD41F1083AC287926EC98D7E0FCBAE2107AE7EC4BA4B5140179A9BDF902F47D969DC900FA43
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.lushaprivacy.com/removal-form/
                                  Preview:<html lang="en">..<head>. Google Tag Manager -->. <script>. (function(w, d, s, l, i) {. w[l] = w[l] || [];. w[l].push({. 'gtm.start': new Date().getTime(),. event: 'gtm.js'. });. var f = d.getElementsByTagName(s)[0],. j = d.createElement(s),. dl = l != 'dataLayer' ? '&l=' + l : '';. j.async = true;. j.src =. 'https://www.googletagmanager.com/gtm.js?id=' + i + dl;. f.parentNode.insertBefore(j, f);. })(window, document, 'script', 'dataLayer', 'GTM-TWCSJR9');. </script>. End Google Tag Manager -->.. <meta charset="UTF-8">. <meta name="viewport" content="width=device-width, initial-scale=1.0">. <meta http-equiv="X-UA-Compatible" content="ie=edge">. <meta name="format-detection" content="telephone=no">. <meta name='robots' content='index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1' />... This site is optimized with

                                  Chrome Cache Entry: 150

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:Web Open Font Format (Version 2), TrueType, length 71120, version 3.0
                                  Category:downloaded
                                  Size (bytes):71120
                                  Entropy (8bit):7.996509047161258
                                  Encrypted:true
                                  SSDEEP:
                                  MD5:1E5523271205DBD752A25F022E3878BB
                                  SHA1:DD5575ACF2FCCC3A1D97EB153F7AD33F68DCAC2B
                                  SHA-256:FC3A9AE217B06062E27A237BC11FB37A309CD0ED7310DA414D165995179EB7A9
                                  SHA-512:AD76FEBAD054AC728C0CA2E4F35FFA4BD053BCD3920B23F2DB32592DA3128F586351C39407D14F146A2E40569E565F9CB0A2275AA0EA55D63A3D0813ED037518
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.lushaprivacy.com/wp-content/themes/lushaprivacy/assets/fonts/circular/CircularXXWeb-Regular.woff2
                                  Preview:wOF2..................................................h..w.`....b..s.....8......8.6.$..L..P.. .........[pV...>r...n. &...w.f>H...A[...T.q.4..g....9P..@..i(.._.f........2Y..N.l.H.Q......lm......U.C.Q...)..IP.....i.e...n6W.zSS...0...b..z..j4..L.c.R..F.)..6hk......4.GIE..P.4.......v........7.C.Z.D...a...B....;..,.. ....P.!.........r..Ub.Ac.....Y.L..5.Ty...NHBJ..._..U">.^%..&&.0.B%R-.GD...}.|T2.#j3..W.2......~>n."........_UU.D..v..J[.nEv..BD...y....>.@..I.....M..S...@D!.HR...2.....#x...._.t}w.uYy.+.\E@Gs2.wr1`.Re&@.AJws.kw......fcB1...c..x...y/....)..<..a.e.) ...`..mjk.#ZD.n...................&...R...P.U..........ID.2..A...1*.cV.a7"bTuY][..qw..q=..5t.Z.P..Nm..lY.K..J(..n.ZR...Y...B..........>...=.:.:.E..4...|IG.\..),.^_..w..6.Y.7.d....X.).(..(. ...l.=T...i.)~>r.f.t....$......^..4._#.......W.....t.-w.?\PN6...&<..3..0wC...%@......V..]G.tZ..x.............+..9......BB.d...c.-.,m.20.Jks.x.C{..6..N.iL..%.<....p...$&GD....ar.a'...q.!:..n@.......nm..t

                                  Chrome Cache Entry: 151

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:downloaded
                                  Size (bytes):124
                                  Entropy (8bit):5.08434356925535
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:CCCF99A4AEEDC4EA2337BB5079138D03
                                  SHA1:D0D43D47679B536D07672CD6BEC5E83B3F069DC1
                                  SHA-256:F6001C08ED1735D4B83544979668214F603EAD560EB881958D07AB735A2D0A81
                                  SHA-512:79585B6B1637609AE60665D8AC6BB6638B1298381922B1887E3B978236E90E243FA9FBDBD9450D9D1D15E7BE8C49A5DBF82A6FF745C43FBD9BCEB4A0BBCF63E6
                                  Malicious:false
                                  Reputation:low
                                  URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISJQlzPXOfi43cqBIFDRid7ecSBQ38NvfgEgUNGSDjyxIFDVNaR8USJQnMikqlQ6MBUxIFDRid7ecSBQ38NvfgEgUNGSDjyxIFDVNaR8U=?alt=proto
                                  Preview:CiwKBw0Yne3nGgAKCw38NvfgGgQIJBgBCgsNGSDjyxoECAkYAQoHDVNaR8UaAAosCgcNGJ3t5xoACgsN/Db34BoECCQYAQoLDRkg48saBAgJGAEKBw1TWkfFGgA=

                                  Chrome Cache Entry: 153

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:Unicode text, UTF-8 text, with very long lines (32616)
                                  Category:downloaded
                                  Size (bytes):610470
                                  Entropy (8bit):5.040409226639319
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:3D8BA82B0A97678CA36CC9E0C28CE214
                                  SHA1:D482BDF675A4C6D9DC0A478297E39C7CB54DDC1E
                                  SHA-256:9FD3DF4EF4B23E2D3B3190A94413C13A08A49E619AE4617440ECC292848F1B8F
                                  SHA-512:B545E28090911BA97F99F5B06E4E2346861DA3F75FE5EA646CD239E7D51C1F11292D767D3C9DBE8A21B9484DD61EBD64A8C7F6BC5C2B011CBB0053729C10ABD5
                                  Malicious:false
                                  Reputation:low
                                  URL:https://privacyportal-eu-cdn.onetrust.com/dsarwebform/202212.1.0/styles.8a8974d342e922446395.css
                                  Preview:@charset "UTF-8";/*!* Font Awesome 4.7.0 by @davegandy - http://fontawesome.io - @fontawesome.* License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License)*//*!nouislider - 12.1.0 - 10/25/2018*/.noUi-target,.noUi-target *{-webkit-touch-callout:none;-webkit-tap-highlight-color:transparent;-webkit-user-select:none;touch-action:none;-ms-user-select:none;-moz-user-select:none;user-select:none;box-sizing:border-box}.noUi-target{position:relative;direction:ltr}.noUi-base,.noUi-connects{width:100%;height:100%;position:relative;z-index:1}.noUi-connects{overflow:hidden;z-index:0}.noUi-connect,.noUi-origin{will-change:transform;position:absolute;z-index:1;top:0;left:0;height:100%;width:100%;transform-origin:0 0}html:not([dir=rtl]) .noUi-horizontal .noUi-origin{left:auto;right:0}.noUi-vertical .noUi-origin{width:0}.noUi-horizontal .noUi-origin{height:0}.noUi-handle{position:absolute}.noUi-state-tap .noUi-connect,.noUi-state-tap .noUi-origin{transition:transform .3s}.noUi-state-d

                                  Chrome Cache Entry: 154

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:HTML document, ASCII text, with very long lines (64506)
                                  Category:downloaded
                                  Size (bytes):359164
                                  Entropy (8bit):5.6381622180117015
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:F39647474BD58DC9859241F41FE3CDD4
                                  SHA1:96F05BF9B74951A5BF9F4242C6D0D3C4A4561B4B
                                  SHA-256:F9FD391BFE7725A73B1FF4E6C6DB30134F7378BD8AA61AC5D2431CFEA1C84621
                                  SHA-512:45350370BB949D1EA1D2C4F27BDB2E6FF4110D4F57DF8455C23468E55CB89B1194323CD6F9AF77538637C277865939314878053E8BE596B5B47E0D54353566EC
                                  Malicious:false
                                  Reputation:low
                                  URL:https://privacyportal-eu.onetrust.com/webform/ff4ba552-d8f3-4209-8935-155725f93afb/68a5d24e-7467-4bd1-818b-8a8d8da486a2
                                  Preview:<!DOCTYPE html><html lang="en"><head>.<meta charset="utf-8">.<title id="pageTitle">Privacy Web Form</title>.<base href="https://privacyportal-eu-cdn.onetrust.com/dsarwebform/202212.1.0/"> <meta name="webformId" content="68a5d24e-7467-4bd1-818b-8a8d8da486a2">.<meta name="viewport" content="width=device-width, initial-scale=1">.<link id="favicon" rel="icon" type="image/x-icon" href="favicon-v2.ico">.<link rel="stylesheet" href="styles.8a8974d342e922446395.css"><style ng-transition="dsar-components"></style></head>.<body>.<app-root _nghost-sc143 ng-version="9.1.13"></app-root>.<script src="runtime-es2015.1c3d57ecadbcd276b059.js" type="module"></script><script src="runtime-es5.1c3d57ecadbcd276b059.js" nomodule defer></script><script src="polyfills-es5.d89e18d6786a57aceb32.js" nomodule defer></script><script src="polyfills-es2015.39a298447f18245a29ca.js" type="module"></script><script src="main-es2015.372a2e9e238ab18a136f.js" type="module"></script><script src="main-es5.372a2e9e238ab18a136f

                                  Chrome Cache Entry: 155

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3
                                  Category:downloaded
                                  Size (bytes):37927
                                  Entropy (8bit):7.978290388266488
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:0342E527166CF926A031BAE352937A3E
                                  SHA1:024EF670B41D0B3414885B59044BF8AA549A5648
                                  SHA-256:BC798E6D930FDF0D94F0576B7213E4B79A4245ED37E32485F6751498E7F387D4
                                  SHA-512:DDFF53739038D4FE24032CA1BBC7E1DDD066B8B6DEF891E75B0F418CF7A22212D0A57CC27023955F752373DD2E6B11F0DEF1553F4A35D6DEB4553D6CEC368AA1
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.google.com/recaptcha/api2/payload?p=06AFcWeA5j3x6mE_K2r4HmuSIlKhV9F38ln_vuFmHYWfuQL6d7sEhnwbAY73UXbNVyayHXzVBxnaZ5Pa4siTYSUAq6Ak8PkYie7K0vZYhF_3B_-nxn1I5aaVn595FKvslZwM8JLpyOO56LLXatv9i3jBMvPaNeqRpn_XgVXsbt-InIzCtS6wr0oD6PBEulRykAcDG4bktYEtAt&k=6LfiqCUUAAAAAGzo0BG2sKBIF-oZVi1_rXgUm5xn&id=2
                                  Preview:......JFIF.............C..............................................!........."$".$.......C............................................................................"............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?........F.sA.\.....R.i:..74..s@...N.......S;........B}.*7.....X.@+..+...y..:TJ...&. fp.S....+.I...C.:U....Y..s\.......,o1.z..;3..G......\..>....3..'.......T....Q.. ....)...m.\....E.%.@..+....U...V..0.....}#Q. ...wS.-<.....c..M....~...........;a\!..dWCg...f..}.kz...U.7C....h.q[...y..:..yn.~55...k.7.!....[.....m..(..^$...6^..nn%X.s[.^....:S'.....s.S....X.

                                  Chrome Cache Entry: 156

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                                  Category:dropped
                                  Size (bytes):891
                                  Entropy (8bit):7.64753324066585
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:1F7AECDD5E7DD840C1F6919FC10C4362
                                  SHA1:C80C3AAFBAAA0697986623A8F91E514DE13306C4
                                  SHA-256:FA8865194659735597AD33621172EEBAFCE83D5785619677810A729B26EEC5DD
                                  SHA-512:4A84287635A466327A50CDFDB5FDEE66E15D017431AF476B4F63DB0CC1ACC54FA5E9FB5AF0417E7DF04761E0C948E58AF1077D365D93FCAB89A3422F592185FD
                                  Malicious:false
                                  Reputation:low
                                  Preview:.PNG........IHDR... ... .....szz.....pHYs..........+.....-IDATX...O.Ue....;.Lv...-...CVPX..D... (..q...E.I.D....0..".E.....RVP..IEE......pN.0.>-...{.sGG...=..<...>....\.cK..\..@..W..~.u:s...2.c..I...#La.d[.OG/.@U.*..XkP..<....y...(..@..m.w..txP..\....0*....C.TE,..a.A.V.f^.p#....c..9..].1..-.!../..*c.>.K.1...lmAU.2|....a.VE.ls6..*c..b.%...c.#..?z.m.xb...z..&G_.....7.#.L...:.5s.....9..S.V..Q.....{. |R..r....,....4..[....kx3.ib..KaJ..%..44U`.,..\.Wz.u..g@v1......6..t|....._.x?@jH.L.6N....WE,.*.l..g... ..Y...hG.2.] ^.....nm.85;@C.pPX....J...."vTE|X..K..l.....N....0..z.k<.....:.....W...=.i"....:..6....0...<...t.Jr.....x..t...O..Nw......:.+..U.1..d.S-q.t..Z>.N.......XW.q....U.G.I.O..g."F{....w..U4...xW..o.!..S.1.V.8..u.....78*.!.....s.rU..\.C.Zm..$..+$..s.,Y.m..x1...3...X...R...7h......u..1...<..n.s.#3..."6...2X.Gi...;..c..np..........IEND.B`.

                                  Chrome Cache Entry: 157

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:downloaded
                                  Size (bytes):160
                                  Entropy (8bit):5.2340449338788915
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:E42EAC1A48CF49BFFB5883DA96782856
                                  SHA1:47397F1E1ECFC3F07CEA0A61D9B526918A803A66
                                  SHA-256:52E8BAAB5F5FBFCF3F79D6B390804F70E6C47A7E2A2B9D7D35010110FB232245
                                  SHA-512:B0192734162452923F6425E9D2C1A467FDE5E1CF6F762FA837CF742B30FAEF8D8CCBAE0B588452C59ED1C32238698B77513127DA7CA4FEAB5868F3BE7A4B43B5
                                  Malicious:false
                                  Reputation:low
                                  URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISLAnBc-0KkZavlhIFDRid7ecSBQ38NvfgEgUNdklWRhIFDRkg48sSBQ1TWkfFEiwJvNZHi00jeJUSBQ0Yne3nEgUN_Db34BIFDXZJVkYSBQ0ZIOPLEgUNU1pHxQ==?alt=proto
                                  Preview:CjkKBw0Yne3nGgAKCw38NvfgGgQIJBgBCgsNdklWRhoECCIYAQoLDRkg48saBAgJGAEKBw1TWkfFGgAKOQoHDRid7ecaAAoLDfw29+AaBAgkGAEKCw12SVZGGgQIIhgBCgsNGSDjyxoECAkYAQoHDVNaR8UaAA==

                                  Chrome Cache Entry: 158

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with very long lines (65447)
                                  Category:downloaded
                                  Size (bytes):87482
                                  Entropy (8bit):5.262231833248159
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:FF04DD1EF5C67998D8652330C0441689
                                  SHA1:5E6FF5BD5240181A8BDEA983837F39AC231DAC4D
                                  SHA-256:5C93F77799D122FB5255EE24DA285F9F228CC118CBA11E6CEB2B6BDA8CDF4164
                                  SHA-512:15B29B5A106EBAD320AA419675E1D7415B56276FF8EC04B8DCAC845630FDCAF3EE7CA7B9D614EA415D3FACF065C2608ED62359D3CCAE510F5527B2965C8D7B06
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.lushaprivacy.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
                                  Preview:/*! jQuery v3.7.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

                                  Chrome Cache Entry: 162

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with very long lines (36993), with no line terminators
                                  Category:downloaded
                                  Size (bytes):36993
                                  Entropy (8bit):5.231254268453719
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:C13545A4366187EAEB662DE603FB44F9
                                  SHA1:72AD4CCC0A3916AE4598199447CDEADD6D380570
                                  SHA-256:3CFF92ECBF327E17B4AE0069B7F20B79EE5C593AD5754D6856B81471E71D05A8
                                  SHA-512:21B0B526B053B9FF2A94F805664BAB8AEA5BAB0A01124F2EF5F1C8D0F9707C5F352E8DF448D1216A973776B7940792A7FFD48594DDDDE0077AEABDD8A1B2EC0A
                                  Malicious:false
                                  Reputation:low
                                  URL:https://privacyportal-eu-cdn.onetrust.com/dsarwebform/202212.1.0/polyfills-es2015.39a298447f18245a29ca.js
                                  Preview:(window.webpackJsonp=window.webpackJsonp||[]).push([[2],{2:function(e,t,n){e.exports=n("hN/g")},"hN/g":function(e,t,n){"use strict";n.r(t),n("pDpN")},pDpN:function(e,t,n){var o,r;void 0===(r="function"==typeof(o=function(){"use strict";!function(e){const t=e.performance;function n(e){t&&t.mark&&t.mark(e)}function o(e,n){t&&t.measure&&t.measure(e,n)}n("Zone");const r=e.__Zone_symbol_prefix||"__zone_symbol__";function s(e){return r+e}const a=!0===e[s("forceDuplicateZoneCheck")];if(e.Zone){if(a||"function"!=typeof e.Zone.__symbol__)throw new Error("Zone already loaded.");return e.Zone}class i{constructor(e,t){this._parent=e,this._name=t?t.name||"unnamed":"<root>",this._properties=t&&t.properties||{},this._zoneDelegate=new l(this,this._parent&&this._parent._zoneDelegate,t)}static assertZonePatched(){if(e.Promise!==C.ZoneAwarePromise)throw new Error("Zone.js has detected that ZoneAwarePromise `(window|global).Promise` has been overwritten.\nMost likely cause is that a Promise polyfill has b

                                  Chrome Cache Entry: 163

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, ot-icons
                                  Category:downloaded
                                  Size (bytes):79784
                                  Entropy (8bit):6.221799973817025
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:172FC0C76035222FC0F88B86F9DEF499
                                  SHA1:5443A288A0244CE4F33FA165C3D74C53FC319556
                                  SHA-256:8799D3BE42273E4293D646E5304E5B7C3D7979FD01E9BA2A828DE84E1D78FFF8
                                  SHA-512:04A90AF89E92C40DB3010032268B04B5B85D45497518D5B82DA58C48F2BC965E29B98A48794E38A927CC91D3D023EF5BEBFD80FC676F77DDBE4E19CC936507D9
                                  Malicious:false
                                  Reputation:low
                                  URL:https://privacyportal-eu-cdn.onetrust.com/dsarwebform/202212.1.0/ot-icons.37ba26248f0c01760952.ttf
                                  Preview:...........0OS/2...r.......`cmap.e.........\gasp.......x....glyf"..h......+.head!..9../4...6hhea....../l...$hmtx"..e../....,loca.LA...3.....maxp......5.... name.iCO..5.....post......7.... ...........................3...................................@...J.....@...@............... .................................@............. ........................$.,.:.@.D.G.U.Z.^.a.d.j.n.u.x.z..........................................!.&.*.[..............J......... .........................!.+.9.@.D.F.S.X.^.`.d.g.n.u.w.z..........................................!.&.(.[..............I.........................................|.w.t.s.h.f.c.b.`.^.[.U.T.S.N.D.B.>.6.2.(.%.......................................p.g.K.:.,.+............................................................................................................................................................................79..................79..................79...............P.........#..'..'54&'..#"........

                                  Chrome Cache Entry: 164

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:assembler source, ASCII text
                                  Category:downloaded
                                  Size (bytes):7622
                                  Entropy (8bit):5.1773413073979375
                                  Encrypted:false
                                  SSDEEP:
                                  MD5:1AA19F2F501DD05707F3889246FD6DF2
                                  SHA1:7A836E3576480055C59555AECDF1B537A15B4E99
                                  SHA-256:0A5FAF6D9AC0B81C2D08EA5901898EDFE9811FB762E14F1C3203A909971003D7
                                  SHA-512:7A6DE439E06F569535784F18A9B73F8170E43F6E74977DCB545E25E4BDEA6FF1DD4C79563F7DD1E92C80B0D36240957601E79E61D5828230D52839EA58DDD075
                                  Malicious:false
                                  Reputation:low
                                  URL:https://www.lushaprivacy.com/wp-content/themes/lushaprivacy/assets/css/style.min.css?ver=6.3.2
                                  Preview:/*! normalize.css v8.0.1 | MIT License | github.com/necolas/normalize.css */html{line-height:1.15;-webkit-text-size-adjust:100%}.body{margin:0}.main{display:block}.h1{font-size:2em;margin:.67em 0}.hr{-webkit-box-sizing:content-box;box-sizing:content-box;height:0;overflow:visible}.pre{font-family:monospace,monospace;font-size:1em}.a{background-color:transparent}.abbr[title]{border-bottom:0;text-decoration:underline;text-decoration:underline dotted}.b,strong{font-weight:bolder}.code,kbd,samp{font-family:monospace,monospace;font-size:1em}.small{font-size:80%}.sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}.sub{bottom:-0.25em}.sup{top:-0.5em}.img{border-style:none}.button,input,optgroup,select,textarea{font-family:inherit;font-size:100%;line-height:1.15;margin:0}.button,input{overflow:visible}.button,select{text-transform:none}.button,[type="button"],[type="reset"],[type="submit"]{-webkit-appearance:button}.button::-moz-focus-inner,[type="button"]::-moz-focus

                                  Static File Info

                                  General

                                  File type:CDFV2 Microsoft Outlook Message
                                  Entropy (8bit):4.066377573655066
                                  TrID:
                                  • Outlook Message (71009/1) 58.92%
                                  • Outlook Form Template (41509/1) 34.44%
                                  • Generic OLE2 / Multistream Compound File (8008/1) 6.64%
                                  File name:Notice of personal information processing. (This is not an advertisement).msg
                                  File size:202'752 bytes
                                  MD5:3e36754e11bed6140fe2843fada25d61
                                  SHA1:5d7b7c7b486a09ecfd93363185808d0ceaf4e855
                                  SHA256:aa2721756b13ff1e53152d98a82eedd0b805b3805108c9f07233db2b8d9e003a
                                  SHA512:7a1ebf6ab52cf52854745ab73aa622dd92f9d359ebe89b20ac6719594fc934d2d2522b97e1f41790e7602d7db3583d2cf0a123ddd5855f52b4e1c2ba85b15192
                                  SSDEEP:3072:s158s4FT75/SR7iAHCXFTs/EV0gWYl1Ii:QqFT75alUFTBr7
                                  TLSH:9114EF212AFB0109F3B3AF754FE5A0AF8926FD636D29955E2091370D0772A41DC61B3B
                                  File Content Preview:........................>...................................)...................f..............................................................................................................................................................................

                                  Static Mail

                                  General

                                  Subject:Notice of personal information processing. (This is not an advertisement)
                                  From:Lusha <Lusha@g.lushanotice.com>
                                  To:michael.fromm@axactor.de
                                  Cc:
                                  BCC:
                                  Date:Mon, 27 Nov 2023 15:16:38 +0100
                                  Communications:
                                  • CAUTION: This email originates from outside the Axactor organisation Personal Data Notice This notice serves to provide you data about the collection, processing, and sale of certain of your personal Data about you ("Personal Data") by Lusha Systems Inc. ("Lusha"). Please continue reading below for more details about the Personal Data we collect, how we gather it, and how it is used and shared. Lusha's proprietary online software assists businesses (our "customers") to find business contact data ("Data") retained in Lusha's B2B database ("Database"). If you elect to do so, you may opt out of our Database by visiting https://www.lushaprivacy.com/removal-form/ <https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lushaprivacy.com%2Fremoval-form%2F&data=05%7C01%7Cmichael.fromm%40axactor.de%7C440ccb1517b9481002c108dbef537a36%7Caa047274bbe64fbd98b6b244735e8553%7C0%7C1%7C638366914051291491%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000%7C%7C%7C&sdata=4u5QRn8vIrXoQwzUiyRK9FqnRy7QliCwTyXCrHTUeU8%3D&reserved=0> . Our dedicated Privacy Center contains our privacy policy and allows you to submit additional data subject request here: https://www.lusha.com/privacy_topic/data-privacy/ <https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lusha.com%2Fprivacy_topic%2Fdata-privacy%2F&data=05%7C01%7Cmichael.fromm%40axactor.de%7C440ccb1517b9481002c108dbef537a36%7Caa047274bbe64fbd98b6b244735e8553%7C0%7C1%7C638366914051291491%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000%7C%7C%7C&sdata=T4Y%2FhXM07JK7zVEn%2BojR9tOZoQZ9UFpsa3oLtGb%2Bsyg%3D&reserved=0> Categories of Personal Information Processed Lusha conducts business intelligence research on organizations and their employees and professionals to obtain Data. We collect any of the below categories of Personal Data. Please note that we might have any or all of the below categories of information, and you are entitled to enquire about this through the Privacy Center. * Name * Company * Telephone Number * Email Address * Job Title * Job Function * Social Media URL Purpose of Processing * Lusha may process the information and license it to its customers for the following purposes: fraud protection, business intelligence, sales, marketing, or recruiting, or to other organizations who may license it to their customers for the same purposes ("partners"). * Our customers, or those of our partners, may use the Data to market their services to your employer or to contact you about professional or business opportunities. * The Data is provided to customers or partners subject to restrictive license agreements that limit the use to those specified purposes and prohibits the unauthorized use or transfer of the Data. * Lusha's customers may obtain the Data via password protected account-based access to our Database. Lawful Basis Lusha processes your Personal Data based on the legitimate interest of itself and its customers. Recipients This Personal Data may be provided, subject to restrictive license agreements, to Lusha's customers, it's partners, or the customers of its partners. These recipients are business organizations who are permitted to use the Data only for lawful sales, marketing, and recruiting. The substantive terms of Lusha's license agreements may be reviewed at https://www.lusha.com/legal/terms_and_conditions/ Period Lusha aspires to provide accuracy of Data to the highest standard to its customers. We have state of the art algorithms in place to remove Data that we learn to be inaccurate. Therefore, we intend to process the Data we have about you for so long as it is accurate, pertaining to you, or until you instruct us to refrain from processing it. Your Rights You have the right to request that Lusha: (1) provide you with access to your Personal Data; (2) rectify or correct your Personal Data (3) erase your Personal Data, or (4) restrict processing of your Personal Data, including refraining from selling it or otherwise providing it to any third parties. You also have the right to object to processing, and to lodge a complaint with the appropriate supervisory authority in your country, if any. The foregoing rights may be subject to certain limitations pursuant to applicable law. Sources of Personal Data Lusha gathers Personal Data from several sources, which include publicly available sources such as websites and government records, contributions from our customers, third party data providers, and members of the Lusha Community Program. Our proprietary algorithm scans publicly available sources and retrieves public data with advanced tools. Because Data from several sources may be combined into one record, it may be difficult or near impossible to identify the exact source of one particular piece of Data. Who We Are Lusha is a registered data broker in the State of California under the California Consumer Privacy Act of 2018 and the California Consumer Privacy Act Regulations and has ISO 27001 certification. Contact Us You can contact us via Lusha Privacy Center https://www.lusha.com/privacy_topic/data-privacy <https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.lusha.com%2Fprivacy_topic%2Fdata-privacy&data=05%7C01%7Cmichael.fromm%40axactor.de%7C440ccb1517b9481002c108dbef537a36%7Caa047274bbe64fbd98b6b244735e8553%7C0%7C1%7C638366914051291491%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000%7C%7C%7C&sdata=b4YBZARLre%2FgMJNToJJ7N0lixWj4cvTaBaOF4awTq7E%3D&reserved=0> , or via postal mail: 1177 Avenue of the Americas 5th floor, New York 10036, United States. Sincerely, Lusha Privacy Team
                                  Attachments:
                                    Key Value
                                    Receivedfrom <unknown> (<unknown> []) by 1f458ef7ee06 with HTTP id
                                    1416:44 +0000
                                    by AM8PR06MB6964.eurprd06.prod.outlook.com (260310a6:20b:1d4::13) with
                                    2023 1416:41 +0000
                                    (260310a6:10:2b0::28) with Microsoft SMTP Server (version=TLS1_2,
                                    Transport; Mon, 27 Nov 2023 1416:41 +0000
                                    Authentication-Resultsspf=softfail (sender IP is 188.95.245.214)
                                    Received-SPFNone (mail2.intility.com: no sender authenticity
                                    15.20.7046.17 via Frontend Transport; Mon, 27 Nov 2023 1416:41 +0000
                                    for <michael.fromm@axactor.de>; Mon, 27 Nov 2023 1516:38 +0100 (CET)
                                    x-record-text="v=spf1 ip4141.193.32.0/23
                                    ip4198.244.60.0/22 ~all"
                                    Authentication-Results-Originalmail2.intility.com; spf=None
                                    X-Ironport-Dmarc-Check-Resultvalidskip
                                    IronPort-SDRqWm9d0MAo0FL8moVetWxV6MTJXrtkm18sKXx8fqOdONfu03mTgaB1+ExSFrkuy2HimFPDdcSdn
                                    X-IPAS-Result=?us-ascii?q?A0HBygB3o2RlegTv+rlQCoJaGAEBAQEBgRcbAmYaYIEGB?=
                                    IronPort-PHdrA9a23:nSymaBbpspd6A7vcoMDhWB7/LTFrw4qcDmcuAnoPtbtCf+yZ8oj4O
                                    IronPort-DataA9a23:0X484a4Tm3lY2Y4WAl8+yAxRtJjHchMFZxGqfqrLsTDasY5as4F+v
                                    IronPort-HdrOrdrA9a23:HnMAQag/DNka/r9A2+GZL0tnInBQXtwji2hC6mlwRA09TyX+rb
                                    X-Talos-CUID9a23:0Eu6yGECSlGWdSZ1qmJ7rmQTE9o3fUHF93P2OBCYV2h3VbqKHAo=
                                    X-Talos-MUID=?us-ascii?q?9a23=3AB7r8PA5vOi9bmypdMj9ZGAM8xowr6b2HWUlUu68?=
                                    X-IronPort-Anti-Spam-Filteredtrue
                                    X-Spam-StatusYes
                                    X-IronPort-AVE=Sophos;i="6.04,231,1695679200";
                                    X-MGA-submission=?us-ascii?q?MDEhyNSGmBr+gSMhsNduMkE1dSdSKHrQVkNh+1?=
                                    by mail2.intility.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Nov 2023 1516:39 +0100
                                    DKIM-Signaturea=rsa-sha256; v=1; c=relaxed/relaxed; d=g.lushanotice.com;
                                    q=dns/txt; s=mta; t=1701094598; x=1701101798; h=Content-TypeContent-Transfer-Encoding: Message-Id: To: To: From: From: Subject: Subject:
                                    Mime-VersionDate: Sender: Sender;
                                    X-Mailgun-Sending-Ip185.250.239.4
                                    X-Mailgun-SidWyJhMTcwNyIsIm1pY2hhZWwuZnJvbW1AYXhhY3Rvci5kZSIsIjBkYzk1Il0=
                                    6564a4c69246201fa91e4857; Mon, 27 Nov 2023 1416:38 GMT
                                    SenderLusha@g.lushanotice.com
                                    DateMon, 27 Nov 2023 14:16:38 +0000
                                    Mime-Version1.0
                                    SubjectNotice of personal information processing. (This is not an advertisement)
                                    FromLusha <Lusha@g.lushanotice.com>
                                    Tomichael.fromm@axactor.de
                                    X-Mailgun-Variables{"domainId": "15", "groupName": "low-medium risk", "provider": "mailgun",
                                    "traceId""dfc73431-a59f-4a8f-ab47-7fc14f89f6dc"}
                                    Message-Id<20231127141638.382b601163c6d1cf@g.lushanotice.com>
                                    Content-Transfer-Encodingquoted-printable
                                    Content-Typetext/html; charset=ascii
                                    Return-Pathlusha@g.lushanotice.com
                                    X-MS-Exchange-Organization-ExpirationStartTime27 Nov 2023 14:16:41.4741
                                    X-MS-Exchange-Organization-ExpirationStartTimeReasonOriginalSubmit
                                    X-MS-Exchange-Organization-ExpirationInterval1:00:00:00.0000000
                                    X-MS-Exchange-Organization-ExpirationIntervalReasonOriginalSubmit
                                    X-MS-Exchange-Organization-Network-Message-Id440ccb15-17b9-4810-02c1-08dbef537a36
                                    X-EOPAttributedMessage0
                                    X-EOPTenantAttributedMessageaa047274-bbe6-4fbd-98b6-b244735e8553:0
                                    X-MS-Exchange-Organization-MessageDirectionalityIncoming
                                    X-MS-PublicTrafficTypeEmail
                                    X-MS-TrafficTypeDiagnosticDU6PEPF00009527:EE_|AM8PR06MB6964:EE_|VI1PR06MB5728:EE_
                                    X-MS-Exchange-Organization-AuthSourceDU6PEPF00009527.eurprd02.prod.outlook.com
                                    X-MS-Exchange-Organization-AuthAsAnonymous
                                    X-MS-Office365-Filtering-Correlation-Id440ccb15-17b9-4810-02c1-08dbef537a36
                                    X-MS-Exchange-AtpMessagePropertiesSA|SL
                                    X-MS-Exchange-Organization-SCL-1
                                    X-Microsoft-AntispamBCL:0;
                                    X-Forefront-Antispam-ReportCIP:188.95.245.214;CTRY:NO;LANG:en;SCL:-1;SRV:;IPV:CAL;SFV:SKN;H:mail.altor-group.com;PTR:mta01.axactor.de;CAT:NONE;SFS:(13230031)(4636009)(230273577357003)(230173577357003)(432800013)(451199024)(7846003)(1076003)(2616005)(58800400005)(966005)(336012)(426003)(83380400001)(66574015)(15650500001)(5660300002)(22186003)(6916009)(1096003)(8676002)(81166007)(166002)(356005)(86362001)(66899024)(26005)(84240200001)(43540500003);DIR:INB;
                                    X-MS-Exchange-CrossTenant-OriginalArrivalTime27 Nov 2023 14:16:41.3334
                                    X-MS-Exchange-CrossTenant-Network-Message-Id440ccb15-17b9-4810-02c1-08dbef537a36
                                    X-MS-Exchange-CrossTenant-Idaa047274-bbe6-4fbd-98b6-b244735e8553
                                    X-MS-Exchange-CrossTenant-AuthSourceDU6PEPF00009527.eurprd02.prod.outlook.com
                                    X-MS-Exchange-CrossTenant-AuthAsAnonymous
                                    X-MS-Exchange-CrossTenant-FromEntityHeaderInternet
                                    X-MS-Exchange-Transport-CrossTenantHeadersStampedAM8PR06MB6964
                                    X-MS-Exchange-Transport-EndToEndLatency00:00:03.6082505
                                    X-MS-Exchange-Processed-By-BccFoldering15.20.7025.020
                                    X-Microsoft-Antispam-Mailbox-Deliveryucf:0;jmr:0;auth:0;dest:I;ENG:(910001)(944506478)(944626604)(920097)(930097)(140003)(1420103);
                                    X-Microsoft-Antispam-Message-Info=?us-ascii?Q?UaS+ANDBJKuIvtNs5ssIDhQ6lcNR7nhfzrr/EKoJ8ALXrKYU7TZTLdfad1O+?=
                                    dateMon, 27 Nov 2023 15:16:38 +0100

                                    File Icon

                                    Icon Hash:c4e1928eacb280a2