Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
http://freeprosoftz.com

Overview

General Information

Sample URL:http://freeprosoftz.com
Analysis ID:1391977
Infos:

Detection

Score:76
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for submitted file
Blob-based file download detected
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Form action URLs do not match main URL
HTML body contains password input but no form action
HTML title does not match URL
Invalid 'forgot password' link found
May sleep (evasive loops) to hinder dynamic analysis
Queries the volume information (name, serial number etc) of a device
Sigma detected: DNS Query To MEGA Hosting Website
Stores files to the Windows start menu directory
Suspicious form URL found
Tries to load missing DLLs

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 1104 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://freeprosoftz.com/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 4812 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1964,i,6033766366277865085,9864705840166183589,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 4332 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5740 --field-trial-handle=1964,i,6033766366277865085,9864705840166183589,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • OpenWith.exe (PID: 612 cmdline: C:\Windows\system32\OpenWith.exe -Embedding MD5: E4A834784FA08C17D47A1E72429C5109)
  • OpenWith.exe (PID: 2084 cmdline: C:\Windows\system32\OpenWith.exe -Embedding MD5: E4A834784FA08C17D47A1E72429C5109)
    • firefox.exe (PID: 6872 cmdline: C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "C:\Users\user\Downloads\Setup_84481_Passwrod.rar MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • firefox.exe (PID: 7144 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint --attempting-deelevation -url C:\Users\user\Downloads\Setup_84481_Passwrod.rar MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • firefox.exe (PID: 3292 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url C:\Users\user\Downloads\Setup_84481_Passwrod.rar MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 6860 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2272 -parentBuildID 20230927232528 -prefsHandle 2216 -prefMapHandle 2200 -prefsLen 25250 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a1afab82-c57d-49a6-a90c-2375965f4378} 3292 "\\.\pipe\gecko-crash-server-pipe.3292" 1f62fd6f910 socket MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 688 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2880 -childID 1 -isForBrowser -prefsHandle 2872 -prefMapHandle 2868 -prefsLen 21837 -prefMapSize 237879 -jsInitHandle 1248 -jsInitLen 234236 -parentBuildID 20230927232528 -appDir "C:\Program Files\Mozilla Firefox\browser" - {75bcc44d-ce77-434f-a066-30d2604a28a9} 3292 "\\.\pipe\gecko-crash-server-pipe.3292" 1f63fdf6850 tab MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 4616 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3784 -childID 2 -isForBrowser -prefsHandle 3776 -prefMapHandle 3764 -prefsLen 26224 -prefMapSize 237879 -jsInitHandle 1248 -jsInitLen 234236 -parentBuildID 20230927232528 -appDir "C:\Program Files\Mozilla Firefox\browser" - {961f0383-41a4-4340-b10e-c646e5bdc18d} 3292 "\\.\pipe\gecko-crash-server-pipe.3292" 1f63bd3e850 tab MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 900 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4060 -parentBuildID 20230927232528 -prefsHandle 3764 -prefMapHandle 3940 -prefsLen 26265 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3cf4116b-ceac-489f-8f61-a3fd8a72eac3} 3292 "\\.\pipe\gecko-crash-server-pipe.3292" 1f641ce9b10 rdd MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 2296 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2748 -childID 3 -isForBrowser -prefsHandle 4540 -prefMapHandle 4536 -prefsLen 31035 -prefMapSize 237879 -jsInitHandle 1248 -jsInitLen 234236 -parentBuildID 20230927232528 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4356b72c-74d3-41e4-948c-42de8d41db63} 3292 "\\.\pipe\gecko-crash-server-pipe.3292" 1f6404c2310 tab MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

System Summary

barindex
Source: DNS queryAuthor: Aaron Greetham (@beardofbinary) - NCC Group: Data: Image: C:\Program Files\Google\Chrome\Application\chrome.exe, QueryName: gfs214n123.userstorage.mega.co.nz

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

  • AV Detection
  • Phishing
  • Compliance
  • Software Vulnerabilities
  • Networking
  • System Summary
  • Boot Survival
  • Hooking and other Techniques for Hiding and Protection
  • Malware Analysis System Evasion
  • HIPS / PFW / Operating System Protection Evasion
  • Language, Device and Operating System Detection

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Source: http://freeprosoftz.comAvira URL Cloud: detection malicious, Label: malware
Source: http://freeprosoftz.com/Avira URL Cloud: Label: malware
Source: freeprosoftz.comVirustotal: Detection: 10%Perma Link
Source: http://freeprosoftz.com/Virustotal: Detection: 10%Perma Link
Source: resbreatfl.comVirustotal: Detection: 13%Perma Link
Source: http://freeprosoftz.comVirustotal: Detection: 10%Perma Link
Source: https://freeprosoftz.com/express-vpn-crack-2024-code/HTTP Parser: Form action: https://0w29i2hoe.cfd/?65CC784DA4029 freeprosoftz 0w29i2hoe
Source: https://freeprosoftz.com/express-vpn-crack-2024-code/HTTP Parser: Form action: https://0w29i2hoe.cfd/?65CC784DA4029 freeprosoftz 0w29i2hoe
Source: https://freeprosoftz.com/express-vpn-crack-2024-code/HTTP Parser: Form action: https://0w29i2hoe.cfd/?65CC784DA4029 freeprosoftz 0w29i2hoe
Source: https://freeprosoftz.com/express-vpn-crack-2024-code/HTTP Parser: Form action: https://0w29i2hoe.cfd/?65CC784DA4029 freeprosoftz 0w29i2hoe
Source: https://freeprosoftz.com/express-vpn-crack-2024-code/HTTP Parser: Form action: https://0w29i2hoe.cfd/?65CC784DA4029 freeprosoftz 0w29i2hoe
Source: https://freeprosoftz.com/express-vpn-crack-2024-code/HTTP Parser: Form action: https://0w29i2hoe.cfd/?65CC784DA4029 freeprosoftz 0w29i2hoe
Source: https://freeprosoftz.com/express-vpn-crack-2024-code/HTTP Parser: Form action: https://0w29i2hoe.cfd/?65CC784DA4029 freeprosoftz 0w29i2hoe
Source: https://freeprosoftz.com/express-vpn-crack-2024-code/HTTP Parser: Form action: https://0w29i2hoe.cfd/?65CC784DA4029 freeprosoftz 0w29i2hoe
Source: https://mega.nz/file/VSc1mJ4I#m_CZ7C7HFxMjf8SIOX6B4nmnOh_ckbWnsjWRsgMK_OoHTTP Parser: <input type="password" .../> found but no <form action="...
Source: https://freeprosoftz.com/express-vpn-crack-2024-code/HTTP Parser: Title: Express VPN 12.74.0.10 Crack 2024 With Activation Code [Latest] does not match URL
Source: https://mega.nz/file/VSc1mJ4I#m_CZ7C7HFxMjf8SIOX6B4nmnOh_ckbWnsjWRsgMK_OoHTTP Parser: Invalid link: Forgot your password?
Source: https://freeprosoftz.com/express-vpn-crack-2024-code/HTTP Parser: Form action: https://freeprosoftz.com/wp-comments-post.php
Source: https://freeprosoftz.com/express-vpn-crack-2024-code/HTTP Parser: Form action: https://freeprosoftz.com/wp-comments-post.php
Source: https://freeprosoftz.com/express-vpn-crack-2024-code/HTTP Parser: Form action: https://freeprosoftz.com/wp-comments-post.php
Source: https://freeprosoftz.com/express-vpn-crack-2024-code/HTTP Parser: Form action: https://freeprosoftz.com/wp-comments-post.php
Source: https://mega.nz/file/VSc1mJ4I#m_CZ7C7HFxMjf8SIOX6B4nmnOh_ckbWnsjWRsgMK_OoHTTP Parser: <input type="password" .../> found
Source: https://zrqcv8p6j.cfd/?65CC784DADD42HTTP Parser: No favicon
Source: https://resbreatfl.com/?asdasdHTTP Parser: No favicon
Source: https://resbreatfl.com/?asdasdHTTP Parser: No favicon
Source: https://mega.nz/file/VSc1mJ4I#m_CZ7C7HFxMjf8SIOX6B4nmnOh_ckbWnsjWRsgMK_OoHTTP Parser: No <meta name="author".. found
Source: https://mega.nz/file/VSc1mJ4I#m_CZ7C7HFxMjf8SIOX6B4nmnOh_ckbWnsjWRsgMK_OoHTTP Parser: No <meta name="author".. found
Source: https://freeprosoftz.com/express-vpn-crack-2024-code/HTTP Parser: No <meta name="copyright".. found
Source: https://freeprosoftz.com/express-vpn-crack-2024-code/HTTP Parser: No <meta name="copyright".. found
Source: https://freeprosoftz.com/express-vpn-crack-2024-code/HTTP Parser: No <meta name="copyright".. found
Source: https://freeprosoftz.com/express-vpn-crack-2024-code/HTTP Parser: No <meta name="copyright".. found
Source: https://mega.nz/file/VSc1mJ4I#m_CZ7C7HFxMjf8SIOX6B4nmnOh_ckbWnsjWRsgMK_OoHTTP Parser: No <meta name="copyright".. found
Source: https://mega.nz/file/VSc1mJ4I#m_CZ7C7HFxMjf8SIOX6B4nmnOh_ckbWnsjWRsgMK_OoHTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.16:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49731 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.16:49733 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49760 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49902 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49904 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49907 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49912 version: TLS 1.2
Source: firefox.exeMemory has grown: Private usage: 1MB later: 231MB
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknownTCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknownTCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknownTCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknownTCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknownTCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknownTCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknownTCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknownTCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknownTCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknownTCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknownTCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknownTCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknownTCP traffic detected without corresponding DNS query: 23.55.253.34
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: freeprosoftz.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: unknownDNS traffic detected: queries for: freeprosoftz.com
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49905 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
Source: unknownNetwork traffic detected: HTTP traffic on port 49891 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownNetwork traffic detected: HTTP traffic on port 49890 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49688 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49913 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
Source: unknownNetwork traffic detected: HTTP traffic on port 49902 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49876 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49913
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49912
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49909
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49907
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49905
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49904
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49903
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49902
Source: unknownNetwork traffic detected: HTTP traffic on port 49903 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49901
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49900
Source: unknownNetwork traffic detected: HTTP traffic on port 49888 -> 443
Source: unknownHTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.16:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49731 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.55.253.34:443 -> 192.168.2.16:49733 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49760 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49902 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49904 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49907 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49912 version: TLS 1.2

System Summary

barindex
Source: C:\Users\user\Downloads\Setup_84481_Passwrod.rarFile download: blob:https://mega.nz/d1f2fe60-9896-4a2a-ab3f-0d3d5f46bc06
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\chrome_BITS_1104_1910494217
Source: C:\Windows\System32\OpenWith.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: onecoreuapcommonproxystub.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: wldp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinui.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: wintypes.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: powrprof.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dwmapi.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: pdh.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: umpdc.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: onecorecommonproxystub.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: actxprxy.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: propsys.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: profapi.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.staterepositoryps.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.appdefaults.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.immersive.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: ntmarta.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: uiautomationcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dui70.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: duser.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dwrite.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: bcp47mrm.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: uianimation.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: d3d11.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dxgi.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: resourcepolicyclient.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dxcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dcomp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: oleacc.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: edputil.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windowmanagementapi.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: textinputframework.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: inputhost.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinapi.appcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coreuicomponents.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinapi.appcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coreuicomponents.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windowscodecs.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: thumbcache.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: policymanager.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: msvcp110_win.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: apphelp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: appresolver.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: bcp47langs.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: slc.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: userenv.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: sppc.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: tiledatarepository.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: staterepository.core.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.staterepository.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: wtsapi32.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.staterepositorycore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: mrmcorer.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: appxdeploymentclient.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: sxs.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: directmanipulation.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: textshaping.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: onecoreuapcommonproxystub.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: wldp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinui.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: wintypes.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: powrprof.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dwmapi.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: pdh.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: umpdc.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: onecorecommonproxystub.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: actxprxy.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: propsys.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: profapi.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.staterepositoryps.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.appdefaults.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.immersive.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: ntmarta.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: uiautomationcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dui70.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: duser.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dwrite.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: bcp47mrm.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: uianimation.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: d3d11.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dxgi.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: d3d10warp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: resourcepolicyclient.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dxcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: dcomp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: oleacc.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: edputil.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windowmanagementapi.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: textinputframework.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: inputhost.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinapi.appcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinapi.appcore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coreuicomponents.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coreuicomponents.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windowscodecs.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: thumbcache.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: apphelp.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: appresolver.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: bcp47langs.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: slc.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: userenv.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: sppc.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: tiledatarepository.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: staterepository.core.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.staterepository.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: wtsapi32.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.staterepositorycore.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: mrmcorer.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: appxdeploymentclient.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: sxs.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: directmanipulation.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: textshaping.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: ninput.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: urlmon.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: iertutil.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: srvcli.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: netutils.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: policymanager.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: msvcp110_win.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: smartscreenps.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: shdocvw.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: pcacli.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: mpr.dll
Source: C:\Windows\System32\OpenWith.exeSection loaded: sfc_os.dll
Source: classification engineClassification label: mal76.win@38/93@83/371
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Windows\System32\OpenWith.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2084:120:WilError_03
Source: C:\Windows\System32\OpenWith.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:612:120:WilError_03
Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Temp\firefox
Source: C:\Windows\System32\OpenWith.exeFile read: C:\Users\desktop.ini
Source: C:\Windows\System32\OpenWith.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://freeprosoftz.com/
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1964,i,6033766366277865085,9864705840166183589,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1964,i,6033766366277865085,9864705840166183589,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5740 --field-trial-handle=1964,i,6033766366277865085,9864705840166183589,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5740 --field-trial-handle=1964,i,6033766366277865085,9864705840166183589,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Windows\System32\OpenWith.exe C:\Windows\system32\OpenWith.exe -Embedding
Source: unknownProcess created: C:\Windows\System32\OpenWith.exe C:\Windows\system32\OpenWith.exe -Embedding
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Windows\System32\OpenWith.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "C:\Users\user\Downloads\Setup_84481_Passwrod.rar
Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -osint --attempting-deelevation -url C:\Users\user\Downloads\Setup_84481_Passwrod.rar
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url C:\Users\user\Downloads\Setup_84481_Passwrod.rar
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2272 -parentBuildID 20230927232528 -prefsHandle 2216 -prefMapHandle 2200 -prefsLen 25250 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a1afab82-c57d-49a6-a90c-2375965f4378} 3292 "\\.\pipe\gecko-crash-server-pipe.3292" 1f62fd6f910 socket
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2880 -childID 1 -isForBrowser -prefsHandle 2872 -prefMapHandle 2868 -prefsLen 21837 -prefMapSize 237879 -jsInitHandle 1248 -jsInitLen 234236 -parentBuildID 20230927232528 -appDir "C:\Program Files\Mozilla Firefox\browser" - {75bcc44d-ce77-434f-a066-30d2604a28a9} 3292 "\\.\pipe\gecko-crash-server-pipe.3292" 1f63fdf6850 tab
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3784 -childID 2 -isForBrowser -prefsHandle 3776 -prefMapHandle 3764 -prefsLen 26224 -prefMapSize 237879 -jsInitHandle 1248 -jsInitLen 234236 -parentBuildID 20230927232528 -appDir "C:\Program Files\Mozilla Firefox\browser" - {961f0383-41a4-4340-b10e-c646e5bdc18d} 3292 "\\.\pipe\gecko-crash-server-pipe.3292" 1f63bd3e850 tab
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4060 -parentBuildID 20230927232528 -prefsHandle 3764 -prefMapHandle 3940 -prefsLen 26265 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3cf4116b-ceac-489f-8f61-a3fd8a72eac3} 3292 "\\.\pipe\gecko-crash-server-pipe.3292" 1f641ce9b10 rdd
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2748 -childID 3 -isForBrowser -prefsHandle 4540 -prefMapHandle 4536 -prefsLen 31035 -prefMapSize 237879 -jsInitHandle 1248 -jsInitLen 234236 -parentBuildID 20230927232528 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4356b72c-74d3-41e4-948c-42de8d41db63} 3292 "\\.\pipe\gecko-crash-server-pipe.3292" 1f6404c2310 tab
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Windows\System32\OpenWith.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "C:\Users\user\Downloads\Setup_84481_Passwrod.rar
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url C:\Users\user\Downloads\Setup_84481_Passwrod.rar
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2272 -parentBuildID 20230927232528 -prefsHandle 2216 -prefMapHandle 2200 -prefsLen 25250 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a1afab82-c57d-49a6-a90c-2375965f4378} 3292 "\\.\pipe\gecko-crash-server-pipe.3292" 1f62fd6f910 socket
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2880 -childID 1 -isForBrowser -prefsHandle 2872 -prefMapHandle 2868 -prefsLen 21837 -prefMapSize 237879 -jsInitHandle 1248 -jsInitLen 234236 -parentBuildID 20230927232528 -appDir "C:\Program Files\Mozilla Firefox\browser" - {75bcc44d-ce77-434f-a066-30d2604a28a9} 3292 "\\.\pipe\gecko-crash-server-pipe.3292" 1f63fdf6850 tab
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3784 -childID 2 -isForBrowser -prefsHandle 3776 -prefMapHandle 3764 -prefsLen 26224 -prefMapSize 237879 -jsInitHandle 1248 -jsInitLen 234236 -parentBuildID 20230927232528 -appDir "C:\Program Files\Mozilla Firefox\browser" - {961f0383-41a4-4340-b10e-c646e5bdc18d} 3292 "\\.\pipe\gecko-crash-server-pipe.3292" 1f63bd3e850 tab
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4060 -parentBuildID 20230927232528 -prefsHandle 3764 -prefMapHandle 3940 -prefsLen 26265 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3cf4116b-ceac-489f-8f61-a3fd8a72eac3} 3292 "\\.\pipe\gecko-crash-server-pipe.3292" 1f641ce9b10 rdd
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2748 -childID 3 -isForBrowser -prefsHandle 4540 -prefMapHandle 4536 -prefsLen 31035 -prefMapSize 237879 -jsInitHandle 1248 -jsInitLen 234236 -parentBuildID 20230927232528 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4356b72c-74d3-41e4-948c-42de8d41db63} 3292 "\\.\pipe\gecko-crash-server-pipe.3292" 1f6404c2310 tab
Source: C:\Windows\System32\OpenWith.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\OpenWith.exe TID: 6896Thread sleep count: 60 > 30
Source: C:\Windows\System32\OpenWith.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "C:\Users\user\Downloads\Setup_84481_Passwrod.rar
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\segmdl2.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\segmdl2.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformation

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
DLL Side-Loading		11
Process Injection		11
Masquerading		OS Credential Dumping1
Virtualization/Sandbox Evasion		Remote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
Registry Run Keys / Startup Folder		1
DLL Side-Loading		1
Virtualization/Sandbox Evasion		LSASS Memory1
File and Directory Discovery		Remote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Registry Run Keys / Startup Folder		11
Process Injection		Security Account Manager11
System Information Discovery		SMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook1
Extra Window Memory Injection		1
DLL Side-Loading		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
Obfuscated Files or Information		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
Extra Window Memory Injection		Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

No bigger version
No bigger version
No bigger version
No bigger version

windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://freeprosoftz.com100%Avira URL Cloudmalware
http://freeprosoftz.com11%VirustotalBrowse

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
freeprosoftz.com11%VirustotalBrowse
jsdelivr.map.fastly.net0%VirustotalBrowse
resbreatfl.com13%VirustotalBrowse
lu.api.mega.co.nz0%VirustotalBrowse
eu.static.mega.co.nz0%VirustotalBrowse
g.api.mega.co.nz0%VirustotalBrowse
gfs214n123.userstorage.mega.co.nz0%VirustotalBrowse
ipv4only.arpa1%VirustotalBrowse
prod.balrog.prod.cloudops.mozgcp.net1%VirustotalBrowse
prod.detectportal.prod.cloudops.mozgcp.net0%VirustotalBrowse
gkegw.prod.ads.prod.webservices.mozgcp.net0%VirustotalBrowse
prod.content-signature-chains.prod.webservices.mozgcp.net0%VirustotalBrowse
prod.remote-settings.prod.webservices.mozgcp.net0%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
http://freeprosoftz.com/100%Avira URL Cloudmalware
http://freeprosoftz.com/11%VirustotalBrowse
about:blank0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
jsdelivr.map.fastly.net
151.101.193.229
truefalseunknown
example.org
93.184.216.34
truefalse
    		high
    gfs214n123.userstorage.mega.co.nz
    		185.206.27.33
    		truefalseunknown
    prod.detectportal.prod.cloudops.mozgcp.net
    		34.107.221.82
    		truefalseunknown
    freeprosoftz.com
    		104.21.20.94
    		truetrueunknown
    contile.services.mozilla.com
    		34.117.237.239
    		truefalse
      		high
      stats.g.doubleclick.net
      		74.125.136.157
      		truefalse
        		high
        i.ibb.co
        		104.243.38.202
        		truefalse
          		high
          prod.content-signature-chains.prod.webservices.mozgcp.net
          		34.160.144.191
          		truefalseunknown
          code.jquery.com
          		151.101.130.137
          		truefalse
            		high
            x455brorg.click
            		172.67.209.87
            		truefalse
              		unknown
              eu.static.mega.co.nz
              		66.203.124.37
              		truefalseunknown
              ipv4only.arpa
              		192.0.0.171
              		truefalseunknown
              gkegw.prod.ads.prod.webservices.mozgcp.net
              		34.117.188.166
              		truefalseunknown
              www.google.com
              		173.194.219.99
              		truefalse
                		high
                prod.balrog.prod.cloudops.mozgcp.net
                		35.244.181.201
                		truefalseunknown
                a.nel.cloudflare.com
                		35.190.80.1
                		truefalse
                  		high
                  accounts.google.com
                  		172.217.215.84
                  		truefalse
                    		high
                    prod.remote-settings.prod.webservices.mozgcp.net
                    		34.149.100.209
                    		truefalseunknown
                    mega.nz
                    		31.216.144.5
                    		truefalse
                      		high
                      zrqcv8p6j.cfd
                      		104.21.93.78
                      		truefalse
                        		unknown
                        analytics.google.com
                        		142.250.9.113
                        		truefalse
                          		high
                          lu.api.mega.co.nz
                          		66.203.125.16
                          		truefalseunknown
                          clients.l.google.com
                          		74.125.138.138
                          		truefalse
                            		high
                            lzdevgl1c.click
                            		172.67.192.91
                            		truefalse
                              		unknown
                              resbreatfl.com
                              		172.67.193.106
                              		truetrueunknown
                              cdn.jsdelivr.net
                              		unknown
                              		unknownfalse
                                		high
                                spocs.getpocket.com
                                		unknown
                                		unknownfalse
                                  		high
                                  content-signature-2.cdn.mozilla.net
                                  		unknown
                                  		unknownfalse
                                    		high
                                    clients2.google.com
                                    		unknown
                                    		unknownfalse
                                      		high
                                      firefox.settings.services.mozilla.com
                                      		unknown
                                      		unknownfalse
                                        		high
                                        push.services.mozilla.com
                                        		unknown
                                        		unknownfalse
                                          		high
                                          clients1.google.com
                                          		unknown
                                          		unknownfalse
                                            		high
                                            g.api.mega.co.nz
                                            		unknown
                                            		unknownfalseunknown
                                            detectportal.firefox.com
                                            		unknown
                                            		unknownfalse
                                              		high
                                              shavar.services.mozilla.com
                                              		unknown
                                              		unknownfalse
                                                		high

                                                Contacted URLs

                                                NameMaliciousAntivirus DetectionReputation
                                                https://mega.nz/file/VSc1mJ4I#m_CZ7C7HFxMjf8SIOX6B4nmnOh_ckbWnsjWRsgMK_Oofalse
                                                  		high
                                                  https://resbreatfl.com/?asdasdfalse
                                                    		unknown
                                                    https://zrqcv8p6j.cfd/?65CC784DADD42false
                                                      		unknown
                                                      https://freeprosoftz.com/false
                                                        		unknown
                                                        http://freeprosoftz.com/true
                                                        • 11%, Virustotal, Browse
                                                        • Avira URL Cloud: malware
                                                        		unknown
                                                        about:blankfalse
                                                        • Avira URL Cloud: safe
                                                        		low
                                                        http://detectportal.firefox.com/canonical.htmlfalse
                                                          		high
                                                          http://detectportal.firefox.com/success.txt?ipv4false
                                                            		high

                                                            World Map of Contacted IPs

                                                            • No. of IPs < 25%
                                                            • 25% < No. of IPs < 50%
                                                            • 50% < No. of IPs < 75%
                                                            • 75% < No. of IPs

                                                            Public IPs

                                                            IPDomainCountryFlagASNASN NameMalicious
                                                            104.21.93.78
                                                            		zrqcv8p6j.cfdUnited States
                                                            		13335CLOUDFLARENETUSfalse
                                                            74.125.138.138
                                                            		clients.l.google.comUnited States
                                                            		15169GOOGLEUSfalse
                                                            172.217.215.101
                                                            		unknownUnited States
                                                            		15169GOOGLEUSfalse
                                                            64.233.176.95
                                                            		unknownUnited States
                                                            		15169GOOGLEUSfalse
                                                            172.67.192.91
                                                            		lzdevgl1c.clickUnited States
                                                            		13335CLOUDFLARENETUSfalse
                                                            64.233.176.94
                                                            		unknownUnited States
                                                            		15169GOOGLEUSfalse
                                                            151.101.193.229
                                                            		jsdelivr.map.fastly.netUnited States
                                                            		54113FASTLYUSfalse
                                                            185.206.27.33
                                                            		gfs214n123.userstorage.mega.co.nzFrance
                                                            		205809MEGAFRfalse
                                                            173.194.219.99
                                                            		www.google.comUnited States
                                                            		15169GOOGLEUSfalse
                                                            104.21.20.94
                                                            		freeprosoftz.comUnited States
                                                            		13335CLOUDFLARENETUStrue
                                                            34.117.237.239
                                                            		contile.services.mozilla.comUnited States
                                                            		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                            172.67.193.106
                                                            		resbreatfl.comUnited States
                                                            		13335CLOUDFLARENETUStrue
                                                            151.101.130.137
                                                            		code.jquery.comUnited States
                                                            		54113FASTLYUSfalse
                                                            34.117.188.166
                                                            		gkegw.prod.ads.prod.webservices.mozgcp.netUnited States
                                                            		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                            66.203.124.37
                                                            		eu.static.mega.co.nzUnited States
                                                            		11922RBNUSfalse
                                                            142.250.9.94
                                                            		unknownUnited States
                                                            		15169GOOGLEUSfalse
                                                            35.190.80.1
                                                            		a.nel.cloudflare.comUnited States
                                                            		15169GOOGLEUSfalse
                                                            142.250.9.113
                                                            		analytics.google.comUnited States
                                                            		15169GOOGLEUSfalse
                                                            74.125.138.95
                                                            		unknownUnited States
                                                            		15169GOOGLEUSfalse
                                                            64.233.177.94
                                                            		unknownUnited States
                                                            		15169GOOGLEUSfalse
                                                            172.253.124.97
                                                            		unknownUnited States
                                                            		15169GOOGLEUSfalse
                                                            172.67.209.87
                                                            		x455brorg.clickUnited States
                                                            		13335CLOUDFLARENETUSfalse
                                                            1.1.1.1
                                                            		unknownAustralia
                                                            		13335CLOUDFLARENETUSfalse
                                                            104.243.38.177
                                                            		unknownUnited States
                                                            		23470RELIABLESITEUSfalse
                                                            142.250.9.138
                                                            		unknownUnited States
                                                            		15169GOOGLEUSfalse
                                                            142.250.105.95
                                                            		unknownUnited States
                                                            		15169GOOGLEUSfalse
                                                            173.194.219.102
                                                            		unknownUnited States
                                                            		15169GOOGLEUSfalse
                                                            34.107.221.82
                                                            		prod.detectportal.prod.cloudops.mozgcp.netUnited States
                                                            		15169GOOGLEUSfalse
                                                            66.203.125.13
                                                            		unknownUnited States
                                                            		11922RBNUSfalse
                                                            35.244.181.201
                                                            		prod.balrog.prod.cloudops.mozgcp.netUnited States
                                                            		15169GOOGLEUSfalse
                                                            66.203.127.13
                                                            		unknownUnited States
                                                            		11922RBNUSfalse
                                                            239.255.255.250
                                                            		unknownReserved
                                                            		unknownunknownfalse
                                                            66.203.125.16
                                                            		lu.api.mega.co.nzUnited States
                                                            		11922RBNUSfalse
                                                            34.160.144.191
                                                            		prod.content-signature-chains.prod.webservices.mozgcp.netUnited States
                                                            		2686ATGS-MMD-ASUSfalse
                                                            74.125.136.157
                                                            		stats.g.doubleclick.netUnited States
                                                            		15169GOOGLEUSfalse
                                                            52.12.189.203
                                                            		unknownUnited States
                                                            		16509AMAZON-02USfalse
                                                            104.243.38.202
                                                            		i.ibb.coUnited States
                                                            		23470RELIABLESITEUSfalse
                                                            172.217.215.84
                                                            		accounts.google.comUnited States
                                                            		15169GOOGLEUSfalse
                                                            31.216.144.5
                                                            		mega.nzLuxembourg
                                                            		24611DCLUX-AS4rueGrahamBellLUfalse

                                                            Private

                                                            IP
                                                            192.168.2.16
                                                            127.0.0.1

                                                            General Information

                                                            Joe Sandbox version:40.0.0 Tourmaline
                                                            Analysis ID:1391977
                                                            Start date and time:2024-02-14 09:21:37 +01:00
                                                            Joe Sandbox product:CloudBasic
                                                            Overall analysis duration:
                                                            Hypervisor based Inspection enabled:false
                                                            Report type:full
                                                            Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                            Sample URL:http://freeprosoftz.com
                                                            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                            Number of analysed new started processes analysed:27
                                                            Number of new started drivers analysed:0
                                                            Number of existing processes analysed:0
                                                            Number of existing drivers analysed:0
                                                            Number of injected processes analysed:0
                                                            Technologies:
                                                            • EGA enabled
                                                            Analysis Mode:stream
                                                            Analysis stop reason:Timeout
                                                            Detection:MAL
                                                            Classification:mal76.win@38/93@83/371
                                                            • Exclude process from analysis (whitelisted): svchost.exe
                                                            • Excluded IPs from analysis (whitelisted): 64.233.176.94, 34.104.35.123, 142.250.9.94, 64.233.176.95, 74.125.138.95, 142.250.9.138, 142.250.9.101, 142.250.9.139, 142.250.9.102, 142.250.9.113, 142.250.9.100, 74.125.136.95, 142.250.105.95, 172.253.124.95, 172.217.215.95, 64.233.185.95, 64.233.177.95, 142.251.15.95, 173.194.219.95, 142.250.9.95, 173.194.219.102, 173.194.219.113, 173.194.219.101, 173.194.219.100, 173.194.219.139, 173.194.219.138, 172.253.124.97
                                                            • Excluded domains from analysis (whitelisted): fonts.googleapis.com, edgedl.me.gvt1.com, content-autofill.googleapis.com, fonts.gstatic.com, ajax.googleapis.com, www.googletagmanager.com, clientservices.googleapis.com, www.google-analytics.com
                                                            • Not all processes where analyzed, report is missing behavior information
                                                            • Report size getting too big, too many NtOpenFile calls found.
                                                            • Report size getting too big, too many NtOpenKeyEx calls found.
                                                            • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                            • Report size getting too big, too many NtQueryValueKey calls found.

                                                            Created / dropped Files

                                                            C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\sp4c0p22.default-release\cache2\entries\180089313729568CF6D0CAF9991F0FA4115478F0

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:PEM certificate
                                                            Category:dropped
                                                            Size (bytes):13004
                                                            Entropy (8bit):6.045027321470574
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:D119A9C188839EF487F5A3E9566B15EE
                                                            SHA1:AC1E5F9D43BE7A9F7DD84E253E65CCB04DF7C82C
                                                            SHA-256:35213A66C7D4A7AAD72490180F683B9EF584E1EFFF4B32A71D535DA015E41C39
                                                            SHA-512:2D0EBD643A4A273ABEFA19F8FD43475CD113C5A5BAB936A04B7438B323DC30E1AECFDC548E561FE82A7B588F62F5A8969FD1150B532B766392A87AAA0CD12F80
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:-----BEGIN CERTIFICATE-----.MIIDBjCCAougAwIBAgIIF4lqVzWSAagwCgYIKoZIzj0EAwMwgaMxCzAJBgNVBAYT.AlVTMRwwGgYDVQQKExNNb3ppbGxhIENvcnBvcmF0aW9uMS8wLQYDVQQLEyZNb3pp.bGxhIEFNTyBQcm9kdWN0aW9uIFNpZ25pbmcgU2VydmljZTFFMEMGA1UEAww8Q29u.dGVudCBTaWduaW5nIEludGVybWVkaWF0ZS9lbWFpbEFkZHJlc3M9Zm94c2VjQG1v.emlsbGEuY29tMB4XDTIzMDgzMDE2MDczN1oXDTIzMTExODE2MDczN1owgakxCzAJ.BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFp.biBWaWV3MRwwGgYDVQQKExNNb3ppbGxhIENvcnBvcmF0aW9uMRcwFQYDVQQLEw5D.bG91ZCBTZXJ2aWNlczE2MDQGA1UEAxMtcmVtb3RlLXNldHRpbmdzLmNvbnRlbnQt.c2lnbmF0dXJlLm1vemlsbGEub3JnMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEkG4D.ghibPzRweZTBELUeRB1KhGtpXuoGwAo7BlXXln6wjfHQCst5PBShB0XQQIFSi/r6.wwxzuM2RxwQ4m5nmcKeb/8Hs7wWIiY3Wi1HTTE1PQKu+wLiUwwY6Q4928LXdo4GD.MIGAMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAfBgNVHSME.GDAWgBSgHUoXT4zCKzVF8WPx2nBwp8744TA4BgNVHREEMTAvgi1yZW1vdGUtc2V0.dGluZ3MuY29udGVudC1zaWduYXR1cmUubW96aWxsYS5vcmcwCgYIKoZIzj0EAwMD.aQAwZgIxAIrcE9Tq6wwDYvFz0ytwuUmXpAE99auFd1ut2fo78qd52IQXv+gSAi

                                                            C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\sp4c0p22.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:gzip compressed data, max speed, from Unix, original size modulo 2^32 3859021824
                                                            Category:dropped
                                                            Size (bytes):8866
                                                            Entropy (8bit):6.657495509477466
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:1B00E1EF9CD077B887FF01E6D5B20D13
                                                            SHA1:22125804016B1B0610D08319C97FD2406F63F4C4
                                                            SHA-256:81A6A35488B0CF1C92355C4902A71AF59C0CC1A5BB6507AF7B07F5A07347F580
                                                            SHA-512:E06AE612246B7657891F6C82E4074553403F40DD03E915F5A58B688ACBBED491749E8CBBEF062F4800E0F99271CB67BBBB91E105F69B973534A8DDD95F1EB267
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:...........Y..8...U.i...>....2.....>..(I...W,..S..L.....f_..H-u......Z....|..n.N../..b...]...c..njE...&.Szw{[.%.O&.'..}..-.F0......g.k..+I#....,5...] I@...!/k*...z*.4U#.$c.\A...]....8..v......p.K......$..yz.#....%....u._..T....A..Q.......</......g.....+.8..r7N6.Q..|L(.%G?...Z'3{..C'p...I..1.....vOU...'u.5.i.....%.....D.....U!^.`...z...a..{Vhe1<z3....M;..H.....@wlysd...`.L.}+.2./...@=.qi........1.f...ro.N.....^W...p.s.8..Y.N...y.;.Gt.4....i..u..TuAw...cjh..../."\.+.;#.'.7g1R..Qb...e0@gK...>.s/...4..,..(..._...T..L)..]...{..:.9.b...-G......P.xs...K..6O.I..9_.'oD'..1..F.IbBoQ.c...iH.q..#...f...d.../....0...W..3......./W....$:.p..b.....]..rS.e.-`<...A.HK.......M...{.4.v@.h............9........jz.q.=..-C...3..wX..s..o..H..,.p[..z;..s?..~.'.k.x$0.:!..AQ..^...o`...EIt.G....eH.".%..PU..`.B...bt._V|.].X'CZ........y%{X[.9..$g..!.y......wiKj..%{Y^.g.....O.......@......{.;....d0.K.i.b..."O6.ig....x.(......x...u.L........,..f......nj4.?r.0*lS..

                                                            C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\sp4c0p22.default-release\cache2\entries\D0F48A0632B6C451791F4257697E861961F06A6F

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:data
                                                            Category:dropped
                                                            Size (bytes):38720
                                                            Entropy (8bit):5.258152251840614
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:4BF74376FDE1872CD72B7EC7F04BDA54
                                                            SHA1:19EB464F16A9292E53F66AB55B3C5A452C1052F4
                                                            SHA-256:746E1CDEDEB545C3ACEB3A82FD774710B3EABAD7025E453CEBC70BA7108DED4F
                                                            SHA-512:A88D36B4ABA81062007FAAC6E543BEDEE07414366ED2CFECF935283148AFF39FE8A8F235A3F0FEBF39A63DB485085F12A2B0AC5D15797554BFF49BB802BCF236
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:<!doctype html>.<html>. <head>. <meta charset="utf-8">. <meta http-equiv="Content-Security-Policy" content="default-src 'none'; object-src 'none'; script-src resource: chrome:; connect-src https:; img-src https: data: blob: chrome:; style-src 'unsafe-inline';">. <meta name="color-scheme" content="light dark">. <title data-l10n-id="newtab-page-title"></title>. <link rel="icon" type="image/png" href="chrome://branding/content/icon32.png"/>. <link rel="louserzation" href="branding/brand.ftl" />. <link rel="louserzation" href="toolkit/branding/brandings.ftl" />. <link rel="louserzation" href="browser/newtab/newtab.ftl" />. <link rel="stylesheet" href="chrome://browser/content/contentSearchUI.css" />. <link rel="stylesheet" href="chrome://activity-stream/content/css/activity-stream.css" />. </head>. Cached: Fri, 06 Oct 2023 09:08:32 GMT -->. <body class="activity-stream">. <div id="header-asrouter-container" role="presentation"></div>. <div id="r

                                                            C:\Users\user\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
                                                            Category:modified
                                                            Size (bytes):32768
                                                            Entropy (8bit):0.4593089050301797
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:D910AD167F0217587501FDCDB33CC544
                                                            SHA1:2F57441CEFDC781011B53C1C5D29AC54835AFC1D
                                                            SHA-256:E3699D9404A3FFC1AFF0CA8A3972DC0EF38BDAB927741E9F627C7C55CEA42E81
                                                            SHA-512:F1871BF28FF25EE52BDB99C7A80AB715C7CAC164DCD2FD87E681168EE927FD2C5E80E03C91BB638D955A4627213BF575FF4D9EECAEDA7718C128CF2CE8F7CB3D
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:... ftypisom....isomiso2avc1mp41....free....mdat..........E...H..,. .#..x264 - core 152 r2851 ba24899 - H.264/MPEG-4 AVC codec - Copyleft 2003-2017 - http://www.videolan.org/x264.html - options: cabac=1 ref=3 deblock=1:0:0 analyse=0x3:0x113 me=hex subme=7 psy=1 psy_rd=1.00:0.00 mixed_ref=1 me_range=16 chroma_me=1 trellis=1 8x8dct=1 cqm=0 deadzone=21,11 fast_pskip=1 chroma_qp_offset=-2 threads=4 lookahead_threads=1 sliced_threads=0 nr=0 decimate=1 interlaced=0 bluray_compat=0 constrained_intra=0 bframes=3 b_pyramid=2 b_adapt=1 b_bias=0 direct=1 weightb=1 open_gop=0 weightp=2 keyint=250 keyint_min=25 scenecut=40 intra_refresh=0 rc_lookahead=40 rc=crf mbtree=1 crf=23.0 qcomp=0.60 qpmin=0 qpmax=69 qpstep=4 ip_ratio=1.40 aq=1:1.00......e...+...s|.kG3...'.u.."...,J.w.~.d\..(K....!.+..;....h....(.T.*...M......0..~L..8..B..A.y..R..,.zBP.';j.@.].w..........c......C=.'f....gI.$^.......m5V.L...{U..%V[....8......B..i..^,....:...,..5.m.%dA....moov...lmvhd...................(...........

                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Feb 14 07:22:05 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                            Category:dropped
                                                            Size (bytes):2673
                                                            Entropy (8bit):3.992077567794637
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:E5BB072184C10B5EDC722E41F572BC88
                                                            SHA1:64871FE71803424522DE88439D130FB6623F7BA3
                                                            SHA-256:0121503ADB89A35D26037D0283BE03F996B0737C8B7DBC8854D5BE3F041F4873
                                                            SHA-512:D812FE0158604FC157DED31D6D8BA36D8349A4AACD9B7FEC493067E9C59150E062FE680B4D9FECD8977A859C6E46BE3206B97D3BEB923E5CE4681898A7C77D2A
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:L..................F.@.. ...$+.,....kF..._..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INX.B....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNX.B....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNX.B....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNX.B..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNX.B...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............u.].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Feb 14 07:22:05 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                            Category:dropped
                                                            Size (bytes):2675
                                                            Entropy (8bit):4.0075075558204425
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:7CCA002ABF4BBCFFCD3D23A500C6E2D3
                                                            SHA1:02BD9934CD21253F5568B90013FF2B947C851CCC
                                                            SHA-256:E51957D25C7D76221A1436D6C731707CB0DC8013F1B6A06C19836A3EFDD664A8
                                                            SHA-512:CA2AD17ADCB199F539433038A39AF0AE46FC9CE72E38A96873B432CFC5A027FE84DC41E8485A6396A8560A3B513A30524AB3A639B7ECC5CEAEC8EF23EC8DBDDB
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:L..................F.@.. ...$+.,....{...._..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INX.B....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNX.B....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNX.B....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNX.B..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNX.B...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............u.].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                            Category:dropped
                                                            Size (bytes):2689
                                                            Entropy (8bit):4.015531418261511
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:482E0FB449B533B51948ABC206445BFC
                                                            SHA1:3B6DA0D7E1242F27DC439FE08A0609CED31F662B
                                                            SHA-256:68B3B5087187D8DA5F40E288B68AB00C7FB3C318E3EB864EDCD55FA5245A6612
                                                            SHA-512:F0AD6D8C9A6DE35220C96C177997BB0796A0C40A52296B21B79EEE1C71264ACAB0A09C465B3C69D3137DBB48AB2807EF1B06F5A67D91E956DC55436959D0AD1D
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INX.B....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNX.B....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNX.B....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNX.B..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............u.].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Feb 14 07:22:05 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                            Category:dropped
                                                            Size (bytes):2677
                                                            Entropy (8bit):4.007741957798611
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:396E29231B1045077735C40F8480C0B3
                                                            SHA1:D5C452BCA6B8AA1AD366BE1048E9B67C683AC7AD
                                                            SHA-256:6812C2932F521A3824382D86FAD42AC3A90792797166DAB6EFF6F3760101FE8A
                                                            SHA-512:99B1F297E1F14D2E4BC2E8866DFCC38027C120E43F4C0DBB02DC4689A3934651BAA298629B8F06D0BAB6EE529E32A04DB0ADBB01AA0E8128C2D6450827E44121
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:L..................F.@.. ...$+.,.....7..._..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INX.B....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNX.B....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNX.B....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNX.B..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNX.B...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............u.].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Feb 14 07:22:05 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                            Category:dropped
                                                            Size (bytes):2677
                                                            Entropy (8bit):3.9960065381563017
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:F0FA3BBFF8AA06A4340BF19CADCE705A
                                                            SHA1:8E321E127178BEB9CCA3D01292F215B1B76AACC8
                                                            SHA-256:1C2942A2BE74016F45A22689CD95C09B421F4A1D1A50AFD8666E369613771B27
                                                            SHA-512:421E3252C14A09F28D428FBADEB2084D8BF74053C67CBD961FCD504976DB30D58C902EF7FC7CD3C5B31A552ECA8EB8C86564FB7ADE491840EB8802FF0AB4416C
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:L..................F.@.. ...$+.,....0...._..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INX.B....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNX.B....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNX.B....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNX.B..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNX.B...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............u.].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Feb 14 07:22:05 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                            Category:dropped
                                                            Size (bytes):2679
                                                            Entropy (8bit):4.004643071031203
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:078969C6D60F28198122B369764A541D
                                                            SHA1:9A504E31B2224C6E05C3BE4D2CE4C1DAC270A838
                                                            SHA-256:7F4712FAD645875B1859021A97BC3809E383FA7D6EBB45C6CC204659157940D2
                                                            SHA-512:FD61513AC5FC4F532C02C7F818C461B0DC5FCD644D91FC91535EF7796D205B7ACC36B51CAAFC44794E31729F3E2778B07BB3F1EB5DD0D77B55824E547027B7CC
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:L..................F.@.. ...$+.,....0b..._..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INX.B....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNX.B....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNX.B....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNX.B..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNX.B...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............u.].....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\content-prefs.sqlite

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:SQLite 3.x database, user version 5, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 8, cookie 0x6, schema 4, largest root page 8, UTF-8, vacuum mode 1, version-valid-for 4
                                                            Category:dropped
                                                            Size (bytes):262144
                                                            Entropy (8bit):0.04905141882491872
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:8736A542C5564A922C47B19D9CC5E0F2
                                                            SHA1:CE9D58967DA9B5356D6C1D8A482F9CE74DA9097A
                                                            SHA-256:97CE5D8AFBB0AA610219C4FAC3927E32C91BFFD9FD971AF68C718E7B27E40077
                                                            SHA-512:99777325893DC7A95FD49B2DA18D32D65F97CC7A8E482D78EDC32F63245457FA5A52750800C074D552D20B6A215604161FDC88763D93C76A8703470C3064196B
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:SQLite format 3......@ ..........................................................................j......|....~.}.}z}-|.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\content-prefs.sqlite-journal

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:SQLite Rollback Journal
                                                            Category:dropped
                                                            Size (bytes):33288
                                                            Entropy (8bit):0.3093920692372757
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:6B649B62FC66A378D92627ECB5E54A65
                                                            SHA1:EA07449D24A337422FFFF4A57554888476C20B67
                                                            SHA-256:EC4C9FB7E792D90B5D502611563BC16F3335ECB562BEDD9465C9480F6826DA85
                                                            SHA-512:DE71EE6A1BDACD03A99A71F9FA8634A5AA102014C060B205F25BE40808A48354C73DC40761D878B55287281752B0EFDAC021578FA795F9D47B777AA4FB59BF2D
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:.... .c.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................SQLite format 3......@ ..........................................................................j......|....~.}.}z}-|.............................................................................................................................................................................................................................................................................................................................................................................

                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\datareporting\glean\db\data.safe.tmp

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:data
                                                            Category:dropped
                                                            Size (bytes):2511
                                                            Entropy (8bit):4.253800919644475
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:95815292396B3DF0DF79D56BADCACE9A
                                                            SHA1:8EAD8AAFBBF1E9E7B2062B7F8B15D50414B920A9
                                                            SHA-256:D0B43067D205C7280656B0954125CA47D1D40B7F02DF112C6FC2044CCF249849
                                                            SHA-512:A7162B821009461543B4B8A97AE0BCE54D71C6E3FB4FCE00B0148EDCA410C0FCC0BABEB73090451CCE8E1C20E610B327ADF7A93E2B3660DC446504C1CFE9C1B4
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:.................app....................glean_client_info#app_build#............................20230927232528........glean_client_info#app_channel.............................release%.......glean_client_info#app_display_version.............................118.0.1........glean_client_info#build_date2........)...................1970-01-01T00:00:00+00:00............glean_client_info#os.............................Windows........glean_client_info#os_version.............................10.0.........user....................glean_client_info#client_id9........0...........$.......da376f26-8e6f-4f05-917f-526305a756d0 .......glean_client_info#first_run_date<........3...........#.......2023-10-06T10:08:21.740959800+01:00....%.......glean_internal_info#baseline#sequence.........................".......glean_internal_info#baseline#start<........3...........#.......2023-10-06T10:08:27.178376200+01:00............glean_internal_info#dirtybit......................#.......glean_internal_info#events#seq

                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\datareporting\glean\tmp\94440b23-89e7-4419-a0ed-6c26d5eb8b7a

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:ASCII text, with very long lines (2431)
                                                            Category:dropped
                                                            Size (bytes):2501
                                                            Entropy (8bit):4.947802809140636
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:F00348AB531234F837112B2D1DAA0FED
                                                            SHA1:9C5FD24AB832B707DB180AC8EAB55616D193F202
                                                            SHA-256:84F3AC193C485E32CB0A307CE9431C53C80783F6FD0109BE73129FA179D45FB2
                                                            SHA-512:6F147B66E3B38DA82BE8661F01CA4021CD2C6CF9035BB3C92F096650FC8F502DFD72750AB8E022C04BFF31590B5B4AC682E8C3723EA2B0AE1A2AF96F67D53DCC
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:/submit/firefox-desktop/events/1/94440b23-89e7-4419-a0ed-6c26d5eb8b7a.{"ping_info":{"seq":1,"start_time":"2023-10-06T10:08+01:00","end_time":"2024-02-14T10:25+01:00","reason":"startup","experiments":{"upgrade-spotlight-rollout":{"branch":"treatment","extra":{"enrollmentId":"2658a5ec-004c-444b-9d6d-88f31a089af3","type":"nimbus-rollout"}},"csv-import-release-rollout":{"branch":"enable-csv-import","extra":{"type":"nimbus-rollout","enrollmentId":"9c4f630b-d3dc-4236-9fe2-a1415309e4e4"}},"serp-ad-telemetry-rollout":{"branch":"control","extra":{"enrollmentId":"b28caf77-5f17-4748-b25f-9dd2dff77a5b","type":"nimbus-rollout"}}}},"client_info":{"telemetry_sdk_build":"53.2.0","locale":"en-US","app_display_version":"118.0.1","app_channel":"release","os_version":"10.0","app_build":"20230927232528","architecture":"x86_64","os":"Windows","first_run_date":"2023-10-06+01:00","build_date":"1970-01-01T00:00:00+00:00","windows_build_number":19045,"client_id":"da376f26-8e6f-4f05-917f-526305a756d0"},"metrics"

                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\datareporting\glean\tmp\99bd0c2a-c2d9-4215-bb80-340bf2578a04

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:ASCII text, with very long lines (11434)
                                                            Category:dropped
                                                            Size (bytes):11505
                                                            Entropy (8bit):4.669531051011826
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:B80193BD515866E10CC0E6C0261E8DEC
                                                            SHA1:B81A82699DCCA3F67C76673FA2971CB923CDC640
                                                            SHA-256:07FD9908F1D800CDCBEF21A42CF0A45FA5E7523C0559B180CD8FFE833C65B93D
                                                            SHA-512:33AA504D905427016FF6D30F6AD5F2E7B457E459B8187F15C651ECC2CCCA857CDBD08BE82C64362DE1DCB9DED88BD515906B9CB2F3E72AEA71D600235997A35D
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:/submit/firefox-desktop/metrics/1/99bd0c2a-c2d9-4215-bb80-340bf2578a04.{"ping_info":{"seq":0,"start_time":"2024-02-14T10:25+01:00","end_time":"2024-02-14T10:25+01:00","reason":"overdue","experiments":{"serp-ad-telemetry-rollout":{"branch":"control","extra":{"enrollmentId":"b28caf77-5f17-4748-b25f-9dd2dff77a5b","type":"nimbus-rollout"}},"upgrade-spotlight-rollout":{"branch":"treatment","extra":{"type":"nimbus-rollout","enrollmentId":"2658a5ec-004c-444b-9d6d-88f31a089af3"}},"csv-import-release-rollout":{"branch":"enable-csv-import","extra":{"enrollmentId":"9c4f630b-d3dc-4236-9fe2-a1415309e4e4","type":"nimbus-rollout"}}}},"client_info":{"telemetry_sdk_build":"53.2.0","windows_build_number":19045,"app_channel":"release","os_version":"10.0","app_display_version":"118.0.1","app_build":"20230927232528","architecture":"x86_64","locale":"en-US","os":"Windows","client_id":"da376f26-8e6f-4f05-917f-526305a756d0","build_date":"1970-01-01T00:00:00+00:00","first_run_date":"2023-10-06+01:00"},"metrics

                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\favicons.sqlite-shm

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:data
                                                            Category:dropped
                                                            Size (bytes):32768
                                                            Entropy (8bit):0.017262956703125623
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                            SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                            SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                            SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\places.sqlite-shm

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:data
                                                            Category:dropped
                                                            Size (bytes):32768
                                                            Entropy (8bit):0.034757609438718286
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:5CFDB8B461DF44EA490526D4B6D0F31E
                                                            SHA1:3D85418C5E6313818B7D581F7F77EB469CD7D077
                                                            SHA-256:C8DD1A1F768251FB6EE3E6D1FE5004500A9E958FB4DD2136F729A0B540456F8C
                                                            SHA-512:E3147EDB797FA2BCBDF65D63533CA84F9365946F7BB33EFDB7D4C2840C419FCC291EA67A4D0C282660590F0BEBB9D2ED80BB519D4B9B567D186B0735FF9B58FF
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:..-......................B'..L...Dw....B;.....-......................B'..L...Dw....B;...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\places.sqlite-wal

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:SQLite Write-Ahead Log, version 3007000
                                                            Category:dropped
                                                            Size (bytes):32824
                                                            Entropy (8bit):0.03939261518832426
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:77732F3963439F2F691129B659439B28
                                                            SHA1:9DFC79B9066C17EA42162E83808DA3492BA4CA81
                                                            SHA-256:87DA635D96C45679DD298F65C8A7E83D17870776394033951BC8904058F41176
                                                            SHA-512:9A50D2322F9C869E918A5E7B6FF61CEDA888770F90BF99CC2310B60A1634C3AA2E06AD42A00F8BFC6D01FF70CE64C2197B67D9827DA1F9F4F5DCC4D5E756A4AA
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:7....-............Dw....k..............Dw...'B..L.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\prefs-1.js

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                            Category:dropped
                                                            Size (bytes):11721
                                                            Entropy (8bit):5.481284902261477
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:D8CAD48D956A1758E72B167E90933DCD
                                                            SHA1:5F4A980BC84E7834A10280C3626F0FCA7C949C00
                                                            SHA-256:E022A534EACF41590AB6E2D41F2D4D71EBAE4BA153FBB3B3D4775B1D97768D51
                                                            SHA-512:37DA48BF23C30B2E2623FFA5C67C29DEE2EDFAFD4362C48CB9E7D767F410899EBE4159FF6E61CDC471839941408505A73A3BCD9250B9797E04213752023D89C4
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "0dbf219f-4e18-464a-957c-ae336603cdcc");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 1);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696583305);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1707902718);..user_pref("app.up

                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\prefs.js (copy)

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                            Category:dropped
                                                            Size (bytes):0
                                                            Entropy (8bit):0.0
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:D8CAD48D956A1758E72B167E90933DCD
                                                            SHA1:5F4A980BC84E7834A10280C3626F0FCA7C949C00
                                                            SHA-256:E022A534EACF41590AB6E2D41F2D4D71EBAE4BA153FBB3B3D4775B1D97768D51
                                                            SHA-512:37DA48BF23C30B2E2623FFA5C67C29DEE2EDFAFD4362C48CB9E7D767F410899EBE4159FF6E61CDC471839941408505A73A3BCD9250B9797E04213752023D89C4
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "0dbf219f-4e18-464a-957c-ae336603cdcc");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 1);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696583305);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1707902718);..user_pref("app.up

                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\protections.sqlite

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:SQLite 3.x database, user version 1, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 2, cookie 0x1, schema 4, UTF-8, version-valid-for 4
                                                            Category:dropped
                                                            Size (bytes):65536
                                                            Entropy (8bit):0.04062825861060003
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:60C09456D6362C6FBED48C69AA342C3C
                                                            SHA1:58B6E22DAA48C75958B429F662DEC1C011AE74D3
                                                            SHA-256:FE1A432A2CD096B7EEA870D46D07F5197E34B4D10666E6E1C357FAA3F2FE2389
                                                            SHA-512:936DBC887276EF07732783B50EAFE450A8598B0492B8F6C838B337EF3E8A6EA595E7C7A2FA4B3E881887FAAE2D207B953A4C65ED8C964D93118E00D3E03882BD
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:SQLite format 3......@ ..........................................................................j.......x..x..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\protections.sqlite-journal

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:SQLite Rollback Journal
                                                            Category:dropped
                                                            Size (bytes):33288
                                                            Entropy (8bit):0.083261787890173
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:35BF4FA9456F2CFF3FE1EBA64B7DEBB9
                                                            SHA1:CAF3B1BDC52968FBCCDCB63D02AE9852FF9ABB70
                                                            SHA-256:9D0E323D248584D120BAD4439E420E8DDA880B17EE13B0C86ECABD4785A96F94
                                                            SHA-512:DF3648C1F0E9D9EFA40F564B3C090BA1F0F799F9D32682CEFAC688917804DAA002F717B953DB4E14711F94B9BF7EFC93BFFD89F6EE731E32CCB5202832A92564
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:.... .c......ZZ.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................SQLite format 3......@ ..........................................................................j.......x..x......................................................................................................................................................................................................................................................................................................................................................................................

                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionCheckpoints.json (copy)

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:JSON data
                                                            Category:dropped
                                                            Size (bytes):0
                                                            Entropy (8bit):0.0
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                            SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                            SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                            SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionCheckpoints.json.tmp

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:JSON data
                                                            Category:dropped
                                                            Size (bytes):90
                                                            Entropy (8bit):4.194538242412464
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                            SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                            SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                            SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shm

                                                            Download File
                                                            Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                            File Type:data
                                                            Category:dropped
                                                            Size (bytes):32768
                                                            Entropy (8bit):0.02036431332101122
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:10B31AEBD48EF84B7C6AD32F40F2A991
                                                            SHA1:A7F8A81AE1880ABDC48A4E428454B9E4F9813605
                                                            SHA-256:5039DC772C2DF92C653EA18AD86D16F390753355BC71C59C05D962417922DC2B
                                                            SHA-512:5710314F73CD4A527E9A375DF650ACE32FA60692097D6884F1D3A88FA666ED981811512551DAD45182D5190F8CCA79F4AADC5FF2553BC25335C3A6D0C1EFE58A
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:..-...................................B.8...'.....-...................................B.8...'...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                            C:\Users\user\Downloads\506f23ea-36ea-4576-8dd9-db294ef14893.tmp

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:RAR archive data, v5
                                                            Category:dropped
                                                            Size (bytes):7350606
                                                            Entropy (8bit):7.999975650617442
                                                            Encrypted:true
                                                            SSDEEP:
                                                            MD5:F83501C1E3821174DABFDE30CFD9E3AA
                                                            SHA1:C2077F7DE5E660251CB17B3C711B9B2B88225C6B
                                                            SHA-256:3A608B0B0702FB7493124F2FA951F09B8FD885D7BDE39FE2B145920899A8A012
                                                            SHA-512:44A55BD76CA3825718BF313350EC7091473D3748CABACE2AAEBFB0BF620D3A09AA6BBD2412EEFF1823AF97F69B98657F4718954A7F60A7B242E7150CD0FD6181
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:Rar!........!.............K....e+.....V.S..a.g.YM..~......(~YOe...\..SP.)...u.u.K.h...3SAaP_.5.C.MO.P.4hRYlM..F..z.R..5.....I......|.m=^.k.'.8...p2.2..ut..r.....k&MI....S./M..0..g..lW8g....b...HdOH}...Y.[../....r...?....G.A..*;.,.%.o...x .Fcm...B|29....tE....D.!,.'.?.B...7.7.g..".....}..*k#.u..h...........).]..\.+o.....9../.[.!}.K?k.....M|....5L.....f?c..#..."....].f.V..5.w`..YI.x5a...a..0n....:.f...BO......|..7.Q...l..+..........j.4......FA>.[`'..j;....]..]weA...D*nI0.E...I.56..l..(..'f.w.[...*....=..hNA.@:.o......Z....S9..+. .....V..S.@M.IW.....$.$".~.L).y8nm.o.~...........`fE.&.y~..mr.M.|..|OcO......[..c...X...%..B..%=e.g.....E....Uz...{./.._\/7...O.....f<FS..co...j<.E..ynXSoS.....#.-\..}W%.7..a.+....U.."%.MD.3e.....k...i.....|Js.9.M.x..f.8u4y.^.......z.O;.q.."..?.F..*..:..:...x;w......uI... .P.C......P^U..X._o.f3...{.a.......'k0..B"...@.N.$8&9.;.u.=.s>..W.GuaY..F^..J#._nG${..toVb..'.Tc...:./.G.".....Hj3..;.aW..XuE.R.1...........@.3..

                                                            C:\Users\user\Downloads\Setup_84481_Passwrod.rar (copy)

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:RAR archive data, v5
                                                            Category:dropped
                                                            Size (bytes):0
                                                            Entropy (8bit):0.0
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:F83501C1E3821174DABFDE30CFD9E3AA
                                                            SHA1:C2077F7DE5E660251CB17B3C711B9B2B88225C6B
                                                            SHA-256:3A608B0B0702FB7493124F2FA951F09B8FD885D7BDE39FE2B145920899A8A012
                                                            SHA-512:44A55BD76CA3825718BF313350EC7091473D3748CABACE2AAEBFB0BF620D3A09AA6BBD2412EEFF1823AF97F69B98657F4718954A7F60A7B242E7150CD0FD6181
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:Rar!........!.............K....e+.....V.S..a.g.YM..~......(~YOe...\..SP.)...u.u.K.h...3SAaP_.5.C.MO.P.4hRYlM..F..z.R..5.....I......|.m=^.k.'.8...p2.2..ut..r.....k&MI....S./M..0..g..lW8g....b...HdOH}...Y.[../....r...?....G.A..*;.,.%.o...x .Fcm...B|29....tE....D.!,.'.?.B...7.7.g..".....}..*k#.u..h...........).]..\.+o.....9../.[.!}.K?k.....M|....5L.....f?c..#..."....].f.V..5.w`..YI.x5a...a..0n....:.f...BO......|..7.Q...l..+..........j.4......FA>.[`'..j;....]..]weA...D*nI0.E...I.56..l..(..'f.w.[...*....=..hNA.@:.o......Z....S9..+. .....V..S.@M.IW.....$.$".~.L).y8nm.o.~...........`fE.&.y~..mr.M.|..|OcO......[..c...X...%..B..%=e.g.....E....Uz...{./.._\/7...O.....f<FS..co...j<.E..ynXSoS.....#.-\..}W%.7..a.+....U.."%.MD.3e.....k...i.....|Js.9.M.x..f.8u4y.^.......z.O;.q.."..?.F..*..:..:...x;w......uI... .P.C......P^U..X._o.f3...{.a.......'k0..B"...@.N.$8&9.;.u.=.s>..W.GuaY..F^..J#._nG${..toVb..'.Tc...:./.G.".....Hj3..;.aW..XuE.R.1...........@.3..

                                                            C:\Users\user\Downloads\Setup_84481_Passwrod.rar.crdownload (copy)

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:RAR archive data, v5
                                                            Category:dropped
                                                            Size (bytes):0
                                                            Entropy (8bit):0.0
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:F83501C1E3821174DABFDE30CFD9E3AA
                                                            SHA1:C2077F7DE5E660251CB17B3C711B9B2B88225C6B
                                                            SHA-256:3A608B0B0702FB7493124F2FA951F09B8FD885D7BDE39FE2B145920899A8A012
                                                            SHA-512:44A55BD76CA3825718BF313350EC7091473D3748CABACE2AAEBFB0BF620D3A09AA6BBD2412EEFF1823AF97F69B98657F4718954A7F60A7B242E7150CD0FD6181
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:Rar!........!.............K....e+.....V.S..a.g.YM..~......(~YOe...\..SP.)...u.u.K.h...3SAaP_.5.C.MO.P.4hRYlM..F..z.R..5.....I......|.m=^.k.'.8...p2.2..ut..r.....k&MI....S./M..0..g..lW8g....b...HdOH}...Y.[../....r...?....G.A..*;.,.%.o...x .Fcm...B|29....tE....D.!,.'.?.B...7.7.g..".....}..*k#.u..h...........).]..\.+o.....9../.[.!}.K?k.....M|....5L.....f?c..#..."....].f.V..5.w`..YI.x5a...a..0n....:.f...BO......|..7.Q...l..+..........j.4......FA>.[`'..j;....]..]weA...D*nI0.E...I.56..l..(..'f.w.[...*....=..hNA.@:.o......Z....S9..+. .....V..S.@M.IW.....$.$".~.L).y8nm.o.~...........`fE.&.y~..mr.M.|..|OcO......[..c...X...%..B..%=e.g.....E....Uz...{./.._\/7...O.....f<FS..co...j<.E..ynXSoS.....#.-\..}W%.7..a.+....U.."%.MD.3e.....k...i.....|Js.9.M.x..f.8u4y.^.......z.O;.q.."..?.F..*..:..:...x;w......uI... .P.C......P^U..X._o.f3...{.a.......'k0..B"...@.N.$8&9.;.u.=.s>..W.GuaY..F^..J#._nG${..toVb..'.Tc...:./.G.".....Hj3..;.aW..XuE.R.1...........@.3..

                                                            Chrome Cache Entry: 143

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text
                                                            Category:downloaded
                                                            Size (bytes):507387
                                                            Entropy (8bit):4.462121885195489
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:CF522537E1DFAD5993E21107D52C9CEC
                                                            SHA1:3C9B135BFA56F5991C90F5660DB488B17022EF0A
                                                            SHA-256:3E0343AD5674EDDE09C78C7D3E08ABDEFC74166AD4C6C04914BEF1C881E27F5C
                                                            SHA-512:39B1BFEEE1CE4721561BE8959806F6952983499F4D982846166D071188FF23BE24B06AC42601A18D95240A8B001B3C507D197E8C0A48A82A3B5461EB219076E4
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/js/mega-10_3e0343ad5674edde09c78c7d3e08abdefc74166ad4c6c04914bef1c881e27f5c.js
                                                            Preview:/* Bundle Includes:. * js/fm/removenode.js. * js/fm/ufssizecache.js. * html/js/pro.js. * html/js/proplan.js. * html/js/planpricing.js. * html/js/propay.js. * html/js/propay-dialogs.js. * js/states-countries.js. * js/ui/miniui.js. * js/fm/achievements.js. * js/fm/fileversioning.js. * js/fm/fileconflict.js. * js/ui/gdpr-download.js. */..function removeUInode(h, parent) {. 'use strict';.. let hasSubFolders = 0;. const n = M.getNodeByHandle(h);.. parent = parent || M.getNodeParent(n || h);.. // check subfolders. if (n && n.t) {. const cns = M.c[parent];. if (cns) {. for (var cn in cns) {. if (M.d[cn] && M.d[cn].t && cn !== h) {. hasSubFolders++;. break;. }. }. }. }.. // Update M.v it's used for at least preview slideshow. for (var k = M.v.length; k--;) {. var v = M.v[k].ch || M.v[k].h;. if (v === h) {. i

                                                            Chrome Cache Entry: 144

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text
                                                            Category:downloaded
                                                            Size (bytes):433720
                                                            Entropy (8bit):4.432875358357152
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:599724958C893C016454457CE47EA49D
                                                            SHA1:DE3484A8BA3A8F9518511209E683CC6F317B5247
                                                            SHA-256:1698F00EB3E0559E31D2A05509A5677B8D759AC993306DFE41B800FE846FA9C2
                                                            SHA-512:215A6497CD7FB8447BB64B9CC8100F416714F9414CE8BDC132F1C9F2E264FF176E9DF79353C71BDCE403ECC825716BADFF3EB73BDEDDA7A0783AF7369714751B
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/js/mega-8_1698f00eb3e0559e31d2a05509a5677b8d759ac993306dfe41b800fe846fa9c2.js
                                                            Preview:/* Bundle Includes:. * js/jquery.tokeninput.js. * js/jquery.checkboxes.js. * js/vendor/moment.js. * js/ui/megaRender.js. * js/ui/dialog.js. * js/ui/credentialsWarningDialog.js. * js/ui/loginRequiredDialog.js. * js/ui/registerDialog.js. * js/ui/keySignatureWarningDialog.js. * js/ui/feedbackDialog.js. * js/ui/alarm.js. * js/ui/toast.js. * js/ui/top-tooltip-login.js. * js/fm/transfer-progress-widget.js. */..(function($) {.. // Default settings. var DEFAULT_SETTINGS = {. // Search settings. method: "GET",. queryParam: "q",. searchDelay: 200,. minChars: 1,. propertyToSearch: "id",. jsonContainer: null,. contentType: "json",. excludeCurrent: false,. excludeCurrentParameter: "x",. // Prepopulation settings. prePopulate: null,. processPrePopulate: false,. // Display settings. hintText: "Type in a search term",. noResultsText: "No results",. se

                                                            Chrome Cache Entry: 145

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (2343)
                                                            Category:downloaded
                                                            Size (bytes):52916
                                                            Entropy (8bit):5.51283890397623
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:575B5480531DA4D14E7453E2016FE0BC
                                                            SHA1:E5C5F3134FE29E60B591C87EA85951F0AEA36EE1
                                                            SHA-256:DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
                                                            SHA-512:174E48F4FB2A7E7A0BE1E16564F9ED2D0BBCC8B4AF18CB89AD49CF42B1C3894C8F8E29CE673BC5D9BC8552F88D1D47294EE0E216402566A3F446F04ACA24857A
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://www.google-analytics.com/analytics.js
                                                            Preview:(function(){/*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/.var n=this||self,p=function(a,b){a=a.split(".");var c=n;a[0]in c||"undefined"==typeof c.execScript||c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length||void 0===b?c=c[d]&&c[d]!==Object.prototype[d]?c[d]:c[d]={}:c[d]=b};function q(){for(var a=r,b={},c=0;c<a.length;++c)b[a[c]]=c;return b}function u(){var a="ABCDEFGHIJKLMNOPQRSTUVWXYZ";a+=a.toLowerCase()+"0123456789-_";return a+"."}var r,v;.function aa(a){function b(k){for(;d<a.length;){var m=a.charAt(d++),l=v[m];if(null!=l)return l;if(!/^[\s\xa0]*$/.test(m))throw Error("Unknown base64 encoding at char: "+m);}return k}r=r||u();v=v||q();for(var c="",d=0;;){var e=b(-1),f=b(0),h=b(64),g=b(64);if(64===g&&-1===e)return c;c+=String.fromCharCode(e<<2|f>>4);64!=h&&(c+=String.fromCharCode(f<<4&240|h>>2),64!=g&&(c+=String.fromCharCode(h<<6&192|g)))}};var w={},y=function(a){w.TAGGING=w.TAGGING||[];w.TAGGING[a]=!0};var ba=Array.isArray,c

                                                            Chrome Cache Entry: 146

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
                                                            Category:dropped
                                                            Size (bytes):6518
                                                            Entropy (8bit):4.789786856591123
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:72F13FA5F987EA923A68A818D38FB540
                                                            SHA1:F014620D35787FCFDEF193C20BB383F5655B9E1E
                                                            SHA-256:37127C1A29C164CDAA75EC72AE685094C2468FE0577F743CB1F307D23DD35EC1
                                                            SHA-512:B66AF0B6B95560C20584ED033547235D5188981A092131A7C1749926BA1AC208266193BD7FA8A3403A39EEE23FCDD53580E9533803D7F52DF5FB01D508E292B3
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:............ .(...&... .... .(...N...(....... ..... ......................................................................................................................................................................T...................................S.......................S...........................................S...........................................................................................}y..................}y..........................................~...................~.................................................................................................................................................................................................................................................................................................................................................................S...........................................S........ ... ... ... ..S ... ... ... ... ... ... ... ... ..S ... ... ...!...!...!...!...!...!...!.

                                                            Chrome Cache Entry: 147

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:assembler source, ASCII text
                                                            Category:dropped
                                                            Size (bytes):337452
                                                            Entropy (8bit):4.319652749161333
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:512FFB62D31FD4C0376D224D6B5FD80A
                                                            SHA1:2EF8E718325C8D253A40AD48B41DB102A1E8237C
                                                            SHA-256:872C7FF54F6E847E62BFA426AA6B14C0D3E89BD4D898B405796031298CDFE866
                                                            SHA-512:386A92807E5A47F5DEFAECA89209185A6530C54C071E57A26C2A6F28E28B6A9670E7009D7F88BF7E66509FDF2E7D66BA0CBA458C7CCDC51ACCEED6D7768616ED
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:/* Bundle Includes:. * html/js/registerb.js. * js/emailNotify.js. * js/ui/slideshow/file.js. * js/ui/slideshow/manager.js. * js/ui/slideshow/playlist.js. * js/ui/slideshow/step.js. * js/ui/slideshow/utils.js. * js/ui/slideshow/settings/base/options.js. * js/ui/slideshow/settings/base/switch.js. * js/ui/slideshow/settings/order.js. * js/ui/slideshow/settings/speed.js. * js/ui/slideshow/settings/repeat.js. * js/ui/slideshow/settings/sub.js. * js/ui/slideshow/settings/settingsManager.js. * js/ui/imagesViewer.js. * js/filerequest_common.js. * js/filerequest_components.js. * js/filerequest.js. * js/ui/theme.js. * js/vendor/megalist.js. * js/ui/searchbar.js. */../** a class contains the code-behind of business register "registerb" page */.function BusinessRegister() {. "use strict";. this.cacheTimeout = 9e5; // 15 min - default threshold to update payment gateway list. this.planPrice = 9.99; // initial value. this.minUsers = 3; // minimum

                                                            Chrome Cache Entry: 150

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:Web Open Font Format (Version 2), TrueType, length 182708, version 2.983
                                                            Category:downloaded
                                                            Size (bytes):182708
                                                            Entropy (8bit):7.990125398423896
                                                            Encrypted:true
                                                            SSDEEP:
                                                            MD5:BD03A2CC277BBBC338D464E679FE9942
                                                            SHA1:CBFF48BCE12E71565156BB331B0C9979746A5680
                                                            SHA-256:983B0CAF336E8542214FC17019A4FC5E0360864B92806CA14D55C1FC1C2C5A0F
                                                            SHA-512:A8FBC47ACA9C6875FC54983439687323D8E8DB4CA8F244ED3C77CA91893A23D3CFBD62857B1E6591F2BC570C47342EED1F4A6010E349EF1AC100045EF89CBFD0
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/fonts/Lato-Regular.woff2?v=6343dd45044b0726
                                                            Preview:wOF2.............E....N..............................f.`..$..f........`..w.6.$..<......@.. ..=...o..9[.w.u.....A./..H"...t....v........%...I..?...mSV@...%%)yP..)...!........c........4+;........g..................................................................gKN..PqW.m.uD... .".{.bJ$SaZ}&.......C..@.......J.....t%}..rE.W15.V....5.Z.\]@..0..]F}C.)5*oJFZ..f....,..OxJ.x...%.<...r.../....c......@]{....0..+..0..;..8h.:TZ^]..:.j.P).B.Vr.c........Q..6.F...I..5z.X.7>........P#810.d.j.<e..4..M..l......`h.H.4;.)rs@..y..(=.-..l.X.r4n\iw{. r...hQ.R...b.T..XHK&FK..1....<.(...Ks.*.R.R..M...>..8....X._.=.F.0.n+P&..`...b.{C...C.n.#........I..z.i.mF.........n,r.HM.(.6E.JxG.h...[.fa"...B.sHM".i.B*....q..p.9R4........n.....h.B....t(....6<...F)V.C...M...T.....m)*..f5l{.&.`!...i.4..$M;..i'+q.V.Y3.y....G.4F.CU.Vv...v.)...PC.N!O.4...RR.,..\...:...V...Y..T..x ..M.;..3{...Q9r...H..(..2H)Bj.h.UR....2.L$Q.J!..r. %EJ..4M=...P. .4.F.w..<i...c.S.).H.!.>,.. j.v4jn...0...;..

                                                            Chrome Cache Entry: 151

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text
                                                            Category:downloaded
                                                            Size (bytes):37471
                                                            Entropy (8bit):4.279754569727676
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:996910C8887AAFAE0C4B91DC7C61026E
                                                            SHA1:B29D3E9EC060E5A7CD38D3F52B7D43B549E74BDB
                                                            SHA-256:ED9DC57F008D4CB04416885987187605FFE7A269D739192DC5C0EFBE0F6EA52E
                                                            SHA-512:8F0655648CCA18F417A90634C08351A3ADF7B3BAADFE8EE065905525383387F71A8EEB2376E657BEACA7079B316B9416C8C32397CB2000B8AEE9A5298BE4AC50
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/html/js/download_ed9dc57f008d4cb04416885987187605ffe7a269d739192dc5c0efbe0f6ea52e.js
                                                            Preview:var dlpage_ph;.var dlpage_key;.var fdl_filename, fdl_filesize, fdl_key, fdl_url, fdl_starttime;.var dl_import=false;.var dl_attr;.var dl_node;.var fdl_queue_var=false;.var fileSize;.var dlResumeInfo;.var mediaCollectFn;.var maxDownloadSize = Math.pow(2, 53);..function dlinfo(ph,key,next).{. $('.widget-block').addClass('hidden');. loadingDialog.show();.. dlpage_ph = ph;. dlpage_key = key;.. if (!is_mobile) {. watchdog.query('dlsize', 2100, true).catch(nop);. }.. if (dl_res) {. setupSingleDownloadPage(dl_res). .catch(tell);.. dl_res = false;. }. else {. // Fetch the file information and optionally the download URL. api.req({a: 'g', p: ph, ad: 1}). .then(({result}) => result). .always(setupSingleDownloadPage). .catch(tell);. }.. $(window).rebind('keydown.uikeyevents', function(ev) {. if (ev.keyCode === 27) {. $('.media-viewer-container', 'body').removeClass('fu

                                                            Chrome Cache Entry: 152

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:PNG image data, 262 x 2354, 8-bit/color RGBA, non-interlaced
                                                            Category:dropped
                                                            Size (bytes):118009
                                                            Entropy (8bit):7.9619236041122
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:0C84425225CE575AA5D7DA38B5A448F5
                                                            SHA1:E16CFED98DCC4BBD8CECFE3C2ADE5A09F392DFCB
                                                            SHA-256:3F5CEF20C00263DCDE826647567A7B54E912C34B08F88BD5A7E1E4FECD342BD3
                                                            SHA-512:CBA9F8A5BFC20EFD4A54665EF7392E822CC8087998295D0C80E241EA37AE3F4CC936E8F041E244DD9226CE07A9A6A838DD8B352DF5EC569A6698E5CAB332CF01
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:.PNG........IHDR.......2.....+10....&iCCPAdobe RGB (1998)..(.c``2ptqre.``..+).rwR...R`?..............> v^~^*...v...D_....@..J.(*.....(%.8......../)..3...E..... vQH.3.}...K.....I........ ..H}:....6....KR+@.28..T.e.g.(.ZZZ*8..'.*.W.....+x.%.....%.....B..........j..d.2.....9....bg.b..\ZT.e22...#.#.......B...a.....T...!...>..9...O..:6\....pHYs.................iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c145 79.163499, 2018/08/13-16:40:22 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:photoshop="http://ns.adobe.com/photoshop/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#" xmp:CreatorTool="Adobe Photoshop CC 2019 (Macintosh)" xmp:CreateDate="2020-10-02T07:35:42+03:00" xmp:Mo

                                                            Chrome Cache Entry: 155

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text
                                                            Category:downloaded
                                                            Size (bytes):519907
                                                            Entropy (8bit):4.540443320991328
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:50F0BF09DF0C8AD2459CADCB941A1175
                                                            SHA1:DAFD6068B2E647B3A00E6201C24AAE8801DDF3BB
                                                            SHA-256:FF5A55C19E4B3CF287556D95131F98983E6FD46E395D63FF61EC0B4BC8B1C461
                                                            SHA-512:EFBFB9D0F0953CA11B15D725871ADC43835DF5F365CE91015B4EEAA8D1AFA3F57E7D7680A904476D8F9384E8802216F757EAA545F8E59D6C7BD2CB7556838526
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/js/mega-9_ff5a55c19e4b3cf287556d95131f98983e6fd46e395d63ff61ec0b4bc8b1c461.js
                                                            Preview:/* Bundle Includes:. * js/fm/fileTextEditor.js. * js/fm/textEditorUI.js. * js/transfers/xhr2.js. * js/transfers/queue.js. * js/transfers/utils.js. * js/transfers/meths/cache.js. * js/transfers/meths/memory.js. * js/transfers/meths/filesystem.js. * js/transfers/downloader.js. * js/transfers/decrypter.js. * js/transfers/download2.js. * js/transfers/meths.js. * js/transfers/upload2.js. * js/transfers/reader.js. * js/transfers/zip64.js. * js/transfers/cloudraid.js. * js/vendor/int64.js. * index.js. * js/filetypes.js. */../** This class is the core of text file editor.. * It will handle uploading/downloading of data. * and performs memory/bandwidth optimization..*/..mega.fileTextEditor = new function FileTextEditor() {. "use strict";. // the maximum slots in memory for edited files. // we have the maximum editable file size = 20MB --> max Total = 100MB. var maxFilesInMemory = 5;.. var filesDataMap = Object.create(null);. var slotIndex

                                                            Chrome Cache Entry: 156

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (14115)
                                                            Category:downloaded
                                                            Size (bytes):21008
                                                            Entropy (8bit):5.320333284169983
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:C0EC074AC593D3AD5140DC242F6EFDD0
                                                            SHA1:6E1935E74FD0B96E1C67B7671096A5FB61E21B73
                                                            SHA-256:DCFC06EB378F05884977BF0B6783DC74470A286602FCE0628C5F6A8DF7763FC3
                                                            SHA-512:7EB8A089C601040AED08FB40850AE5EEE157B1F2926B0FBD6D47356142BFD914B884525BAD39808A3303024BBD2C391EDA6773FDB37AB7CD7E1589759D156E2F
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://freeprosoftz.com/wp-content/cache/minify/6e2b6.js
                                                            Preview:"undefined"/*!jQuery Migrate v3.4.1 | (c) OpenJS Foundation and other contributors | jquery.org/license*/==typeof jQuery.migrateMute&&(jQuery.migrateMute=!0),function(t){"use strict";"function"==typeof define&&define.amd?define(["jquery"],function(e){return t(e,window)}):"object"==typeof module&&module.exports?module.exports=t(require("jquery"),window):t(jQuery,window)}(function(s,n){"use strict";function e(e){return 0<=function(e,t){for(var r=/^(\d+)\.(\d+)\.(\d+)/,n=r.exec(e)||[],o=r.exec(t)||[],a=1;a<=3;a++){if(+o[a]<+n[a])return 1;if(+n[a]<+o[a])return-1}return 0}(s.fn.jquery,e)}s.migrateVersion="3.4.1";var t=Object.create(null);s.migrateDisablePatches=function(){for(var e=0;e<arguments.length;e++)t[arguments[e]]=!0},s.migrateEnablePatches=function(){for(var e=0;e<arguments.length;e++)delete t[arguments[e]]},s.migrateIsPatchEnabled=function(e){return!t[e]},n.console&&n.console.log&&(s&&e("3.0.0")&&!e("5.0.0")||n.console.log("JQMIGRATE: jQuery 3.x-4.x REQUIRED"),s.migrateWarnings&&n

                                                            Chrome Cache Entry: 157

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:JSON data
                                                            Category:downloaded
                                                            Size (bytes):359317
                                                            Entropy (8bit):4.915090986957094
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:75A931C845CF139028C31C08517F4DF4
                                                            SHA1:36F852A249F048CDAFBF78146A40F5A923047D62
                                                            SHA-256:0BEB9330F357BA5D53AD37A589BC02238EECA4B4DB29CF7896791FDEFBE3217E
                                                            SHA-512:81B1D427CDD89B3DFF118E732608E6C3BDE276B16FABAB3DA6A30D64AC0BE2A5AE0588455D0BE23400759E1D0AB463F02DBB5F135D66809CB686E766C4FCA1F8
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/lang/en_0beb9330f357ba5d53ad37a589bc02238eeca4b4db29cf7896791fdefbe3217e.json
                                                            Preview:{. "14": "Confirm deletion",. "15": "You are about to permanently remove all items from your Rubbish bin.",. "16": "Internal error",. "17": "Transfer quota exceeded",. "18": "Too many connections for this download",. "19": "Login session expired or invalid",. "22": "File no longer exists",. "23": "File no longer accessible",. "24": "Decryption error",. "2fa_already_enabled": "Two-factor authentication (2FA) has already been enabled. To disable, go to Settings &gt; Security &gt; 2FA.",. "2fa_menu": "Two-factor authentication (2FA)",. "34": "Warning:",. "47": "Oops, something went wrong. Sorry about that.",. "55": "Read-only",. "56": "Read and write",. "57": "Full access",. "58": "Download",. "60": "Share",. "61": "Rename",. "62": "Move",. "63": "Copy",. "68": "Create folder",. "71": "Add contact",. "78": "Yes",. "79": "No",. "81": "OK",. "82": "Cancel",. "83": "Remove",. "85": "Reload",. "86": "Nam

                                                            Chrome Cache Entry: 158

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text
                                                            Category:dropped
                                                            Size (bytes):459007
                                                            Entropy (8bit):4.408518046084602
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:58E875764884FE88CB350350A5DBE3B4
                                                            SHA1:F0FDA614EF6CE3629FFDF3EB775BAEEC72A81614
                                                            SHA-256:A5EB6F39CBAC22A08205F410B1F6FA5EA0D06451DED24AFFF2A29DE1245E6525
                                                            SHA-512:FA3C158E2A238DB3D389E595151607028AF55CA9E0F59C89D33547F545513FD45AE5B642D240C165042E9F9C925D83CC96809EE8962FAECD2D7635A7F8D7A8E2
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:/* Bundle Includes:. * js/crypto.js. * js/account.js. * js/security.js. * js/two-factor-auth.js. * js/attr.js. * js/mega.js. * js/megaPromise.js. * js/reqstatclient.js. */..var xxtea = (function() {. 'use strict';.. // (from https://github.com/xxtea/xxtea-js/blob/master/src/xxtea.js). var DELTA = 0x9E3779B9;. var ns = Object.create(null);.. var int32 = function(i) {. return i & 0xFFFFFFFF;. };.. var mx = function(sum, y, z, p, e, k) {. return (z >>> 5 ^ y << 2) + (y >>> 3 ^ z << 4) ^ (sum ^ y) + (k[p & 3 ^ e] ^ z);. };.. ns.encryptUint32Array = function encryptUint32Array(v, k) {. var length = v.length;. var n = length - 1;. var y;. var z = v[n];. var sum = 0;. var e;. var p;. var q;. for (q = Math.floor(6 + 52 / length) | 0; q > 0; --q) {. sum = int32(sum + DELTA);. e = sum >>> 2 & 3;. for (p = 0; p < n; ++p) {. y = v[p

                                                            Chrome Cache Entry: 160

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:SVG Scalable Vector Graphics image
                                                            Category:downloaded
                                                            Size (bytes):68811
                                                            Entropy (8bit):4.833256971201498
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:770B69C3DF131F0EBC4B0CE308D1EF33
                                                            SHA1:67F2E3F1036B6BA9CF541175C98C7503A308A517
                                                            SHA-256:A5169BC493A31B5513E7FB9357BB189E053F76A9C7D4A45232C145554BBEB075
                                                            SHA-512:E0D5A259401D3EB73A344941DE3CF61D809A498743F3C687A0ABA50AA3FE1489B55E88C76AA756404999F0EB9F4B9DE22CB00DC4DD34DBC310A3F329392108D3
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/imagery/sprites-fm-illustration-sprite-wide.e397e234dc118de4.svg
                                                            Preview:<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="4000" height="500"><style><![CDATA[.B{fill:#fff}.C{fill-rule:nonzero}.D{fill:#00c0a6}.E{fill-opacity:.2}.F{fill:#000}.G{mask:url(#BJ)}.H{fill:#f4d1c6}.I{fill:#f1c9bd}.J{fill:#e6e9ed}.K{mask:url(#BX)}.L{fill:#53565b}.M{fill:#ad6e53}.N{fill:#46b4e5}.O{fill:#ed5564}.P{fill:#fafafa}.Q{mask:url(#BN)}.R{fill:#ffa837}.S{fill:#00b69a}.T{mask:url(#Ar)}.U{mask:url(#As)}.V{fill-opacity:.9}.W{fill:#54bbff}.X{fill:#e1e4e9}.Y{fill:#732400}.Z{fill:#661d00}.a{fill:#e0895a}.b{fill:#da7c4e}.c{fill:#00a889}.d{mask:url(#BG)}.e{fill:#00b194}.f{mask:url(#BM)}.g{mask:url(#Be)}.h{fill:#ffb400}.i{fill:#aac8d6}.j{fill:#072545}.k{fill:#398d03}.l{fill:#3c3d3f}.m{stroke-width:2.273} </style><defs><path id="A" d="M28.182 72.631h16.364V41.762H28.182z"/><path d="M58.182 25.42c0 14.123-13.505 26.329-21.818 26.329-8.276 0-21.818-12.206-21.818-26.329v-1.816L20 15.433s8.303 1.816 16.364 1.816c8.095 0 15.455-1.816 15.455-1.816l6.36

                                                            Chrome Cache Entry: 161

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:Web Open Font Format (Version 2), TrueType, length 22116, version 1.0
                                                            Category:downloaded
                                                            Size (bytes):22116
                                                            Entropy (8bit):7.9905296610047385
                                                            Encrypted:true
                                                            SSDEEP:
                                                            MD5:53EEDB1E2D7C79582F367EC102C12681
                                                            SHA1:B2E1888E4EC623E14D173712BD2881459BA3DC7F
                                                            SHA-256:1F03B3082883C94DE09EA4C0B38092A45F2F7CA60C14889818A3E19057DA34B8
                                                            SHA-512:AD6516A4BFA70A4EBE4573E54109D156CFDB0F10E471213825610FDB47DF464F7519527DAE622D8FCF588A2D9CDDF77B985729189994E107CD2928C9D194C525
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://freeprosoftz.com/wp-content/themes/merlin/fonts/roboto-v18-latin-ext_latin-700.woff2
                                                            Preview:wOF2......Vd..........V..........................p.....>.`....H..<.....$.....Z...8.6.$..0. ..~. ..).[......9.N@..........v........I.f....1....4.....9.p(......a2..(.-.n...gP/9.....p.w.....E...x...9..k..B]....LI......J.J...#C.n.R.V.e.$.5g...........-).+X.'...q..5..#.~?#0..X..ay..vW..8.>~`.F.u.S4..k.......o..... ...&."pQ.^...^.......U.G..,{SQ..'..}.........S.)R.A.W...r......[.Y8. Nr%..-...*.F..;....Z..0......"..*r.p.....T.8p....."u..$.h.`. V"6*.k...........WSO.5..lr|..........}[.c.b.u.....~.{..L2.I}i.....B+..W...U8../."...B"...pD.}..A`Y....F....#....]..q..r..6.&...._.V-......^Q."O..x6..;....%.Y}.(.?.?........zw..V:iW:.....$.....9d....bF..........X.(%...Fod.....g.oZ.I...HQ.I.&...w.8z..+.......}w..#.v.*vr..RE7..J.h...............W!$.?....(...h..1U..C.dW..\.E...M..]4.....J..2k.v..Z_Ri.T&.L.]..VG.;".gs..CT.r...[...\q...>.s..*...i....j.xP...E....oj..:...r/..<E.4A...c{....-.0......*........D.$.@...6.'.....WS...r.r/$.'....~^.`\b.@P..K.`..`..`.8`..

                                                            Chrome Cache Entry: 163

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (5955)
                                                            Category:downloaded
                                                            Size (bytes):232764
                                                            Entropy (8bit):5.565038799821833
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:FA4D34EC8CD6AC88DF66D0A8BC1CBDCE
                                                            SHA1:BBDB9DF96F952E9301B3C20E2992978669047916
                                                            SHA-256:D213A89527AB36F920D0284E119F3526E3C71DBEED51B7183812F0AFA716D863
                                                            SHA-512:8E4CEFDEFB0D051BE09BCA1A409457748C955C34E4F022966C85D46B7746548D6DDC5787FEC69E4504951407FC7754B26FB8D9DD8A0E5988BAA85BA3A5CC26A4
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://www.googletagmanager.com/gtag/js?id=G-EBBP73YGPY&cx=c&_slc=1
                                                            Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"vtp_signal":1,"function":"__c","vtp_value":1},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0},{"vtp_signal":1,"function":"__c","vtp_value":1},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_1p_data_v2","priority":7,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_autoEmailEnabled":true,"vtp_autoPhoneEnabled":false,"vtp_autoAddressEnabled":false,"vtp_isAutoCollectPiiEnabledFlag":false,"tag_id":10},{"function":"__ccd_ga_first","priority":6,"vtp_instanceDestinationId":"G-EBBP73YGPY","tag_id":18},{"function":"__set_product_settings","priority":5,"vtp_instanceDestinationId":"G-EBBP73YGPY","vtp_foreignTldMacroResult":["macro",5],"vtp_isChinaVipRegionMacroResult":["macro",6],"tag_id":17},{"function":"__

                                                            Chrome Cache Entry: 165

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:JSON data
                                                            Category:dropped
                                                            Size (bytes):747459
                                                            Entropy (8bit):4.939049676536296
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:0CD7BBA1C5BD271E34D601410CEB51D2
                                                            SHA1:3F77FAF47BA9E43312326741CCA807DE2117822A
                                                            SHA-256:F7B8F4A664D17CDAE67EF40F3327D28D9D85825F15E4C4DD92F976CA8C5085C1
                                                            SHA-512:712ECE458EB0832CDF37C01FBC7CDA87329EF798FEDEE173D58B8A6C8710BD5B856D24739F613C21310DC144BD80F022554022DCF4BCFEEBF753F0A05CC3C944
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:{"transferwidget":"<div class=\"widget-block hidden\"> <div class=\"widget-circle percents-0\"> <div class=\"widget-arrows\"> <div class=\"widget-tooltip\"> <div class=\"widget-icon uploading hidden\"> <span class=\"widget-txt\">[$1155]</span> <span class=\"widget-speed-block ulspeed\"> [$23062.k] </span> </div> <div class=\"widget-icon downloading hidden\"> <span class=\"widget-txt\">[$1156]</span> <span class=\"widget-speed-block dlspeed\"> [$23062.k] </span> </div> </div> <div class=\"widget-arrow\"></div> </div> </div> </div>","top":"<section class=\"topbar top-head js-topbar\"> <div class=\"logo-wrapper\"> <div class=\"logo-full sprite-fm-illustration-wide mega-logo-dark\"></div> <a class=\"logo\"> <i class=\"sprite-fm-uni icon-mega-logo\"></i> </a> <div class=\"top-business-title\"> <span class=\"rtl-block-if-rtl\">[$19530]</span> </div> <button class=\"mega-button individual hidden\"> <span class=\"rtl-block-if-rtl\">[$19529]</span> </button> <button class=\"btn-icon show-hints

                                                            Chrome Cache Entry: 166

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (411)
                                                            Category:downloaded
                                                            Size (bytes):460627
                                                            Entropy (8bit):5.020069039569668
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:E46F35EF7FCA0088E611EA0044793E4A
                                                            SHA1:19EB587F3524D32C050F43564562B884D7D38851
                                                            SHA-256:F781E629660D8CB1FB4CFEEA91F46C4CCDA5789D46B730565018AA0A0D66C82E
                                                            SHA-512:7F367E4B2298CA899FF627E96DC96AAD80D67E38056A64268A1DE05823F06300BD5A8D6C3232B43532F5797EE40FD826AAD772CBE263C9ED017CC7275BA885A2
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/js/mega-2_f781e629660d8cb1fb4cfeea91f46c4ccda5789d46b730565018aa0a0d66c82e.js
                                                            Preview:/* Bundle Includes:. * js/vendor/jquery-ui.js. * js/vendor/jquery-ui-touch.js. * js/vendor/jquery.mousewheel.js. * js/scrolling.utils.js. * js/jquery.misc.js. * js/vendor/megaLogger.js. * js/vendor/jquery.fullscreen.js. * js/jquery-ui.extra.js. * js/utils/polyfills.js. */../*! jQuery UI - v1.12.1 - 2016-10-28.* http://jqueryui.com.* Includes: widget.js, position.js, data.js, disable-selection.js, form-reset-mixin.js, keycode.js, labels.js, scroll-parent.js, unique-id.js, widgets/draggable.js, widgets/droppable.js, widgets/resizable.js, widgets/selectable.js, widgets/sortable.js, widgets/autocomplete.js, widgets/datepicker.js, widgets/menu.js, widgets/mouse.js, widgets/selectmenu.js, widgets/slider.js, effect.js, effects/effect-fade.js.* Copyright jQuery Foundation and other contributors; Licensed MIT */..(function( factory ) {..if ( typeof define === "function" && define.amd ) {....// AMD. Register as an anonymous module....define([ "jquery" ], factory );..} else {...

                                                            Chrome Cache Entry: 167

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text
                                                            Category:downloaded
                                                            Size (bytes):446330
                                                            Entropy (8bit):4.2158602590310394
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:572E9BDC6E76D3C54A428872ACD8EF80
                                                            SHA1:F76ACF28CF7421C9442B46671CBB755D7D9727B7
                                                            SHA-256:51A2FD25F91930483EAA6B14F3799786F2F6E149DBFA113B47885441D4ADBA0A
                                                            SHA-512:244405400C292F6F1E1F03DC71EE127BA045126A43C198F1877C6ACE5FD1B925BB3943DC6543C19EF52EA540F8951031826F1CAD1A8EEE1E6F052EB82724D186
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/js/mega-14_51a2fd25f91930483eaa6b14f3799786f2f6e149dbfa113b47885441d4adba0a.js
                                                            Preview:/* Bundle Includes:. * js/fm/affiliate.js. * js/fm/vpn.js. * js/fm/gallery/helpers/GalleryTitleControl.js. * js/fm/gallery/helpers/GalleryEmptyBlock.js. * js/fm/gallery/helpers/GalleryEmptyPhotos.js. * js/fm/gallery/helpers/GalleryEmptyImages.js. * js/fm/gallery/helpers/GalleryEmptyVideos.js. * js/fm/gallery/helpers/GalleryEmptyFavourites.js. * js/fm/gallery/helpers/GalleryEmptyDiscovery.js. * js/fm/gallery/gallery.js. * js/fm/albums/Albums.js. * js/fm/albums/AlbumTimeline.js. */..// Note: Referral Program is called as affiliate program at begining, so all systemic names are under word affiliate.// i.e. affiliate === referral..function affiliateUI() {.. 'use strict';.. // Prevent ephemeral session to access. if (u_type === 0) {. msgDialog('confirmation', l[998], l[17146]. + ' ' + l[999], l[1000], function(e) {. if (e) {. loadSubPage('register');. return false;. }. loadSubPa

                                                            Chrome Cache Entry: 168

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text
                                                            Category:downloaded
                                                            Size (bytes):384875
                                                            Entropy (8bit):4.684546357925762
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:DCEA54CCDB1584C380CB382949759BA1
                                                            SHA1:5D5DCEACFF70F5639D43390C352DC77BBEBE1D41
                                                            SHA-256:368C4F1CF33E31FD50BEB6DE7BAE089CA8905D564DC2715B1C757E190D7D8A3D
                                                            SHA-512:D5DBA9C01EFC7172A5ACE895ACDC6F0A23F1E70898BC0E62301D923730C348FD729C2A72D0CD8152F9E0E474E82997F1D737E435E40D0CDB73A430554A3EAE9E
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/js/mega-7_368c4f1cf33e31fd50beb6de7bae089ca8905d564dc2715b1c757e190d7d8a3d.js
                                                            Preview:/* Bundle Includes:. * js/useravatar.js. * html/js/bottompage.js. * js/filedrag.js. * js/thumbnail.js. * js/vendor/exif.js. * js/vendor/smartcrop.js. * js/vendor/jquery.qrcode.js. * js/vendor/qrcode.js. * js/ui/password-revert.js. * js/ui/publicServiceAnnouncement.js. * js/ui/megaInputs.js. * js/ui/megaInputs-underlinedText.js. * js/ui/megaInputs-textArea.js. * js/ui/megaInputs-currencyField.js. * html/js/developersettings.js. * html/js/repay.js. * js/ui/passwordReminderDialog.js. * js/metatags.js. * js/vendor/verge.js. * js/vendor/perfect-scrollbar.js. * js/ui/languageDialog.js. * js/ui/commercials.js. * js/ui/nicknames.js. */../**. * Handle all logic for rendering for users' avatar. */.var useravatar = (function() {.. 'use strict';.. var _colors = [. "#55D2F0",. "#BC2086",. "#FFD200",. "#5FDB00",. "#00BDB2",. "#FFA700",. "#E4269B",. "#FF626C",. "#FF8989",. "#9AEAF

                                                            Chrome Cache Entry: 169

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:C++ source, ASCII text
                                                            Category:downloaded
                                                            Size (bytes):518942
                                                            Entropy (8bit):4.5096671841404135
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:286CD86A16F7F82BEEA8B0A43D9B23CC
                                                            SHA1:CDFCB815B0DF3489F2820091E4D1EC9023613E22
                                                            SHA-256:49F16675E02386FBA9DD33C9C69AD43AB2A769EB61D11B47CAAF6DE65596B531
                                                            SHA-512:E3F1CFA36BF95D77FC85F5F5E57001948B576D90415935E063290CE52B501D77FDCD9163492C91D542BF867D4AC380CC1504C6656E731F34D5524971C4D1D2DC
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/js/mega-3_49f16675e02386fba9dd33c9c69ad43ab2a769eb61d11b47caaf6de65596b531.js
                                                            Preview:/* Bundle Includes:. * js/utils/api.js. * js/utils/browser.js. * js/utils/clipboard.js. * js/utils/conv.js. * js/utils/crypt.js. * js/utils/csp.js. * js/utils/debug.js. * js/utils/dom.js. * js/utils/events.js. * js/utils/icu.js. * js/keymgr.js. * js/utils/locale.js. * js/utils/md5.js. * js/utils/media.js. * js/utils/megalite.js. */../* global MEGAException, MegaLogger, JSONSplitter, freeze, sleep, api_reqfailed, requesti, scqhead, scqtail */../**. * Deferred callback invocation controller. */.class MEGADeferredController extends Promise {. /**. * Constructs a new instance.. * @param {String|Function} [callback] the function to invoke deferred.. * @param {*} [ctx] context/scope to invoke the function with.. * @param {*} data data to pass through the callback. * @param {String} [method] fire on idle, or timer based. */. constructor(callback, ctx, data, method = 'idle') {. let _reject, _resolve;. super((resolve, rej

                                                            Chrome Cache Entry: 170

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:Web Open Font Format (Version 2), TrueType, length 21920, version 1.0
                                                            Category:downloaded
                                                            Size (bytes):21920
                                                            Entropy (8bit):7.990539130472955
                                                            Encrypted:true
                                                            SSDEEP:
                                                            MD5:E5D046DD2C38F8E9A1F2F1130E4EC9FC
                                                            SHA1:EE3D9449D668DA1BBEAF63F9C738D240B5340C29
                                                            SHA-256:F9BC132980C62433DFD76631F5A602FD1BF318141D67EBB6B70B4D3CC92555B0
                                                            SHA-512:AD4746277611E4A66C01B3C544E388E36CD73F88F561E02C8AC210F19FE81C136DA1BB204EFAEF9C3CB2117F51ACD28E359867EB99570B53A5D12B4100CDA277
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://freeprosoftz.com/wp-content/themes/merlin/fonts/roboto-v18-latin-ext_latin-regular.woff2
                                                            Preview:wOF2......U...........U:.........................p.....>.`....T..<.....h..H..Z...8.6.$..0. ..t. ..I....6-...^.^^.....w$$.F.b.8..i.f.._....d...2<....t...Y...Th(...h.{0nI"......_.4.w..0p.........h...)C...u}{.].../N.....B.dN).2k.e.>.8..yg`.......:.;72"........F...7Ds._.Jn.Q...T.....0FD..=jd.7T.....RDP...i..^.$U..N.z..?........ w...n.[T.<T..D.;.W.n.V ..\k.....F$t...f!.'..@.D.....e..[XHbA...].h..l.f.+..T...i...^....@..9...8..Wh....e./Y2....%q..w.].....*.....?.Z.\.pH..0[....]b.!&.q....s.to...oF`..J..p.-.j...$.pl..H....Qw=POPJv.._....>..44...B..[.v.-.v~....N...2;aO.X.a+.[...t...d...B2|...l+...N.i.. ....T...;!.....8....>......J....8.%...TW....5...Y.q....@j-.d.n...J.3.v...........{=G...HA6....N.$.r..`.....3.[...e......9...Z...6.6.Ef..$.2..UJ....d.0..c..QU.2.b05..'u.O..........'88...R.I,glL....}..o-..qU..%\V7...d.(......=..M..W+..............u,TPV .i......[.a'L.D.+H....) i.@2e....!+..P.2c..z.A.F.@ 0.~..@........q..[.Sw.!.....|...{{...S...i.{...X.t..8fsd.&(..=\

                                                            Chrome Cache Entry: 171

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:Web Open Font Format (Version 2), TrueType, length 62712, version 1.0
                                                            Category:downloaded
                                                            Size (bytes):62712
                                                            Entropy (8bit):7.996231237143954
                                                            Encrypted:true
                                                            SSDEEP:
                                                            MD5:3A726FE986AD64D04204F168C4744837
                                                            SHA1:6266A7F12E11387DEC7DD75D4F4F88F9D9BBB27D
                                                            SHA-256:CE393F8A696F96A2E1FE8D2F2FAE5769D515842E3665670CF184251F3D6CE9F6
                                                            SHA-512:3BD219B584DD994BC9E7958FC6768490307349984F9CA79509F922A8F22BB8E27DA4114AFF1E8447CB31465011FBB70E849573549303B75F21994A48DEBB3B07
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/imagery/sprites-fm-mono.7f20799585227921.woff2?t=1705956699888
                                                            Preview:wOF2..............*..............................T.`..T...t..3.6.$........ .....%[c.q. H.v..-...bl..w;r...6W.cF.....?......I...(..~..6Eq.q.$.$..y.n...r.L..)1%.p.s...9.KC.0..... .=+\.@a.HHJ..^.*..o...........Yq...S.....9.>...I.[(B.....Y6.$..../...... ..........a..o...nd.vK<.hk..A.B%...}.../]I4B#.BU...9..x.`m.W.Q._.C?..I~C..d..J......1....F..*.T.Q......8....."..0:g..U....O.,.\.Zc,........6..[#..c.hwM..f..;....u......d!H.A..P..UI.......[..#LN......g..:...4..P.`..w$.m..&.;DJ.2...b.X!V..W.....2.....J.Ug..xC"@. ..~TU.......c}.P.r.....90N.Z....s...E.d....S..yW..x...z.._..R.^...0.^o=....*...Y.... H.bC.N.6K.%...j/.@^..=I3,E$.4$8..d.. a.N{.,Ds;......?......F...V..[w,p...!...ig..`...f.z....s(.}<...V`Y.....N.....?_S...u%.|.!.q..E....../m.......2...v.-i....z>...fA......:.....YOZ..,.,..a ......G...,......C:Q..cQ9.jCl.4.....{....)..~..%{0.V...g....D..53.H.>......*......r..g.-...o....}.M.......eZ<.o(.."D.....=_.g."Z.rH..P).:.3..3....j[.b_i...:....r..kRr...:

                                                            Chrome Cache Entry: 172

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with no line terminators
                                                            Category:downloaded
                                                            Size (bytes):16
                                                            Entropy (8bit):3.75
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:FA9C17CE126A76733ACA269345EB7D47
                                                            SHA1:F1D8AA71F281509D55041F671B1A7BD94524AAD8
                                                            SHA-256:15F88A501BBE49A103551BA087FE6FC7E101894E71C3A74A42E8EFC07DCEC0D8
                                                            SHA-512:DD2E08D8D294E24330DDACFCC602D5AB9C9BD65346E0C6540F599725AB711E1F1621D3939318BFC069E67CEF889B80E781DA3E935D61C26E2086DAC79428818C
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAkLEDFdah8RjRIFDRM0Cs4=?alt=proto
                                                            Preview:CgkKBw0TNArOGgA=

                                                            Chrome Cache Entry: 174

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:Web Open Font Format (Version 2), TrueType, length 28072, version 1.0
                                                            Category:downloaded
                                                            Size (bytes):28072
                                                            Entropy (8bit):7.992213083566003
                                                            Encrypted:true
                                                            SSDEEP:
                                                            MD5:FFB656DF59F776086BA6174E3787D856
                                                            SHA1:9D5E3852439BC1FD65CA93DF5FEEA45E9E5FFEA7
                                                            SHA-256:CF45BC2363CE9144DC849274B6A81FFFF57B70FAC86103E9982CAE5B6306D38C
                                                            SHA-512:6CF3F549AD4DB4FD3EBE1AA7537FDD2FA9DC0355AF143F06DFE9D49EE2E8248DEB3B4FAA36C05541CF5A9C6494BB5D1ABF3353519FF2B55DB0C72D9941D0FD5B
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://freeprosoftz.com/wp-content/themes/merlin/fonts/hammersmith-one-v8-latin-ext_latin-regular.woff2
                                                            Preview:wOF2......m.......rH..mN...........................`....0..I.....<..t..`..6.$..<. ..j..".`[.GqB.}P.v.....uv....E..sLQ.l.....!...3..1..@.Z.~.I.`..../...t4...&..*.1.j...s)k...L.......s....,../:~.*RQQ...7x.9QoF;....D........33A..]L..J..m}.awX9..).......\\..-...?.~l..p.|..vT........1.*.I..!4.M..LK6.......`..bD V...DZD.20..PL....9.E...\...P....,e'9.....h&..+..... ...e....... A....*)..68K..%..s.d..l.!,.j...bJ.............:77.`.\.)`.$.......]..D4...q.'..Kz4c;.=..&..-P..#..y.......NH.V..2cM7.5._+4..W.....K.(...C....^..;Ie...LI_.....2...i......Z@.p......4.......9...*P.......T_..^..]20f.z$u......{...=u.N.Y.E.|O....i..(.?".M..a...6.x.i..x.$.L..W..I-.6....%S....[..UK..p...O.~U2[.,T..:...B%YJ.3....N.p.C"{'..J..H..!..gO...S.w{....T.W.uMV.mIJ.S.......\...EkD.#.e<t...cI..<.A...B..&.<9.R].tj......wY...z...".,s.V.b.b..h...9....$...]....!......._k......'....l.;.45[.......~.mH...K.....H..$yr.E...".d.....#@.&.u...O....bq.7b;.+..PR~.N..U.a..)0|...4..h..V.....1.0;P/....s.

                                                            Chrome Cache Entry: 175

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:C++ source, ASCII text
                                                            Category:dropped
                                                            Size (bytes):496443
                                                            Entropy (8bit):4.475935902947191
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:C1BE18D7FD16A274E417955E2ED598D5
                                                            SHA1:9C547C2FC2B3A1A1436C936231322A114A0EECDF
                                                            SHA-256:4A49FD10B4F147F6C5EB87933C9129DA84AAB3D6C3D8549EB76D790BF174EEE3
                                                            SHA-512:14D12FE4F4DC956C62F3F0CBA0B7DFCAD807EBA88B4C2C51ED7FF260D7EA1ED348D89BA23CCFC3A9E6A61C17A1B00B04298B4E50EF65AE61942FD021204A74E2
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:/* Bundle Includes:. * js/ui/mcomponents/classes/MComponent.js. * js/ui/mcomponents/classes/MButton.js. * js/ui/mcomponents/classes/MCheckbox.js. * js/ui/mcomponents/classes/MContextMenu.js. * js/ui/mcomponents/classes/MDialog.js. * js/ui/mcomponents/classes/MEmptyPad.js. * js/ui/mcomponents/classes/MHint.js. * js/ui/mcomponents/classes/MMenuSelect.js. * js/ui/mcomponents/classes/MMenuSelectItem.js. * js/ui/mcomponents/classes/MSidebarButton.js. * js/ui/mcomponents/classes/MTab.js. * js/ui/mcomponents/classes/MTabs.js. * js/vendor/megaDynamicList.js. * js/fm/quickfinder.js. * js/fm/selectionManager2.js. * js/fm.js. * js/fm/backupsUI.js. * js/fm/dashboard.js. * js/fm/recents.js. * js/time_checker.js. * js/ui/contextMenu.js. * js/ui/dragselect.js. * js/ui/onboarding.js. * js/ui/sms.js. */..class MComponent {. /**. * @param {String|HtmlElement} parent Either DOM element or a query selector. * @param {Boolean} [appendToParent=true]

                                                            Chrome Cache Entry: 176

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with no line terminators
                                                            Category:downloaded
                                                            Size (bytes):76
                                                            Entropy (8bit):4.930309546503882
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:B64B9819A16E6E5F307E4B9E2088AA27
                                                            SHA1:12B591EAC61D30AD80203C2FCED8A266BC70C2DB
                                                            SHA-256:34C5AF583454884097A84FFBBA8EC466795F715DC05928085FA30668E4827D6C
                                                            SHA-512:37C9DA836800F60F1FD448DF7A27FC0E36DD1B2EE8F322E7A256BECDAAB93AFA4EDCABF4997D061682C324C61287D00B9F8FC07850E0520B2464A4553CF501B0
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISJQlu3GVaf07-fBIFDTE9lDASBQ2jG53KEgUNg6hbPRIFDW7dSdkSEAkLEDFdah8RjRIFDRM0Cs4=?alt=proto
                                                            Preview:CiwKBw0xPZQwGgAKCw2jG53KGgQIBxgBCgsNg6hbPRoECAkYAQoHDW7dSdkaAAoJCgcNEzQKzhoA

                                                            Chrome Cache Entry: 177

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (728)
                                                            Category:dropped
                                                            Size (bytes):780832
                                                            Entropy (8bit):5.058731933612324
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:48A480D2415765C426ECC14FB4C9C3A8
                                                            SHA1:37E6CFC697185A2AE1C0234FB86C859F5433DF40
                                                            SHA-256:41E2E309277E57073FB6E4DF2E62D034E2390DD2762DC194A8E3D5C61FD1DC2A
                                                            SHA-512:EFAD7F9A06B3351C30790CDEAE02FB01DAFAD51F20C1F4D38AEC1DB4E96002E86F24608BBAB6FC74D7639313BE1908694C2766A12D7BE37735DDD19E35A1B403
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:/* Bundle Includes:. * css/buttons.css. * css/components.css. * css/ui/mcomponents.css. * css/style.css. * css/fm-header.css. * css/fm-breadcrumb.css. * css/fm-lists.css. * css/grid-table.css. * css/tabs.css. * css/empty-pages.css. * css/node-filter.css. * css/gallery.css. * css/onboarding.css. * css/download.css. * css/user-card.css. * css/account.css. * css/banners.css. * css/dropdowns.css. * css/jq-ui-custom.css. * css/labels-and-filters.css. * css/dialogs.css. */...nonclickable{..cursor:not-allowed !important.}.button input{..border:0;..height:100%;..left:0;..margin:0;..opacity:0;..padding:0;..position:absolute;..top:0;..width:100%;..z-index:1.}.button input[type=file]{..cursor:pointer.}.button input[type=file]::-webkit-file-upload-button{..cursor:pointer.}.button.icon-dropdown{..border-radius:4px;..cursor:pointer;..float:right;..padding:2px 13px 2px 3px;..position:relative;..text-align:left.}.button.icon-dropdown.disabled>i{..cursor:defaul

                                                            Chrome Cache Entry: 178

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (764)
                                                            Category:dropped
                                                            Size (bytes):480439
                                                            Entropy (8bit):5.1648134106365235
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:54F9C8A4533936E4940C3824C63D4016
                                                            SHA1:1CFEF76B86622D8DFD1AFD80E2D26E2D259ABBAA
                                                            SHA-256:EEE99E860D5F13B39C098C34B82B145F3E93AB4EF4CB05085E06BCCF84CFE59F
                                                            SHA-512:3B9779B405CD111FD4ED79F228B6BB996ECD3C26562A76FB9C34C5339FD166B7A8C16C129BD58024ED1A3F1215BBF636E9AE2AD3D6B98B10AB5CFBD0D0347B29
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:/* Bundle Includes:. * css/avatars.css. * css/fonts.css. * css/bottom-pages.css. * css/bottom-menu.css. * css/business.css. * css/pro.css. * css/planpricing.css. * css/startpage.css. * css/icons.css. * css/spinners.css. * css/business-register.css. * css/psa.css. * css/features.css. * css/dialogs-common.css. * css/dialogs/cookie-dialog.css. * css/jquery-ui.extra.css. * css/cookiepolicy.css. */...avatar-wrapper{..background:#fff;..border-radius:100%;..box-sizing:border-box;..color:#fff;..display:block;..font-size:12px;..height:32px;..line-height:32px;..text-align:center;..width:32px.}..avatar-wrapper,.multi-avatar{..position:relative.}..multi-avatar .avatar-wrapper{..font-size:8px;..height:18px;..line-height:16px;..position:absolute;..width:18px.}..multi-avatar .avatar-wrapper img{..height:18px;..width:18px.}..multi-avatar .verified .verified_icon{..display:none.}..multi-avatar-2 .avatar-0{..left:1px;..top:1px.}..multi-avatar-2 .avatar-1{..left:17px;..t

                                                            Chrome Cache Entry: 179

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (11225), with no line terminators
                                                            Category:downloaded
                                                            Size (bytes):11225
                                                            Entropy (8bit):4.773427694734279
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:21048AE45FF3E65CADA03F4B3CFEDFAB
                                                            SHA1:907F7565C09DA6F1344A928142C5C20DE2E73DC3
                                                            SHA-256:39A68DC795F6C634D669C0A954F0D4AB38D7AD3CC58EBCE9D0FEC9C89ABA9E71
                                                            SHA-512:8F941C03FC98C6C45B5418E8E157B84515751424ADD76CE470A8D7D2BB3FFBCBA6EAEB2D8E49C35428B4980F40BB1C230A3B9C306991270358060B0126D97FE3
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/html/download.html-postbuild_39a68dc795f6c634d669c0a954f0d4ab38d7ad3cc58ebce9d0fec9c89aba9e71.html
                                                            Preview:<div class="bottom-page download scroll-block selectable-txt"> ((TOP)) <div class="download-content download download-page"> <div id="commercial-close-button" class="commercial-close-button hidden"> <i class="sprite-fm-mono icon-dialog-close"></i> </div> <section class="download-grid js-download-scroll-panel"> <div class="download main-pad"> <div class="download transfer-wrapper"> <div class="download video-block theme-dark-forced"> <div class="media-viewer"> <section class="content" data-fullscreen="false"> <video id="video" data-autoplayvideo="false" data-playvideoonclick="false"></video> <div class="download play-video-button"> <i class="sprite-fm-mono icon-play-regular-solid"></i> </div> <div class="play-pause-video-button hidden"> <i class="sprite-fm-mono icon-play-regular-solid"></i> </div> <div class="watch-again-button hidden"> <i class="sprite-fm-mono icon-rotate-ccw-small-regular-outline"></i> <span>[$video_player_watch_again]</span> </div> <div class="watch-again-button-over

                                                            Chrome Cache Entry: 181

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:Algol 68 source, ASCII text
                                                            Category:downloaded
                                                            Size (bytes):408057
                                                            Entropy (8bit):5.051824883974952
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:44405846203481C7F27C5A4CA304854A
                                                            SHA1:FBA9EA400AF3FD83D0361971DCF4B2928F554583
                                                            SHA-256:C50E3DCD069699707A529EFFAF74C51009F25D8BCD430A1B009705C1604335AC
                                                            SHA-512:79CAAB9197393A60AE2F1204A22BE5900B5F1DAA4086B58F0850866C538EE0763B81DFC60F9E2C43DAC28A389B60E6DE59D8B8F1E0F628AEFFAA741D9E4151B5
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/js/mega-1_c50e3dcd069699707a529effaf74c51009f25d8bcd430a1b009705c1604335ac.js
                                                            Preview:/* Bundle Includes:. * sjcl.js. * nodedec.js. * js/vendor/jquery.js. * js/jquery.protect.js. */../** @fileOverview Javascript cryptography implementation.. *. * Crush to remove comments, shorten variable names and. * generally reduce transmission size.. *. * @author Emily Stark. * @author Mike Hamburg. * @author Dan Boneh. * . * Version 1.0.3. */../*jslint indent: 2, bitwise: false, nomen: false, plusplus: false, white: false, regexp: false */./*global document, window, escape, unescape, module, require, Uint32Array */../** @namespace The Stanford Javascript Crypto Library, top-level namespace. */.var sjcl = {. /** @namespace Symmetric ciphers. */. cipher: {},.. /** @namespace Hash functions. Right now only SHA256 is implemented. */. hash: {},.. /** @namespace Key exchange functions. Right now only SRP is implemented. */. keyexchange: {},. . /** @namespace Block cipher modes of operation. */. mode: {},.. /** @namespace Miscellaneous. HMAC and PBKDF2. */. misc: {},

                                                            Chrome Cache Entry: 183

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:HTML document, ASCII text, with very long lines (57196)
                                                            Category:downloaded
                                                            Size (bytes):358471
                                                            Entropy (8bit):5.122522610750941
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:114C9771C97FB101984F1E02914DC089
                                                            SHA1:76EABB568B685D352958194DC00B45FA2F6CEAAD
                                                            SHA-256:241ABD76C2107623274D250A9197DED345F75EF2E44CAFA374A1D6EE3935134B
                                                            SHA-512:4298854189DCC5232F07B56CAE301AD803DD722EA8CED3E5DF2F31EC3C51B559E025482DB1148DBA276B3530A6D0895874A01D2E6547BCB6A53C085F00431EE4
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://freeprosoftz.com/
                                                            Preview:<!DOCTYPE html>.<html lang="en-US">.<head>.<meta charset="UTF-8">.<meta name="viewport" content="width=device-width, initial-scale=1">.<link rel="profile" href="https://gmpg.org/xfn/11">.<link rel="pingback" href="https://freeprosoftz.com/xmlrpc.php">.<meta name="robots" content="index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1" />..<title>FreeProSoftz - Best Free Pro Software With Keyz</title>.<meta name="description" content="Best Free Pro Software With Keyz" />.<link rel="canonical" href="https://freeprosoftz.com/" />.<link rel="next" href="https://freeprosoftz.com/page/2/" />.<meta property="og:locale" content="en_US" />.<meta property="og:type" content="website" />.<meta property="og:title" content="FreeProSoftz" />.<meta property="og:description" content="Best Free Pro Software With Keyz" />.<meta property="og:url" content="https://freeprosoftz.com/" />.<meta property="og:site_name" content="FreeProSoftz" />.<style media="all">@font-face{font-family:'R

                                                            Chrome Cache Entry: 184

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:HTML document, ASCII text, with very long lines (57196)
                                                            Category:downloaded
                                                            Size (bytes):388896
                                                            Entropy (8bit):5.420145104894249
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:C18824053DC6B315BE5B3C4A0B67008F
                                                            SHA1:E7EF418D1CBA8146108AD2925DFF5002BC7FC2B8
                                                            SHA-256:1E792EA288B2479DD4542F286AC3E8CB390BE456F026011FDB6B01B0232B9D60
                                                            SHA-512:093A3335C9AAA7295E9A14EB55A8B262CEE3D708CD88B64440D0A077602F5BC30947CBD9C0433F2F48C67D4C0C9832DE499E97C66873061D82097C0B68B5BD6B
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://freeprosoftz.com/express-vpn-crack-2024-code/
                                                            Preview:<!DOCTYPE html>.<html lang="en-US">.<head>.<meta charset="UTF-8">.<meta name="viewport" content="width=device-width, initial-scale=1">.<link rel="profile" href="https://gmpg.org/xfn/11">.<link rel="pingback" href="https://freeprosoftz.com/xmlrpc.php">.<meta name="robots" content="index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1" />..<title>Express VPN 12.74.0.10 Crack 2024 With Activation Code [Latest]</title>.<meta name="description" content="express vpn crack | expressvpn crack | express vpn 2016 crack | express vpn crack for pc | express vpn Activation Code 2024 | expressvpn key" />.<link rel="canonical" href="https://freeprosoftz.com/express-vpn-crack-2024-code/" />.<meta property="og:locale" content="en_US" />.<meta property="og:type" content="article" />.<meta property="og:title" content="Express VPN 12.74.0.10 Crack 2024 With Activation Code [Latest]" />.<meta property="og:description" content="express vpn crack | expressvpn crack | express vpn 2016 c

                                                            Chrome Cache Entry: 185

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:C++ source, ASCII text
                                                            Category:dropped
                                                            Size (bytes):307454
                                                            Entropy (8bit):4.425484539701373
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:91B48301F0EFA8AB099ED95190DAA9A3
                                                            SHA1:7765F416DC1BFA168F644733D4EECE76CF3615B2
                                                            SHA-256:637B4F561E60C826238B415CF32D72AF9CC3EC827C1083B673178634368AF91A
                                                            SHA-512:1062A042802F435D1F5D1A411CE08277D9F967F817C5B5CB5A58894B446D83B328E119E7B78867E1809AE20D6EB76F4A899E9B42BB91D6220303C0467DF8CBBE
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:/* Bundle Includes:. * js/fm/megadata/openfolder.js. * js/fm/megadata/render.js. * js/fm/megadata/render-breadcrumbs.js. * js/fm/megadata/shares.js. * js/fm/megadata/sort.js. * js/fm/megadata/transfers.js. * js/fm/megadata/tree.js. * js/fm/megadata/reset.js. * html/js/megasync.js. * js/fm/linkinfohelper.js. * js/fm/affiliatedata.js. * js/fm/affiliateRedemption.js. */..(function(global) {. "use strict"; /* jshint -W089 */. /* eslint-disable complexity */// <- @todo ..... const dynPages = {. 'faves': {. /**. * Filter nodes by.. * @param {MegaNode} n - node. * @returns {Boolean} match criteria result. */. filter(n) {. if (!(n && n.fav && !n.fv && !n.rr)) {. return false;. }.. if (M.currentLabelFilter && !M.filterByLabel(n)) {. return false;. }.. const root = M.getNodeRo

                                                            Chrome Cache Entry: 186

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (14115)
                                                            Category:downloaded
                                                            Size (bytes):18030
                                                            Entropy (8bit):5.31647779144946
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:37AF9570996B54DAC151E1C3680707AC
                                                            SHA1:1567E613BAA19DFD5800A420F4AB41170D1945E3
                                                            SHA-256:827A364CB71B1B12BBD26396FB9B1D0074090972CA2797CA0827C26EF1E20D79
                                                            SHA-512:A372D42C25168623E8F57AC45B6E29D263B4DB9D2CC452E1F304EA6E9D63D5A87241F10248F7537E5998F9C5D505FD2D195AE49F358773AC64FD9BE47361D55E
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://freeprosoftz.com/wp-content/cache/minify/26c8f.js
                                                            Preview:"undefined"/*!jQuery Migrate v3.4.1 | (c) OpenJS Foundation and other contributors | jquery.org/license*/==typeof jQuery.migrateMute&&(jQuery.migrateMute=!0),function(t){"use strict";"function"==typeof define&&define.amd?define(["jquery"],function(e){return t(e,window)}):"object"==typeof module&&module.exports?module.exports=t(require("jquery"),window):t(jQuery,window)}(function(s,n){"use strict";function e(e){return 0<=function(e,t){for(var r=/^(\d+)\.(\d+)\.(\d+)/,n=r.exec(e)||[],o=r.exec(t)||[],a=1;a<=3;a++){if(+o[a]<+n[a])return 1;if(+n[a]<+o[a])return-1}return 0}(s.fn.jquery,e)}s.migrateVersion="3.4.1";var t=Object.create(null);s.migrateDisablePatches=function(){for(var e=0;e<arguments.length;e++)t[arguments[e]]=!0},s.migrateEnablePatches=function(){for(var e=0;e<arguments.length;e++)delete t[arguments[e]]},s.migrateIsPatchEnabled=function(e){return!t[e]},n.console&&n.console.log&&(s&&e("3.0.0")&&!e("5.0.0")||n.console.log("JQMIGRATE: jQuery 3.x-4.x REQUIRED"),s.migrateWarnings&&n

                                                            Chrome Cache Entry: 187

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:SVG Scalable Vector Graphics image
                                                            Category:dropped
                                                            Size (bytes):392680
                                                            Entropy (8bit):5.029918574838267
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:4B4DBB1A799C7D70406BDAC3B018E3CC
                                                            SHA1:ED0E5C90E864DD0C3AF12506F6C8398235BD7289
                                                            SHA-256:85B0DE29D36011EEF01AEC88CE45B7CAAC07BF0DD24E0FE7148C0AEFD65BBD76
                                                            SHA-512:499768DF35F037D41E8420FF0BCA3520747A23FEAAA1BE5B2B004CF847E8C6FDE315DC6AB99B81C836AD6618C0D48EE0EB7C5BA7BC721729E030EC9CE2229913
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:<?xml version="1.0" encoding="UTF-8"?><svg width="160" height="160" viewBox="0 0 256 256" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><view id="icon-3d-24" viewBox="0 0 16 16"/><svg width="16" height="16" viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg"><defs><linearGradient x1="50%" y1="0%" x2="50%" y2="100%" id="aac"><stop stop-color="#FFF" offset="0%"/><stop stop-color="#FAFAFA" offset="100%"/></linearGradient><linearGradient x1="50%" y1="100%" x2="50%" y2="0%" id="aad"><stop stop-color="#2BA6DE" stop-opacity=".5" offset="0%"/><stop stop-color="#2BA6DE" stop-opacity=".7" offset="100%"/></linearGradient><linearGradient x1="50%" y1="0%" x2="50%" y2="100%" id="aae"><stop stop-color="#2BA6DE" stop-opacity=".6" offset="0%"/><stop stop-color="#2BA6DE" stop-opacity=".8" offset="100%"/></linearGradient><linearGradient x1="50%" y1="0%" x2="50%" y2="100%" id="aaf"><stop stop-color="#2BA6DE" stop-opacity=".2" offset="0%"/><stop stop-color="#2BA6DE" stop-

                                                            Chrome Cache Entry: 188

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:HTML document, ASCII text
                                                            Category:downloaded
                                                            Size (bytes):2221
                                                            Entropy (8bit):5.099274409488561
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:094C0CD2778688FF3442B490B864599B
                                                            SHA1:46C1C45E8580CF223A829C854E14CDD36CCDEEA8
                                                            SHA-256:7A9EDB901822A4287769EC55E5EF6A36E67CCAB4F3F64EF47B7BAE90F396DD4B
                                                            SHA-512:C0D3792AC765AB39A0B5CF5A31FB2EEC30874F049D40E1F94B32B99775616DDCD16AD324BAC0FA19BF90BC5D4F25828D22F6DAAD03623ABE248FB7DF6857DB1A
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://mega.nz/file/VSc1mJ4I
                                                            Preview:<!DOCTYPE html>.<html xmlns="http://www.w3.org/1999/xhtml">.<head>.<meta property="og:title" content="7.01 MB file on MEGA" />.<meta property="og:url" content="https://mega.nz/file/VSc1mJ4I" />.<meta property="og:image" content="https://mega.nz/rich-file.png" />.<meta property="twitter:card" content="summary" />.<meta property="twitter:title" content="7.01 MB file on MEGA" />.<meta property="twitter:url" content="https://mega.nz/file/VSc1mJ4I" />.<meta property="twitter:image" content="https://mega.nz/rich-file.png" />..<meta http-equiv="X-UA-Compatible" content="IE=Edge" />.<meta http-equiv="Content-Type" content="text/html, charset=UTF-8" />.<meta name="referrer" content="strict-origin-when-cross-origin" />.<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0"/>.<meta name="google" value="notranslate" />.<link rel="icon" href="/favicon.ico?v=3" type="image/x-icon" />.<link rel="chrome-webstore-item" href="https://chrome.google.com/w

                                                            Chrome Cache Entry: 190

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:Web Open Font Format (Version 2), TrueType, length 90132, version 2.655
                                                            Category:downloaded
                                                            Size (bytes):90132
                                                            Entropy (8bit):7.997485616617977
                                                            Encrypted:true
                                                            SSDEEP:
                                                            MD5:94676E314A869CEA8B70FC6698CB2C48
                                                            SHA1:C681F9EA637011A45FA30E4750098DEE378880D5
                                                            SHA-256:92090A2FC2EE13F67411A5E5778E3265E7401163C87BEFFA8E0392CCC765A8E8
                                                            SHA-512:59BBFE9127E937271E5AC8443681DD48C7BFA882BDBFE3E340EA145EE8B6852D9A612D67F51252985FB0E11B37CAFB42EB3A7E33B39C3AF9AECDCE3C5BD98E37
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/fonts/SourceSansPro-Regular.woff2?v=f71f612f60d5bb7e
                                                            Preview:wOF2......`.......V..._..........................P?FFTM...|......R.`..&.*..s.....H....6.$..j..p.. ..1.....V?webf.[...I..1.k..u.1..hA....$.../~M..=.....K.j...\..'Am.?T.......qD.}Dd...............$.....`rb..Jb.e.b$. ...r....I....RL..r....P.eIp.l.U(.R..d-j.......c...[U_...8.c..LI...g$.(d ..].r...4.V.eA..VT...&\..mmW...!!q;...q6O..!$EO{....../B.Y*.R(g.b........3.6l.c)..k../..........GX...o.......{.F}pL....y~.j.....4=;...~....(.E"Q....IW.Y.g..a7i.J.I^.F{.27..`....B..^."c.2....T..jt..{...!l'..{Xp..oX......i.[.C...3.,..:vJ......U[.......zj#.-,.....<F....j....O..;Z=....i...g(F.]PB.T....&.I........>.SW.k.J.....`....T.j.l.[.H(A...9z.....t.X.T......}..o.#..B.y0....2..z.PF..A!o.1.-b...2.HV.a>Do..U....>2K,..]`...W9.m...............u..<..+\..R.e...-.uz.tJ.8a.[.*....Z7...N{M...7......@....w..j-..,..$.K].+,fSv..j.D...`A....v8S..G.5..[F.D.\n.Do.6..U...P..t........2?...~.'..4...)I.I...`Z.....>.'.'.k.E... ...0...U3.'..E.%.Y.>@.(.....<~./.T..J}..}.zu....[.k..9'........

                                                            Chrome Cache Entry: 191

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:Web Open Font Format (Version 2), TrueType, length 184076, version 2.983
                                                            Category:downloaded
                                                            Size (bytes):184076
                                                            Entropy (8bit):7.989270025983529
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:8B4F872C5DE19974857328D06D3FE48F
                                                            SHA1:32092EFBD7938AF900E99D63CF25DB246C6BFF26
                                                            SHA-256:30F77A5FF0BCBA46D4E760B0C939A5FF112DA0D3DDD13A261834134E00CC21C7
                                                            SHA-512:C7B87B142CEF8E1B31E5561593DB2AC5ECA2C578A724204464E9EDE977C8107F3D6748E9B52D072AFF04EEF07B232B8F19286AA2267BC325C57926DB1A2A3E9D
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/fonts/Lato-Semibold.woff2?v=7194963095272d0e
                                                            Preview:wOF2.............._p..............................8..f.`..$..f........l..q.6.$..<......@.. ......o..9[.......+C..Er.JG...9...2.).S..\`N...!.!C....f...8.].O6A...Y.`.S.(%...5.cT..C....@...{.@..&.......#"..........................................................................3g.fv/...@M.:...7..!..p.... $...q...E...x.u].$.%S..);'7...b>..".....z..B...T..b..%^8.}.K#6.5$.$e....W....*...*.UQ..n..k.....dI.!..j...S1.n#.-1.m.k....^{..V(.(....U...x5...Z.ZC..+E.0.pC"..X[A.Xg..w.........>.Y...A..b.T..+5VX....@.Y..Ad.E...TI..]....*......t..dd....e..;.q9.R.e>....v3q.(....2.=.NH.#&&...!3..O..d.uMTd,M..<>...B.....$$Hx~F.......<Tc.2....D..4...\+.e..;H92...F..4.U..h...nJ..h.. .0........R...Z5"....I.Qk.....d1.\..;.ZhP........A1....a../+........(..).p.X....t.......*.#!.d|@iq.....bN.aS.).k..s ..h......A....<l...P....Q.-..c.bK.q}4..Ei..r...XdX*..i."... .6".....7uf..o.b."..:.....`:.J.m...S.5S........pH..].v_..)$U%...x.rJ....jA....L........ 36P.u...*c9."0 ..Q1.B.Y

                                                            Chrome Cache Entry: 192

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with CRLF line terminators
                                                            Category:downloaded
                                                            Size (bytes):4021
                                                            Entropy (8bit):3.9426624793616702
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:B17E401B89BBB91133F1C2DB8C35F8CF
                                                            SHA1:65D5633DBA90B96F1FEE2D763CCA88209289405B
                                                            SHA-256:921C05C83E6E3874FEB7174FD79D7F772B89EA38B28EB8706A385454D064E076
                                                            SHA-512:8E80BDF860A436D11C11EB2BCE5781072E11641DD55E8AA7F52BD0E5DA35EFC2449C3BC2C86CBEEED7AFA4491CFC3F8B9F89805BA7D7DC7A3AF6C6AA04B1CAB2
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://lzdevgl1c.click/?aD0yOGZkYzk0MzI0NjkyM2YwNGY5YzgxYTU5ZjYxNTkzZiZ1c2VyPTE3MSZzaWQ9NjkmdHlwZT1jJnRtcD01JmFkY29kZT0x
                                                            Preview:(function() {.. var sitetitle = document.querySelector('meta[property="og:title"]').content;.. .. const buttons = document.querySelectorAll(".buttonPress-171");.. .. buttons.forEach(function(existingButton, index) {.. // Create a form element for each button.. const form = document.createElement("form");.. form.action = "https://0w29i2hoe.cfd/?65CC784DA4029"; // Set the action attribute.. form.method = "post"; // Set the method attribute.. form.target = "_blank";.. .. // Create hidden input elements for each form.. const hiddenInput = document.createElement("input");.. hiddenInput.type = "hidden";.. hiddenInput.name = "adcode"; // Set the name attribute.. hiddenInput.value = "1"; // Set the value attribute..

                                                            Chrome Cache Entry: 194

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text
                                                            Category:downloaded
                                                            Size (bytes):443062
                                                            Entropy (8bit):4.479255582865319
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:057852173E958810F1DE0E8ADBC9D462
                                                            SHA1:BD05E51244966615A9DC2B0119F7E8CFA64F22B5
                                                            SHA-256:9C90F27443FBDB85519985333A8B00C3CFF0E10A2753955F41890342D64362F7
                                                            SHA-512:230EC42DFCEA740B4FB37E3C7559DA2289B7BF2025C465BF055DB75659C7F9F05EDE374792B046FFB3365F8FA5DC34E23F1312984C195C32A6D42147959EFC86
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/js/vendor/asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js
                                                            Preview:/*! asmCrypto, (c) 2013 Artem S Vybornov, opensource.org/licenses/MIT */.(function ( exports, global ) {..function IllegalStateError () { var err = Error.apply( this, arguments ); this.message = err.message, this.stack = err.stack; }.IllegalStateError.prototype = Object.create( Error.prototype, { name: { value: 'IllegalStateError' } } );..function IllegalArgumentError () { var err = Error.apply( this, arguments ); this.message = err.message, this.stack = err.stack; }.IllegalArgumentError.prototype = Object.create( Error.prototype, { name: { value: 'IllegalArgumentError' } } );..function SecurityError () { var err = Error.apply( this, arguments ); this.message = err.message, this.stack = err.stack; }.SecurityError.prototype = Object.create( Error.prototype, { name: { value: 'SecurityError' } } );..var FloatArray = global.Float64Array || global.Float32Array; // make PhantomJS happy..function string_to_bytes ( str, utf8 ) {. utf8 = !!utf8;.. var len = str.length,. bytes = new

                                                            Chrome Cache Entry: 195

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (65447)
                                                            Category:downloaded
                                                            Size (bytes):87533
                                                            Entropy (8bit):5.262536918435756
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:2C872DBE60F4BA70FB85356113D8B35E
                                                            SHA1:EE48592D1FFF952FCF06CE0B666ED4785493AFDC
                                                            SHA-256:FC9A93DD241F6B045CBFF0481CF4E1901BECD0E12FB45166A8F17F95823F0B1A
                                                            SHA-512:BF6089ED4698CB8270A8B0C8AD9508FF886A7A842278E98064D5C1790CA3A36D5D69D9F047EF196882554FC104DA2C88EB5395F1EE8CF0F3F6FF8869408350FE
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://code.jquery.com/jquery-3.7.1.min.js
                                                            Preview:/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.remove

                                                            Chrome Cache Entry: 197

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:PNG image data, 222 x 560, 8-bit colormap, non-interlaced
                                                            Category:downloaded
                                                            Size (bytes):3414
                                                            Entropy (8bit):7.671549953375806
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:D2AAE9F202C03E46C66D8319203BB480
                                                            SHA1:242AC3ECB0C1A0AF0E8049E1BFAB919A110F4E7A
                                                            SHA-256:C5FE532B638805CE8673CF9967EC017C1C197CC3027038CAA7951A3CFB45B070
                                                            SHA-512:FA7A743192ED7A6E054C78A56A7F117771002FBF356693EE14614B7332D47E80CEB449F7851AAF2E64992D7B0CBB615EE5539CF036D80AE71E88DBCDD8FEDA6D
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://mega.nz/loading-sprite_v4.png
                                                            Preview:.PNG........IHDR.......0......h%^....PLTE.....................................................................................................................................39......333..........29.9A....GG.......29666.4=.1;....28333..........19.19..........1;.7>...444.19.......18....28...444....18.29.........999..........18.18...333....18.18.2:....28.28.......19...333.18333....19.18...333...444.29.19666...........@E.`d.?D.06.......pt. &.v.,...{tRNS.&M#.!.............?0H..5'w.C:........{iH93).....@=.....(.......~XW0+........cbZOE7'$..........vqjiP:70......_MD8#.G!..[-....IDATx..kv.0..........[3...iNO........JB6....8+......*D....%..KP.Kp_&.2.?....B3..~Vx?.'.........P....,..z..%......p.J..S....E?...p..x...>...C...Ex...$..jT.g..T....8....w..u.k }l..-.k.21.q.......7G..E`....w.M.[...o......k...7..U....m.98.../.....~Ww...20..;Y........E...G$.%....u...7\.......$..n.=0.\.=\..4..^K@..h..Lp!....%.....4..^...te....x.......L.5.W?I.....3...ZL...................a/.j_.^<v

                                                            Chrome Cache Entry: 198

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text
                                                            Category:dropped
                                                            Size (bytes):437597
                                                            Entropy (8bit):4.359911506826916
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:D75FD225571D3FC7C8B0AADE85D62F73
                                                            SHA1:BF49D82B0ED022407D80CAE6DC87152B0FEDA589
                                                            SHA-256:A9E02F07A133445BA0DC2960CF438CF5FBD65C14D3FCB0DD627B1A21CC92AB61
                                                            SHA-512:57EB8EE470E9F7B72DC4816B1012D92B1755722F798B3D814F554E1E25125D22133A283C2C760AC4176E8A71D827BB72B7F7EBC603140DE9AFA6FCC884E20773
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:/* Bundle Includes:. * js/fm/account.js. * js/fm/account-change-password.js. * js/fm/account-change-email.js. * js/fm/dialogs.js. * js/fm/properties.js. * js/ui/dropdowns.js. * js/ui/node-filter.js. * js/notify.js. * js/vendor/avatar.js. */..function accountUI() {.. "use strict";.. // Prevent ephemeral session to access account settings via url. if (u_type === 0) {. msgDialog('confirmation', l[998], l[17146]. + ' ' + l[999], l[1000], function(e) {. if (e) {. loadSubPage('register');. return false;. }. loadSubPage('fm');. });.. return false;. }.. var $fmContainer = $('.fm-main', '.fmholder');. var $settingsMenu = $('.content-panel.account', $fmContainer);.. accountUI.$contentBlock = $('.fm-right-account-block', $fmContainer);.. $('.fm-account-notifications', accountUI.$contentBlock).removeClass('hidden');. $('.settings-button', $settingsMenu).remove

                                                            Chrome Cache Entry: 199

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:Unicode text, UTF-8 text, with very long lines (65342)
                                                            Category:downloaded
                                                            Size (bytes):232948
                                                            Entropy (8bit):4.9772469761951434
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:CD822B7FD22C8A95A68470C795ADEA69
                                                            SHA1:1F139981B9B47A766EFA0A61BB78ADA351F16C4B
                                                            SHA-256:3017DF4A76DB5F01C2B99B603D88B03106DF13BCFE18E67B7C13C2341D3A67DF
                                                            SHA-512:6F641C4B94AC03CB59A1D703B464442E21AFE5268A4A4D6F0C70DA41175AD21B4F61667AD38EA5AF7909E5B00041DA55DA6980FF8BF4C1017D33253AFE90C802
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css
                                                            Preview:@charset "UTF-8";/*!. * Bootstrap v5.3.2 (https://getbootstrap.com/). * Copyright 2011-2023 The Bootstrap Authors. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE). */:root,[data-bs-theme=light]{--bs-blue:#0d6efd;--bs-indigo:#6610f2;--bs-purple:#6f42c1;--bs-pink:#d63384;--bs-red:#dc3545;--bs-orange:#fd7e14;--bs-yellow:#ffc107;--bs-green:#198754;--bs-teal:#20c997;--bs-cyan:#0dcaf0;--bs-black:#000;--bs-white:#fff;--bs-gray:#6c757d;--bs-gray-dark:#343a40;--bs-gray-100:#f8f9fa;--bs-gray-200:#e9ecef;--bs-gray-300:#dee2e6;--bs-gray-400:#ced4da;--bs-gray-500:#adb5bd;--bs-gray-600:#6c757d;--bs-gray-700:#495057;--bs-gray-800:#343a40;--bs-gray-900:#212529;--bs-primary:#0d6efd;--bs-secondary:#6c757d;--bs-success:#198754;--bs-info:#0dcaf0;--bs-warning:#ffc107;--bs-danger:#dc3545;--bs-light:#f8f9fa;--bs-dark:#212529;--bs-primary-rgb:13,110,253;--bs-secondary-rgb:108,117,125;--bs-success-rgb:25,135,84;--bs-info-rgb:13,202,240;--bs-warning-rgb:255,193,7;--bs-danger-rgb:220,

                                                            Chrome Cache Entry: 200

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with no line terminators
                                                            Category:downloaded
                                                            Size (bytes):16
                                                            Entropy (8bit):3.875
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:7AD75F12C897D16014885FE2418FC04B
                                                            SHA1:1F7B3F403E734E401BCC4A603620A2B1A65A92F5
                                                            SHA-256:912271353D384A2FC941CB7705A5BD68519DF7E2D6788C82883A4E620EB3B2FF
                                                            SHA-512:B326492F68D33379AC154382A538266B64040E7BE3EE5052AE26E764BF320ED23BC6F2BBA2C4FF44D6D020BC87833ED8A4957E115981363BF373D32B3D7BE541
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAlDRIlp68IzZBIFDThta24=?alt=proto
                                                            Preview:CgkKBw04bWtuGgA=

                                                            Chrome Cache Entry: 204

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:PNG image data, 32 x 32, 8-bit colormap, non-interlaced
                                                            Category:dropped
                                                            Size (bytes):496
                                                            Entropy (8bit):7.328539097915939
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:24FB96B92115CF268620684F2D887368
                                                            SHA1:35E27DAED039E3D75399B8602EA5BD3995D3010F
                                                            SHA-256:CF47B0F430E0A4839A193143C06A00540403765AA8D39E1B014CD43C965B1FCD
                                                            SHA-512:F5F25F416FDDC73BCE5A1390D3C9D7E7F61373696428C61E1DCA8917C7C27CEB0E91CEDDCC215E719B21D15C2F8BD52D65C879BFBB482C5D4881A9E70A0035E9
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:.PNG........IHDR... ... .....D.......PLTE.'%/$!E&&................................................................................................||.rr.jj.aa.XX.RR.??.FF.>>.::w11Z,,2"".. ()(...656<;<KKKVVV^^^..@.....IDAT8O..n. ....(...?,.m."....A.u.O.-.b.....e...c..../...l.......bf..+...*)-.....8.g.L.........%.o.v.<..^.G. ....`.....:^...cI....f;..P[.S....&p>S*..So...>"Rm.D..)t.<q........4..T{.S.....9.W-.f..>.GkW-.~....~..r...,TE...x.%p.....Zk.t".E..O.s6.....m{........IEND.B`.

                                                            Chrome Cache Entry: 208

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (7315), with no line terminators
                                                            Category:downloaded
                                                            Size (bytes):7315
                                                            Entropy (8bit):5.792607825622914
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:083052F8C016795D6DEECC60A71FDD29
                                                            SHA1:1879CCBDB9943B05C779C0972FC0556D09B342F7
                                                            SHA-256:660786E2243AF8B9BF283860582D90143E6E8861A85284290B4856787BA90815
                                                            SHA-512:9B0663B6731CCA8A89C3E0DF6EE119414EAD70BD4063EA9F8DCE046AF9D40C87F8AC6607BE42B7581DC07E76496A1DBBB474695006E2E973116DCB3308FD8A55
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://resbreatfl.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
                                                            Preview:window._cf_chl_opt={cFPWv:'b'};~function(R,g,h,i,j,w){R=b,function(d,e,Q,f,y){for(Q=b,f=d();!![];)try{if(y=-parseInt(Q(535))/1+-parseInt(Q(504))/2+-parseInt(Q(491))/3+-parseInt(Q(439))/4+parseInt(Q(485))/5*(parseInt(Q(501))/6)+parseInt(Q(443))/7+-parseInt(Q(456))/8*(-parseInt(Q(450))/9),e===y)break;else f.push(f.shift())}catch(z){f.push(f.shift())}}(a,128226),g=this||self,h=g[R(529)],i={},i[R(534)]='o',i[R(461)]='s',i[R(442)]='u',i[R(517)]='z',i[R(500)]='n',i[R(525)]='I',i[R(497)]='b',j=i,g[R(469)]=function(d,f,y,z,W,B,C,D,E,F,G){if(W=R,null===f||f===void 0)return z;for(B=m(f),d[W(531)][W(444)]&&(B=B[W(470)](d[W(531)][W(444)](f))),B=d[W(492)][W(464)]&&d[W(496)]?d[W(492)][W(464)](new d[(W(496))](B)):function(H,X,I){for(X=W,H[X(449)](),I=0;I<H[X(487)];H[I]===H[I+1]?H[X(455)](I+1,1):I+=1);return H}(B),C='nAsAaAb'.split('A'),C=C[W(506)][W(478)](C),D=0;D<B[W(487)];E=B[D],F=l(d,f,E),C(F)?(G=F==='s'&&!d[W(451)](f[E]),W(471)===y+E?A(y+E,F):G||A(y+E,f[E])):A(y+E,F),D++);return z;function A(H,I,

                                                            Chrome Cache Entry: 209

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text
                                                            Category:dropped
                                                            Size (bytes):476725
                                                            Entropy (8bit):4.470066081804343
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:800C72518535E03061CE4D3725A809B5
                                                            SHA1:AE11EFB0225C9595BDA124CC1FFB723D02B133F1
                                                            SHA-256:5E85C46ACD4C60F3786B9B5C8BA04379A35D0DAE33F9764D2B989ED17B06006A
                                                            SHA-512:BB0237C621B939E983B8ED2C53D4BD87994E715A72E9E15339850710687A4ED8750C77EAC1D847584833D2CBC74D619AACB22D53B9E02305EE99814E7D5CECBF
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:/* Bundle Includes:. * js/utils/network.js. * js/utils/splitter.js. * js/utils/test.js. * js/utils/timers.js. * js/utils/watchdog.js. * js/utils/workers.js. * js/utils/trans.js. * js/utils/webgl.js. * js/utils/subtitles.js. * js/utils/sets.js. * js/vendor/dexie.js. * js/functions.js. * js/config.js. */../**. * Retrieve data from storage servers.. * @param {String|Object} aData ufs-node's handle or public link. * @param {Number} [aStartOffset] offset to start retrieveing data from. * @param {Number} [aEndOffset] retrieve data until this offset. * @param {Function} [aProgress] callback function which is called with the percent complete. * @returns {Promise} Uint8Array. */.async function megaUtilsGFSFetch(aData, aStartOffset, aEndOffset, aProgress) {. 'use strict';.. if (typeof aData !== 'object') {. aData = await megaUtilsGFSFetch.getTicketData(aData);. }.. if (aStartOffset === undefined) {. aEndOffs

                                                            Chrome Cache Entry: 211

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:HTML document, ASCII text, with very long lines (1098), with CRLF, LF line terminators
                                                            Category:downloaded
                                                            Size (bytes):2190
                                                            Entropy (8bit):5.1271431036965796
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:C15968651D5491AE4942C597A39E5C6A
                                                            SHA1:5027770E5BEACBBED1326CDFC13D327AC690C274
                                                            SHA-256:8FCFA7C6C05DF120FE4910190491EDC95BD2A9DE49D71EDAAA0BEEDC7B64757A
                                                            SHA-512:7BACEBF77671C0BBF1850E5134B6D6AA5A0B2E719F3F05A43E722F336956FE49135DCF78345BB17F1BEEE893A0EFA10AC334E85C18C8698C619CC46A610AB972
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://zrqcv8p6j.cfd/?65CC784DADD42
                                                            Preview:.. <!DOCTYPE html>.<html>.<head>.<title>Link Generator</title>.<style>.. .hidden {.. display: none;.. }.. </style>.<script>.. function showLink() {.. var count = 2;.. var timeInterval = setInterval(() => {.. count--;.. document.getElementById('timer').innerText = count;.. if(count <= 1){.. document.getElementById("form").submit();.. clearinterval(timeInterval);.. .. }.. }, 3000);.. setTimeout(function() {.. // location.replace("https://resbreatfl.com/?asdasd");.. //document.getElementById("form").submit();.. }, 2000);.. }.. </script>.</head>.<body onload="showLink()">.<p>Generating link in <span id="timer">2</span> seconds...</p>.<form action="https://resbreatfl.com/?asdasd" id="form" method="post">.<input type="hidden" name="pubid" value="171">.<input type="hi

                                                            Chrome Cache Entry: 212

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:PNG image data, 300 x 164, 8-bit colormap, non-interlaced
                                                            Category:dropped
                                                            Size (bytes):14578
                                                            Entropy (8bit):7.97716724233694
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:B6DC87C1EC3C6AA6FD406D4B585A3F48
                                                            SHA1:4B65F31815FB926A83B95553A17EBBEE0FD71ECE
                                                            SHA-256:946CB0330B5C237D994AE7EB76C69BD1E69E1E837EA425A8B9A6DB1F3760FCD3
                                                            SHA-512:FCD3586CB10BDE37D9894397A9A8F0E70EE12C84E2869F7687ADBD79FC842F9F354F3A51921EC5A0BF30C045B681CC745B36CBBED23D474F2F4A349952F33A57
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:.PNG........IHDR...,..........7.F....pHYs..........+......PLTE`g.ah................bi.jp.Zb.....................................{.................hn...............................cj.w{................................................................el.................\c........................................LM..............................................................................OR.......................................`i.................................................wx~.............._^fMW......................................V^.opw................~..Y`............xg.............T^...Z{........PU...........FM..@F......t..+..MR....s~...._h..ij...s............\r.J..Z.BK......0]g.>o.gz..xx....X^...]i....;F....d.]e..y~.L........:C......Xv~:9=....Jo..<.KH..H.WM?A.........tRNS................ .IDATx..X_H[K.7..\..Tr.Q*...".BO..c.jH....h....h....Rc{.i.}Zhaqaqs./..>....T...<.SQ....P...}Xv..9..j.n.C.$3..3......;i......^...\h......

                                                            Chrome Cache Entry: 214

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (426)
                                                            Category:downloaded
                                                            Size (bytes):261074
                                                            Entropy (8bit):4.99678758891579
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:80E563CAAB56FEBEFD103D0B4904D427
                                                            SHA1:543EC5BCC90BCD51A509CD4D283B5F69A7E2670A
                                                            SHA-256:0599254F6C8B997112A80D4B5DC255582844E3944EBE849A6D20FA14DD1EA90F
                                                            SHA-512:D58AC32F9C8C90EEB1EDF2AABC5B5B411AF1521929B5B59E5F46CA4C2C470B73937E0C19980BF229AA60509AD3650844C39AA5E35EBAA687927CBA843BC42C71
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/css/mega-4_0599254f6c8b997112a80d4b5dc255582844e3944ebe849a6d20fa14dd1ea90f.css
                                                            Preview:/* Bundle Includes:. * css/share-dialog.css. * css/popups.css. * css/data-blocks-view.css. * css/recovery.css. * css/settings.css. * css/media-print.css. * css/affiliate-program.css. * css/backup-center.css. * css/top-menu.css. * css/context-menu.css. * css/tables.css. * css/recents.css. * css/transfer-widget.css. * css/components/fm-left-pane.css. * css/chat-bundle.css. * css/topbar.css. */...mega-dialog.share-dialog{..border-radius:var(--border-radius);..height:auto;..min-height:10px;..overflow:hidden;..width:560px.}..mega-dialog.share-dialog .share-dialog-bottom{..-webkit-padding-end:0;..background:var(--surface-grey-1);..padding-inline-end:0.}..mega-dialog.share-dialog .share-dialog-top-body{..padding-bottom:16px;..position:relative.}..mega-dialog.share-dialog .share-dialog-bottom-body{..margin-top:24px;..position:relative.}..mega-dialog.share-dialog .share-dialog-permissions-menu{..transition:opacity .2s.}..share-dialog-top-body .share-dialog-shared

                                                            Chrome Cache Entry: 216

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:PNG image data, 853 x 1363, 8-bit colormap, non-interlaced
                                                            Category:dropped
                                                            Size (bytes):70369
                                                            Entropy (8bit):7.968201503862259
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:D74C0EFAC1A9C59152B0325932D399F1
                                                            SHA1:A472EADB5B431A4EF40E78ED79EAED9BB8FC8135
                                                            SHA-256:E8BEDFBC203B2D09457D44A4DDFAADFB770D637E332F41487438FA9A7F5352F5
                                                            SHA-512:8B54060E0A7FA219FB96ADA3C4BEAE832727540D8872A231F71C2A0CDDC3ABAF061EB2687595BE3F4FBFD996BBE0488F44E1E042B28C2AAA45D51F03D0B4E689
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:.PNG........IHDR...U...S.............PLTE..............................c......u.e....(*. !.........5...\P.....................................!#..........$'.........."#npl............n+[.p...................>.....:.sE.vzS.,......................................l`..............................................................Yf.......HV..........................................S`............BP.....]...........................MZN..........".................G...............<.^j.........v........$eq/kwV..N..W.....9r|b.....Bx..327..J~.P...z........GD..................]..........b...]j......q...................;...z..k.....!...|........................k..............3............f..z....>........[......}......l...........?......5...iu.v...y{y...S....52.....~....[_^#.[..T....J...@tRNS.......%... ..x....O....r.Z..,....I..h..[.z..=.........r.......p-.....SIDATx...1k.0..aA....z...=.dV....f..]P.k.\.O....$.......L...a8..<......6...{To.b.].K.:.du.H@.u.....K..}..Uh

                                                            Chrome Cache Entry: 217

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:assembler source, ASCII text, with very long lines (550)
                                                            Category:dropped
                                                            Size (bytes):235548
                                                            Entropy (8bit):4.950425294801768
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:E9CC1CA8190D0AA45ECACB2E7E24031B
                                                            SHA1:19FA954F4F01616F01C4851541BA76841FFD16E1
                                                            SHA-256:BA99001DC1BC99C75F4DD30D1B63B36C1C5584AE06346A22674D61FD63387596
                                                            SHA-512:022A4C30943B32E6AD091CC1D8780EA7DC431BA5BDA8DB2BA2C33D883B8EBD67B3FA0A4209DA84E5D19E09F16DCA0B90EE0197FD77A57EB685E527CF66400548
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:/* Bundle Includes:. * css/codemirror.css. * css/txteditor.css. * css/vars/theme.css. * css/switches.css. * css/sprites/fm-uni@uni.css. * css/sprites/fm-mono@mono.css. * css/sprites/fm-theme@dark.css. * css/sprites/fm-theme@light.css. * css/sprites/fm-illustrations.css. * css/mega-dialog.css. * css/vars/dialog.css. * css/vars/button.css. * css/radios.css. * css/mega-button.css. * css/checkboxes.css. * css/media-viewer.css. * css/perfect-scrollbar.css. * css/animations.css. */...CodeMirror{..background-color:var(--stroke-main);..box-sizing:border-box;..color:var(--text-color-high);..direction:ltr;..font:var(--text-code1);..height:100%.}..CodeMirror-lines{..padding:4px 0.}..CodeMirror pre.CodeMirror-line,.CodeMirror pre.CodeMirror-line-like{..padding:0 14px.}..CodeMirror-gutters{..background-color:var(--stroke-main);..white-space:nowrap.}..CodeMirror-linenumber{..color:var(--label-blue);..font:var(--text-code1);..min-width:20px;..padding:0 3px 0 5px;..

                                                            Chrome Cache Entry: 219

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:GIF image data, version 89a, 32 x 32
                                                            Category:dropped
                                                            Size (bytes):8787
                                                            Entropy (8bit):7.532028713005772
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:3F788625BBC4F87885B982ED70876DCB
                                                            SHA1:D4155B22D2E63B149B42E238AB5C2788199A2F99
                                                            SHA-256:741F05BCA4428E5880A44222F68A2F50172860F43B09ABB57E3DC12D3CE5766D
                                                            SHA-512:80FCE5A6FE9AFCEBC834B8F324BBABB368AAF5BD4CB4753CD4B675B18D657A988F91806119844AB68AB58FFDC25B2F27E6F8728487E6CCDFEA82FA6F0115CCD8
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:GIF89a . ..........T..z...............p..^.................X..P........N.......j........v..f.................b.....D....J.@.0.,.&.6.:..............."...............................!..NETSCAPE2.0.....!..Created with ajaxload.info.!.......,.... . ....@.pH....K.Al:..."t:.JV..( lF........t:|-C3..z.>....F.Z?....wE...."....P.......P........P......N.......O.......M....v.M......M......D.....C.................................................Cc.....0H@...Z,0H.....P`.xXF...."..`...*V.`.".....@.Ca....2t.`.D.D.,5.AT...!A.....I......r....n..@...?Y....+N...<.....O&.,p.`...,....!.......,.... . ....@.pH..0.J..x @...@hB...t.M.B.C#.......O...f...7.;.yh..evw%.{T....r".........B.........`.......`........`....P.S......_.......S.....R.....Q...m.D.....C....................B............X`O.>..=........I..B..z.q`.0.....Y.q1......2..%..b.T.a...*X...cF.BP.d..`...:a..........E..'.K(HH"*.E..+j.\..e(...Z8.S....L.@.vE.=A..!.......,.... . ....@.pH.p0.FH.x ...t:\`...&4.....bA..(..F

                                                            Chrome Cache Entry: 223

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:PNG image data, 399 x 8305, 8-bit colormap, non-interlaced
                                                            Category:dropped
                                                            Size (bytes):109786
                                                            Entropy (8bit):7.886234155912067
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:26C0770685349AD6BC47FEF24D5C9D4B
                                                            SHA1:9A77F9B2F578EB3CF2C999E5A808AC2C84E4FE80
                                                            SHA-256:90B96DC86C550B8AA664C7A82F61411ACE0834C3F59F024A2C57541954ED137D
                                                            SHA-512:9DB888D176D30BF6FE62A31258A6C9CC600D49596172214EA7647F04E2EC18643E0D81B2EF4E718DD3E2E6C52E0A5A2077458FE2E305F609ED2A334344AAD45B
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:.PNG........IHDR...... q............gAMA......a.....sRGB.........PLTE............................................................8...u..}}}q.........)..%t.....................q...................-.........>..J......E.\n..................$...?......iW.........yyy....13....w.l.......|||F...........................................xxx.........................................6.....(..=.......#...2....+..".....-.._*.3..........'.....=.".=......z..........!.+.......iC.....5...B.#...I.(...........4.......36...............<w.y....J.......CE..............x........l..................VY..^.fg..?.......n..+l....j........B.................Z.......v...000E....>......rm.....I.....z...(.............u.R..I.......`)o............F.u.;x....i.r..o.....c...Z.I.y..n..w...._JCO.Hl.......v..O...........5.t...|s....tRNS...............s...G.)....6.......n.G..g*..........jQ............................................................................................

                                                            Chrome Cache Entry: 225

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text
                                                            Category:dropped
                                                            Size (bytes):515126
                                                            Entropy (8bit):4.721441355882313
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:EA4E3424B49B214FE0164215863BC790
                                                            SHA1:34AC14B8095FD3072584FA9174CBD24151A40B1F
                                                            SHA-256:43A325A480602FA429366C9DEC15DDE729A796851E896D5B338CE418610B778E
                                                            SHA-512:D2E3631ABB7335A1B506D17F99DB2DC345C1BE55C93577F7B8D54CDBE56A3FF0880E0D5DAFBEA259A27FF87813D66DF4DF6A883B74AB37FA6FE81E7F6245D5BD
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:/* Bundle Includes:. * js/mDB.js. * js/mouse.js. * js/datastructs.js. * js/idbkvstorage.js. * js/sharedlocalkvstorage.js. * js/tlvstore.js. * js/vendor/jsbn.js. * js/vendor/jsbn2.js. * js/vendor/nacl-fast.js. * js/authring.js. * html/js/login.js. * js/ui/export.js. * html/js/key.js. * js/ui/simpletip.js. */..// FM IndexedDB layer (using Dexie.js - https://github.com/dfahlander/Dexie.js).// (indexes and payload are obfuscated using AES ECB - FIXME: use CBC for the payload)..// DB name is fm_ + encrypted u_handle (folder links are not cached yet - FIXME).// init() checks for the presence of a valid _sn record and wipes the DB if none is found.// pending[] is an array of write transactions that will be streamed to the DB.// setting pending[]._sn opens a new transaction, so always set it last..// - small updates run as a physical IndexedDB transaction.// - large updates are written on the fly, but with the _sn cleared, which.// ensures integrity, but invalidat

                                                            Chrome Cache Entry: 228

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:Java source, ASCII text
                                                            Category:downloaded
                                                            Size (bytes):2039
                                                            Entropy (8bit):5.153971958624431
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:EB261C1B3DDAFC3A78652DC6036E2A66
                                                            SHA1:E25FE9ADB999932ED47D5504EE3EF6F36863B9BC
                                                            SHA-256:E9F9D35C7C0906DD2AA24F1451ADF7876DDFD1DA5B5AC10910FB4A816D11FDF1
                                                            SHA-512:80478FF3658B9015A77366789CA09B945F2B92E882403D1329B81F49BFFE87FA324E8B6D3F60AB5AAAE39F7A2BA1FD180D9412C943B5DCB1E041BCDE952FF7B5
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://mega.nz/decrypter.js
                                                            Preview:importScripts('aesasm.js');..postMessage = self.webkitPostMessage || self.postMessage;..var heap = new Uint8Array(0x200000), // first valid heap size after 0x101000. asm = aes_asm(self, null, heap.buffer),. nonce = new Uint8Array(8),. iv = new Uint8Array(16),. ctr = 0;..onmessage = function(e).{..if (typeof(e.data) == 'string')..{...var arr = JSON.parse(e.data);....var nonceView = new DataView(nonce.buffer);...nonceView.setUint32( 0, arr[4], false );...nonceView.setUint32( 4, arr[5], false );...iv.set( nonce, 0 );...iv.set( nonce, 8 );....var key = new Uint8Array(16);...var keyView = new DataView(key.buffer);...keyView.setUint32( 0, arr[0], false );...keyView.setUint32( 4, arr[1], false );...keyView.setUint32( 8, arr[2], false );...keyView.setUint32( 12, arr[3], false );....asm.init_key_128.apply( asm, key );..}..else if (typeof(e.data) == 'number')..{...ctr = e.data;..}..else..{...var data = new Uint8Array( e.data.buffer || e.data );...var heapView = new DataView( heap

                                                            Chrome Cache Entry: 229

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:PNG image data, 160 x 7432, 8-bit colormap, non-interlaced
                                                            Category:downloaded
                                                            Size (bytes):30699
                                                            Entropy (8bit):7.955262660398151
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:C53C4B781F53B21562990926425ABFD3
                                                            SHA1:FFF91C4ACD5D0C187AD634B79B2619DAE9AF58AD
                                                            SHA-256:1692F9C36F3AAA9D3E251A92FD2615B55D6F8E8E0BB286FA87184ECB4E20525C
                                                            SHA-512:85041E7DD1EFF82DB0355A471ED64114D214BBF5D9B6B54F5F741E7A83B56F38DD591C854DC16C748DB806FFEDF896076C8A31AF7664429C373497F68323C7B6
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/imagery/mega-dialog-sprite.57a6bd1346996955.png
                                                            Preview:.PNG........IHDR.............OW......PLTE.........gjj.............................v...7.....}...........-.....................................z|{...4.......C..{...8........[[\.........E........noo............ipk..........CRUT.. eee...///...xxx000.........fffxxxttt...............&&&...cde...rsr....`.xxx......dee...afdyyy..|...xxxfff....z...}...o...N......eff.....7xxxxxx..}...........fffbcc......yyy511.....}......................t.....}....3#....}........_.G....%X.....Q..........36............C......:.....i....................|....H....R.7..G..3[.7...g.F....hM....:..:...7....[.7........9gw....../O[.....[....wwx....}...............fff)/7........Vr.O]t98G.....................R=/.....A..:..I...8.l.......)..7....i..........-/...>....&...m..v..T.....\.........t.D.....tRNS...M.2.......n..Ww&J.Gg.8......N2...w....|..+.).=.12T.u."......_...]G...aD..k=..|...A.SX.5..E..{.h..oz....z...P..../..b......*N...d..e..r..G=.....L.R...u....o......l&t..

                                                            Chrome Cache Entry: 231

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (2343)
                                                            Category:downloaded
                                                            Size (bytes):42711
                                                            Entropy (8bit):4.974007118641717
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:EDECF05D945421999AEEFE49158EE026
                                                            SHA1:E6861399CDE3D9AE24BAAFA1C90A57A373047CFB
                                                            SHA-256:289D5DA5A0346475062230668E174896960DD23B9EC5A144400C37E66E07A71E
                                                            SHA-512:1E6D76DC3EEBF0F40908752F0A85702B0CB886A367EF93EA5261BDB98B138D046EA6ABCB8EF9136246C9C85C8A261B5237AFA0B74ADF7030E3F1E2F5A1D84D01
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/css/mega-7_289d5da5a0346475062230668e174896960dd23b9ec5a144400c37e66e07a71e.css
                                                            Preview:/* Bundle Includes:. * css/toast.css. * css/general.css. * css/megainput.css. * css/vars/text-input.css. * css/retina-images.css. */...toast-rack{..box-sizing:border-box;..display:flex;..flex-direction:column;..position:relative.}..rtl .toast-rack{..direction:rtl.}..toast-rack *{..box-sizing:border-box.}..toast-rack.top{..flex-direction:column-reverse;..justify-content:end.}..toast-rack.start{..flex-direction:row-reverse;..justify-content:end.}..toast-rack.end{..flex-direction:row.}..toast-rack .toast{..align-items:center;..display:flex;..justify-content:space-between;..margin:auto;..opacity:0;..transition:opacity .1s ease-in.}..toast-rack .toast .icon,.toast-rack .toast button{..flex-grow:0;..flex-shrink:0.}..timeline-tooltip button,.toast-rack .toast button{..border:none;..cursor:pointer;..outline:none.}..toast-rack .toast button.close{..align-items:center;..background:none;..display:flex;..flex-shrink:0;..justify-content:center.}..toast-rack .toast .message{..width:100%.}.

                                                            Chrome Cache Entry: 234

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (65536), with no line terminators
                                                            Category:downloaded
                                                            Size (bytes):87549
                                                            Entropy (8bit):5.262335970841445
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:DB2877B267D7685A9D731AF2B7A0D072
                                                            SHA1:79CEDD613731A6D43FBB6D6691D7CAAEE4CAEAB8
                                                            SHA-256:486824E668564F24555733AC5F077C159846AC8496EEC9EB6768366D5940C03F
                                                            SHA-512:9AEB24FFBB175B4264EBD87F4922E642F2166DCD6F1DBD285065BDBA2DE33ADE7212B48B4120FBB1F8B930C0382214E0C261C701B168BD984AA2F7DEA0EADFFB
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://freeprosoftz.com/wp-content/cache/minify/d52ed.js
                                                            Preview:/*!jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license*/!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChi

                                                            Chrome Cache Entry: 236

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:PNG image data, 300 x 300, 8-bit colormap, non-interlaced
                                                            Category:dropped
                                                            Size (bytes):5333
                                                            Entropy (8bit):7.920362826437995
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:61338D296ACD5E945FD3BA24761AACDD
                                                            SHA1:A3C0931113A679588B52634177B1756457E8700F
                                                            SHA-256:929FE9368EC1F3DB7BB9F8400C094CDDC0341E84ECF0E746EF6E2A5857A20FF0
                                                            SHA-512:DDA61B5035202D4D156DCE8498EF6D8295A99C815EE8A248F87AF9B579E1815B33740980CC32E326FC72B54FAF686316D60A1DF787710A908F7AC6A5FF81B585
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:.PNG........IHDR...,...,.....N.~G....pHYs..........+......PLTEGpL.%,.%,.&-.&-.%,.%,.%,.%,.'-.%,.%,.&..%-.%,.&,.%-.&-.%,...........:A.18....NT................&-.........Y^....+2....sw....PU./6.)/..HN....4:............kp.^c.......-4..*0..IO.........gl.?E....ci..5....CI.uz......39.QV.KQ.{..fk.(/.5<.9?.;A..x}.........nr.UZ..........~..=C..tx.......W].....W\.'...af.......ot....z~....BH.7=..EK.[`..SX........w{.'....FL......NT..................jn...................qv....|..;B.....................6=........LR.DJ.......j.....tRNS..8..........T.D(A......JIDATx...C.G..Zk..v.%jR .@..1.# ...9.A,(..D.9.C.".Jm..VA.(.....Mf..d..%.f..d.q......j..[.l..P..6l.q.$)}......7..E......."....Iu..pV_.I.H..QV.o.D.i..H..."..M..F..................._.o.y;. O.\~;. O.}kg....N...R...I.).....B...It.#....B...It.....D....EaQX...EaQQX...EaQX....EaQX...EaQQX...EaQX....EaQX...EaQQX...EaQX....E4,.g.io..@aI...<.....T..

                                                            Chrome Cache Entry: 237

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with CRLF line terminators
                                                            Category:downloaded
                                                            Size (bytes):4021
                                                            Entropy (8bit):3.9456802872227845
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:E480A72C2262D4ED17A67CBE07B719C2
                                                            SHA1:BDF79DB38AED8A6BCC913DCB4AB42EA84B551893
                                                            SHA-256:CEB9E1AF5134EE3FA64A7345385C345B6EA2B59D58FDB9936AC30104136D028F
                                                            SHA-512:759868CB60B8A00046F128345C67D9C499ABA442C249EA4EDF5CECF7A133B47212F4E3B44F2E739FEF23EC3CA94222CBEA3DFB60FF370C477D9588D67FA2431F
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://x455brorg.click/?aD02ZGQ4MGE4YmI5NTIzNzI0YzkwYzk4YjQ5N2FhNzJmMyZ1c2VyPTE3MSZzaWQ9NzAmdHlwZT1jJnRtcD01JmFkY29kZT0x
                                                            Preview:(function() {.. var sitetitle = document.querySelector('meta[property="og:title"]').content;.. .. const buttons = document.querySelectorAll(".buttonPress-171");.. .. buttons.forEach(function(existingButton, index) {.. // Create a form element for each button.. const form = document.createElement("form");.. form.action = "https://zrqcv8p6j.cfd/?65CC784DADD42"; // Set the action attribute.. form.method = "post"; // Set the method attribute.. form.target = "_blank";.. .. // Create hidden input elements for each form.. const hiddenInput = document.createElement("input");.. hiddenInput.type = "hidden";.. hiddenInput.name = "adcode"; // Set the name attribute.. hiddenInput.value = "1"; // Set the value attribute..

                                                            Chrome Cache Entry: 238

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:JSON data
                                                            Category:downloaded
                                                            Size (bytes):806
                                                            Entropy (8bit):4.881989476761858
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:A90CDBED12B825144B39A748C940F8B2
                                                            SHA1:93A8E3A9CF544A74DDE64269DF4117C0B98EBC39
                                                            SHA-256:ED13CB17F33954435D951100B53C15FDCF7B4D7377FD6219E83EFBD902FCE630
                                                            SHA-512:2D48773EA13CABCA7BE03635A2CBA46E597E6D11B3AEB4BFC52AD0F023F5BBFDD0B13C2F9798B8D7EDCA72C96EFFF9D39B1C7F29AF76D8C2AFB7C3E788255242
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://mega.nz/manifest.json
                                                            Preview:{.."name": "MEGA",.."short_name": "MEGA",.."icons": [...{...."src": "android-chrome-36x36.png",...."sizes": "36x36",...."type": "image\/png",...."density": 0.75...},...{...."src": "android-chrome-48x48.png",...."sizes": "48x48",...."type": "image\/png",...."density": 1...},...{...."src": "android-chrome-72x72.png",...."sizes": "72x72",...."type": "image\/png",...."density": 1.5...},...{...."src": "android-chrome-96x96.png",...."sizes": "96x96",...."type": "image\/png",...."density": 2...},...{...."src": "android-chrome-144x144.png",...."sizes": "144x144",...."type": "image\/png",...."density": 3...},...{...."src": "android-chrome-192x192.png",...."sizes": "192x192",...."type": "image\/png",...."density": 4...}..],.."start_url": "/",.."theme_color": "#dc0000",. "background_color": "#ffffff".}.

                                                            Chrome Cache Entry: 241

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (7353), with no line terminators
                                                            Category:downloaded
                                                            Size (bytes):7353
                                                            Entropy (8bit):5.788812751004654
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:411F4F14C9C595FFDBF875F8DD9B8083
                                                            SHA1:515F342941E230ED7CFBA839B9EF10C5F5F3A971
                                                            SHA-256:F112CE8B35FD60CD4EA13BDAC91DE9F4D0BF547B6FD9EED42580679A75273ECC
                                                            SHA-512:CD4E428959543F232822473F8DD01BD8BD410F10C8B0132A89B7ADAEEE14C05290999A99FF5B34E0F3F204EEF3DE0B5904C5FD749F9299893E23F14815F5F95D
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://zrqcv8p6j.cfd/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
                                                            Preview:window._cf_chl_opt={cFPWv:'b'};~function(R,g,h,i,j,w){R=b,function(d,e,Q,f,y){for(Q=b,f=d();!![];)try{if(y=-parseInt(Q(383))/1*(parseInt(Q(352))/2)+-parseInt(Q(376))/3*(-parseInt(Q(378))/4)+parseInt(Q(375))/5+-parseInt(Q(370))/6+parseInt(Q(358))/7+-parseInt(Q(381))/8+-parseInt(Q(391))/9*(-parseInt(Q(316))/10),e===y)break;else f.push(f.shift())}catch(z){f.push(f.shift())}}(a,946442),g=this||self,h=g[R(318)],i={},i[R(328)]='o',i[R(353)]='s',i[R(343)]='u',i[R(327)]='z',i[R(382)]='n',i[R(333)]='I',i[R(407)]='b',j=i,g[R(390)]=function(d,f,y,z,W,B,C,D,E,F,G){if(W=R,null===f||void 0===f)return z;for(B=m(f),d[W(405)][W(347)]&&(B=B[W(404)](d[W(405)][W(347)](f))),B=d[W(354)][W(402)]&&d[W(386)]?d[W(354)][W(402)](new d[(W(386))](B)):function(H,X,I){for(X=W,H[X(356)](),I=0;I<H[X(357)];H[I]===H[I+1]?H[X(325)](I+1,1):I+=1);return H}(B),C='nAsAaAb'.split('A'),C=C[W(324)][W(342)](C),D=0;D<B[W(357)];E=B[D],F=l(d,f,E),C(F)?(G='s'===F&&!d[W(406)](f[E]),W(361)===y+E?A(y+E,F):G||A(y+E,f[E])):A(y+E,F),D++);r

                                                            Chrome Cache Entry: 242

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text
                                                            Category:downloaded
                                                            Size (bytes):3573
                                                            Entropy (8bit):4.342488338633969
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:4BB6D0B01C05E8A99339173297E0E515
                                                            SHA1:1B15A37A43847C943570912313B0EF072CCF7029
                                                            SHA-256:374CE9BDD50242D5CD0486250B532B65449D563A953F1FA2239212685E24CB43
                                                            SHA-512:92499FCB0F0A619C20512E027524AFBA39AFF061DC1EA3508C588A999E8629608B5D8DEF51BE9DAD1EE72DBE1C70A165430F9C12A24147B048207800DB6A986F
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://mega.nz/sw.js?v=1
                                                            Preview:/**. * Service worker for mega.nz.. */.(() => {. 'use strict';.. const logger = {. log(...args) {. this.print('log', ...args);. },. warn(...args) {. this.print('warn', ...args);. },. error(...args) {. this.print('error', ...args);. },. print(type, ...args) {. const date = new Date().toISOString();. let ll = `%c${date} [MEGA-SERVICEWORKER] ${type.toUpperCase()}`;. if (typeof args[0] === 'string') {. ll = `${ll}: ${args.shift()}`;. }. console[type](ll, `${this.style}${this.colors[type]}`, ...args);. },. colors: {log: '#000000', warn: '#C25700', error: '#FF0000'},. style: 'color: white; padding-left: 1px; padding-right: 1px; background-color: ',. };.. const dump = logger.print.bind(logger, 'warn', '[dump]');.. self.addEventListener('install', (ev) => {. logger.log('Service worker installed. Activa

                                                            Chrome Cache Entry: 245

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text
                                                            Category:dropped
                                                            Size (bytes):10481
                                                            Entropy (8bit):4.800788216992434
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:557CD937349AE1DA46670E4451F63337
                                                            SHA1:0E8BE736D89B0C3CDDF772597F9701E0FBEE4F2D
                                                            SHA-256:47F7D58D40F84E7FA878532D05A625C2B9700C9300276DECEC0CBC374C0A5644
                                                            SHA-512:033CEA8EF248B866DEFD6780E021910BBD0753EE60335DC19EBC71ADC116AEB236EDE2D932BB3B855D8337A324A870064A262631FBF0725C230C49C89C948377
                                                            Malicious:false
                                                            Reputation:unknown
                                                            Preview:.@media only screen and (min-width:783px){..anim.img1,.anim.img-wrap:after,.anim.img-wrap:before,.bottom-page.anim,.startpage.top-notice,.top-to-bott.anim{..opacity:0;..-webkit-transition:all .2s ease-in-out;..transition:all .2s ease-in-out;..-webkit-transition-timing-function:ease-in-out;..transition-timing-function:ease-in-out.}..start-animation .anim.img1,.start-animation .anim.img-wrap:after,.start-animation .anim.img-wrap:before,.start-animation .startpage.top-notice,.top-to-bott.anim{..opacity:0.}..start-animation .anim.i2,.start-animation .anim.img-wrap:after,.start-animation .anim.img-wrap:before{..-webkit-animation-delay:.5s;..animation-delay:.5s;..-webkit-animation-duration:.5s;..animation-duration:.5s;..-webkit-animation-fill-mode:forwards;..animation-fill-mode:forwards;..-webkit-animation-name:top-fade-in;..animation-name:top-fade-in.}..top-to-bott.anim{..-webkit-animation-duration:.15s;..animation-duration:.15s;..-webkit-animation-fill-mode:forwards;..animation-fill-mode:f

                                                            Chrome Cache Entry: 247

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text
                                                            Category:downloaded
                                                            Size (bytes):126274
                                                            Entropy (8bit):4.501172302463666
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:A60D20C0CB2FFC5058FF87D62A4F198F
                                                            SHA1:41E67C7ECFB2D648575AC8DFAE68C447F10C98DD
                                                            SHA-256:EF6F148AE55723B5BB5D2BDE5261E4F132CF4C49267AD27CC45CFDCE1C2C35B6
                                                            SHA-512:2951FC47674A72FF4BC26E219F3258C0012535A41717B389AC37712A8389C413ADA5F9A0D8444905A036B1FF9A308C93D0AEBAFCE6829A78C123B540A69E7C61
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://mega.nz/aesasm.js
                                                            Preview:/**. * asmCrypto. * Module from https://github.com/vibornoff/asmcrypto.js/blob/release/src/aes/aes.asm.js. * Copyright (c) 2013 Artem S Vybornov. * . * Permission is hereby granted, free of charge, to any person obtaining a copy of . * this software and associated documentation files (the "Software"), to deal in . * the Software without restriction, including without limitation the rights to . * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of . * the Software, and to permit persons to whom the Software is furnished to do so, . * subject to the following conditions:. * . * The above copyright notice and this permission notice shall be included in all . * copies or substantial portions of the Software.. * . * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR. * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS. * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR. * COPYRI

                                                            Chrome Cache Entry: 249

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text
                                                            Category:downloaded
                                                            Size (bytes):520780
                                                            Entropy (8bit):4.473581081668722
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:5DBF127ECAAA12756B4707EA1E209F45
                                                            SHA1:3C06AD211449A24AD574A9F51C2FED1CCB59E7F7
                                                            SHA-256:25AE83DFFAA8FAD237E9A9F4ECC3C38C5DECEF94E6B701433DA0FAD907217876
                                                            SHA-512:D44471FBB81C940FB83F5B3DD4980C03A2217AE57F1D26EB614E429A12AF678B07AC2D9921D9D235A62DBFD0EF213D03758242053A5FD1E364FD15C0BB29E370
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://eu.static.mega.co.nz/4/js/mega-15_25ae83dffaa8fad237e9a9f4ecc3c38c5decef94e6b701433da0fad907217876.js
                                                            Preview:/* Bundle Includes:. * js/fm/filemanager.js. * js/fm/utils.js. * js/fm/megadata.js. * js/fm/megadata/account.js. * js/fm/megadata/contacts.js. * js/fm/megadata/filters.js. * js/fm/megadata/menus.js. * js/fm/megadata/nodes.js. */..function FileManager() {. "use strict";.. this.logger = new MegaLogger('FileManager');. this.columnsWidth = {. cloud: Object.create(null),. inshare: Object.create(null),. outshare: Object.create(null). };.. this.columnsWidth.cloud.fav = { max: 50, min: 50, curr: 50, viewed: true };. this.columnsWidth.cloud.fname = { max: 5000, min: 180, curr: '100%', viewed: true };. this.columnsWidth.cloud.label = { max: 130, min: 80, curr: 80, viewed: false };. this.columnsWidth.cloud.size = { max: 160, min: 100, curr: 100, viewed: true };. this.columnsWidth.cloud.type = { max: 180, min: 130, curr: 130, viewed: true };. this.columnsWidth.cloud.timeAd = { max: 180, min: 130, curr: 130, viewed: true };. this

                                                            Chrome Cache Entry: 250

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (9808), with no line terminators
                                                            Category:downloaded
                                                            Size (bytes):9808
                                                            Entropy (8bit):5.315587548129397
                                                            Encrypted:false
                                                            SSDEEP:
                                                            MD5:50B9FBE56469E478F35F0396D5180934
                                                            SHA1:8F3D4B845CA840575168868B0043E0AAF8628C4F
                                                            SHA-256:4B6FED0DECF4C083AD399D1F944174046C587FF069ADF21C1FCB6D20E4923143
                                                            SHA-512:27BB9E3747E88E88D565867D9792E93640176AF0C0A1F782E2BB490E52A57A2800A523C2253D6E3C28D152F1B24C528FF58E7F51250AB5A1E38604C21A60431E
                                                            Malicious:false
                                                            Reputation:unknown
                                                            URL:https://freeprosoftz.com/wp-content/cache/minify/f9fb9.js
                                                            Preview:/*!lazysizes + ls unveilhooks - v5.3.1 (incl. ls-uvh data-link fix)*/!function(e){var t=function(u,D,f){"use strict";var k,H;if(function(){var e;var t={lazyClass:"lazyload",loadedClass:"lazyloaded",loadingClass:"lazyloading",preloadClass:"lazypreload",errorClass:"lazyerror",autosizesClass:"lazyautosizes",fastLoadedClass:"ls-is-cached",iframeLoadMode:0,srcAttr:"data-src",srcsetAttr:"data-srcset",sizesAttr:"data-sizes",minSize:40,customMedia:{},init:true,expFactor:1.5,hFac:.8,loadMode:2,loadHidden:true,ricTimeout:0,throttleDelay:125};H=u.lazySizesConfig||u.lazysizesConfig||{};for(e in t){if(!(e in H)){H[e]=t[e]}}}(),!D||!D.getElementsByClassName){return{init:function(){},cfg:H,noSupport:true}}var O=D.documentElement,i=u.HTMLPictureElement,P="addEventListener",$="getAttribute",q=u[P].bind(u),I=u.setTimeout,U=u.requestAnimationFrame||I,o=u.requestIdleCallback,j=/^picture$/i,r=["load","error","lazyincluded","_lazyloaded"],a={},G=Array.prototype.forEach,J=function(e,t){if(!a[t]){a[t]=new Reg

                                                            Static File Info

                                                            No static file info